BEGIN ARTICLE PREVIEW:
Hackers can implant backdoors on deep neural networks without leaving a trace, researchers at the Germany-based CISPA Helmholtz Center for Information Security have found
This article is part of our reviews of AI research papers, a series of posts that explore the latest findings in artificial intelligence.
In the past few years, researchers have shown growing interest in the security of artificial intelligence systems. There’s a special interest in how malicious actors can attack and compromise machine learning algorithms, the subset of AI that is being increasingly used in different domains.
Among the security issues being studied are backdoor attacks, in which a bad actor hides malicious behavior in a machine learning model during the training phase and activates it when the AI enters production.
Until now, backdoor attacks had certain practical difficulties because they largely relied on visible triggers. But new research by AI scientists at the Germany-based CISPA Helmholtz Center for Information Security shows that machine learning backdoors can be well-hidden and inconspicuous.
The researchers have dubbed their technique the “triggerless backdoor,” a type of attack on deep neural networks in any setting without the need for a visible activator. Their work is currently under review for …
END ARTICLE PREVIEW