HAMLOCK: HArdware-Model LOgically Combined attacK

ArXi:2510.19145v4 Announce Type: replace-cross The growing use of third-party hardware accelerators (e.g., FPGAs, ASICs) for deep neural networks (DNNs) This decoupled design is highly stealthy, as the model itself contains no complete backdoor activation path as in conventional attacks and hence, appears fully benign. Empirically, across benchmarks like MNIST, CIFAR10, GTSRB, and ImageNet, HAMLOCK achieves a near-perfect attack success rate with a negligible clean accuracy drop. importantly, HAMLOCK circumvents the state-of-the-art model-level defenses without any adaptive optimization.