Research Manuscript: Panda or Gibbon and Back: Attacking and Defending Modern Machine Learning Systems
Event TypeResearch Manuscript
Virtual Programs
Presented In-Person
Hardware Security: Attack and Defense
TimeWednesday, December 8th1:30pm - 3:00pm PST
DescriptionMachine learning, particularly deep neural networks, have been adopted in diverse applications for classification and object detection with exceptional performance. However, the research community has developed powerful attacks on models. The papers in this session include both novel attacks and defenses for machine learning models. One paper presents an adversarial attack against models that process 3D point clouds, typically found in autonomous systems; the second presents a model inversion attack on hyper-dimensional models, which leads to compromise of the training data; the other two papers illustrate how recently proposed in-memory computing systems have built-in defense mechanisms against adversarial attacks.