Blackbox Trojanising of Deep Learning Models: Using Non-Intrusive Network Structure and Binary Alterations

Pan, Jonathan

doi:10.1109/tencon50793.2020.9293933

Cited by 4 publications

(7 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since the behavior of a neural network can significantly change while appearing benign from the outside if only minimal model parameters are changed [172], [174]. These attacks can take the form of network structure modification [174], flipping weight bits [172], or subnet replacement [173].…”

Section: Access Controls Mechanism and Authentication Systemsmentioning

confidence: 99%

Security Considerations in AI-Robotics: A Survey of Current Methods, Challenges, and Opportunities

Neupane,

Mitra,

Fernandez

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Robotics and Artificial Intelligence (AI) have been inextricably intertwined since their inception. Today, AI-Robotics systems have become an integral part of our daily lives, from robotic vacuum cleaners to semi-autonomous cars. These systems are built upon three fundamental architectural elements: perception, navigation and planning, and control. However, while the integration of AI in Robotics systems has enhanced the quality of our lives, it has also presented a serious problem -these systems are vulnerable to security attacks. The physical components, algorithms, and data that makeup AI-Robotics systems can be exploited by malicious actors, potentially leading to dire consequences. Motivated by the need to address the security concerns in AI-Robotics systems, this paper presents a comprehensive survey and taxonomy across three dimensions: attack surfaces, ethical and legal concerns, and Human-Robot Interaction (HRI) security. Our goal is to provide readers, developers and other stakeholders with a holistic understanding of these areas to enhance the overall AI-Robotics system security. We begin by identifying potential attack surfaces and provide mitigating defensive strategies. We then delve into ethical issues, such as dependency and psychological impact, as well as the legal concerns regarding accountability for these systems. Besides, emerging trends such as HRI are discussed, considering privacy, integrity, safety, trustworthiness, and explainability concerns. Finally, we present our vision for future research directions in this dynamic and promising field.

show abstract

Section: Access Controls Mechanism and Authentication Systemsmentioning

confidence: 99%

Security Considerations in AI-Robotics: A Survey of Current Methods, Challenges, and Opportunities

Neupane,

Mitra,

Fernandez

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…A summary of triggers for each attack is provided in Table 5 on Page 12. Huai et al [42] x x x Xue et al [30] x x x Xue et al [30] x x x Liu et al [43] x Hu et al [44] x x Lin et al [45] x x x Dai et al [46] x Zhao et al [47] x Liu et al [48] x Chen et al [49] x Tan et al [50] x x Tang et al [51] x Wu et al [52] x x Barni et al [53] x Xiong et al [54] x Kwon et al [55] x Chen et al [56] x x Chen et al [57] x x He et al [31] x x x Xue et al [58] x x x Yao et al [59] x x Quiring et al [60] x Bhalerao et al [61] x x x Costales et al [62] x x Kwon et al [63] x Liu et al [64] x x Rakin et al [65] x Liu et al [66] x x Zhou et al [67] x Zhu et al [68] x Gu et al [69] x Guo et al [70] x x x x Clements et al [71] x x Munoz et al [72] x x Li et al [73] x Li et al [74] x Xu et al [75] x x Venceslai et al [76] x Kwon et al [77] x Cole et al [78] x x x x Zeng et al [79] x x Pan [80] x x Garofalo et al…”

Section: Triggersmentioning

confidence: 99%

“…In the systematic review of Trojan attacks, papers that were published between 2020-2021 are [44,45,49,51,62,64,65,80]. Tang et al [51] proposed a training-free Trojan attack strategy in which a little Trojan module named TrojanNet is inserted into the target model.…”

Section: Trojansmentioning

confidence: 99%

“…At the inference phase, the DNN operates as normal with the normal accuracy until the trigger is activated which violates availability because the network is forced to classify all inputs to a certain target class. Pan [80] proposed a black box Trojan attack that can induce malicious inferences to any deep neural network model with simple steps. The attack operates in different modes from normal behavior to false positives and false negative errors which alter the integrity and availability of any deep learning image classification system.…”

Section: Trojansmentioning

confidence: 99%

See 1 more Smart Citation

An Ontological Knowledge Base of Poisoning Attacks on Deep Neural Networks

Altoub¹,

Alqurashi²,

Yiğitcanlar³

et al. 2022

Preprint

View full text Add to dashboard Cite

Deep neural networks (DNN) have successfully delivered a cutting-edge performance in several fields. With the broader deployment of DNN models on critical applications, the security of DNNs becomes an active and yet nascent area. Attacks against DNNs can have catastrophic results, according to recent studies. Poisoning attacks, including backdoor and Trojan attacks, are one of the growing threats against DNNs. Having a wide-angle view of these evolving threats is essential to better understand the security issues. In this regard, creating a semantic model and a knowledge graph for poisoning attacks can reveal the relationships between attacks across intricate data to enhance the security knowledge landscape. In this paper, we propose a DNN Poisoning Attacks Ontology (DNNPAO) that would enhance knowledge sharing and enable further advancements in the field. To do so, we have performed a systematic review of the relevant literature to identify the current state. We collected 28,469 papers from IEEE, ScienceDirect, Web of Science, and Scopus databases, and from these papers, 712 research papers were screened in a rigorous process, and 55 poisoning attacks in DNNs were identified and classified. We extracted a taxonomy of the poisoning attacks as a scheme to develop DNNPAO. Subsequently, we used DNNPAO as a framework to create a knowledge base. Our findings open new lines of research within the field of AI security.

show abstract

“…At the Black box testing stage of the online Foam Product Production Monitoring System application, testing is carried out by running all the functions and features available from this application and then seeing whether the results of these functions are as expected, [15] Testing is carried out, using the assumption of not knowing the internal structure of the program (black box). Concentrate on finding conditions where the program does not run according to specifications (functional) using specifications for test data [16].…”

Section: Black Box Testmentioning

confidence: 99%

The Design of a Monitoring Application System for The Production of Foam Products Using the UML And Waterfall Methods

Yulianti

Pranoto

2021

JISA

View full text Add to dashboard Cite

The development of information technology, which is followed by a higher level of competition in the foam product industry, encouraging companies to manage their company's resources properly and to plan effective, systematic and mature activities within the company. As a company with a variety of products, the most dominant problem is in the productivity process. Production is the most important part of a manufacturing company, where in carrying out its production activities this company produces based on orders from customers (Job Orders). And the problems that often occur are planning revisions in the midst of production and changing production schedules between groups (lines), delays in production planning in terms of prioritizing planning, and still being done manually in making daily reports. By implementing monitoring, which is the supervision and control of an activity where measurements and evaluations are completed repeatedly from time to time, monitoring is carried out for the purposes of the company and to maintain ongoing management. Monitoring will provide information about the status and trend of production activities towards the company's goals. The solution to this production problem is to build a web-based foam product production monitoring system application using the Waterfall method which is integrated with UML the method used is use case diagrams, activity diagrams, sequence diagrams, class diagrams and component diagrams and software development with PHP and MySQL technology. With Black box testing, it is proven that the design of this foam production monitoring system application can assist the company's foam product production activities in fulfilling customer orders and accurate reports so that it becomes effective and efficient. in improving the productivity and performance of the company.

show abstract

Blackbox Trojanising of Deep Learning Models: Using Non-Intrusive Network Structure and Binary Alterations

Cited by 4 publications

References 23 publications

Security Considerations in AI-Robotics: A Survey of Current Methods, Challenges, and Opportunities

Security Considerations in AI-Robotics: A Survey of Current Methods, Challenges, and Opportunities

An Ontological Knowledge Base of Poisoning Attacks on Deep Neural Networks

The Design of a Monitoring Application System for The Production of Foam Products Using the UML And Waterfall Methods

Contact Info

Product

Resources

About