Neural networks have become popular due to their versatility and state-of-the-art results in many applications, such as image classification, natural language processing, speech recognition, forecasting, etc. These applications are also used in resource-constrained environments such as embedded devices. In this work, the susceptibility of neural network implementations to reverse engineering is explored on the NVIDIA Jetson Nano microcomputer via side-channel analysis. To this end, an architecture extraction attack is presented. In the attack, 15 popular convolutional neural network architectures (EfficientNets, MobileNets, NasNet, etc.) are implemented on the GPU of Jetson Nano and the electromagnetic radiation of the GPU is analyzed during the inference operation of the neural networks. The results of the analysis show that neural network architectures are easily distinguishable using deep learning-based side-channel analysis.

翻译：神经网络因其通用性以及在图像分类、自然语言处理、语音识别、预测等众多应用中取得的先进成果而广受欢迎。这些应用也被用于资源受限的环境，例如嵌入式设备中。本研究通过侧信道分析，在英伟达Jetson Nano微型计算机上探讨了神经网络实现面对逆向工程的脆弱性。为此，提出了一种架构提取攻击方法。在攻击中，我们在Jetson Nano的GPU上实现了15种流行的卷积神经网络架构（如EfficientNets、MobileNets、NasNet等），并在神经网络的推理操作过程中分析了GPU的电磁辐射。分析结果表明，使用基于深度学习的侧信道分析可以轻松区分不同的神经网络架构。