Adversarial attacks on an optical neural network
This work addresses a security vulnerability in optical machine learning systems, which is an incremental step as it extends known adversarial attack issues from digital to optical domains.
The authors tackled the problem of adversarial attacks on optical neural networks (ONN), demonstrating that such attacks can cause malfunction and wrong classifications in an ONN-based image classifier, with the system generating incorrect results most of the time.
Adversarial attacks have been extensively investigated for machine learning systems including deep learning in the digital domain. However, the adversarial attacks on optical neural networks (ONN) have been seldom considered previously. In this work, we first construct an accurate image classifier with an ONN using a mesh of interconnected Mach-Zehnder interferometers (MZI). Then a corresponding adversarial attack scheme is proposed for the first time. The attacked images are visually very similar to the original ones but the ONN system becomes malfunctioned and generates wrong classification results in most time. The results indicate that adversarial attack is also a significant issue for optical machine learning systems.