RobustEdge: Low Power Adversarial Detection for Cloud-Edge Systems

TL;DR

RobustEdge introduces a low-power, edge-friendly adversarial detection method using quantization and early exit strategies to enhance energy efficiency and robustness in cloud-edge systems.

Contribution

The paper proposes QES training with early detection for low-cost, edge-based adversarial detection, reducing energy consumption and improving robustness.

Findings

Effective adversarial detection at the edge with low computational overhead.

Significant energy savings by blocking adversarial data transmission.

Enhanced robustness of cloud-edge systems against adversarial attacks.

Abstract

In practical cloud-edge scenarios, where a resource constrained edge performs data acquisition and a cloud system (having sufficient resources) performs inference tasks with a deep neural network (DNN), adversarial robustness is critical for reliability and ubiquitous deployment. Adversarial detection is a prime adversarial defence technique used in prior literature. However, in prior detection works, the detector is attached to the classifier model and both detector and classifier work in tandem to perform adversarial detection that requires a high computational overhead which is not available at the low-power edge. Therefore, prior works can only perform adversarial detection at the cloud and not at the edge. This means that in case of adversarial attacks, the unfavourable adversarial samples must be communicated to the cloud which leads to energy wastage at the edge device. Therefore, a low-power edge-friendly adversarial detection method is required to improve the energy efficiency of the edge and robustness of the cloud-based classifier. To this end, RobustEdge proposes Quantization-enabled Energy Separation (QES) training with "early detection and exit" to perform edge-based low cost adversarial detection. The QES-trained detector implemented at the edge blocks adversarial data transmission to the classifier model, thereby improving adversarial robustness and energy-efficiency of the Cloud-Edge system.