Search papers, labs, and topics across Lattice.
The paper introduces RESQ, a three-stage framework for enhancing the reliability and security of quantized DNNs against both adversarial attacks and bit-flip faults. RESQ first fine-tunes the network to improve attack resilience, then performs fault-aware fine-tuning, and finally applies a post-training quantization adjustment. Experiments across multiple architectures and datasets demonstrate that RESQ achieves significant improvements in both attack and fault resilience while maintaining accuracy in quantized networks, also revealing an asymmetric relationship between the two types of resilience.
Quantizing neural networks doesn't have to mean sacrificing robustness: a new three-stage framework boosts resilience to both adversarial attacks and hardware faults by up to 12%, even after quantization.
This work proposes a unified three-stage framework that produces a quantized DNN with balanced fault and attack robustness. The first stage improves attack resilience via fine-tuning that desensitizes feature representations to small input perturbations. The second stage reinforces fault resilience through fault-aware fine-tuning under simulated bit-flip faults. Finally, a lightweight post-training adjustment integrates quantization to enhance efficiency and further mitigate fault sensitivity without degrading attack resilience. Experiments on ResNet18, VGG16, EfficientNet, and Swin-Tiny in CIFAR-10, CIFAR-100, and GTSRB show consistent gains of up to 10.35% in attack resilience and 12.47% in fault resilience, while maintaining competitive accuracy in quantized networks. The results also highlight an asymmetric interaction in which improvements in fault resilience generally increase resilience to adversarial attacks, whereas enhanced adversarial resilience does not necessarily lead to higher fault resilience.
