Guardado en:
Detalles Bibliográficos
Autores principales: Dhonthi, Akshay, Eiermann, Marcello, Hahn, Ernst Moritz, Hashemi, Vahid
Formato: Preprint
Publicado: 2023
Materias:
Acceso en línea:https://arxiv.org/abs/2311.04009
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
_version_ 1866912065453555712
author Dhonthi, Akshay
Eiermann, Marcello
Hahn, Ernst Moritz
Hashemi, Vahid
author_facet Dhonthi, Akshay
Eiermann, Marcello
Hahn, Ernst Moritz
Hashemi, Vahid
contents Deep Neural Networks (DNNs) are becoming widespread, particularly in safety-critical areas. One prominent application is image recognition in autonomous driving, where the correct classification of objects, such as traffic signs, is essential for safe driving. Unfortunately, DNNs are prone to backdoors, meaning that they concentrate on attributes of the image that should be irrelevant for their correct classification. Backdoors are integrated into a DNN during training, either with malicious intent (such as a manipulated training process, because of which a yellow sticker always leads to a traffic sign being recognised as a stop sign) or unintentional (such as a rural background leading to any traffic sign being recognised as animal crossing, because of biased training data). In this paper, we introduce AGNES, a tool to detect backdoors in DNNs for image recognition. We discuss the principle approach on which AGNES is based. Afterwards, we show that our tool performs better than many state-of-the-art methods for multiple relevant case studies.
format Preprint
id arxiv_https___arxiv_org_abs_2311_04009
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle AGNES: Abstraction-guided Framework for Deep Neural Networks Security
Dhonthi, Akshay
Eiermann, Marcello
Hahn, Ernst Moritz
Hashemi, Vahid
Machine Learning
Cryptography and Security
Computer Vision and Pattern Recognition
Deep Neural Networks (DNNs) are becoming widespread, particularly in safety-critical areas. One prominent application is image recognition in autonomous driving, where the correct classification of objects, such as traffic signs, is essential for safe driving. Unfortunately, DNNs are prone to backdoors, meaning that they concentrate on attributes of the image that should be irrelevant for their correct classification. Backdoors are integrated into a DNN during training, either with malicious intent (such as a manipulated training process, because of which a yellow sticker always leads to a traffic sign being recognised as a stop sign) or unintentional (such as a rural background leading to any traffic sign being recognised as animal crossing, because of biased training data). In this paper, we introduce AGNES, a tool to detect backdoors in DNNs for image recognition. We discuss the principle approach on which AGNES is based. Afterwards, we show that our tool performs better than many state-of-the-art methods for multiple relevant case studies.
title AGNES: Abstraction-guided Framework for Deep Neural Networks Security
topic Machine Learning
Cryptography and Security
Computer Vision and Pattern Recognition
url https://arxiv.org/abs/2311.04009