Backdoor Attack Detection in Computer Vision by Applying Matrix Factorization on the Weights of Deep Networks
| dc.contributor.author | Hossain, Khondoker Murad | |
| dc.contributor.author | Oates, Tim | |
| dc.date.accessioned | 2023-01-09T15:28:33Z | |
| dc.date.available | 2023-01-09T15:28:33Z | |
| dc.date.issued | 2022-12-15 | |
| dc.description.abstract | The increasing importance of both deep neural networks (DNNs) and cloud services for training them means that bad actors have more incentive and opportunity to insert backdoors to alter the behavior of trained models. In this paper, we introduce a novel method for backdoor detection that extracts features from pre-trained DNN’s weights using independent vector analysis (IVA) followed by a machine learning classifier. In comparison to other detection techniques, this has a number of benefits, such as not requiring any training data, being applicable across domains, operating with a wide range of network architectures, not assuming the nature of the triggers used to change network behavior, and being highly scalable. We discuss the detection pipeline, and then demonstrate the results on two computer vision datasets regarding image classification and object detection. Our method outperforms the competing algorithms in terms of efficiency and is more accurate, helping to ensure the safe application of deep learning and AI. | en_US |
| dc.description.uri | https://arxiv.org/abs/2212.08121 | en_US |
| dc.format.extent | 7 pages | en_US |
| dc.genre | journal articles | en_US |
| dc.genre | preprints | en_US |
| dc.identifier | doi:10.13016/m21zqh-kfip | |
| dc.identifier.uri | https://doi.org/10.48550/arXiv.2212.08121 | |
| dc.identifier.uri | http://hdl.handle.net/11603/26599 | |
| dc.language.iso | en_US | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.rights | Attribution 4.0 International (CC BY 4.0) | * |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | * |
| dc.title | Backdoor Attack Detection in Computer Vision by Applying Matrix Factorization on the Weights of Deep Networks | en_US |
| dc.type | Text | en_US |