Secure Deep Learning Pipeline Design for Vision transformer
Published in Peer Reviewed Core-A-ranking Computer Architecture Journal, 2024
- Keywords: Vision Transformer, Hardware Acceleration, Data-pipeline Manipulation, Adversarial Defenses, Lightweight
- This paper addresses the vulnerability of Vision Transformers (ViTs) and other deep neural networks (DNNs) to adversarial attacks, which involve subtle perturbations that can lead to incorrect model predictions. These attacks pose significant security risks in real-world applications like autonomous driving and image classification. While many defenses have been developed, few focus on detecting adversarial inputs before they reach the model. The authors propose a lightweight adversarial detection method that acts as a filter, flagging potentially harmful inputs prior to processing. This method is computationally efficient, adaptable to various models, and enhances the performance of existing defense mechanisms.