Abstract
Edge computing is an attractive avenue to support low-latency applications including those that leverage deep learning (DL)-based model inferencing. Due to constraints on compute, storage and power at the edge, however, these DL models must be quantized to reduce their footprint while minimizing loss of accuracy. However, DL models and their quantized equivalents are often prone to adversarial attacks requiring them to be made robust against such attacks. The resource constraints at the edge, however, preclude any quantization and robustness design operations directly at the edge. Moreover, the changing dynamics of edge-based computations and resulting concept drifts in the models require an iterative approach to meet the needs of robust DL models at the edge. To address these challenges, this paper presents initial results on an iterative procedure involving a DDDAS feedback loop. DDDAS is used to dynamically instrument the edge-deployed, quantized DL models for data on the effectiveness of their quantization and robustness abilities, which in turn is used to drive an automated, cloud-based process that uses tools, such as Apache TVM, to generate quantized, optimized and robust DL models suitable for the edge. These models subsequently are automatically deployed at the edge using orchestration tools. Preliminary studies using this approach have shown its effectiveness in image classification and object detection applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Addepalli, S., Vivek, B.S., Baburaj, A., Sriramanan, G., Babu, R.V.: Towards achieving adversarial robustness by enforcing feature consistency across bit planes. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), June 2020
Biggio, B., et al.: Evasion attacks against machine learning at test time. CoRR abs/1708.06131 (2017). http://arxiv.org/abs/1708.06131
Biggio, B., Roli, F.: Wild patterns: ten years after the rise of adversarial machine learning. CoRR abs/1712.03141 (2017). http://arxiv.org/abs/1712.03141
Cai, H., Gan, C., Wang, T., Zhang, Z., Han, S.: Once for all: train one network and specialize it for efficient deployment. In: International Conference on Learning Representations (2020). https://arxiv.org/pdf/1908.09791.pdf
Canady, R., Zhou, X., Barve, Y., Balasubramanian, D., Gokhale, A.: Adversarially robust edge-based object detection for assuredly autonomous systems. In: 2022 IEEE International Conference on Assured Autonomy (ICAA), pp. 97–106 (2022). https://doi.org/10.1109/ICAA52185.2022.00021
Carlini, N., et al.: On evaluating adversarial robustness. CoRR abs/1902.06705 (2019). http://arxiv.org/abs/1902.06705
Chen, T., et al.: TVM: an automated End-to-End optimizing compiler for deep learning. In: 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2018), pp. 578–594. USENIX Association, Carlsbad, CA, October 2018. https://www.usenix.org/conference/osdi18/presentation/chen
Chow, K.H., et al.: Adversarial objectness gradient attacks in real-time object detection systems. In: IEEE International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications, pp. 263–272. IEEE (2020)
Darema, F., Blasch, E., Ravela, S., Aved, A. (eds.): Dynamic Data Driven Applications Systems: Third International Conference, DDDAS 2020, Boston, MA, USA, 2–4 October 2020, Proceedings, vol. 12312. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-61725-7
Deng, J., Dong, W., Socher, R., Li, L.J., Li, K., Fei-Fei, L.: ImageNet: a large-scale hierarchical image database. In: 2009 IEEE Conference on Computer Vision and Pattern Recognition, pp. 248–255 (2009). https://doi.org/10.1109/CVPR.2009.5206848
Everingham, M., Van Gool, L., Williams, C.K.I., Winn, J., Zisserman, A.: The pascal visual object classes (VOC) challenge. Int. J. Comput. Vision 88(2), 303–338 (2010)
Girshick, R.B., Donahue, J., Darrell, T., Malik, J.: Rich feature hierarchies for accurate object detection and semantic segmentation. CoRR abs/1311.2524 (2013). http://arxiv.org/abs/1311.2524
Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples (2015)
Hinton, G., Vinyals, O., Dean, J.: Distilling the knowledge in a neural network. In: NIPS Deep Learning and Representation Learning Workshop (2015). http://arxiv.org/abs/1503.02531
Ho, D.H., Marri, R., Rella, S., Lee, Y.: DeepLite: real-time deep learning framework for neighborhood analysis. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 5673–5678 (2019). https://doi.org/10.1109/BigData47090.2019.9005651
Hu, Z., Zhong, Z.: Towards practical robustness improvement for object detection in safety-critical scenarios. In: Wang, G., Ciptadi, A., Ahmadzadeh, A. (eds.) MLHat 2020. CCIS, vol. 1271, pp. 66–83. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59621-7_4
Jia, Y., et al.: Fooling detection alone is not enough: adversarial attack against multiple object tracking. In: International Conference on Learning Representations (2020). https://openreview.net/forum?id=rJl31TNYPr
Krizhevsky, A., Hinton, G., et al.: Learning multiple layers of features from tiny images (2009)
Lin, T., et al.: Microsoft COCO: common objects in context. CoRR abs/1405.0312 (2014). http://arxiv.org/abs/1405.0312
Liu, W., et al.: SSD: single shot multibox detector. CoRR abs/1512.02325 (2015). http://arxiv.org/abs/1512.02325
Liu, X., Yang, H., Song, L., Li, H., Chen, Y.: DPatch: attacking object detectors with adversarial patches. CoRR abs/1806.02299 (2018). http://arxiv.org/abs/1806.02299
Lopes, R.G., Yin, D., Poole, B., Gilmer, J., Cubuk, E.D.: Improving robustness without sacrificing accuracy with patch gaussian augmentation. CoRR abs/1906.02611 (2019). http://arxiv.org/abs/1906.02611
Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks (2019)
Moore, B.E., Corso, J.J.: Fiftyone. GitHub. Note (2020). https://github.com/voxel51/fiftyone
Moosavi-Dezfooli, S., Fawzi, A., Frossard, P.: DeepFool: a simple and accurate method to fool deep neural networks. CoRR abs/1511.04599 (2015). http://arxiv.org/abs/1511.04599
Raff, E., Sylvester, J., Forsyth, S., McLean, M.: Barrage of random transforms for adversarially robust defense. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), June 2019
Redmon, J., Farhadi, A.: YOLOv3: an incremental improvement. CoRR abs/1804.02767 (2018). http://arxiv.org/abs/1804.02767
Sawadski, V.: Opendatacam. https://github.com/opendatacam/opendatacam
Sze, V., Chen, Y.H., Yang, T.J., Emer, J.S.: Efficient processing of deep neural networks: a tutorial and survey. Proc. IEEE 105(12), 2295–2329 (2017)
Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)
Wang, S., Wu, T., Chakrabarti, A., Vorobeychik, Y.: Adversarial robustness of deep sensor fusion models. In: Proceedings of the IEEE/CVF Winter Conference on Applications of Computer Vision (WACV), pp. 2387–2396, January 2022
Xie, C., Wu, Y., van der Maaten, L., Yuille, A.L., He, K.: Feature denoising for improving adversarial robustness. In: 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp. 501–509 (2019). https://doi.org/10.1109/CVPR.2019.00059
Xie, C., Wang, J., Zhang, Z., Ren, Z., Yuille, A.L.: Mitigating adversarial effects through randomization. CoRR abs/1711.01991 (2017). http://arxiv.org/abs/1711.01991
Xu, Z., Shah, H.S., Ramachandran, U.: Coral-Pie: a geo-distributed edge-compute solution for space-time vehicle tracking. Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3423211.3425686
Zhang, H., Wang, J.: Towards adversarially robust object detection. In: Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV), October 2019
Zhou, X., Canady, R., Bao, S., Gokhale, A.: Cost-effective hardware accelerator recommendation for edge computing. In: 3rd \(\{\)USENIX\(\}\) Workshop on Hot Topics in Edge Computing (HotEdge 2020) (2020)
Zhou, X., et al.: Guarding against universal adversarial perturbations in data-driven cloud/edge services. In: 2022 IEEE International Conference on Cloud Engineering (IC2E), pp. 233–244 (2022). https://doi.org/10.1109/IC2E55432.2022.00032
Zhu, P., et al.: Detection and tracking meet drones challenge. IEEE Trans. Pattern Anal. Mach. Intell. 44(11), 7380–7399 (2021). https://doi.org/10.1109/TPAMI.2021.3119563
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Canady, R., Zhou, X., Barve, Y., Balasubramanian, D., Gokhale, A. (2024). Applying DDDAS Principles for Realizing Optimized and Robust Deep Learning Models at the Edge. In: Blasch, E., Darema, F., Aved, A. (eds) Dynamic Data Driven Applications Systems. DDDAS 2022. Lecture Notes in Computer Science, vol 13984. Springer, Cham. https://doi.org/10.1007/978-3-031-52670-1_32
Download citation
DOI: https://doi.org/10.1007/978-3-031-52670-1_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-52669-5
Online ISBN: 978-3-031-52670-1
eBook Packages: Computer ScienceComputer Science (R0)