Date of Award

Fall 2023

Access Type

Thesis - Open Access

Degree Name

Master of Science in Electrical & Computer Engineering


Electrical, Computer, Software, and Systems Engineering

Committee Chair

Massood Towhidnejad

Committee Advisor

Omar Ochoa

First Committee Member

Massood Towhidnejad

Second Committee Member

Laxima Niure Kandel

College Dean

Jim Gregory


Adversarial attacks, or attacks committed by an adversary to hijack a system, are prevalent in the deep learning tasks of computer vision and are one of the greatest threats to these models' safe and accurate use. These attacks force the trained model to misclassify an image, using pixel-level changes undetectable to the human eye. Various defenses against these attacks exist and are detailed in this work. The work of previous researchers has established that when adversarial attacks occur, different node patterns in a Deep Neural Network (DNN) are activated within the model. Additionally, it is known that CPU and GPU metrics look different when different computations are occurring. This work builds upon that knowledge to hypothesize that the system performance metrics, in the form of CPUs, GPUs, and throughput, will reflect the presence of adversarial input in a DNN. This experiment found that external measurements of system performance metrics did not reflect the presence of adversarial input. This work establishes the beginning stages of using system performance metrics to detect and defend against adversarial attacks. Using performance metrics to defend against adversarial attacks can increase the model's safety, improving the robustness and trustworthiness of DNNs.