Resilience and Security of Deep Neural Networks Against Intentional and Unintentional Perturbations: Survey and Research Challenges
Sazzad Sayyed, Milin Zhang, Shahriar Rifat, Ananthram Swami, Michael De Lucia, Francesco Restuccia
TL;DR
This survey addresses the resilience of deep neural networks to both intentional adversarial perturbations and unintentional distributional shifts. It consolidates a unified view by linking detection and robustness approaches across input, latent, and logit spaces, covering adversarial, OOD, and open-set challenges. The authors categorize detection methods, discuss cross-domain connections, and outline critical open questions and research directions, aiming to spur collaboration between previously separate communities. The work highlights the need for scalable, explainable, and dataset-agnostic solutions, and calls for benchmarks that reflect real-world conditions and constraints. Overall, the paper provides a comprehensive roadmap for advancing resilient and secure DNN inference in practical settings.
Abstract
In order to deploy deep neural networks (DNNs) in high-stakes scenarios, it is imperative that DNNs provide inference robust to external perturbations - both intentional and unintentional. Although the resilience of DNNs to intentional and unintentional perturbations has been widely investigated, a unified vision of these inherently intertwined problem domains is still missing. In this work, we fill this gap by providing a survey of the state of the art and highlighting the similarities of the proposed approaches.We also analyze the research challenges that need to be addressed to deploy resilient and secure DNNs. As there has not been any such survey connecting the resilience of DNNs to intentional and unintentional perturbations, we believe this work can help advance the frontier in both domains by enabling the exchange of ideas between the two communities.