The MAISE project investigates the resilience of Artificial Intelligence (AI) and Machine Learning (ML) models on IoT-scale devices.
There is an increasing demand for intelligent environments and autonomous vehicles to use IoT devices requiring voice and/or face recognition that use AI technology, such as pre-trained Deep Neural Networks (DNN) for authentication purposes. Challenges arise when deploying DNN models on IoT-scaled platforms due to very constrained processing and storage capabilities, i.e., micro-controller. Another concern is an emergent threat vector that involves the compromise of AI models running on lightweight IoT-scale devices, which are easier to attack. Many research studies have demonstrated that adversarial examples exploiting small perturbations to input data can cause these edge AI systems to mis-classify objects, enabling attackers to impersonate authorised users, and tampering with speech, causing undesirable commands to be executed.
The MAISE project proposes a co-optimisation strategy, balancing both (1) AI model optimisation on edge IoT devices using Neural Architecture Search (NAS), Hyperparameter Optimisation (HPO), and deep quantisation, alongside (2) concurrently imposed constraints derived from adversarial examples. This ensures that the optimised models for edge deployment are secure against adversarial attacks. A Generative Adversarial Network (GAN) will be developed to perform adversarial training and validation to continuously learn and identify the neurons, noise and perturbation, to refine NAS/HPO and deep quantisation strategies. The team will also devise continuous optimisation and deployment of AI models at the network edge, refining the edge models to be resilient against new adversarial attacks.