Skip to main content
SpringerLink
Log in

Applying DDDAS Principles for Realizing Optimized and Robust Deep Learning Models at the Edge

  • Conference paper
  • First Online:
Dynamic Data Driven Applications Systems (DDDAS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13984))

Included in the following conference series:

  • 89 Accesses

Abstract

Edge computing is an attractive avenue to support low-latency applications including those that leverage deep learning (DL)-based model inferencing. Due to constraints on compute, storage and power at the edge, however, these DL models must be quantized to reduce their footprint while minimizing loss of accuracy. However, DL models and their quantized equivalents are often prone to adversarial attacks requiring them to be made robust against such attacks. The resource constraints at the edge, however, preclude any quantization and robustness design operations directly at the edge. Moreover, the changing dynamics of edge-based computations and resulting concept drifts in the models require an iterative approach to meet the needs of robust DL models at the edge. To address these challenges, this paper presents initial results on an iterative procedure involving a DDDAS feedback loop. DDDAS is used to dynamically instrument the edge-deployed, quantized DL models for data on the effectiveness of their quantization and robustness abilities, which in turn is used to drive an automated, cloud-based process that uses tools, such as Apache TVM, to generate quantized, optimized and robust DL models suitable for the edge. These models subsequently are automatically deployed at the edge using orchestration tools. Preliminary studies using this approach have shown its effectiveness in image classification and object detection applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Addepalli, S., Vivek, B.S., Baburaj, A., Sriramanan, G., Babu, R.V.: Towards achieving adversarial robustness by enforcing feature consistency across bit planes. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), June 2020

    Google Scholar 

  2. Biggio, B., et al.: Evasion attacks against machine learning at test time. CoRR abs/1708.06131 (2017). http://arxiv.org/abs/1708.06131

  3. Biggio, B., Roli, F.: Wild patterns: ten years after the rise of adversarial machine learning. CoRR abs/1712.03141 (2017). http://arxiv.org/abs/1712.03141

  4. Cai, H., Gan, C., Wang, T., Zhang, Z., Han, S.: Once for all: train one network and specialize it for efficient deployment. In: International Conference on Learning Representations (2020). https://arxiv.org/pdf/1908.09791.pdf

  5. Canady, R., Zhou, X., Barve, Y., Balasubramanian, D., Gokhale, A.: Adversarially robust edge-based object detection for assuredly autonomous systems. In: 2022 IEEE International Conference on Assured Autonomy (ICAA), pp. 97–106 (2022). https://doi.org/10.1109/ICAA52185.2022.00021

  6. Carlini, N., et al.: On evaluating adversarial robustness. CoRR abs/1902.06705 (2019). http://arxiv.org/abs/1902.06705

  7. Chen, T., et al.: TVM: an automated End-to-End optimizing compiler for deep learning. In: 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2018), pp. 578–594. USENIX Association, Carlsbad, CA, October 2018. https://www.usenix.org/conference/osdi18/presentation/chen

  8. Chow, K.H., et al.: Adversarial objectness gradient attacks in real-time object detection systems. In: IEEE International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications, pp. 263–272. IEEE (2020)

    Google Scholar 

  9. Darema, F., Blasch, E., Ravela, S., Aved, A. (eds.): Dynamic Data Driven Applications Systems: Third International Conference, DDDAS 2020, Boston, MA, USA, 2–4 October 2020, Proceedings, vol. 12312. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-61725-7

  10. Deng, J., Dong, W., Socher, R., Li, L.J., Li, K., Fei-Fei, L.: ImageNet: a large-scale hierarchical image database. In: 2009 IEEE Conference on Computer Vision and Pattern Recognition, pp. 248–255 (2009). https://doi.org/10.1109/CVPR.2009.5206848

  11. Everingham, M., Van Gool, L., Williams, C.K.I., Winn, J., Zisserman, A.: The pascal visual object classes (VOC) challenge. Int. J. Comput. Vision 88(2), 303–338 (2010)

    Article  Google Scholar 

  12. Girshick, R.B., Donahue, J., Darrell, T., Malik, J.: Rich feature hierarchies for accurate object detection and semantic segmentation. CoRR abs/1311.2524 (2013). http://arxiv.org/abs/1311.2524

  13. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples (2015)

    Google Scholar 

  14. Hinton, G., Vinyals, O., Dean, J.: Distilling the knowledge in a neural network. In: NIPS Deep Learning and Representation Learning Workshop (2015). http://arxiv.org/abs/1503.02531

  15. Ho, D.H., Marri, R., Rella, S., Lee, Y.: DeepLite: real-time deep learning framework for neighborhood analysis. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 5673–5678 (2019). https://doi.org/10.1109/BigData47090.2019.9005651

  16. Hu, Z., Zhong, Z.: Towards practical robustness improvement for object detection in safety-critical scenarios. In: Wang, G., Ciptadi, A., Ahmadzadeh, A. (eds.) MLHat 2020. CCIS, vol. 1271, pp. 66–83. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59621-7_4

    Chapter  Google Scholar 

  17. Jia, Y., et al.: Fooling detection alone is not enough: adversarial attack against multiple object tracking. In: International Conference on Learning Representations (2020). https://openreview.net/forum?id=rJl31TNYPr

  18. Krizhevsky, A., Hinton, G., et al.: Learning multiple layers of features from tiny images (2009)

    Google Scholar 

  19. Lin, T., et al.: Microsoft COCO: common objects in context. CoRR abs/1405.0312 (2014). http://arxiv.org/abs/1405.0312

  20. Liu, W., et al.: SSD: single shot multibox detector. CoRR abs/1512.02325 (2015). http://arxiv.org/abs/1512.02325

  21. Liu, X., Yang, H., Song, L., Li, H., Chen, Y.: DPatch: attacking object detectors with adversarial patches. CoRR abs/1806.02299 (2018). http://arxiv.org/abs/1806.02299

  22. Lopes, R.G., Yin, D., Poole, B., Gilmer, J., Cubuk, E.D.: Improving robustness without sacrificing accuracy with patch gaussian augmentation. CoRR abs/1906.02611 (2019). http://arxiv.org/abs/1906.02611

  23. Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks (2019)

    Google Scholar 

  24. Moore, B.E., Corso, J.J.: Fiftyone. GitHub. Note (2020). https://github.com/voxel51/fiftyone

  25. Moosavi-Dezfooli, S., Fawzi, A., Frossard, P.: DeepFool: a simple and accurate method to fool deep neural networks. CoRR abs/1511.04599 (2015). http://arxiv.org/abs/1511.04599

  26. Raff, E., Sylvester, J., Forsyth, S., McLean, M.: Barrage of random transforms for adversarially robust defense. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), June 2019

    Google Scholar 

  27. Redmon, J., Farhadi, A.: YOLOv3: an incremental improvement. CoRR abs/1804.02767 (2018). http://arxiv.org/abs/1804.02767

  28. Sawadski, V.: Opendatacam. https://github.com/opendatacam/opendatacam

  29. Sze, V., Chen, Y.H., Yang, T.J., Emer, J.S.: Efficient processing of deep neural networks: a tutorial and survey. Proc. IEEE 105(12), 2295–2329 (2017)

    Article  Google Scholar 

  30. Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)

  31. Wang, S., Wu, T., Chakrabarti, A., Vorobeychik, Y.: Adversarial robustness of deep sensor fusion models. In: Proceedings of the IEEE/CVF Winter Conference on Applications of Computer Vision (WACV), pp. 2387–2396, January 2022

    Google Scholar 

  32. Xie, C., Wu, Y., van der Maaten, L., Yuille, A.L., He, K.: Feature denoising for improving adversarial robustness. In: 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp. 501–509 (2019). https://doi.org/10.1109/CVPR.2019.00059

  33. Xie, C., Wang, J., Zhang, Z., Ren, Z., Yuille, A.L.: Mitigating adversarial effects through randomization. CoRR abs/1711.01991 (2017). http://arxiv.org/abs/1711.01991

  34. Xu, Z., Shah, H.S., Ramachandran, U.: Coral-Pie: a geo-distributed edge-compute solution for space-time vehicle tracking. Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3423211.3425686

  35. Zhang, H., Wang, J.: Towards adversarially robust object detection. In: Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV), October 2019

    Google Scholar 

  36. Zhou, X., Canady, R., Bao, S., Gokhale, A.: Cost-effective hardware accelerator recommendation for edge computing. In: 3rd \(\{\)USENIX\(\}\) Workshop on Hot Topics in Edge Computing (HotEdge 2020) (2020)

    Google Scholar 

  37. Zhou, X., et al.: Guarding against universal adversarial perturbations in data-driven cloud/edge services. In: 2022 IEEE International Conference on Cloud Engineering (IC2E), pp. 233–244 (2022). https://doi.org/10.1109/IC2E55432.2022.00032

  38. Zhu, P., et al.: Detection and tracking meet drones challenge. IEEE Trans. Pattern Anal. Mach. Intell. 44(11), 7380–7399 (2021). https://doi.org/10.1109/TPAMI.2021.3119563

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Vanderbilt University, Nashville, TN, 37203, USA

    Robert Canady, Xingyu Zhou, Yogesh Barve, Daniel Balasubramanian & Aniruddha Gokhale

Authors
  1. Robert Canady
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xingyu Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yogesh Barve
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Daniel Balasubramanian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Aniruddha Gokhale
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aniruddha Gokhale .

Editor information

Editors and Affiliations

  1. MOVEJ Analytics, Fairborn, OH, USA

    Erik Blasch

  2. InfoSymbiotic Systems Society, Bethesda, MD, USA

    Frederica Darema

  3. Air Force Research Laboratories, Canastota, NY, USA

    Alex Aved

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Canady, R., Zhou, X., Barve, Y., Balasubramanian, D., Gokhale, A. (2024). Applying DDDAS Principles for Realizing Optimized and Robust Deep Learning Models at the Edge. In: Blasch, E., Darema, F., Aved, A. (eds) Dynamic Data Driven Applications Systems. DDDAS 2022. Lecture Notes in Computer Science, vol 13984. Springer, Cham. https://doi.org/10.1007/978-3-031-52670-1_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-52670-1_32

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-52669-5

  • Online ISBN: 978-3-031-52670-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation