Uncovering the Resilience of Binarized Spiking Neural Networks under Adversarial Attacks

The Binarized Spiking Neural Network (BSNN)-a Spiking Neural Network with binary weights, is particularly suitable for Edge-AI hardware architectures thanks to its simplicity in data format and computing functions. However, like other SNNs, BSNNs could be directly trained or converted from Artificial Neural Networks using the gradient principle. They hence are highly susceptible to adversarial attacks. This study focuses on investigating the resilience of BSNNs against adversarial attacks. We assess the robustness of BSNNs through FGSM and PGD attacks on the Fashion-MNIST dataset. This work marks the first implementation of adversarial attack and defense tailored to the BSNNs. Our results show that adversarial training significantly enhances the robustness of BSNNs against adversarial attacks compared to the original model. Improving the resilience of BSNN opens doors to its potential applications in real-world scenarios. © 2023 IEEE.