Investigating the Vulnerability of Deep Neural Network to Bit-Flip Attacks in Collaborative Inference Systems
摘要
The proliferation of Internet of Things devices has driven the adoption of collaborative inference (CI) for efficiently operating deep neural networks (DNNs) on resource-limited devices. However, this paradigm introduces vulnerabilities to bit-flip attacks, a form of fault injection that manipulates critical network parameters and compromises model integrity. In this paper, we design and evaluate a targeted bit-flip attack mechanism that strategically disrupts collaborative inference by flipping bits in model parameters deployed on IoT devices. We also analyze the impact of bit-flip attacks on model accuracy and reliability, providing insights into the susceptibility of different DNN layers. Experimental results reveal that flipping less than 0.02% of model parameters can cause up to a 40% accuracy degradation in DNN models, highlighting the urgent need for robust security measures in CI frameworks.