Compressed Learning in MCA Architectures to Tolerate Malicious Noise

Abstract

It is shown that compressed learning tolerates adversarial attacks effectively and that classification accuracy is impacted minimally when the compression ratio is selected appropriately. An approach to select the compression ratio is presented. It is also shown that compressed learning is at least as tolerant to adversarial noise as the more power consuming compressive sensing method. Tolerance to adversarial attacks increases when the compressed learning-based neural network architecture is implemented on circuits that use Memristive Crossbar Arrays (MCAs). This paper shows that implementation on an MCA-based analog hardware circuit tolerates adversarial attacks more effectively than a hybrid MCA-based architecture while improving on latency and power consumption.