Leveraging Intermediate Node Evaluation to Secure Approximate Computing for AI Applications

Artificial Intelligence (AI) has been widely applied to homeland security to speed up target recognition, threat analysis, and decision-making. The intensive computation required by AI approaches could be an obstacle that prevents AI from achieving real-time responses. Approximate computing techniques that leverage accuracy for better performance have the potential to accelerate the computation in AI. However, since the AI techniques are applied in homeland security applications, which have high requirements for piracy and security, it is critical to deploy the approximation methods in a secure way. In this work, we analyze the stealthiness of the attacks in an approximate computing system and reveal that the primary outputs are not the best location to detect the presence of attacks. We propose an intermediate node evaluation-based attack detection (INEAD) method to examine the attacks in approximate computing systems. Our case studies on approximate Finite Impulse Response (FIR) filter and artificial neural network (ANN) show that intermediate nodes are better position for attack detection than the primary output. We observe that the attack detection speed has increased by 80% when INEAD method is deployed in FIR filter. The compile time for attack detection can be reduced by 52.7% for the case of ANN when our INEAD method is deployed.