当前位置:
X-MOL 学术
›
arXiv.cs.CR
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
DeepDyve: Dynamic Verification for Deep Neural Networks
arXiv - CS - Cryptography and Security Pub Date : 2020-09-21 , DOI: arxiv-2009.09663 Yu Li, Min Li, Bo Luo, Ye Tian, and Qiang Xu
arXiv - CS - Cryptography and Security Pub Date : 2020-09-21 , DOI: arxiv-2009.09663 Yu Li, Min Li, Bo Luo, Ye Tian, and Qiang Xu
Deep neural networks (DNNs) have become one of the enabling technologies in
many safety-critical applications, e.g., autonomous driving and medical image
analysis. DNN systems, however, suffer from various kinds of threats, such as
adversarial example attacks and fault injection attacks. While there are many
defense methods proposed against maliciously crafted inputs, solutions against
faults presented in the DNN system itself (e.g., parameters and calculations)
are far less explored. In this paper, we develop a novel lightweight
fault-tolerant solution for DNN-based systems, namely DeepDyve, which employs
pre-trained neural networks that are far simpler and smaller than the original
DNN for dynamic verification. The key to enabling such lightweight checking is
that the smaller neural network only needs to produce approximate results for
the initial task without sacrificing fault coverage much. We develop efficient
and effective architecture and task exploration techniques to achieve optimized
risk/overhead trade-off in DeepDyve. Experimental results show that DeepDyve
can reduce 90% of the risks at around 10% overhead.
中文翻译:
DeepDyve:深度神经网络的动态验证
深度神经网络 (DNN) 已成为许多安全关键应用(例如自动驾驶和医学图像分析)中的支持技术之一。然而,DNN 系统受到各种威胁,例如对抗性示例攻击和故障注入攻击。虽然针对恶意制作的输入提出了许多防御方法,但针对 DNN 系统本身中出现的故障(例如,参数和计算)的解决方案却很少被探索。在本文中,我们为基于 DNN 的系统开发了一种新颖的轻量级容错解决方案,即 DeepDyve,它采用比原始 DNN 更简单、更小的预训练神经网络进行动态验证。启用这种轻量级检查的关键是较小的神经网络只需要为初始任务生成近似结果,而不会过多地牺牲故障覆盖率。我们开发高效的架构和任务探索技术,以在 DeepDyve 中实现优化的风险/开销权衡。实验结果表明,DeepDyve 可以以 10% 左右的开销降低 90% 的风险。
更新日期:2020-10-19
中文翻译:
DeepDyve:深度神经网络的动态验证
深度神经网络 (DNN) 已成为许多安全关键应用(例如自动驾驶和医学图像分析)中的支持技术之一。然而,DNN 系统受到各种威胁,例如对抗性示例攻击和故障注入攻击。虽然针对恶意制作的输入提出了许多防御方法,但针对 DNN 系统本身中出现的故障(例如,参数和计算)的解决方案却很少被探索。在本文中,我们为基于 DNN 的系统开发了一种新颖的轻量级容错解决方案,即 DeepDyve,它采用比原始 DNN 更简单、更小的预训练神经网络进行动态验证。启用这种轻量级检查的关键是较小的神经网络只需要为初始任务生成近似结果,而不会过多地牺牲故障覆盖率。我们开发高效的架构和任务探索技术,以在 DeepDyve 中实现优化的风险/开销权衡。实验结果表明,DeepDyve 可以以 10% 左右的开销降低 90% 的风险。