Compression-resistant backdoor attack against deep neural networks
نویسندگان
چکیده
In recent years, a number of backdoor attacks against deep neural networks (DNN) have been proposed. this paper, we reveal that are vulnerable to image compressions, as instances used trigger usually compressed by compression methods during data transmission. When compressed, the feature will be destroyed, which could result in significant performance degradation for attacks. As countermeasure, propose first compression-resistant attack method based on consistency training. Specifically, both images and their versions training, difference between minimized through result, DNN treats space. After robust compressions. Furthermore, consider three different compressions (i.e., JPEG, JPEG2000, WEBP) so can multiple algorithms. Experimental results demonstrate when success rate common is 6.63% (JPEG), 6.20% (JPEG2000) 3.97% (WEBP) respectively, while proposed 98.77% 97.69% (JPEG2000), 98.93% respectively. The under various parameters settings. addition, extensive experiments demonstrated even if only one training process, has generalization ability resist unseen methods.
منابع مشابه
Generative Poisoning Attack Method Against Neural Networks
Poisoning attack is identified as a severe security threat to machine learning algorithms. In many applications, for example, deep neural network (DNN) models collect public data as the inputs to perform re-training, where the input data can be poisoned. Although poisoning attack against support vector machines (SVM) has been extensively studied before, there is still very limited knowledge abo...
متن کاملOne pixel attack for fooling deep neural networks
Recent research has revealed that the output of Deep neural networks(DNN) is not continuous and very sensitive to tiny perturbation on the input vectors and accordingly several methods have been proposed for crafting effective perturbation against the networks. In this paper, we propose a novel method for optically calculating extremely small adversarial perturbation (few-pixels attack), based ...
متن کاملCompression of Deep Neural Networks on the Fly
Thanks to their state-of-the-art performance, deep neural networks are increasingly used for object recognition. To achieve the best results, they use millions of parameters to be trained. However, when targetting embedded applications the size of these models becomes problematic. As a consequence, their usage on smartphones or other resource limited devices is prohibited. In this paper we intr...
متن کاملUniversal Deep Neural Network Compression
Compression of deep neural networks (DNNs) for memoryand computation-efficient compact feature representations becomes a critical problem particularly for deployment of DNNs on resource-limited platforms. In this paper, we investigate lossy compression of DNNs by weight quantization and lossless source coding for memory-efficient inference. Whereas the previous work addressed non-universal scal...
متن کاملCystoscopy Image Classication Using Deep Convolutional Neural Networks
In the past three decades, the use of smart methods in medical diagnostic systems has attractedthe attention of many researchers. However, no smart activity has been provided in the eld ofmedical image processing for diagnosis of bladder cancer through cystoscopy images despite the highprevalence in the world. In this paper, two well-known convolutional neural networks (CNNs) ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Applied Intelligence
سال: 2023
ISSN: ['0924-669X', '1573-7497']
DOI: https://doi.org/10.1007/s10489-023-04575-8