HybridTEE: Secure Mobile DNN Execution Using Hybrid Trusted Execution Environment

Akshay Gangal, Mengmei Ye, Sheng Wei

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Deep neural networks (DNNs) have been increasingly adopted in many mobile applications involving security sensitive data and inference models. Therefore, there is an increasing demand for secure DNN execution on mobile devices. Catering to this demand, hardware-based trusted execution environments (TEEs), such as ARM TrustZone, have recently been considered for secure mobile DNN execution. However, it is challenging to run DNN models in TrustZone, due to the stringent resource and performance limitations posed by the mobile TEE. We develop HybridTEE, a novel hardware-based security framework to securely execute DNNs in the resource-constrained local TEE (i.e., ARM TrustZone), by offloading a part of the DNN model to a resource-rich remote TEE (i.e., Intel SGX). HybridTEE strategically divides the DNN model into privacy-aware local and remote partitions by employing two privacy-oriented metrics based on object recognition and Scale Invariant Feature Transform (SIFT). Also, it builds a trustworthy communication channel bridging TrustZone and SGX to enable secure offloading of the DNN model between the two TEEs. Our security and performance evaluations on real hardware systems show that HybridTEE can ensure the security and privacy of the DNN model with superior execution time compared to the non- TEE baseline.

Original languageEnglish (US)
Title of host publicationProceedings of the 2020 Asian Hardware Oriented Security and Trust Symposium, AsianHOST 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728189529
DOIs
StatePublished - Dec 15 2020
Event2020 Asian Hardware Oriented Security and Trust Symposium, AsianHOST 2020 - Virtual, Kolkata, India
Duration: Dec 15 2020Dec 17 2020

Publication series

NameProceedings of the 2020 Asian Hardware Oriented Security and Trust Symposium, AsianHOST 2020

Conference

Conference2020 Asian Hardware Oriented Security and Trust Symposium, AsianHOST 2020
Country/TerritoryIndia
CityVirtual, Kolkata
Period12/15/2012/17/20

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'HybridTEE: Secure Mobile DNN Execution Using Hybrid Trusted Execution Environment'. Together they form a unique fingerprint.

Cite this