Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review

07/21/2020
by   Yansong Gao, et al.
44

This work provides the community with a timely comprehensive review of backdoor attacks and countermeasures on deep learning. According to the attacker's capability and affected stage of the machine learning pipeline, the attack surfaces are recognized to be wide and then formalized into six categorizations: code poisoning, outsourcing, pretrained, data collection, collaborative learning and post-deployment. Accordingly, attacks under each categorization are combed. The countermeasures are categorized into four general classes: blind backdoor removal, offline backdoor inspection, online backdoor inspection, and post backdoor removal. Accordingly, we review countermeasures, and compare and analyze their advantages and disadvantages. We have also reviewed the flip side of backdoor attacks, which are explored for i) protecting intellectual property of deep learning models, ii) acting as a honeypot to catch adversarial example attacks, and iii) verifying data deletion requested by the data contributor.Overall, the research on defense is far behind the attack, and there is no single defense that can prevent all types of backdoor attacks. In some cases, an attacker can intelligently bypass existing defenses with an adaptive attack. Drawing the insights from the systematic review, we also present key areas for future research on the backdoor, such as empirical security evaluations from physical trigger attacks, and in particular, more efficient and practical countermeasures are solicited.

READ FULL TEXT

page 1

page 6

page 10

page 12

research
09/12/2023

Backdoor Attacks and Countermeasures in Natural Language Processing Models: A Comprehensive Security Review

Deep Neural Networks (DNNs) have led to unprecedented progress in variou...
research
06/01/2023

Adversarial Robustness in Unsupervised Machine Learning: A Systematic Review

As the adoption of machine learning models increases, ensuring robust mo...
research
09/30/2019

Hidden Trigger Backdoor Attacks

With the success of deep learning algorithms in various domains, studyin...
research
05/17/2019

A critique of the DeepSec Platform for Security Analysis of Deep Learning Models

At IEEE S&P 2019, the paper "DeepSec: A Uniform Platform for Security An...
research
07/17/2020

Backdoor Learning: A Survey

Deep neural networks (DNNs) have demonstrated their power on many widely...
research
02/04/2021

Adversarial Attacks and Defenses in Physiological Computing: A Systematic Review

Physiological computing uses human physiological data as system inputs i...
research
04/12/2019

Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks

With the wide deployment of machine learning (ML) based systems for a va...

Please sign up or login with your details

Forgot password? Click here to reset