PRID: Model Inversion Privacy Attacks in Hyperdimensional Learning Systems
Hosted in Virtual Platform
Hardware Security: Attack and Defense
DescriptionBrain-inspired Hyperdimensional Computing (HDC) is introduced as a promising solution for robust and efficient learning on embedded devices. In this paper, we show the possibility of a model inversion attack in HDC and provide solutions to overcome the challenges. We first show the vulnerability of the HDC encoding module by introducing techniques that decode the high-dimensional data back to the original space. Then, we exploit this invertibility to extract the HDC model’s information and reconstruct the train data just by accessing the model. To address privacy challenges, we propose techniques that scrutinize the HDC model from a privacy perspective.