Michscan: Black-Box Neural Network Integrity Checking at Runtime Through Power Analysis

TL;DR

Michscan tackles the challenge of runtime model integrity in licensing scenarios where end-users access black-box TinyML models without cooperative owners. It leverages power side-channel signals from edge devices and applies the non-parametric Mann-Whitney U-Test to quantify the likelihood that a device running a model remains unmodified, using a pre-deployment benign power-template and a runtime similarity distribution. The approach achieves 100% detection of integrity violations (Trojan, poisoning, and fault injection) with a stringent threshold $P_{th}=10^{-5}$ using as few as $n_{RA}=5$ inferences, and it incurs negligible false positives across diverse architectures on an STM32F303RC MCU. This method provides a mathematically grounded, black-box runtime integrity check that can generalize across MCU types and TinyML models, filling a runtime integrity gap in commercial MLaaS environments and enhancing security for edge AI deployments.

Abstract

As neural networks are increasingly used for critical decision-making tasks, the threat of integrity attacks, where an adversary maliciously alters a model, has become a significant security and safety concern. These concerns are compounded by the use of licensed models, where end-users purchase third-party models with only black-box access to protect model intellectual property (IP). In such scenarios, conventional approaches to verify model integrity require knowledge of model parameters or cooperative model owners. To address this challenge, we propose Michscan, a methodology leveraging power analysis to verify the integrity of black-box TinyML neural networks designed for resource-constrained devices. Michscan is based on the observation that modifications to model parameters impact the instantaneous power consumption of the device. We leverage this observation to develop a runtime model integrity-checking methodology that employs correlational power analysis using a golden template or signature to mathematically quantify the likelihood of model integrity violations at runtime through the Mann-Whitney U-Test. Michscan operates in a black-box environment and does not require a cooperative or trustworthy model owner. We evaluated Michscan using an STM32F303RC microcontroller with an ARM Cortex-M4 running four TinyML models in the presence of three model integrity violations. Michscan successfully detected all integrity violations at runtime using power data from five inferences. All detected violations had a negligible probability P < 10^(-5) of being produced from an unmodified model (i.e., false positive).

Figures (7)

• Figure 1: Voltage drop across shunt resistor during the final fully connected layer for benign/modified ResNet20. a) Single power trace overlaid for benign and modified models. b) Averaged power trace (n=150) overlaid for benign and modified models. c) Pearson correlation between benign and modified model traces to known benign trace.
• Figure 2: Overview of the proposed Michscan algorithm that uses power analysis for TinyML integrity checking.
• Figure 3: Frequency spectrum analysis of power traces collected during the pre-deployment stage. The overlaid FFT of N=500 traces shows two consistent peaks: the highest at 0 kHz (DC component) and a second peak at 225 kHz, with random noise appearing as irregular variations across the spectrum.
• Figure 4: Voltage drop across shunt resistor during final fully connected layer for benign/modified ResNet20. a) Single power trace overlaid for benign/modified models. b) Filtered single power trace overlaid for benign/modified models. c) Pearson correlation between known-benign and benign/modified model trace for a single unfiltered and filtered power trace.
• Figure 5: Flowchart for the Michscan algorithm separated into Pre-Deployment and Runtime Analysis stages.