Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
102 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Exploring DNN Robustness Against Adversarial Attacks Using Approximate Multipliers (2404.11665v1)

Published 17 Apr 2024 in cs.LG and cs.CR

Abstract: Deep Neural Networks (DNNs) have advanced in many real-world applications, such as healthcare and autonomous driving. However, their high computational complexity and vulnerability to adversarial attacks are ongoing challenges. In this letter, approximate multipliers are used to explore DNN robustness improvement against adversarial attacks. By uniformly replacing accurate multipliers for state-of-the-art approximate ones in DNN layer models, we explore the DNNs robustness against various adversarial attacks in a feasible time. Results show up to 7% accuracy drop due to approximations when no attack is present while improving robust accuracy up to 10% when attacks applied.

PDF HTML Abstract
Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Bookmark Chat Bubble Oval Streamline Icon: https://streamlinehq.com Chat (Pro)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (21)
  1. M. Al-Qizwini, I. Barjasteh, H. Al-Qassab, and H. Radha, “Deep learning algorithm for autonomous driving using googlenet,” in 2017 IV, 2017, pp. 89–96.
  2. C. Barata and J. S. Marques, “Deep learning for skin cancer diagnosis with hierarchical architectures,” in 16th ISBI.   IEEE, 2019, pp. 841–845.
  3. T.-Y. Lin, P. Goyal, R. Girshick, K. He, and P. Dollár, “Focal loss for dense object detection,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 42, no. 2, pp. 318–327, 2020.
  4. I. Stratakos, E. A. Papatheofanous, D. Danopoulos, G. Lentaris, and D. Soudris, “Towards sharing one fpga soc for both low-level phy and high-level ai/ml computing at the edge,” 09 2021, pp. 76–81.
  5. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” arXiv preprint arXiv:1412.6572, 2014.
  6. F. Khalid, H. Ali, M. Abdullah Hanif, S. Rehman, R. Ahmed, and M. Shafique, “Fadec: A fast decision-based attack for adversarial machine learning,” in 2020 IJCNN, 2020, pp. 1–8.
  7. S. Venkataramani, X. Sun, N. Wang, C.-Y. Chen, J. Choi, M. Kang, A. Agarwal, J. Oh, S. Jain, T. Babinsky et al., “Efficient ai system design with cross-layer approximate computing,” Proc. IEEE, vol. 108, no. 12, pp. 2232–2250, 2020.
  8. M. A. Neggaz, I. Alouani, P. R. Lorenzo, and S. Niar, “A reliability study on cnns for critical embedded systems,” in 2018 IEEE 36th ICCD.   IEEE, 2018, pp. 476–479.
  9. M. A. Neggaz, I. Alouani, S. Niar, and F. Kurdahi, “Are cnns reliable enough for critical applications? an exploratory study,” IEEE Design & Test, vol. 37, no. 2, pp. 76–83, 2019.
  10. S. Hashemi, R. I. Bahar, and S. Reda, “Drum: A dynamic range unbiased multiplier for approximate applications,” in 2015 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), 2015, pp. 418–425.
  11. E. Farahmand, A. Mahani, B. Ghavami, M. A. Hanif, and M. Shafique, “scaletrim: Scalable truncation-based integer approximate multiplier with linearization and compensation,” arXiv preprint arXiv:2303.02495, 2023.
  12. S. Sen, B. Ravindran, and A. Raghunathan, “Empir: Ensembles of mixed precision deep networks for increased robustness against adversarial attacks,” arXiv preprint arXiv:2004.10162, 2020.
  13. K. He, X. Zhang, S. Ren, and J. Sun, “Deep residual learning for image recognition,” in Proc. IEE conference on computer vision and pattern recognition, 2016, pp. 770–778.
  14. S. Sajadimanesh and E. Atoofian, “Eam: Ensemble of approximate multipliers for robust dnns,” Microprocess. Microsyst., vol. 98, p. 104800, 2023.
  15. G. Armeniakos, G. Zervakis, D. Soudris, and J. Henkel, “Hardware Approximate Techniques for Deep Neural Network Accelerators: A Survey,” ACM Comput. Surv., vol. 55, no. 4, 2022.
  16. D. Danopoulos, G. Zervakis, K. Siozios, D. Soudris, and J. Henkel, “Adapt: Fast emulation of approximate dnn accelerators in pytorch,” IEEE Trans. Comput. Aided Des. Integr. Circuits Syst., 2022.
  17. A. Kurakin, I. Goodfellow, and S. Bengio, “Adversarial machine learning at scale,” arXiv preprint arXiv:1611.01236, 2016.
  18. A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, “Towards deep learning models resistant to adversarial attacks,” arXiv preprint arXiv:1706.06083, 2017.
  19. N. Carlini and D. Wagner, “Towards evaluating the robustness of neural networks,” in 2017 IEEE Secur. Privacy.   Ieee, 2017, pp. 39–57.
  20. Y. Lecun, L. Bottou, Y. Bengio, and P. Haffner, “Gradient-based learning applied to document recognition,” Proc. IEEE, vol. 86, pp. 2278 – 2324, 12 1998.
  21. K. Simonyan and A. Zisserman, “Very deep convolutional networks for large-scale image recognition,” arXiv preprint arXiv:1409.1556, 2014.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (6)
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets