Deep Neural Network (DNN) models when implemented on executing devices as the inference engines are susceptible to Fault Injection Attacks (FIAs) that manipulate model parameters to disrupt inference execution with disastrous performance. This work introduces Contrastive Learning (CL) of visual representations i.e., a self-supervised learning approach into the deep learning training and inference pipeline to implement DNN inference engines with self-resilience under FIAs. Our proposed CL based FIA Detection and Recovery (CFDR) framework features (i) real-time detection with only a single batch of testing data and (ii) fast recovery effective even with only a small amount of unlabeled testing data. Evaluated with the CIFAR-10 dataset on multiple types of FIAs, our CFDR shows promising detection and recovery effectiveness.

翻译：深度神经网络（DNN）模型在执行设备上作为推理引擎实现时，容易受到故障注入攻击（Fault Injection Attacks, FIAs）的影响，这些攻击通过操纵模型参数以灾难性性能破坏推理执行。本工作将视觉表征的对比学习（Contrastive Learning, CL）——一种自监督学习方法——引入深度学习训练和推理流水线，以实现具有FIA下自我恢复能力的DNN推理引擎。我们提出的基于CL的故障注入攻击检测与恢复（CFDR）框架具有以下特点：（i）仅需单批测试数据即可实现实时检测，以及（ii）即使仅使用少量未标记测试数据也能实现快速有效恢复。通过在CIFAR-10数据集上对多种类型的FIA进行评估，我们的CFDR显示出有前景的检测与恢复效能。