Attacking Compressed Vision Transformers
This addresses security vulnerabilities in compressed models for edge deployment, but it is incremental as it focuses on transferability analysis without proposing new defenses.
The study investigated how adversarial attacks transfer across state-of-the-art compressed Vision Transformer models, analyzing the effects of three compression techniques on model robustness and security.
Vision Transformers are increasingly embedded in industrial systems due to their superior performance, but their memory and power requirements make deploying them to edge devices a challenging task. Hence, model compression techniques are now widely used to deploy models on edge devices as they decrease the resource requirements and make model inference very fast and efficient. But their reliability and robustness from a security perspective is another major issue in safety-critical applications. Adversarial attacks are like optical illusions for ML algorithms and they can severely impact the accuracy and reliability of models. In this work we investigate the transferability of adversarial samples across the SOTA Vision Transformer models across 3 SOTA compressed versions and infer the effects different compression techniques have on adversarial attacks.