SPARSEBFA: ATTACKING SPARSE DEEP NEURAL NETWORKS WITH THEWORST-CASE BIT FLIPS ON COORDINATES

被引:4
|
作者
Lee, Kyungmi [1 ]
Chandrakasan, Anantha P. [1 ]
机构
[1] MIT, Dept Elect Engn & Comp Sci, Cambridge, MA 02139 USA
来源
2022 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH AND SIGNAL PROCESSING (ICASSP) | 2022年
关键词
Bit flip attacks; deep neural networks; fault injection attacks; model compression; security;
D O I
10.1109/ICASSP43922.2022.9747337
中图分类号
O42 [声学];
学科分类号
070206 ; 082403 ;
摘要
Deep neural networks (DNNs) are shown to be vulnerable to a few carefully chosen bit flips in their parameters, and bit flip attacks (BFAs) exploit such vulnerability to degrade the performance of DNNs. In this work, we show that DNNs with high sparsity that typically result from weight pruning have a unique source of vulnerability to bit flips when their coordinates of nonzero weights are attacked. We propose SparseBFA, an algorithm that searches for a small number of bits among the coordinates of nonzero weights when the parameters of DNNs are stored using sparse matrix formats. Using SparseBFA, we find that the performance of DNNs drops to the random-guess level by flipping less than 0.00005% (1 in 2 million) of the total bits.
引用
收藏
页码:4208 / 4212
页数:5
相关论文
共 50 条
  • [1] DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips
    Yao, Fan
    Rakin, Adnan Siraj
    Fan, Deliang
    PROCEEDINGS OF THE 29TH USENIX SECURITY SYMPOSIUM, 2020, : 1463 - 1480
  • [2] Hardly Perceptible Trojan Attack Against Neural Networks with Bit Flips
    Bai, Jiawang
    Gao, Kuofeng
    Gong, Dihong
    Xia, Shu-Tao
    Li, Zhifeng
    Liu, Wei
    COMPUTER VISION - ECCV 2022, PT V, 2022, 13665 : 104 - 121
  • [3] Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips
    Bai, Jiawang
    Gao, Kuofeng
    Gong, Dihong
    Xia, Shu-Tao
    Li, Zhifeng
    Liu, Wei
    arXiv, 2022,
  • [4] Attacking Neural Networks with Neural Networks: Towards Deep Synchronization for Backdoor Attacks
    Guan, Zihan
    Sun, Lichao
    Du, Mengnan
    Liu, Ninghao
    PROCEEDINGS OF THE 32ND ACM INTERNATIONAL CONFERENCE ON INFORMATION AND KNOWLEDGE MANAGEMENT, CIKM 2023, 2023, : 608 - 618
  • [5] State Estimation for Markovian Jump Neural Networks Under Probabilistic Bit Flips: Allocating Constrained Bit Rates
    Guo, Yuru
    Wang, Zidong
    Li, Jun-Yi
    Xu, Yong
    IEEE TRANSACTIONS ON NEURAL NETWORKS AND LEARNING SYSTEMS, 2024, : 1 - 12
  • [6] Deep Inversion Method for Attacking Lifelong Learning Neural Networks
    Du, Boyuan
    Yu, Yuanlong
    Liu, Huaping
    2023 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS, IJCNN, 2023,
  • [7] Bit Efficient Quantization for Deep Neural Networks
    Nayak, Prateeth
    Zhang, David
    Chai, Sek
    FIFTH WORKSHOP ON ENERGY EFFICIENT MACHINE LEARNING AND COGNITIVE COMPUTING - NEURIPS EDITION (EMC2-NIPS 2019), 2019, : 52 - 56
  • [8] Sparse Deep Neural Networks for Embedded Intelligence
    Bi, Jia
    Gunn, Steve R.
    2018 IEEE 30TH INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI), 2018, : 30 - 38
  • [9] Learning Sparse Patterns in Deep Neural Networks
    Wen, Weijing
    Yang, Fan
    Su, Yangfeng
    Zhou, Dian
    Zeng, Xuan
    2019 IEEE 13TH INTERNATIONAL CONFERENCE ON ASIC (ASICON), 2019,
  • [10] Accelerating Sparse Deep Neural Networks on FPGAs
    Huang, Sitao
    Pearson, Carl
    Nagi, Rakesh
    Xiong, Jinjun
    Chen, Deming
    Hwu, Wen-mei
    2019 IEEE HIGH PERFORMANCE EXTREME COMPUTING CONFERENCE (HPEC), 2019,
12345