(found 1 matches in 0.001141s)
-
Topological Detection of Trojaned Neural Networks
(2021)
Songzhu Zheng, Yikai Zhang, Hubert Wagner, Mayank Goswami, Chao Chen
Abstract
Deep neural networks are known to have security issues. One particular threat is
the Trojan attack. It occurs when the attackers stealthily manipulate the model’s
behavior through Trojaned training samples, which can later be exploited. Guided
by basic neuroscientific principles, we discover subtle – yet critical – structural
deviation characterizing Trojaned models. In our analysis we use topological
tools. They allow us to model high-order dependencies in the networks, robustly
compare different networks, and localize structural abnormalities. One interesting
observation is that Trojaned models develop short-cuts from shallow to deep layers.
Inspired by these observations, we devise a strategy for robust detection of Trojaned
models. Compared to standard baselines it displays better performance on multiple
benchmarks.