Abstract
Deep neural networks (DNNs) are shown to be vulnerable to adversarial attacks—– carefully crafted additive noise that undermines DNNs integrity. Previously proposed defenses against these attacks require substantial overheads, making it challenging to deploy these solutions in power and computational resource-constrained devices, such as embedded systems and the Edge. In this paper, we explore the use of voltage overscaling (VOS) as a lightweight defense against adversarial attacks. Specifically, we exploit the stochastic timing violations of VOS to implement a moving-target defense for DNNs. Our experimental results demonstrate that VOS guarantees effective defense against different attack methods, does not require any software/hardware modifications, and offers a by-product reduction in power consumption.
Original language | English |
---|---|
Title of host publication | 2021 40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021 - Proceedings |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 9781665445078 |
DOIs | |
Publication status | Published - 23 Dec 2021 |
Externally published | Yes |
Event | 40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021 - Munich, Germany Duration: 01 Nov 2021 → 04 Nov 2021 |
Publication series
Name | IEEE/ACM International Conference on Computer-Aided Design: Proceedings |
---|---|
Publisher | IEEE |
ISSN (Print) | 1933-7760 |
ISSN (Electronic) | 1558-2434 |
Conference
Conference | 40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021 |
---|---|
Country/Territory | Germany |
City | Munich |
Period | 01/11/2021 → 04/11/2021 |
Bibliographical note
Publisher Copyright:© 2021 IEEE.
Keywords
- Adversarial attacks
- Approximate computing
- Machine learning
- Voltage overscaling
ASJC Scopus subject areas
- Software
- Computer Science Applications
- Computer Graphics and Computer-Aided Design