Exploring DNN Robustness Against Adversarial Attacks Using Approximate Multipliers
This work addresses robustness for DNNs in safety-critical applications like healthcare and autonomous driving, but it is incremental as it builds on existing approximate multiplier techniques.
The paper tackled the problem of DNN vulnerability to adversarial attacks by using approximate multipliers, resulting in up to 10% improvement in robust accuracy under attacks despite a 7% accuracy drop without attacks.
Deep Neural Networks (DNNs) have advanced in many real-world applications, such as healthcare and autonomous driving. However, their high computational complexity and vulnerability to adversarial attacks are ongoing challenges. In this letter, approximate multipliers are used to explore DNN robustness improvement against adversarial attacks. By uniformly replacing accurate multipliers for state-of-the-art approximate ones in DNN layer models, we explore the DNNs robustness against various adversarial attacks in a feasible time. Results show up to 7% accuracy drop due to approximations when no attack is present while improving robust accuracy up to 10% when attacks applied.