TY - GEN
T1 - Accelerating Adversarial Attack using Process-in-Memory Architecture
AU - Liu, Shiyi
AU - Bavikadi, Sathwika
AU - Sen, Tanmoy
AU - Shen, Haiying
AU - Sutradhar, Purab Ranjan
AU - Ganguly, Amlan
AU - Pudukotai Dinakarrao, Sai Manoj
AU - Smith, Brian L.
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.
AB - Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.
KW - Black-box adversarial attack
KW - Deep neural net-work
KW - Processing in memory (PIM)
UR - http://www.scopus.com/inward/record.url?scp=85152296292&partnerID=8YFLogxK
U2 - 10.1109/MSN57253.2022.00061
DO - 10.1109/MSN57253.2022.00061
M3 - Conference contribution
AN - SCOPUS:85152296292
T3 - Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022
SP - 325
EP - 330
BT - Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 18th International Conference on Mobility, Sensing and Networking, MSN 2022
Y2 - 14 December 2022 through 16 December 2022
ER -
