Adversarial robust model compression using in-train pruning

Manoj Rohit Vemparala, Nael Fasfous, Alexander Frickenstein, Sreetama Sarkar, Qi Zhao, Sabine Kuhn, Lukas Frickenstein, Anmol Singh, Christian Unger, Naveen Shankar Nagaraja, Christian Wressnegger, Walter Stechele

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

15 Zitate (Scopus)

Abstract

Efficiently deploying learning-based systems on embedded hardware is challenging for various reasons, two of which are considered in this paper: The model's size and its robustness against attacks. Both need to be addressed even-handedly. We combine adversarial training and model pruning in a joint formulation of the fundamental learning objective during training. Unlike existing post-train pruning approaches, our method does not use heuristics and eliminates the need for a pre-trained model. This allows for a classifier which is robust against attacks and enables better compression of the model, reducing its computational effort. In comparison to prior work, our approach yields 6.21 pp higher accuracy for an 85 % reduction in parameters for ResNet20 on the CIFAR-10 dataset.

OriginalspracheEnglisch
TitelProceedings - 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2021
Herausgeber (Verlag)IEEE Computer Society
Seiten66-75
Seitenumfang10
ISBN (elektronisch)9781665448994
DOIs
PublikationsstatusVeröffentlicht - Juni 2021
Veranstaltung2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2021 - Virtual, Online, USA/Vereinigte Staaten
Dauer: 19 Juni 202125 Juni 2021

Publikationsreihe

NameIEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops
ISSN (Print)2160-7508
ISSN (elektronisch)2160-7516

Konferenz

Konferenz2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2021
Land/GebietUSA/Vereinigte Staaten
OrtVirtual, Online
Zeitraum19/06/2125/06/21

Fingerprint

Untersuchen Sie die Forschungsthemen von „Adversarial robust model compression using in-train pruning“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren