Securing On Edge Neural Networks for Real-Time People Detection on Embedded and Privacy by Design Systems = Securing On Edge Neural Networks for Real-Time People Detection on Embedded and Privacy by Design Systems

The rapid advancement of Artificial Intelligence (AI) has enabled deep learning models to operate not only in the cloud but also directly on edge devices and microcontrollers. This shift addresses critical needs such as privacy preservation, reduced latency, and energy efficiency, but it also introduces new security challenges. Edge-deployed models are inherently exposed to attacks that aim to extract knowledge, reduce accuracy, or compromise system reliability. This thesis investigates the problem of AI security on edge devices, focusing on resource-constrained microcontrollers. After reviewing the context and major threats, one of the most critical attacks for embedded systems is implemented and analyzed: Model Extraction via Output Matching. The experimental study is conducted on a presence/person detection neural network developed in TensorFlow and subsequently compressed using quantization and pruning techniques for deployment on a microcontroller with TensorFlow Lite.% Micro. The results demonstrate that compressed models, while maintaining satisfactory accuracy and resource efficiency, remain vulnerable to the same classes of attacks as their original counterparts, highlighting the need for effective countermeasures. A mitigation technique is therefore designed, implemented, and evaluated in terms of both robustness and performance trade-offs. This work contributes to a deeper understanding of the trade-offs between efficiency, accuracy, and security in AI systems on edge devices, shedding light on open challenges and outlining future directions toward resilient and privacy-preserving embedded intelligence.