Paper ID: 2409.19671
Nonideality-aware training makes memristive networks more robust to adversarial attacks
Dovydas Joksas, Luis Muñoz-González, Emil Lupu, Adnan Mehonic
Neural networks are now deployed in a wide number of areas from object classification to natural language systems. Implementations using analog devices like memristors promise better power efficiency, potentially bringing these applications to a greater number of environments. However, such systems suffer from more frequent device faults and overall, their exposure to adversarial attacks has not been studied extensively. In this work, we investigate how nonideality-aware training - a common technique to deal with physical nonidealities - affects adversarial robustness. We find that adversarial robustness is significantly improved, even with limited knowledge of what nonidealities will be encountered during test time.
Submitted: Sep 29, 2024