Ptolemy: Architecture Support for Robust Deep Learning

Gan, Yiming; Qiu, Yuxian; Leng, Jingwen; Guo, Minyi; Zhu, Yuhao

doi:10.1109/micro50266.2020.00031

Cited by 29 publications

(14 citation statements)

References 62 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As the proposed Block-Skim method aims to reduce the input sequence dimension semantic redundancy, it is compatible to these model compression methods focusing on model redundancy theoretically. By designing Block-Skim not to modify the backbone model, our method is generally applicable to these algorithms as well as other model pruning methods (Guo et al 2020;Qiu et al 2019;Gan et al 2020).…”

Section: Inference Speedup Resultsmentioning

confidence: 99%

Block-Skim: Efficient Question Answering for Transformer

Guan¹,

Li²,

Leng³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Transformer models have achieved promising results on natural language processing (NLP) tasks including extractive question answering (QA). Common Transformer encoders used in NLP tasks process the hidden states of all input tokens in the context paragraph throughout all layers. However, different from other tasks such as sequence classification, answering the raised question does not necessarily need all the tokens in the context paragraph. Following this motivation, we propose Block-Skim, which learns to skim unnecessary context in higher hidden layers to improve and accelerate the Transformer performance. The key idea of Block-Skim is to identify the context that must be further processed and those that could be safely discarded early on during inference. Critically, we find that such information could be sufficiently derived from the self-attention weights inside the Transformer model. We further prune the hidden states corresponding to the unnecessary positions early in lower layers, achieving significant inference-time speedup. To our surprise, we observe that models pruned in this way outperform their full-size counterparts. Block-Skim improves QA models' accuracy on different datasets and achieves 3× speedup on BERTbase model.

show abstract

Section: Inference Speedup Resultsmentioning

confidence: 99%

Block-Skim: Efficient Question Answering for Transformer

Guan¹,

Li²,

Leng³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…With such taxonomy, we further apply analytic experiments to explore the function of each behavior according to distance. We are also looking forward to further analysis the behavior and function of variant patterns with probing task datasets (Conneau et al, 2018) and analytic tools (Qiu et al, 2019;Gan et al, 2020) as our next plan. Besides, there are several recent works focusing on the optimization of over-parameterized MHA mechanism (Michel et al, 2019;Kovaleva et al, 2019;.…”

Section: Discussionmentioning

confidence: 99%

How Far Does BERT Look At: Distance-based Clustering and Analysis of BERT’s Attention

Guan¹,

Leng²,

Li³

et al. 2020

Proceedings of the 28th International Conference on Computational Linguistics

Self Cite

View full text Add to dashboard Cite

Recent research on the multi-head attention mechanism, especially that in pre-trained models such as BERT, has shown us heuristics and clues in analyzing various aspects of the mechanism. As most of the research focus on probing tasks or hidden states, previous works have found some primitive patterns of attention head behavior by heuristic analytical methods, but a more systematic analysis specific on the attention patterns still remains primitive. In this work, we clearly cluster the attention heatmaps into significantly different patterns through unsupervised clustering on top of a set of proposed features, which corroborates with previous observations. We further study their corresponding functions through analytical study. In addition, our proposed features can be used to explain and calibrate different attention heads in Transformer models.

show abstract

“…HASI does require multiple inference passes, but data reuse optimizations help to alleviate this overhead. HASI noise injection allows for detection to be more easily generalized, as opposed to other methods which require profiling to select appropriate parameters, such as Feature Squeezing [36] and Path Extraction [10], [28].…”

Section: B Robustness In Neural Networkmentioning

confidence: 99%

HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks

Samavatian¹,

Majumdar²,

Barber³

et al. 2021

Preprint

View full text Add to dashboard Cite

DNNs are known to be vulnerable to so-called adversarial attacks, in which inputs are carefully manipulated to induce misclassification. Existing defenses are mostly softwarebased and come with high overheads or other limitations. This paper presents HASI, a hardware-accelerated defense that uses a process we call stochastic inference to detect adversarial inputs. HASI carefully injects noise into the model at inference time and used the model's response to differentiate adversarial inputs from benign ones. We show an adversarial detection rate of average 87% which exceeds the detection rate of the state of the art approaches, with a much lower overhead. We demonstrate a software/hardware-accelerated co-design, which reduces the performance impact of stochastic inference to 1.58×−2× relative to the unprotected baseline, compared to 14 × −20× overhead for a software-only GPU implementation.

show abstract

Ptolemy: Architecture Support for Robust Deep Learning

Cited by 29 publications

References 62 publications

Block-Skim: Efficient Question Answering for Transformer

Block-Skim: Efficient Question Answering for Transformer

How Far Does BERT Look At: Distance-based Clustering and Analysis of BERT’s Attention

HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks

Contact Info

Product

Resources

About