一种用于智能汽车的硬件友好对抗样本在线防御方法  

Hardware-Friendly Online Defense Against Adversarial Attacks for Smart Cars

在线阅读下载全文

作  者:范仁昊 庞猛 王明羽 李明钊 张悠慧[1] 李兆麟[1] FAN Renhao;PANG Meng;WANG Mingyu;LI Mingzhao;ZHANG Youhui;LI Zhaolin(Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China;School of Microelectronics Science and Technology,Sun Yat-sen University,Guangzhou 510275,China;WUXI TAIHAOHUIXIN Microelectronics Corporation,Wuxi 214063,Jiangsu,China)

机构地区:[1]清华大学计算机科学与技术系,北京100084 [2]中山大学微电子科学与技术学院,广州510275 [3]无锡太昊慧芯微电子有限公司,江苏,无锡214063

出  处:《汽车工程学报》2022年第5期583-592,共10页Chinese Journal of Automotive Engineering

基  金:国家重点研发计划项目(2020YFB1600202)。

摘  要:提出了一种针对对抗样本攻击的硬件友好的在线防御方法。该方法由三部分组成,一个使用自编码器作为检测器来逼近自然样本流形分布的广谱检测算法,一个适用于深度神经网络(Deep Neural Network,DNN)瓷片加速器架构的高效层调度方案以减少数据访问开销,以及一个软硬件协同设计方法以达到检测精度和算法开销的平衡。试验表明,基于自编码器的广谱在线检测方法能够达到与已有算法相当的检测精度,提出的层调度方案将推理网络与检测器耦合的联合网络的DRAM访问量减少了43%,进而降低了能耗,提高了吞吐量。此外,软硬件协同设计方法在保证检测精度不降低的情况下,将耦合网络的能耗和运行时间分别降低了58%和54%。This paper proposes a hardware-friendly online defense scheme called Auto-defense against adversarial attacks.Auto-defense is composed of a broad-spectrum detection algorithm which uses autoencoders to approximate manifolds of natural samples,a tiled DNN accelerator architecture with an efficient layer scheduling scheme to reduce data access overhead and a hardware/software co-design method to reach the balance of overhead and detection accuracy.The experimental evaluation shows that the broad-spectrum detection method achieves the state-of-the-art accuracy.The proposed layer scheduling scheme reduces the amount of DRAM access of the DNN coupled with detectors by more than 43%,thus resulting in lower energy consumption and higher throughput.Furthermore,the co-design method reduces the energy and execution time of the coupled network by 58%and 54%respectively without accuracy degradation.

关 键 词:神经网络 对抗样本攻击 在线防御 软硬件协同设计 

分 类 号:TP183[自动化与计算机技术—控制理论与控制工程]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象