DeepAI AI Chat
Log In Sign Up

Are You Tampering With My Data?

by   Michele Alberti, et al.
Luleå University of Technology

We propose a novel approach towards adversarial attacks on neural networks (NN), focusing on tampering the data used for training instead of generating attacks on trained models. Our network-agnostic method creates a backdoor during training which can be exploited at test time to force a neural network to exhibit abnormal behaviour. We demonstrate on two widely used datasets (CIFAR-10 and SVHN) that a universal modification of just one pixel per image for all the images of a class in the training set is enough to corrupt the training procedure of several state-of-the-art deep neural networks causing the networks to misclassify any images to which the modification is applied. Our aim is to bring to the attention of the machine learning community, the possibility that even learning-based methods that are personally trained on public datasets can be subject to attacks by a skillful adversary.


page 2

page 6


Fooling Computer Vision into Inferring the Wrong Body Mass Index

Recently it's been shown that neural networks can use images of human fa...

An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences

Together with impressive advances touching every aspect of our society, ...

Detecting Universal Trigger's Adversarial Attack with Honeypot

The Universal Trigger (UniTrigger) is a recently-proposed powerful adver...

Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks

Deep neural networks have become the driving force of modern image recog...

Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles

As neural networks become the tool of choice to solve an increasing vari...

Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

Despite the widespread use of Knowledge Graph Embeddings (KGE), little i...

NeuraCrypt: Hiding Private Health Data via Random Neural Networks for Public Training

Balancing the needs of data privacy and predictive utility is a central ...