One-pixel Signature: Characterizing CNN Models for Backdoor Detection

08/18/2020
by   Shanjiaoyang Huang, et al.
0

We tackle the convolution neural networks (CNNs) backdoor detection problem by proposing a new representation called one-pixel signature. Our task is to detect/classify if a CNN model has been maliciously inserted with an unknown Trojan trigger or not. Here, each CNN model is associated with a signature that is created by generating, pixel-by-pixel, an adversarial value that is the result of the largest change to the class prediction. The one-pixel signature is agnostic to the design choice of CNN architectures, and how they were trained. It can be computed efficiently for a black-box CNN model without accessing the network parameters. Our proposed one-pixel signature demonstrates a substantial improvement (by around 30 over the existing competing methods for backdoored CNN detection/classification. One-pixel signature is a general representation that can be used to characterize CNN models beyond backdoor detection.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/08/2019

Deep Learning Methods for Signature Verification

Signature is widely used in human daily lives, and serves as a supplemen...
research
12/25/2018

An Algorithm for computing the t-signature of two-state networks

Due to the importance of signature vector in studying the reliability of...
research
04/20/2010

Signature Region of Interest using Auto cropping

A new approach for signature region of interest pre-processing was prese...
research
05/30/2022

Integrity Authentication in Tree Models

Tree models are very widely used in practice of machine learning and dat...
research
07/21/2021

CNN Classifier for Just-in-Time Woodpeckers Detection and Deterrent

Woodpeckers can cause significant damage to homes, especially in suburba...
research
10/07/2021

IaaS Signature Change Detection with Performance Noise

We propose a novel framework to detect changes in the performance behavi...
research
10/28/2021

SIMCNN – Exploiting Computational Similarity to Accelerate CNN Training in Hardware

Convolution neural networks (CNN) are computation intensive to train. It...

Please sign up or login with your details

Forgot password? Click here to reset