CN112269992B - Real-time malicious sample detection method based on artificial intelligent processor and electronic device - Google Patents
Real-time malicious sample detection method based on artificial intelligent processor and electronic device Download PDFInfo
- Publication number
- CN112269992B CN112269992B CN202011179567.1A CN202011179567A CN112269992B CN 112269992 B CN112269992 B CN 112269992B CN 202011179567 A CN202011179567 A CN 202011179567A CN 112269992 B CN112269992 B CN 112269992B
- Authority
- CN
- China
- Prior art keywords
- malicious sample
- sample detection
- network
- detection mechanism
- neural network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/06—Physical realisation, i.e. hardware implementation of neural networks, neurons or parts of neurons
- G06N3/063—Physical realisation, i.e. hardware implementation of neural networks, neurons or parts of neurons using electronic means
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Health & Medical Sciences (AREA)
- Biophysics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biomedical Technology (AREA)
- Virology (AREA)
- Neurology (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Memory System Of A Hierarchy Structure (AREA)
Abstract
The invention provides a real-time malicious sample detection method and an electronic device based on an artificial intelligence processor, wherein the method comprises the following steps: according to a target network and a malicious sample detection mechanism, performing resource division on a global on-chip cache, a pulse array and a non-DNN computing unit of the artificial intelligent processor; the compiler generates an instruction file according to the resource division result; and when the malicious sample detection mechanism judges that the input data is a malicious sample, notifying the target neural network to stop calculation. The invention can not reduce the reasoning performance of the accelerator execution target network, ensure that the system can avoid the risk of being attacked by malicious samples, greatly improve the resource utilization rate of the artificial intelligent processor, reduce the requirement on the memory bandwidth, and have strong compatibility and good adaptability of the detection algorithm.
Description
Technical Field
The invention relates to the field of computing system and microprocessor security, in particular to a real-time malicious sample detection method based on an artificial intelligence processor and an electronic device.
Background
In recent years, the development speed of the semiconductor chip manufacturing process is reduced, so that the advancing speed of moore's law is slowed down and gradually reaches the physical limit. Current computer systems rely on dedicated hardware accelerators to achieve better performance and energy efficiency. Machine learningThe computation of the learning model, especially the deep neural network, is typically a large number of intensive computations and memory intensive, both of which require specialized hardware accelerators to improve the performance and energy efficiency of its execution. Tremendous effort has been made in academy and industry to address this issue, and in academy of sciences Chen Yunji researchers in 2014 have first devised a high performance, low power neural network processor DianNao that can operate at 3mm 2 Is equivalent to the mainstream GPU in terms of area. In addition, the research team proposes a Cambricon instruction set, which is the first internationally deep learning instruction set, capable of supporting various neural network algorithms through combination of instructions while maintaining high efficiency. In 2017, the institute of technology and technology of the millboard proposed an Eyeriss deep learning accelerator, which uses a line data flow method to accelerate deep learning for accelerating a convolutional neural network. In the industry, google designs and develops an ASIC circuit TPU (Tensor Processing Unit) of a deep neural network, three types of artificial intelligence processor chips tpuv1.0, tpuv2.0 and tpuv3.0 are completed and applied to a cloud computing center of the artificial intelligence processor chips. Meanwhile, the Injeida is also an open source deep learning accelerator NVDLA, and is an ASIC artificial intelligence processor which is the first open source in the industry.
Although the academia and the industry invest a great deal of manpower and material resources for the research and development of the artificial intelligent processor, and a great deal of excellent research results are achieved. However, deep neural network models themselves face a number of risks for which current artificial intelligence processor architectures are not capable. For example, with the rising of AI Face changing, the image technology is mature, and meanwhile, a series of problems caused by 'AI black production' are also faced, the Face image manufactured by adopting false algorithms such as Face2Face, faceSwap, deepFakes and neuroaltextures is natural and lifelike, the human eyes can hardly distinguish the authenticity, and meanwhile, an AI system can make wrong judgment, so that the task difficulty is greatly improved. In addition, the neural network is trained in advance to install a secret back door to respond to a trigger, so that the neural network can be manually operated to keep normal identification before the trigger is touched, and when the attack is needed, the trigger is used for realizing the attack with the accuracy rate of more than 90% on the neural network, and huge threats are caused for automatic driving and image identification application. More generally, existing neural network models are also very vulnerable to challenge samples.
Most of the designs of the existing artificial intelligent processors are related optimization designs for improving the operation efficiency and real-time performance of the neural network model, and the architecture designs of the artificial intelligent processors are also developed towards the directions of high performance, low power consumption, small volume and customization, so that the artificial intelligent processors can bring better performance and energy efficiency. However, in many application scenarios, the security of the neural network model itself operation needs to be protected so that it is protected from the above-mentioned malicious samples. While running malicious sample detection algorithms typically require an artificial intelligence processor, or even a CPU processor, to perform the computation of the corresponding algorithm, existing artificial intelligence processors cannot provide efficient computing power for both the target neural network model and the malicious sample detection algorithm, especially the malicious sample detection algorithm includes a special computing unit (e.g., traditional machine learning or a special hash layer). In these applications, existing artificial intelligence processors are facing a number of challenges.
In view of the increasingly prominent security problems of the existing artificial intelligent processors and the requirement of malicious sample detection algorithms for new computing power, there is a great need for an artificial intelligent processor technology capable of providing mixed computing power and multiple computing power, so as to ensure that a neural network model operated by the artificial intelligent processor can detect malicious sample attacks effectively in real time. The method has wide practical value and application prospect in researching the artificial intelligent processor architecture capable of resisting malicious sample attack.
Disclosure of Invention
In order to overcome the defects of the existing artificial intelligent processor technology, the invention provides a real-time malicious sample detection method and an electronic device based on an artificial intelligent processor, which can simultaneously operate a target neural network model and a malicious sample detection model (comprising a neural network malicious sample detection model, a traditional machine learning malicious sample detection model or a combination of the two models), so that the target neural network model can efficiently perform reasoning, and the malicious sample detection algorithm can also effectively perform real-time detection on attacks of malicious samples.
The technical proposal of the invention is as follows:
the real-time malicious sample detection method based on the artificial intelligent processor is suitable for a system consisting of an on-chip general CPU processor, the artificial intelligent processor and a compiler, and comprises the following steps:
1) According to a target network and a malicious sample detection mechanism, performing resource division on a global on-chip cache, a pulsation array and a non-DNN computing unit of an artificial intelligent processor to obtain the target network on-chip cache, a detection network on-chip cache, the target network pulsation array and the detection network pulsation array, so that when the malicious sample detection mechanism is a detection network, the non-DNN computing unit of the malicious sample detection mechanism operates on an on-chip general CPU processor, and the target neural network and the malicious sample detection network operate on the artificial intelligent processor at the same time; when the malicious sample detection mechanism is a machine learning algorithm, the malicious sample detection mechanism operates on an on-chip general CPU processor, and the target neural network operates on an artificial intelligent processor;
2) The compiler divides the resources of the artificial intelligent processor according to the target network and the malicious prototype detection mechanism to generate respective corresponding instruction files;
3) And when the malicious sample detection mechanism judges that the input data is a malicious sample, notifying the target neural network to stop processing the calculation of the input data.
Further, the artificial intelligent processor and the on-chip general CPU processor are designed in a tight coupling way.
Further, the algorithm in the non-DNN calculation unit includes: hash computation and convex relaxation activation.
Further, a target neural network and a malicious sample detection network are trained on the deep learning platform; the deep learning platform includes: tensorFlow, keras, caffe and pyrerch.
Further, the on-global-slice cache is resource partitioned by:
1) Designing all banks cached on a global slice as physical logic banks, and setting a unique mark for each physical logic bank;
2) And completing resource division of the global on-chip cache according to the requirements of the target network and a malicious sample detection mechanism on the on-chip cache.
Further, the physical logic bank forms a weight cache and an input/output cache of the target neural network and the malicious sample detection neural network in a ping-pong cache mode.
A real-time malicious sample detection system based on an artificial intelligence processor, comprising:
the on-chip general CPU processor is used for running a non-DNN computing unit of the malicious sample detection mechanism when the malicious sample detection mechanism is a detection network; when the malicious sample detection mechanism is a machine learning algorithm, the malicious sample detection mechanism is operated;
the compiler is used for dividing the resources of the artificial intelligent processor according to the target network and the malicious prototype detection mechanism to generate respective corresponding instruction files;
the artificial intelligent processor is used for simultaneously operating the target neural network and the malicious sample detection network when the malicious sample detection mechanism is the detection network; when the malicious sample detection mechanism is a machine learning algorithm, a target neural network is operated; when the malicious sample detection mechanism judges that the input data is a malicious sample, the target neural network is informed to stop processing the calculation of the input data; and according to the target network and a malicious sample detection mechanism, performing resource division on the global on-chip cache, the pulsation array and the non-DNN computing unit of the artificial intelligent processor to obtain the target network on-chip cache, the detection network on-chip cache, the target network pulsation array and the detection network pulsation array.
Further, the artificial intelligent processor and the on-chip general CPU processor are designed in a tight coupling way.
Further, the on-global-slice cache is resource partitioned by:
1) Designing all banks cached on a global slice as physical logic banks, and setting a unique mark for each physical logic bank;
2) And completing resource division of the global on-chip cache according to the requirements of the target network and a malicious sample detection mechanism on the on-chip cache.
Further, the physical logic bank forms a weight cache and an input/output cache of the target neural network and the malicious sample detection neural network in a ping-pong cache mode.
Compared with the prior art, the invention has the advantages that:
(1) The invention can ensure that the target neural network model efficiently performs reasoning and can run a malicious sample detection algorithm, so that the system can complete the reasoning function of the target neural network model with high performance and can also ensure that the system is not attacked by a malicious sample. The technology can improve the safety of the artificial intelligent processor system, and meanwhile, the reasoning performance of the accelerator execution target network is not reduced to some extent, and the performance loss is negligible. Compared with an artificial intelligent processor without malicious sample defense capability, the artificial intelligent processor increases the area and energy consumption of a chip, but guarantees that the system can be protected from being attacked by the malicious sample on the premise of not affecting the execution performance of a target network. The method can be widely applied to the fields of security protection of artificial intelligent processors, AIoT security terminals and the like, has great market benefit and good application prospect, and can be particularly applied to the fields with high requirements on the security of neural network models, such as automatic driving, finance or medical images;
(2) The elastic pulsation array processing unit can elastically allocate corresponding computing resources to the target network model and the malicious sample detection neural network model, so that the resource utilization rate of the artificial intelligent processor is greatly improved, and the performance of model execution is effectively improved.
(3) The flexible global on-chip cache not only can divide two neural network models into two caches with similar functions, but also can be used as a large cache for a single neural network model, so that the flexible on-chip cache not only improves the reusability of local data, but also greatly reduces the requirement on the memory bandwidth.
(4) The defect that the existing artificial intelligent processor is easily attacked by malicious samples is overcome, and the safety of the artificial intelligent processor in running the target neural network model is ensured; the device has the characteristics of novel structure, small volume, high performance, strong compatibility of detection algorithms, good adaptability and the like.
Drawings
Fig. 1 is a schematic diagram of a real-time detection system architecture for malicious sample attacks.
FIG. 2 is a schematic diagram of a flexible on-chip cache and flexible systolic array.
Detailed Description
The present invention will be described in detail with reference to the accompanying drawings and examples.
The architecture of the real-time detection system for malicious sample attack is shown in fig. 1, wherein the SoC is a system on a chip, the PE is a processing unit, and the DNN is a deep neural network. The system mainly comprises an elastic artificial intelligent processor, a CPU and an accelerator off-chip DRAM. And generating an operation instruction file of the artificial intelligent processor corresponding to the target neural network model by a compiler of the artificial intelligent processor at the target neural network model and the malicious sample detection neural network model trained by the deep learning platform TensorFlow, keras, caffe, pyTorch and the like. And the artificial intelligent processor executes corresponding operations, such as convolution operation, activation operation and pooling operation, according to the received instructions, completes calculation of each layer of the neural network model, and finally completes calculation of the whole target neural network model, and outputs probability of the corresponding class of the target neural network model. Meanwhile, the artificial intelligence processor also completes real-time detection of malicious samples, and if the input samples are malicious and wrong classification or prediction is made on the output of the target neural network model, the system does not output the result.
The invention is specially designed aiming at the calculation capability required by the existing malicious sample detection algorithm, and designs and improves three aspects of a pulse array processing unit, a global on-chip cache and a nonlinear calculation unit of the existing artificial intelligent processor, so that the system can simultaneously operate a target neural network model and a malicious sample detection neural network model, and all existing malicious sample detection methods can be deployed into the system to ensure that the artificial intelligent processor is prevented from being attacked by malicious samples.
Specifically, the system of the present invention comprises: an elastic artificial intelligent processor architecture, a scheduler, a general CPU processor core and an interconnection path between the scheduler and the general CPU processor core; the scheduler is responsible for scheduling the allocation of computing resources and storage resources of the two neural network models and the scheduling of computing tasks with the CPU processor; the flexible artificial intelligence processor architecture includes flexible on-chip caches (which can be divided into two global caches 0/1), flexible systolic arrays, and two-way nonlinear computational units. The elastic pulse array can be used as a large computing unit to execute a single neural network model, or can be split into two processor cores with different sizes to respectively run the two neural network models; the flexible global on-chip cache can also be used as an independent cache module, and two global on-chip caches with different sizes can also be set for two neural network models; and the two paths of nonlinear calculation units respectively perform nonlinear processing on intermediate data generated by one processor core.
The nonlinear computation unit is specially designed such as hash computation, convex relaxation activation (convex relax activation), etc.
Fig. 2 is a schematic diagram of a flexible on-chip cache and a flexible systolic array, where Pool is a pooling operation, relu is a nonlinear activation, SBin is an input weight cache, NBin is an input feature map cache, and NBout is an output feature map cache, and it is composed of a flexible systolic array processing unit, an internal interconnect bus, and a flexible global on-chip cache. The flexible global on-chip cache consists of conversion logic and a plurality of banks with unique marks. The translation logic is a protocol approach similar to crossbar that is used to logically slice the global on-chip cache and generate routes for the systolic array processing units and the respective on-chip cache data exchanges. The physical logic bank forms a weight buffer and an input/output buffer needed by the neural network model in a ping-pong buffer mode, so that the bank with unique identification can be effectively divided and segmented according to the conversion logic, and the conversion logic can perform accurate read-write operation on the bank through the unique identification. The flexible systolic array is composed of a set of processing units and can be divided into two processor cores of different sizes.
The method of the present invention has been described in detail by way of the expression and examples, but the specific implementation form of the present invention is not limited thereto. Various obvious changes and modifications can be made therein by those skilled in the art without departing from the spirit and principles of the method of the present invention. The protection scope of the present invention shall be subject to the claims.
Claims (10)
1. The real-time malicious sample detection method based on the artificial intelligent processor is suitable for a system consisting of an on-chip general CPU processor, the artificial intelligent processor and a compiler, and comprises the following steps:
1) According to a target network and a malicious sample detection mechanism, performing resource division on a global on-chip cache, a pulsation array and a non-DNN computing unit of an artificial intelligent processor to obtain the target network on-chip cache, a detection network on-chip cache, the target network pulsation array and the detection network pulsation array, so that when the malicious sample detection mechanism is a detection network, the non-DNN computing unit of the malicious sample detection mechanism operates on an on-chip general CPU processor, and the target neural network and the malicious sample detection network operate on the artificial intelligent processor at the same time; when the malicious sample detection mechanism is a machine learning algorithm, the malicious sample detection mechanism operates on an on-chip general CPU processor, and the target neural network operates on an artificial intelligent processor;
2) The compiler divides the resources of the artificial intelligent processor according to the target network and the malicious prototype detection mechanism to generate respective corresponding instruction files;
3) And when the malicious sample detection mechanism judges that the input data is a malicious sample, notifying the target neural network to stop processing the calculation of the input data.
2. The method of claim 1, wherein the artificial intelligence processor and the on-chip general purpose CPU processor are of a close-coupled design.
3. The method of claim 1, wherein the algorithm in the non-DNN calculation unit comprises: hash computation and convex relaxation activation.
4. The method of claim 1, wherein the target neural network and the malicious sample detection network are trained on a deep learning platform; the deep learning platform includes: tensorFlow, keras, caffe and pyrerch.
5. The method of claim 1, wherein the global on-chip cache is resource partitioned by:
1) Designing all banks cached on a global slice as physical logic banks, and setting a unique mark for each physical logic bank;
2) And completing resource division of the global on-chip cache according to the requirements of the target network and a malicious sample detection mechanism on the on-chip cache.
6. The method of claim 5, wherein the physical logical bank forms a weight cache and an input-output cache of the target neural network and the malicious sample detection neural network in a ping-pong cache manner.
7. A real-time malicious sample detection system based on an artificial intelligence processor, comprising:
the on-chip general CPU processor is used for running a non-DNN computing unit of the malicious sample detection mechanism when the malicious sample detection mechanism is a detection network; when the malicious sample detection mechanism is a machine learning algorithm, the malicious sample detection mechanism is operated;
the compiler is used for dividing the resources of the artificial intelligent processor according to the target network and the malicious prototype detection mechanism to generate respective corresponding instruction files;
the artificial intelligent processor is used for simultaneously operating the target neural network and the malicious sample detection network when the malicious sample detection mechanism is the detection network; when the malicious sample detection mechanism is a machine learning algorithm, a target neural network is operated; when the malicious sample detection mechanism judges that the input data is a malicious sample, the target neural network is informed to stop processing the calculation of the input data; and according to the target network and a malicious sample detection mechanism, performing resource division on the global on-chip cache, the pulsation array and the non-DNN computing unit of the artificial intelligent processor to obtain the target network on-chip cache, the detection network on-chip cache, the target network pulsation array and the detection network pulsation array.
8. The system of claim 7, wherein the artificial intelligence processor and the on-chip general purpose CPU processor are of a close-coupled design.
9. The system of claim 7, wherein the global on-chip cache is resource partitioned by:
1) Designing all banks cached on a global slice as physical logic banks, and setting a unique mark for each physical logic bank;
2) And completing resource division of the global on-chip cache according to the requirements of the target network and a malicious sample detection mechanism on the on-chip cache.
10. The system of claim 9, wherein the physical logical bank forms a weight cache and an input-output cache of the target neural network and the malicious sample detection neural network in a ping-pong cache manner.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2020104846645 | 2020-06-01 | ||
CN202010484664 | 2020-06-01 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112269992A CN112269992A (en) | 2021-01-26 |
CN112269992B true CN112269992B (en) | 2023-10-20 |
Family
ID=74344870
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011179567.1A Active CN112269992B (en) | 2020-06-01 | 2020-10-29 | Real-time malicious sample detection method based on artificial intelligent processor and electronic device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112269992B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112734625B (en) * | 2021-01-29 | 2022-06-07 | 成都视海芯图微电子有限公司 | Hardware acceleration system and method based on 3D scene design |
CN113269308B (en) * | 2021-05-31 | 2022-11-18 | 北京理工大学 | Clean label neural network back door implantation method based on universal countermeasure trigger |
CN113255909B (en) * | 2021-05-31 | 2022-12-13 | 北京理工大学 | Clean label neural network back door implantation system based on universal countermeasure trigger |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103716204A (en) * | 2013-12-20 | 2014-04-09 | 中国科学院信息工程研究所 | Abnormal intrusion detection ensemble learning method and apparatus based on Wiener process |
CN108347430A (en) * | 2018-01-05 | 2018-07-31 | 国网山东省电力公司济宁供电公司 | Network invasion monitoring based on deep learning and vulnerability scanning method and device |
CN109784056A (en) * | 2019-01-02 | 2019-05-21 | 大连理工大学 | A kind of malware detection method based on deep learning |
CN109918951A (en) * | 2019-03-12 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of artificial intelligence process device side channel system of defense based on interlayer fusion |
CN109934339A (en) * | 2019-03-06 | 2019-06-25 | 东南大学 | A kind of general convolutional neural networks accelerator based on a dimension systolic array |
CN109981252A (en) * | 2019-03-12 | 2019-07-05 | 中国科学院信息工程研究所 | A kind of artificial intelligence process device safety enhancing system and method based on critical path encryption |
CN110135157A (en) * | 2019-04-04 | 2019-08-16 | 国家计算机网络与信息安全管理中心 | Malware homology analysis method, system, electronic equipment and storage medium |
CN110674936A (en) * | 2019-09-24 | 2020-01-10 | 上海寒武纪信息科技有限公司 | Neural network processing method and device, computer equipment and storage medium |
CN110766145A (en) * | 2018-12-29 | 2020-02-07 | 中科寒武纪科技股份有限公司 | Learning task compiling method of artificial intelligence processor and related product |
CN110808971A (en) * | 2019-10-30 | 2020-02-18 | 中国科学院信息工程研究所 | Deep embedding-based unknown malicious traffic active detection system and method |
WO2020034098A1 (en) * | 2018-08-14 | 2020-02-20 | 华为技术有限公司 | Artificial intelligence (ai) processing method and ai processing device |
CN111160551A (en) * | 2019-12-04 | 2020-05-15 | 上海寒武纪信息科技有限公司 | Computation graph execution method, computer device, and storage medium |
-
2020
- 2020-10-29 CN CN202011179567.1A patent/CN112269992B/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103716204A (en) * | 2013-12-20 | 2014-04-09 | 中国科学院信息工程研究所 | Abnormal intrusion detection ensemble learning method and apparatus based on Wiener process |
CN108347430A (en) * | 2018-01-05 | 2018-07-31 | 国网山东省电力公司济宁供电公司 | Network invasion monitoring based on deep learning and vulnerability scanning method and device |
WO2020034098A1 (en) * | 2018-08-14 | 2020-02-20 | 华为技术有限公司 | Artificial intelligence (ai) processing method and ai processing device |
CN110766145A (en) * | 2018-12-29 | 2020-02-07 | 中科寒武纪科技股份有限公司 | Learning task compiling method of artificial intelligence processor and related product |
CN109784056A (en) * | 2019-01-02 | 2019-05-21 | 大连理工大学 | A kind of malware detection method based on deep learning |
CN109934339A (en) * | 2019-03-06 | 2019-06-25 | 东南大学 | A kind of general convolutional neural networks accelerator based on a dimension systolic array |
CN109918951A (en) * | 2019-03-12 | 2019-06-21 | 中国科学院信息工程研究所 | A kind of artificial intelligence process device side channel system of defense based on interlayer fusion |
CN109981252A (en) * | 2019-03-12 | 2019-07-05 | 中国科学院信息工程研究所 | A kind of artificial intelligence process device safety enhancing system and method based on critical path encryption |
CN110135157A (en) * | 2019-04-04 | 2019-08-16 | 国家计算机网络与信息安全管理中心 | Malware homology analysis method, system, electronic equipment and storage medium |
CN110674936A (en) * | 2019-09-24 | 2020-01-10 | 上海寒武纪信息科技有限公司 | Neural network processing method and device, computer equipment and storage medium |
CN110808971A (en) * | 2019-10-30 | 2020-02-18 | 中国科学院信息工程研究所 | Deep embedding-based unknown malicious traffic active detection system and method |
CN111160551A (en) * | 2019-12-04 | 2020-05-15 | 上海寒武纪信息科技有限公司 | Computation graph execution method, computer device, and storage medium |
Non-Patent Citations (2)
Title |
---|
"内存数据污染攻击和防御综述";马梦雨、陈李维、孟丹;《信息安全学报》;第2卷(第4期);第82-98页 * |
Fang Li,Chao Yan,et al.."A Deep Malware Detection Method Based on General-Purpose Register Features"."ICCS 2019".2019,第221-235页. * |
Also Published As
Publication number | Publication date |
---|---|
CN112269992A (en) | 2021-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112269992B (en) | Real-time malicious sample detection method based on artificial intelligent processor and electronic device | |
EP3754611A1 (en) | Cell image synthesis using one or more neural networks | |
Khoram et al. | Accelerating graph analytics by co-optimizing storage and access on an FPGA-HMC platform | |
Tanomoto et al. | A CGRA-based approach for accelerating convolutional neural networks | |
US11544525B2 (en) | Systems and methods for artificial intelligence with a flexible hardware processing framework | |
CN109918951B (en) | Artificial intelligence processor side channel defense system based on interlayer fusion | |
Zahran | Heterogeneous computing: Hardware and software perspectives | |
Zhang et al. | H-gcn: A graph convolutional network accelerator on versal acap architecture | |
CN109472734B (en) | Target detection network based on FPGA and implementation method thereof | |
WO2021168187A1 (en) | Intelligent and integrated liquid-cooled rack for datacenters | |
CN106776466A (en) | A kind of FPGA isomeries speed-up computation apparatus and system | |
Mandal et al. | An Embedded Vision Engine (EVE) for automotive vision processing | |
Lei et al. | Scadis: A scalable accelerator for data-intensive string set matching on fpgas | |
Lan et al. | Accelerating large-scale biological database search on Xeon Phi-based neo-heterogeneous architectures | |
Zhang et al. | Design and implementation of deep neural network for edge computing | |
Nishimura et al. | Accelerating the Smith-waterman algorithm using bitwise parallel bulk computation technique on GPU | |
Hu et al. | Data optimization cnn accelerator design on fpga | |
Zhuang et al. | Vlsi architecture design for adder convolution neural network accelerator | |
Dojchinovski et al. | Efficiently running SQL queries on GPU | |
Bai et al. | An OpenCL-based FPGA accelerator with the Winograd’s minimal filtering algorithm for convolution neuron networks | |
KR20230071481A (en) | High-performance computing system for accelerating deep learning based graph convolutional neural networks, and method of the same | |
CN113012760A (en) | FPGA-based gene sequence assembly algorithm calculation acceleration method | |
Zhu et al. | Research on A Chiplet-based DSA (Domain-Specific Architectures) Scalable Convolutional Acceleration Architecture | |
Liu et al. | Current Application Fields | |
Jaiswal et al. | A comparative study on SoC embedded low power GPUs for real‐time edge‐based automated traffic surveillance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |