Deep neural network (DNN) accelerators received considerable attention in recent years due to the potential to save energy compared to mainstream hardware. Low-voltage operation of DNN accelerators allows to further reduce energy consumption, however, causes bit-level failures in the memory storing the quantized weights. Furthermore, DNN accelerators are vulnerable to adversarial attacks on voltage controllers or individual bits. In this paper, we show that a combination of robust fixed-point quantization, weight clipping, as well as random bit error training (RandBET) or adversarial bit error training (AdvBET) improves robustness against random or adversarial bit errors in quantized DNN weights significantly. This leads not only to high energy savings for low-voltage operation as well as low-precision quantization, but also improves security of DNN accelerators. In contrast to related work, our approach generalizes across operating voltages and accelerators and does not require hardware changes. Moreover, we present a novel adversarial bit error attack and are able to obtain robustness against both targeted and untargeted bit-level attacks. Without losing more than 0.8%/2% in test accuracy, we can reduce energy consumption on CIFAR10by 20%/30% for 8/4-bit quantization. Allowing up to 320 adversarial bit errors, we reduce test error from above 90% (chance level) to 26.22%.
Download full-text PDF |
Source |
|---|---|
| http://dx.doi.org/10.1109/TPAMI.2022.3181972 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
Strongly concealed adversarial attack against text classification models with limited queries.
Neural Netw
March 2025
School of Information and Electronics, Beijing Institute of Technology, Beijing 100081, PR China. Electronic address:
In black-box scenarios, adversarial attacks against text classification models face challenges in ensuring highly available adversarial samples, especially a high number of invalid queries under long texts. The existing methods select distractors by comparing the confidence vector differences obtained before and after deleting words, and the query increases linearly with the length of the text, making it difficult to apply to attack scenarios with limited queries. Generating adversarial samples based on a thesaurus can lead to semantic inconsistencies and even grammatical errors, making it easy for the target model to recognize adversarial samples and resulting in a low success rate of attacks.
View Article and Find Full Text PDFAn improving secure communication using multipath malicious avoidance routing protocol for underwater sensor network.
Sci Rep
December 2024
College of Computing and Information Sciences, University of Technology and Applied Sciences, Muscat, Oman.
The Underwater Sensor Network (UWSN) comprises sensor nodes with sensing, data processing, and communication capabilities. Due to the limitation of underwater radio wave propagation, nodes rely on acoustic signals to communicate. The data gathered by these nodes is transmitted to coordinating nodes or ground stations for additional processing and analysis.
View Article and Find Full Text PDFHigh-Quality Image Compression Algorithm Design Based on Unsupervised Learning.
Sensors (Basel)
October 2024
Chongqing Chang'an Wang Jiang Industry Group Co., Ltd., Chongqing 400023, China.
Increasingly massive image data is restricted by conditions such as information transmission and reconstruction, and it is increasingly difficult to meet the requirements of speed and integrity in the information age. To solve the urgent problems faced by massive image data in information transmission, this paper proposes a high-quality image compression algorithm based on unsupervised learning. Among them, a content-weighted autoencoder network is proposed to achieve image compression coding on the basis of a smaller bit rate to solve the entropy rate optimization problem.
View Article and Find Full Text PDFModel predictive manipulation of compliant objects with multi-objective optimizer and adversarial network for occlusion compensation.
ISA Trans
July 2024
The Hong Kong Polytechnic University, Department of Mechanical Engineering, Kowloon, Hong Kong. Electronic address:
Background: The manipulation of compliant objects by robotic systems remains a challenging task, largely due to their variable shapes and the complex, high-dimensional nature of their interaction dynamics. Traditional robotic manipulation strategies struggle with the accurate modeling and control necessary to handle such materials, especially in the presence of visual occlusions that frequently occur in dynamic environments. Meanwhile, for most unstructured environments, robots are required to have autonomous interactions with their surroundings.
View Article and Find Full Text PDFKeyboard Data Protection Technique Using GAN in Password-Based User Authentication: Based on C/D Bit Vulnerability.
Sensors (Basel)
February 2024
Department of Information Security Engineering, Mokpo National University, Muan 58554, Republic of Korea.
In computer systems, user authentication technology is required to identify users who use computers. In modern times, various user authentication technologies, including strong security features based on ownership, such as certificates and security cards, have been introduced. Nevertheless, password-based authentication technology is currently mainly used due to its convenience of use and ease of implementation.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!