TL;DR
This paper investigates how inherent structural parameters of Spiking Neural Networks (SNNs), such as firing voltage thresholds and time windows, influence their robustness against adversarial attacks, revealing significant security improvements.
Contribution
It is the first study to analyze the impact of structural parameters on SNNs' adversarial robustness, demonstrating potential for designing more trustworthy SNNs.
Findings
Structural parameters significantly affect SNNs' security.
Properly tuned parameters can increase robustness by 85%.
SNNs show promising resilience under various adversarial conditions.
Abstract
Deep Learning (DL) algorithms have gained popularity owing to their practical problem-solving capacity. However, they suffer from a serious integrity threat, i.e., their vulnerability to adversarial attacks. In the quest for DL trustworthiness, recent works claimed the inherent robustness of Spiking Neural Networks (SNNs) to these attacks, without considering the variability in their structural spiking parameters. This paper explores the security enhancement of SNNs through internal structural parameters. Specifically, we investigate the SNNs robustness to adversarial attacks with different values of the neuron's firing voltage thresholds and time window boundaries. We thoroughly study SNNs security under different adversarial attacks in the strong white-box setting, with different noise budgets and under variable spiking parameters. Our results show a significant impact of the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
