CS Events Monthly View

Qualifying Exam

Defending against Backdoor Attacks on Deep Neural Networks

 

Download as iCal file

Monday, May 29, 2023, 11:00am - 12:30pm

 

Abstract: The Deep Neural Network (DNN) has achieved state-of-the-art (SOTA) results on many challenging tasks in computer vision, natural language processing and so on. With its wide adoption, the security of DNN becomes critical. One severe and important issue is the vulnerability of DNNs to backdoor attacks, where the adversary uses inputs stamped with triggers (e.g., a patch) to activate pre-planted malicious behaviors. In this talk, I will present our novel approaches for defending against backdoor attacks. For trigger reverse-engineering based defenses, we design a unified backdoor trigger inversion framework that can generalize to different types of triggers based on our novel formalization of the backdoor trigger. Additionally, we analyze the cause of DNN backdoors and conclude that linearity in DNN decision regions is the main reason. Based on our analysis, we propose a novel and general revised training framework that detects and fixes backdoors in DNN training.

 

Speaker: Zhenting Wang

Location : CoRE 301

Committee

Professor Shiqing Ma (Advisor)

Professor Dimitris Metaxas

Professor Hao Wang

Professor Professor Sepehr Assadi

 

Event Type: Qualifying Exam

Abstract: See above

Organization

Rutgers University

School of Arts & Sciences

Department of Computer Science

 

Contact  Professor Shqing Ma