概述:首页描述
攻击现状分析
目前神经网络后门攻击主要分为trigger-driven攻击和clean-label攻击两种方式。trigger-driven攻击使用触发器来控制是否是否后门,使本可正常识别的样本附加上tigger以后来误导模型误判到指定类别。clean-label攻击在训练数据中进行投毒,再输入数据中加入扰动,从而使导致在其特征空间中产生错误的表示,从而影响类别判断。
Trigger
相关论文
- Badnets: Identifying vulnerabilities in the machine learning model supply chain.
- Targeted backdoor attacks on deep learning systems using data poisoning. 2017.
- Latent backdoor attacks on deep neural networks. 2019 ACM.
- Trojaning Attack on Neural Networks. NDSS.2018.
代表论文分析
clean label
相关论文
- Poison frogs! targeted clean-label poisoning attacks on neural networks. NIPS. 2018
- Transferable clean-label poisoning attacks on deep neural nets.ICML.2019
代表论文分析