To compress or not to compress: Understanding the Interactions between Adversarial Attacks and Neural Network Compression

September 29, 2018 Β· Declared Dead Β· πŸ› USENIX workshop on Tackling computer systems problems with machine learning techniques

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Yiren Zhao, Ilia Shumailov, Robert Mullins, Ross Anderson arXiv ID 1810.00208 Category cs.CR: Cryptography & Security Cross-listed cs.LG Citations 44 Venue USENIX workshop on Tackling computer systems problems with machine learning techniques Last Checked 3 months ago
Abstract
As deep neural networks (DNNs) become widely used, pruned and quantised models are becoming ubiquitous on edge devices; such compressed DNNs are popular for lowering computational requirements. Meanwhile, recent studies show that adversarial samples can be effective at making DNNs misclassify. We, therefore, investigate the extent to which adversarial samples are transferable between uncompressed and compressed DNNs. We find that adversarial samples remain transferable for both pruned and quantised models. For pruning, the adversarial samples generated from heavily pruned models remain effective on uncompressed models. For quantisation, we find the transferability of adversarial samples is highly sensitive to integer precision.
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Cryptography & Security

Died the same way β€” πŸ‘» Ghosted