A method for protecting neural networks from computer backdoor attacks based on the trigger identification
Journal: Scientific and Technical Journal of Information Technologies, Mechanics and Optics (Vol.22, No. 4)Publication Date: 2022-08-26
Authors : Menisov A.B. Lomako A.G. Dudkin A.S.;
Page : 742-750
Keywords : artificial intelligence; artificial neural network; information security; computer attacks; backdoor; backdoors in neural networks; synthesized triggers;
Abstract
Modern technologies for the development and operation of neural networks are vulnerable to computer attacks with the introduction of software backdoors. Program backdoors can remain hidden indefinitely until activated by input of modified data containing triggers. These backdoors pose a direct threat to the security of information for all components of the artificial intelligence system. Such influences of intruders lead to a deterioration in the quality or complete cessation of the functioning of artificial intelligence systems. This paper proposes an original method for protecting neural networks, the essence of which is to create a database of ranked synthesized backdoor's triggers of the target class of backdoor attacks. The proposed method for protecting neural networks is implemented through a sequence of protective actions: detecting a backdoor, identifying a trigger, and neutralizing a backdoor. Based on the proposed method, software and algorithmic support for testing neural networks has been developed that allows you to identify and neutralize computer backdoor attacks. Experimental studies have been carried out on various dataset-trained convolutional neural network architectures for objects such as aerial photographs (DOTA), handwritten digits (MNIST), and photographs of human faces (LFW). The decrease in the effectiveness of backdoor attacks (no more than 3 %) and small losses in the quality of the functioning of neural networks (by 8–10 % of the quality of the functioning of a neural network without a backfill) showed the success of the developed method. The use of the developed method for protecting neural networks allows information security specialists to purposefully counteract computer backdoor attacks on artificial intelligence systems and develop automated information protection tools.
Other Latest Articles
- Improvement and comparison the performance of fuzzing testing algorithms for applications in Google Thread Sanitizer
- A multivariate binary decision tree classifier based on shallow neural network
- Strengthening the role of microarchitectural stages of embedded systems design
- Applying the FN-Corrector to improve the quality of audio event classification
- Development of a model for detecting network traffic anomalies in distributed wireless ad hoc networks
Last modified: 2022-08-29 17:38:18