Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

RESQ: A Unified Framework for REliability- and Security Enhancement of Quantized Deep Neural Networks

Ali Soltan Mohammadi, Samira Nazari, Ali Azarpeyvand, Mahdi Taheri, Milos Krstic, Michael Huebner, Christian Herglotz, Tara Ghasempouri

Abstract

This work proposes a unified three-stage framework that produces a quantized DNN with balanced fault and attack robustness. The first stage improves attack resilience via fine-tuning that desensitizes feature representations to small input perturbations. The second stage reinforces fault resilience through fault-aware fine-tuning under simulated bit-flip faults. Finally, a lightweight post-training adjustment integrates quantization to enhance efficiency and further mitigate fault sensitivity without degrading attack resilience. Experiments on ResNet18, VGG16, EfficientNet, and Swin-Tiny in CIFAR-10, CIFAR-100, and GTSRB show consistent gains of up to 10.35% in attack resilience and 12.47% in fault resilience, while maintaining competitive accuracy in quantized networks. The results also highlight an asymmetric interaction in which improvements in fault resilience generally increase resilience to adversarial attacks, whereas enhanced adversarial resilience does not necessarily lead to higher fault resilience.

RESQ: A Unified Framework for REliability- and Security Enhancement of Quantized Deep Neural Networks

Abstract

This work proposes a unified three-stage framework that produces a quantized DNN with balanced fault and attack robustness. The first stage improves attack resilience via fine-tuning that desensitizes feature representations to small input perturbations. The second stage reinforces fault resilience through fault-aware fine-tuning under simulated bit-flip faults. Finally, a lightweight post-training adjustment integrates quantization to enhance efficiency and further mitigate fault sensitivity without degrading attack resilience. Experiments on ResNet18, VGG16, EfficientNet, and Swin-Tiny in CIFAR-10, CIFAR-100, and GTSRB show consistent gains of up to 10.35% in attack resilience and 12.47% in fault resilience, while maintaining competitive accuracy in quantized networks. The results also highlight an asymmetric interaction in which improvements in fault resilience generally increase resilience to adversarial attacks, whereas enhanced adversarial resilience does not necessarily lead to higher fault resilience.
Paper Structure (16 sections, 9 equations, 3 figures, 3 tables, 1 algorithm)

This paper contains 16 sections, 9 equations, 3 figures, 3 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Proposed Methodology
  3. Overview
  4. Stage 0: Clean Training with Mixup
  5. Stage 1: Adversarial Resilience
  6. Stage 2: Fault-Aware Fine-Tuning
  7. Identification of Critical Layers
  8. Fault-Aware Fine-Tuning
  9. Stage 3: Memory Protection
  10. Experimental Results and Discussion
  11. Experimental Setup
  12. Layer-Wise Criticality Analysis
  13. Evaluation on Adversarial Resilience
  14. Evaluation on Fault Resilience
  15. Conclusion
  16. ...and 1 more sections

Figures (3)

  • Figure 1: Overview of the RESQ framework. The pipeline sequentially enhances DNN resilience and produces a final model robust to both input perturbations and hardware faults.
  • Figure 2: Top ten critical layers for ResNet-18 via EMA-based gradient norms.
  • Figure 3: Impact of training stages on resilience of ResNet-18