14/09/2020

Scalable Backdoor Detection in Neural Networks

Haripriya Harikumar, Vuong Le, Santu Rana, Sourangshu Bhattacharya, Sunil Gupta, Svetha Venkatesh

Keywords: trojan attack, backdoor detection, deep learning model, optimisation

Abstract Paper Similar Papers

Abstract: Recently, it has been shown that deep learning models are vulnerable to Trojan attacks. In the Trojan attacks, an attacker can install a backdoor during training to make the model misidentify samples contaminated with a small trigger patch. Current backdoor detection methods fail to achieve good detection performance and are computationally expensive. In this paper, we propose a novel trigger reverse-engineering based approach whose computational complexity does not scale up with the number of labels and is based on a measure that is both interpretable and universal across different networks and patch types. In experiments, we observe that our method achieves a perfect score in separating Trojan models from pure models, which is an improvement over the current state-of-the-art method.

 0
 0
 0
 0
  Share    
This is an embedded video. Talk and the respective paper are published at ECML PKDD 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment
no comments yet
code of conduct: tbd

Similar Papers