CVPR Daily - Thursday

these systems against these so-called stealthy weight bit-flip attacks with a simple training approach. “ These fault-injection attacks are impacting machine learning algorithms of our time, ” Ozan reveals. “ This problem has only been identified in the last couple of years. Previous work has been from the malicious perspective, looking from the attacker’s point of view at what can be done, but there is currently no defense to these recently proposed attacks. When we learned about this vulnerability, we thought, how can we defend against this? ” This paper considers two attack algorithms developed in 2021 and optimized to manipulate neural networks in the best and fastest way possible: T-BFA: Targeted Bit-Flip Adversarial Weight Attack and Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits . “ The most challenging part was anticipating the adversary, ” Ozan explains. “ The adversary, or attacker, poses the problem. We must anticipate its strongest form and assume it can do anything. We explore the very honest way these 2021 papers have presented that. ” 27 DAILY CVPR Thursday Ozan Özdenizci Proposed defense

RkJQdWJsaXNoZXIy NTc3NzU=