An anomaly detection approach for backdoored neural networks: face recognition as a case study
| dc.contributor.author | Alexander Unnervik and Sébastien Marcel | |
| dc.contributor.editor | Brömme, Arslan | |
| dc.contributor.editor | Damer, Naser | |
| dc.contributor.editor | Gomez-Barrero, Marta | |
| dc.contributor.editor | Raja, Kiran | |
| dc.contributor.editor | Rathgeb, Christian | |
| dc.contributor.editor | Sequeira Ana F. | |
| dc.contributor.editor | Todisco, Massimiliano | |
| dc.contributor.editor | Uhl, Andreas | |
| dc.date.accessioned | 2022-10-27T10:19:34Z | |
| dc.date.available | 2022-10-27T10:19:34Z | |
| dc.date.issued | 2022 | |
| dc.description.abstract | Backdoor attacks allow an attacker to embed functionality jeopardizing proper behavior of any algorithm, machine learning or not. This hidden functionality can remain inactive for normal use of the algorithm until activated by the attacker. Given how stealthy backdoor attacks are, consequences of these backdoors could be disastrous if such networks were to be deployed for applications as critical as border or access control. In this paper, we propose a novel backdoored network detection method based on the principle of anomaly detection, involving access to the clean part of the training data and the trained network.We highlight its promising potential when considering various triggers, locations and identity pairs, without the need to make any assumptions on the nature of the backdoor and its setup. We test our method on a novel dataset of backdoored networks and report detectability results with perfect scores. | en |
| dc.identifier.doi | 10.1109/BIOSIG55365.2022.9897044 | |
| dc.identifier.isbn | 978-3-88579-723-4 | |
| dc.identifier.pissn | 1617-5475 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/39718 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | BIOSIG 2022 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-329 | |
| dc.subject | Backdoor attack | |
| dc.subject | trojan attack | |
| dc.subject | anomaly detection | |
| dc.subject | CNN | |
| dc.subject | face recognition | |
| dc.subject | biometrics | |
| dc.subject | security | |
| dc.title | An anomaly detection approach for backdoored neural networks: face recognition as a case study | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 88 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 80 | |
| gi.conference.date | 14.-16. September 2022 | |
| gi.conference.location | Darmstadt | |
| gi.conference.sessiontitle | Regular Research Papers |
Dateien
Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
- Name:
- 08-BIOSIG_2022_paper_44.pdf
- Größe:
- 840.17 KB
- Format:
- Adobe Portable Document Format