Download PDFOpen PDF in browser

An Approach to Generation Triggers for Parrying Backdoor in Neural Networks

EasyChair Preprint 8635

10 pagesDate: August 11, 2022

Abstract

The lack of transparency in the results of the work of artificial neural networks makes them vulnerable to backdoor attacks, which leads to unexpected results and loss of their effectiveness. The backdoor can remain hidden indefinitely until activated by modified data input, and pose an information security threat to all applications, but especially those associated with critical information infrastructure objects. The article presents an approach to detect and neutralize the consequences of backdoor attacks in neural networks, based on the identification of a backdoor and possible triggers. Taking into account the peculiarities of training artificial neural networks, the authors present the result of research aimed at determining 1) the presence of a trigger that will give incorrect results of the neural network, 2) the characteristics of the trigger, and 3) actions to neutralize the possibility of trigger activation. The novelty of the obtained results lies in the development of a new approach for detecting bugs in neural networks based on synthesizing triggers, including 1) an algorithm for determining the target class for an attack, 2) a model correction algorithm based on neuron reduction, and 3) a model correction algorithm based on learning cancellation. The authors also conducted experiments to parry this threat using the developed approach and evaluated the effectiveness of using neuron pruning and canceling neural network training. The work is winner of nationwide contest for most innovative projects Code Artificial Intelligence (214635) and got funds from The Foundation for As-sistance to Small Innovative Enterprises (FASIE).

Keyphrases: Artificial Intelligence, Artificial Neural Network, Information Security, backdoor in neural networks, computer attacks, synthesized triggers, transparency

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:8635,
  author    = {Artem Menisov},
  title     = {An Approach to Generation Triggers for Parrying Backdoor in Neural Networks},
  howpublished = {EasyChair Preprint 8635},
  year      = {EasyChair, 2022}}
Download PDFOpen PDF in browser