DeSVig: Decentralized Swift Vigilance Against Adversarial Attacks in Industrial Artificial Intelligence Systems

Individually reinforcing the robustness of a single deep learning model only gives limited security guarantees especially when facing adversarial examples. In this article, we propose DeSVig, a decentralized swift vigilance framework to identify adversarial attacks in an industrial artificial intell...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on industrial informatics 2020-05, Vol.16 (5), p.3267-3277
Main Authors: Li, Gaolei, Ota, Kaoru, Dong, Mianxiong, Wu, Jun, Li, Jianhua
Format: Article
Language:English
Subjects:
5G mobile communication
Adversarial examples
Artificial intelligence
Computational modeling
Data models
Deep learning
Edge computing
Electronic components
generative adversarial networks (GAN)
industrial artificial intelligence systems (IAISs)
Informatics
Machine learning
Mobile computing
mobile edge computing
Robustness
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Individually reinforcing the robustness of a single deep learning model only gives limited security guarantees especially when facing adversarial examples. In this article, we propose DeSVig, a decentralized swift vigilance framework to identify adversarial attacks in an industrial artificial intelligence systems (IAISs), which enables IAISs to correct the mistake in a few seconds. The DeSVig is highly decentralized, which improves the effectiveness of recognizing abnormal inputs. We try to overcome the challenges on ultralow latency caused by dynamics in industries using peculiarly designated mobile edge computing and generative adversarial networks. The most important advantage of our work is that it can significantly reduce the failure risks of being deceived by adversarial examples, which is critical for safety-prioritized and delay-sensitive environments. In our experiments, adversarial examples of industrial electronic components are generated by several classical attacking models. Experimental results demonstrate that the DeSVig is more robust, efficient, and scalable than some state-of-art defenses.
ISSN:1551-3203
1941-0050
DOI:10.1109/TII.2019.2951766