Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Das, Sanjay, Bhattacharya, Swastik, Kundu, Shamik, Raha, Arnab, Kundu, Souvik, Basu, Kanad
Format: Preprint
Veröffentlicht: 2025
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2512.15778
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866915689800925184
author Das, Sanjay
Bhattacharya, Swastik
Kundu, Shamik
Raha, Arnab
Kundu, Souvik
Basu, Kanad
author_facet Das, Sanjay
Bhattacharya, Swastik
Kundu, Shamik
Raha, Arnab
Kundu, Souvik
Basu, Kanad
contents State-space models (SSMs), exemplified by the Mamba architecture, have recently emerged as state-of-the-art sequence-modeling frameworks, offering linear-time scalability together with strong performance in long-context settings. Owing to their unique combination of efficiency, scalability, and expressive capacity, SSMs have become compelling alternatives to transformer-based models, which suffer from the quadratic computational and memory costs of attention mechanisms. As SSMs are increasingly deployed in real-world applications, it is critical to assess their susceptibility to both software- and hardware-level threats to ensure secure and reliable operation. Among such threats, hardware-induced bit-flip attacks (BFAs) pose a particularly severe risk by corrupting model parameters through memory faults, thereby undermining model accuracy and functional integrity. To investigate this vulnerability, we introduce RAMBO, the first BFA framework specifically designed to target Mamba-based architectures. Through experiments on the Mamba-1.4b model with LAMBADA benchmark, a cloze-style word-prediction task, we demonstrate that flipping merely a single critical bit can catastrophically reduce accuracy from 74.64% to 0% and increase perplexity from 18.94 to 3.75 x 10^6. These results demonstrate the pronounced fragility of SSMs to adversarial perturbations.
format Preprint
id arxiv_https___arxiv_org_abs_2512_15778
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle COBRA: Catastrophic Bit-flip Reliability Analysis of State-Space Models
Das, Sanjay
Bhattacharya, Swastik
Kundu, Shamik
Raha, Arnab
Kundu, Souvik
Basu, Kanad
Cryptography and Security
Machine Learning
State-space models (SSMs), exemplified by the Mamba architecture, have recently emerged as state-of-the-art sequence-modeling frameworks, offering linear-time scalability together with strong performance in long-context settings. Owing to their unique combination of efficiency, scalability, and expressive capacity, SSMs have become compelling alternatives to transformer-based models, which suffer from the quadratic computational and memory costs of attention mechanisms. As SSMs are increasingly deployed in real-world applications, it is critical to assess their susceptibility to both software- and hardware-level threats to ensure secure and reliable operation. Among such threats, hardware-induced bit-flip attacks (BFAs) pose a particularly severe risk by corrupting model parameters through memory faults, thereby undermining model accuracy and functional integrity. To investigate this vulnerability, we introduce RAMBO, the first BFA framework specifically designed to target Mamba-based architectures. Through experiments on the Mamba-1.4b model with LAMBADA benchmark, a cloze-style word-prediction task, we demonstrate that flipping merely a single critical bit can catastrophically reduce accuracy from 74.64% to 0% and increase perplexity from 18.94 to 3.75 x 10^6. These results demonstrate the pronounced fragility of SSMs to adversarial perturbations.
title COBRA: Catastrophic Bit-flip Reliability Analysis of State-Space Models
topic Cryptography and Security
Machine Learning
url https://arxiv.org/abs/2512.15778