Visible to the public Detecting Trojan Attacks on Deep Neural Networks

Submitted by grigby1 on Mon, 11/08/2021 - 1:37pm
TitleDetecting Trojan Attacks on Deep Neural Networks
Publication TypeConference Paper
Year of Publication2020
AuthorsSingh, Juhi, Sharmila, V Ceronmani
Conference Name2020 4th International Conference on Computer, Communication and Signal Processing (ICCCSP)
Keywordscomposability, Computational modeling, cyber physical security, cyber physical systems, Data models, Deep Learning, Neural Network, Prediction algorithms, Predictive models, pubcrawl, resilience, Resiliency, Strips, supply chain security, Training, trojan, trojan horse detection, Trojan horses
AbstractMachine learning and Artificial Intelligent techniques are the most used techniques. It gives opportunity to online sharing market where sharing and adopting model is being popular. It gives attackers many new opportunities. Deep neural network is the most used approached for artificial techniques. In this paper we are presenting a Proof of Concept method to detect Trojan attacks on the Deep Neural Network. Deploying trojan models can be dangerous in normal human lives (Application like Automated vehicle). First inverse the neuron network to create general trojan triggers, and then retrain the model with external datasets to inject Trojan trigger to the model. The malicious behaviors are only activated with the trojan trigger Input. In attack, original datasets are not required to train the model. In practice, usually datasets are not shared due to privacy or copyright concerns. We use five different applications to demonstrate the attack, and perform an analysis on the factors that affect the attack. The behavior of a trojan modification can be triggered without affecting the test accuracy for normal input datasets. After generating the trojan trigger and performing an attack. It's applying SHAP as defense against such attacks. SHAP is known for its unique explanation for model predictions.
DOI10.1109/ICCCSP49186.2020.9315256
Citation Keysingh_detecting_2020
Groups: