AD2VNCS: Adversarial Defense and Device Variation-tolerance in Memristive Crossbar-based Neuromorphic Computing Systems

被引：2

作者：

Bi, Yongtian ^{[1
]}

Xu, Qi ^{[2
]}

Geng, Hao ^{[3
]}

Chen, Song ^{[2
]}

Kang, Yi ^{[2
]}

机构：

[1] Univ Sci & Technol China, Inst Adv Technol, 96 JinZhai Rd, Hefei 230026, Anhui, Peoples R China

[2] Univ Sci & Technol China, Sch Microelect, 96 JinZhai Rd, Hefei 230026, Anhui, Peoples R China

[3] ShanghaiTech Univ, Sch Informat Sci & Technol, 393 Middle Huaxia Rd, Shanghai 201210, Peoples R China

来源：

ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS | 2024年 / 29卷 / 01期

基金：

中国国家自然科学基金;

关键词：

Neuromorphic; memristor; adversarial defense; variation tolerance; INFERENCE;

D O I：

10.1145/3600231

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In recent years, memristive crossbar-based neuromorphic computing systems (NCS) have obtained extremely high performance in neural network acceleration. However, adversarial attacks and conductance variations of memristors bring reliability challenges to NCS design. First, adversarial attacks can fool the neural network and pose a serious threat to security critical applications. However, device variations lead to degradation of the network accuracy. In this article, we propose DFS (Deep neural network Feature importance Sampling) and BFS (Bayesian neural network Feature importance Sampling) training strategies, which consist of Bayesian Neural Network (BNN) prior setting, clustering-based loss function, and feature importance sampling techniques, to simultaneously combat device variation, white-box attack, and black-box attack challenges. Experimental results clearly demonstrate that the proposed training framework can improve the NCS reliability.

引用

页数：19

共 43 条

[1]

Athalye A, 2018, PR MACH LEARN RES, V80

[2]

Barve S., 2021, Proceedings of the ACM Great Lakes Symposium on VLSI, GLSVLSI, V1, P201, DOI [10.1145/3453688.3461757, DOI 10.1145/3453688.3461757]

[3]

Bhattacharjee A, 2021, Arxiv, DOI arXiv:2008.11298

[4] Variational Inference: A Review for Statisticians [J].

Blei, David M. ;

Kucukelbir, Alp ;

McAuliffe, Jon D. .

JOURNAL OF THE AMERICAN STATISTICAL ASSOCIATION, 2017, 112 (518) :859-877

[5]

Carbone G, 2020, ADV NEUR IN, V33

[6]

Carlini N, 2019, Arxiv, DOI arXiv:1902.06705

[7] Towards Evaluating the Robustness of Neural Networks [J].

Carlini, Nicholas ;

Wagner, David .

2017 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2017, :39-57

[8] Improving the accuracy and robustness of RRAM-based in-memory computing against RRAM hardware noise and adversarial attacks [J].

Cherupally, Sai Kiran ;

Meng, Jian ;

Rakin, Adnan Siraj ;

Yin, Shihui ;

Yeo, Injune ;

Yu, Shimeng ;

Fan, Deliang ;

Seo, Jae-Sun .

SEMICONDUCTOR SCIENCE AND TECHNOLOGY, 2022, 37 (03)

[9]

Dhillon G. S., 2018, arXiv, DOI DOI 10.48550/ARXIV.1803.01442

[10] Bayesian Inference Based Robust Computing on Memristor Crossbar [J].

Gao, Di ;

Huang, Qingrong ;

Zhang, Grace Li ;

Yin, Xunzhao ;

Li, Bing ;

Schlichtmann, Ulf ;

Zhuo, Cheng .

2021 58TH ACM/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2021, :121-126

← 1 2 3 4 5 →