Are Adversarial Perturbations a Showstopper for ML-Based CAD? A Case Study on CNN-Based Lithographic Hotspot Detection

There is substantial interest in the use of machine learning (ML)-based techniques throughout the electronic computer-aided design (CAD) flow, particularly those based on deep learning. However, wh...

[1]  Wen-Chuan Lee,et al.  Trojaning Attack on Neural Networks , 2018, NDSS.

[2]  Hao Chen,et al.  MagNet: A Two-Pronged Defense against Adversarial Examples , 2017, CCS.

[3]  Dawn Xiaodong Song,et al.  Delving into Transferable Adversarial Examples and Black-box Attacks , 2016, ICLR.

[4]  X. Zhang,et al.  2017 Trojaning Attack on Neural Networks , 2018 .

[5]  Evangeline F. Y. Young,et al.  Layout hotspot detection with feature tensor generation and deep biased learning , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[6]  Joan Bruna,et al.  Intriguing properties of neural networks , 2013, ICLR.

[7]  Ying Chen,et al.  Semi-supervised hotspot detection with self-paced multi-task learning , 2019, ASP-DAC.

[8]  Atul Prakash,et al.  Robust Physical-World Attacks on Deep Learning Visual Classification , 2018, 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition.

[9]  Giovanni De Micheli,et al.  Developing synthesis flows without human knowledge , 2018, DAC.

[10]  Lujo Bauer,et al.  Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition , 2016, CCS.

[11]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[12]  Alex Krizhevsky,et al.  Learning Multiple Layers of Features from Tiny Images , 2009 .

[13]  Iris Hui-Ru Jiang,et al.  Accurate process-hotspot detection using critical design rule extraction , 2012, DAC Design Automation Conference 2012.

[14]  Dan Boneh,et al.  Ensemble Adversarial Training: Attacks and Defenses , 2017, ICLR.

[15]  Evangeline F. Y. Young,et al.  GAN-OPC: Mask Optimization With Lithography-Guided Generative Adversarial Nets , 2020, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[16]  Aleksander Madry,et al.  Towards Deep Learning Models Resistant to Adversarial Attacks , 2017, ICLR.

[17]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[18]  Geoffrey E. Hinton,et al.  Rectified Linear Units Improve Restricted Boltzmann Machines , 2010, ICML.

[19]  David Z. Pan,et al.  A new lithography hotspot detection framework based on AdaBoost classifier and simplified feature extraction , 2015, Advanced Lithography.

[20]  Ananthram Swami,et al.  Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks , 2015, 2016 IEEE Symposium on Security and Privacy (SP).

[21]  Yiran Chen,et al.  RouteNet: Routability prediction for Mixed-Size Designs Using Convolutional Neural Network , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[22]  Aleksander Madry,et al.  Robustness May Be at Odds with Accuracy , 2018, ICLR.

[23]  Meng Li,et al.  GAN-SRAF: Sub-Resolution Assist Feature Generation Using Conditional Generative Adversarial Networks , 2019, 2019 56th ACM/IEEE Design Automation Conference (DAC).

[24]  Rama Chellappa,et al.  Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models , 2018, ICLR.

[25]  Shao-Yun Fang,et al.  Deep learning-based framework for comprehensive mask optimization , 2019, ASP-DAC.

[26]  Giovanni De Micheli,et al.  Deep Learning for Logic Optimization Algorithms , 2018, 2018 IEEE International Symposium on Circuits and Systems (ISCAS).

[27]  Benjamin Edwards,et al.  Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering , 2018, SafeAI@AAAI.

[28]  Wojciech Samek,et al.  Methods for interpreting and understanding deep neural networks , 2017, Digit. Signal Process..

[29]  Fabio Roli,et al.  Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning , 2018, CCS.

[30]  Shigeki Nojima,et al.  Data Efficient Lithography Modeling with Residual Neural Networks and Transfer Learning , 2018, ISPD.

[31]  Brendan Dolan-Gavitt,et al.  Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks , 2018, RAID.

[32]  Ismail Bustany,et al.  A Machine Learning Framework to Identify Detailed Routing Short Violations from a Placed Netlist , 2018, 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC).

[33]  Ramesh Karri,et al.  CAD-Base , 2019, ACM Trans. Design Autom. Electr. Syst..

[34]  Yiorgos Makris,et al.  Enhanced hotspot detection through synthetic pattern generation and design of experiments , 2018, 2018 IEEE 36th VLSI Test Symposium (VTS).

[35]  Yanjun Qi,et al.  Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks , 2017, NDSS.

[36]  Lorenzo Servadei,et al.  A Machine Learning Approach for Area Prediction of Hardware Designs from Abstract Specifications , 2018, 2018 21st Euromicro Conference on Digital System Design (DSD).

[37]  Andrew B. Kahng,et al.  Machine Learning Applications in Physical Design: Recent Results and Directions , 2018, ISPD.

[38]  Ramesh Karri,et al.  A Primer on Hardware Security: Models, Methods, and Metrics , 2014, Proceedings of the IEEE.

[39]  Ismail Bustany,et al.  A machine learning framework to identify detailed routing short violations from a placed netlist , 2018, DAC.

[40]  Ananthram Swami,et al.  Practical Black-Box Attacks against Machine Learning , 2016, AsiaCCS.

[41]  Siddharth Garg,et al.  BadNets: Evaluating Backdooring Attacks on Deep Neural Networks , 2019, IEEE Access.

[42]  Joydeep Mitra,et al.  SRAF Insertion via Supervised Dictionary Learning , 2019, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[43]  Jan Hendrik Metzen,et al.  On Detecting Adversarial Perturbations , 2017, ICLR.

[44]  Moustapha Cissé,et al.  Countering Adversarial Images using Input Transformations , 2018, ICLR.

[45]  Frank E. Gennari,et al.  Hotspot detection using squish-net , 2019, Advanced Lithography.

[46]  Kamyar Azizzadenesheli,et al.  Stochastic Activation Pruning for Robust Adversarial Defense , 2018, ICLR.

[47]  Samy Bengio,et al.  Adversarial examples in the physical world , 2016, ICLR.

[48]  Haibo He,et al.  Learning from Imbalanced Data , 2009, IEEE Transactions on Knowledge and Data Engineering.

[49]  J. Andres Torres,et al.  ICCAD-2012 CAD contest in fuzzy pattern matching for physical verification and benchmark suite , 2012, 2012 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[50]  Di Tang,et al.  Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[51]  Seyed-Mohsen Moosavi-Dezfooli,et al.  Universal Adversarial Perturbations , 2016, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[52]  Andrew B. Kahng,et al.  Learning-based prediction of package power delivery network quality , 2019, ASP-DAC.

[53]  Fan Yang,et al.  Efficient Layout Hotspot Detection via Binarized Residual Neural Network , 2019, 2019 56th ACM/IEEE Design Automation Conference (DAC).

[54]  Gabriel H. Loh,et al.  Machine Learning for Performance and Power Modeling of Heterogeneous Systems , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).