Secure Deep Learning-based Distributed Intelligence on Pocket-sized
Drones
- URL: http://arxiv.org/abs/2307.01559v1
- Date: Tue, 4 Jul 2023 08:29:41 GMT
- Title: Secure Deep Learning-based Distributed Intelligence on Pocket-sized
Drones
- Authors: Elia Cereda and Alessandro Giusti and Daniele Palossi
- Abstract summary: Palm-sized nano-drones are an appealing class of edge nodes, but their limited computational resources prevent running large deep-learning models onboard.
Adopting an edge-fog computational paradigm, we can offload part of the computation to the fog; however, this poses security concerns if the fog node, or the communication link, can not be trusted.
We propose a novel distributed edge-fog execution scheme that validates fog computation by redundantly executing a random subnetwork aboard our nano-drone.
- Score: 75.80952211739185
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Palm-sized nano-drones are an appealing class of edge nodes, but their
limited computational resources prevent running large deep-learning models
onboard. Adopting an edge-fog computational paradigm, we can offload part of
the computation to the fog; however, this poses security concerns if the fog
node, or the communication link, can not be trusted. To tackle this concern, we
propose a novel distributed edge-fog execution scheme that validates fog
computation by redundantly executing a random subnetwork aboard our nano-drone.
Compared to a State-of-the-Art visual pose estimation network that entirely
runs onboard, a larger network executed in a distributed way improves the $R^2$
score by +0.19; in case of attack, our approach detects it within 2s with 95%
probability.
Related papers
- A Fast Algorithm for Moderating Critical Nodes via Edge Removal [19.130541561303293]
We study the problem of removing $k$ edges from a network to minimize the information centrality of a target node.
We propose three approximation greedy algorithms using novel techniques such as random walk-based Schur complement approximation and fast sum estimation.
To complement our theoretical analysis, we conduct a comprehensive set of experiments on synthetic and real networks with over one million nodes.
arXiv Detail & Related papers (2023-09-09T13:54:34Z) - Wasserstein distributional robustness of neural networks [9.79503506460041]
Deep neural networks are known to be vulnerable to adversarial attacks (AA)
For an image recognition task, this means that a small perturbation of the original can result in the image being misclassified.
We re-cast the problem using techniques of Wasserstein distributionally robust optimization (DRO) and obtain novel contributions.
arXiv Detail & Related papers (2023-06-16T13:41:24Z) - Robust Training and Verification of Implicit Neural Networks: A
Non-Euclidean Contractive Approach [64.23331120621118]
This paper proposes a theoretical and computational framework for training and robustness verification of implicit neural networks.
We introduce a related embedded network and show that the embedded network can be used to provide an $ell_infty$-norm box over-approximation of the reachable sets of the original network.
We apply our algorithms to train implicit neural networks on the MNIST dataset and compare the robustness of our models with the models trained via existing approaches in the literature.
arXiv Detail & Related papers (2022-08-08T03:13:24Z) - Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm [93.80082636284922]
Sparse adversarial attacks can fool deep networks (DNNs) by only perturbing a few pixels.
Recent efforts combine it with another l_infty perturbation on magnitudes.
We propose a homotopy algorithm to tackle the sparsity and neural perturbation framework.
arXiv Detail & Related papers (2021-06-10T20:11:36Z) - Targeted Attack against Deep Neural Networks via Flipping Limited Weight
Bits [55.740716446995805]
We study a novel attack paradigm, which modifies model parameters in the deployment stage for malicious purposes.
Our goal is to misclassify a specific sample into a target class without any sample modification.
By utilizing the latest technique in integer programming, we equivalently reformulate this BIP problem as a continuous optimization problem.
arXiv Detail & Related papers (2021-02-21T03:13:27Z) - Coded Stochastic ADMM for Decentralized Consensus Optimization with Edge
Computing [113.52575069030192]
Big data, including applications with high security requirements, are often collected and stored on multiple heterogeneous devices, such as mobile devices, drones and vehicles.
Due to the limitations of communication costs and security requirements, it is of paramount importance to extract information in a decentralized manner instead of aggregating data to a fusion center.
We consider the problem of learning model parameters in a multi-agent system with data locally processed via distributed edge nodes.
A class of mini-batch alternating direction method of multipliers (ADMM) algorithms is explored to develop the distributed learning model.
arXiv Detail & Related papers (2020-10-02T10:41:59Z) - Against Membership Inference Attack: Pruning is All You Need [22.13027338667513]
We envision that the weight pruning technique will help deep learning networks (DNNs) against membership inference attack (MIA)
In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA.
Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.
arXiv Detail & Related papers (2020-08-28T02:15:44Z) - ESPN: Extremely Sparse Pruned Networks [50.436905934791035]
We show that a simple iterative mask discovery method can achieve state-of-the-art compression of very deep networks.
Our algorithm represents a hybrid approach between single shot network pruning methods and Lottery-Ticket type approaches.
arXiv Detail & Related papers (2020-06-28T23:09:27Z) - Depth-2 Neural Networks Under a Data-Poisoning Attack [2.105564340986074]
We study the possibility of defending against data-poisoning attacks while training a shallow neural network in a regression setup.
In this work, we focus on doing supervised learning for a class of depth-2 finite-width neural networks.
arXiv Detail & Related papers (2020-05-04T17:56:15Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.