Accelerating Adversarial Attack using Process-in-Memory Architecture

Shiyi Liu; Sathwika Bavikadi; Tanmoy Sen; Haiying Shen; Purab Ranjan Sutradhar; Amlan Ganguly; Sai Manoj Pudukotai Dinakarrao; Brian L. Smith

doi:10.1109/MSN57253.2022.00061

Accelerating Adversarial Attack using Process-in-Memory Architecture

Shiyi Liu
, Sathwika Bavikadi
, Tanmoy Sen
, Haiying Shen
, Purab Ranjan Sutradhar
, Amlan Ganguly
, Sai Manoj Pudukotai Dinakarrao
, Brian L. Smith

Electrical Engineering Department

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.

Original language	English
Title of host publication	Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	325-330
Number of pages	6
ISBN (Electronic)	9781665464574
DOIs	https://doi.org/10.1109/MSN57253.2022.00061
State	Published - 2022
Event	18th International Conference on Mobility, Sensing and Networking, MSN 2022 - Virtual, Online, China Duration: 14 Dec 2022 → 16 Dec 2022

Publication series

Name	Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022

Conference

Conference	18th International Conference on Mobility, Sensing and Networking, MSN 2022
Country/Territory	China
City	Virtual, Online
Period	14/12/22 → 16/12/22

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 7 Affordable and Clean Energy

Keywords

Black-box adversarial attack
Deep neural net-work
Processing in memory (PIM)

Access to Document

10.1109/MSN57253.2022.00061

Cite this

Liu, S., Bavikadi, S., Sen, T., Shen, H., Sutradhar, P. R., Ganguly, A., Pudukotai Dinakarrao, S. M., & Smith, B. L. (2022). Accelerating Adversarial Attack using Process-in-Memory Architecture. In Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022 (pp. 325-330). (Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MSN57253.2022.00061

Liu, Shiyi ; Bavikadi, Sathwika ; Sen, Tanmoy et al. / Accelerating Adversarial Attack using Process-in-Memory Architecture. Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022. Institute of Electrical and Electronics Engineers Inc., 2022. pp. 325-330 (Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022).

@inproceedings{b22c35ba103749b3b8932b498df589f5,

title = "Accelerating Adversarial Attack using Process-in-Memory Architecture",

abstract = "Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.",

keywords = "Black-box adversarial attack, Deep neural net-work, Processing in memory (PIM)",

author = "Shiyi Liu and Sathwika Bavikadi and Tanmoy Sen and Haiying Shen and Sutradhar, \{Purab Ranjan\} and Amlan Ganguly and \{Pudukotai Dinakarrao\}, \{Sai Manoj\} and Smith, \{Brian L.\}",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 18th International Conference on Mobility, Sensing and Networking, MSN 2022 ; Conference date: 14-12-2022 Through 16-12-2022",

year = "2022",

doi = "10.1109/MSN57253.2022.00061",

language = "English",

series = "Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "325--330",

booktitle = "Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022",

address = "United States",

}

Liu, S, Bavikadi, S, Sen, T, Shen, H, Sutradhar, PR, Ganguly, A, Pudukotai Dinakarrao, SM & Smith, BL 2022, Accelerating Adversarial Attack using Process-in-Memory Architecture. in Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022. Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022, Institute of Electrical and Electronics Engineers Inc., pp. 325-330, 18th International Conference on Mobility, Sensing and Networking, MSN 2022, Virtual, Online, China, 14/12/22. https://doi.org/10.1109/MSN57253.2022.00061

Accelerating Adversarial Attack using Process-in-Memory Architecture. / Liu, Shiyi; Bavikadi, Sathwika; Sen, Tanmoy et al.
Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022. Institute of Electrical and Electronics Engineers Inc., 2022. p. 325-330 (Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Accelerating Adversarial Attack using Process-in-Memory Architecture

AU - Liu, Shiyi

AU - Bavikadi, Sathwika

AU - Sen, Tanmoy

AU - Shen, Haiying

AU - Sutradhar, Purab Ranjan

AU - Ganguly, Amlan

AU - Pudukotai Dinakarrao, Sai Manoj

AU - Smith, Brian L.

PY - 2022

Y1 - 2022

N2 - Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.

AB - Recent research has demonstrated that machine learning algorithms are vulnerable to adversarial attacks, in which small but carefully crafted input perturbations can lead to algorithm failure. It has been demonstrated that certain adversarial attack algorithms are capable of producing these types of perturbations. These attack methods are inapplicable when the attack must be generated in near real time. The use of a hardware accelerator, such as a Process-in-Memory (PIM) archi-tecture, is a potential method for addressing this issue. The PIM architecture is regarded as a superior option for data-intensive applications such as solving optimization problems and Deep Neural Networks (DNN) due to its capacity for ultra-low-latency parallel processing. However, implementing an adversarial attack algorithm directly on the PIM platform is inefficient due to the PIM architecture's complexity and overhead costs. To address this issue, we utilize a novel adversarial attack scheme based on the PIM that leverages Look-up-Table (LUT)-based processing. The proposed LUT-based PIM architecture is capable of being dynamically programmed to execute the operations necessary for an adversarial attack algorithm. Our simulations reveal that the proposed method is capable of achieving an ultra-low operating delay and energy-efficiency performance.

KW - Black-box adversarial attack

KW - Deep neural net-work

KW - Processing in memory (PIM)

UR - https://www.scopus.com/pages/publications/85152296292

U2 - 10.1109/MSN57253.2022.00061

DO - 10.1109/MSN57253.2022.00061

M3 - Conference contribution

AN - SCOPUS:85152296292

T3 - Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022

SP - 325

EP - 330

BT - Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 18th International Conference on Mobility, Sensing and Networking, MSN 2022

Y2 - 14 December 2022 through 16 December 2022

ER -

Liu S, Bavikadi S, Sen T, Shen H, Sutradhar PR, Ganguly A et al. Accelerating Adversarial Attack using Process-in-Memory Architecture. In Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022. Institute of Electrical and Electronics Engineers Inc. 2022. p. 325-330. (Proceedings - 2022 18th International Conference on Mobility, Sensing and Networking, MSN 2022). doi: 10.1109/MSN57253.2022.00061

Accelerating Adversarial Attack using Process-in-Memory Architecture

Abstract

Publication series

Conference

UN SDGs

Keywords

Access to Document

Other files and links

Fingerprint

Cite this