Convolutional Neural Networks (CNN) have shown impressive performance in computer vision, natural language processing, and many other applications, but they exhibit high computations and substantial memory requirements. To address these limitations, especially in resource-constrained devices, the use of cloud computing for CNNs is becoming more popular. This comes with privacy and latency concerns that have motivated the designers to develop embedded hardware accelerators for CNNs. However, designing a specialized accelerator increases the time-to-market and cost of production. Therefore, to reduce the time-to-market and access to state-of-the-art techniques, CNN hardware mapping and deployment on embedded accelerators are often outsourced to untrusted third parties, which is going to be more prevalent in futuristic artificial intelligence of things (AIoT) systems. These AIoT systems anticipate horizontal collaboration among different resource-constrained AIoT node devices, where CNN layers are partitioned and these devices collaboratively compute complex CNN tasks Therefore, there is a dire need to explore this attack surface for designing secure embedded hardware accelerators for CNNs. Towards this goal, in this paper, we exploited this attack surface to propose an HT-based attack called FeSHI. This attack exploits the statistical distribution i.e., Gaussian distribution, of the layer-by-layer feature maps of the CNN to design two triggers for stealthy HT with a very low probability of triggering. To illustrate the effectiveness of the proposed attack, we deployed the LeNet and LeNet-3D on PYNQ to classify the MNIST and CIFAR-10 datasets, respectively, and tested FeSHI. The experimental results show that FeSHI utilizes up to 2% extra LUTs, and the overall resource overhead is less than 1% compared to the original designs

翻译：在计算机视野、自然语言处理和其他许多应用程序方面,Convolution Neal Neal Net网络显示令人印象深刻的成绩,在计算机网络2目、自然语言处理和其他许多应用程序方面表现出了令人印象深刻的成绩,但是它们表现出了很高的计算和大量记忆要求。为了解决这些限制,特别是在资源限制的装置方面,CNN使用云计算云正在变得更加受欢迎。这与隐私和隐蔽的网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络(CNN)在计算机视野、自然语言处理和其他许多应用程序方面表现出了令人印象深刻的成绩。而由于隐私和隐蔽的网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络网络在计算机视野、自然智能和大量存储方面表现出了令人印象深刻的功能性功能性功能性功能性功能性,因此,为了减少CNNWN的网络网络网络网络网络网络网络上对时间对时间到市场和进入状态技术、CNN的网络内部硬件智能智能智能智能智能智能智能的利用和部署和部署,因此我们非常需要探索这个攻击的系统内部攻击的直观地表面上设计的硬智能的硬智能的直径透图。