Toward a Generalized Defense Across Sparse, Continuous, and Structured Parameter Attacks
Researchers have developed ParDef, a novel defense mechanism designed to protect deep neural networks from persistent parameter attacks. This system integrates keyed channel reparameterization, QC-LDPC quantization for error correction, and adaptive robust inference to stabilize predictions. Evaluations on standard datasets and models show ParDef effectively reduces attack success rates across various parameter tampering methods with minimal performance degradation and moderate overhead. AI
IMPACT Enhances the security and reliability of deployed AI models against persistent tampering.