Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Strategic Safeguarding: A Game Theoretic Approach for Analyzing Attacker-Defender Behavior in DNN Backdoors
View through CrossRef
Abstract
Deep neural networks (DNNs) are fundamental to modern applications like face recognition and autonomous driving. However, their security is a significant concern due to various integrity risks, such as backdoor attacks. In these attacks, compromised training data introduce malicious behaviors into the DNN, which can be exploited during inference or deployment. This paper presents a novel game-theoretic approach to model the interactions between an attacker and a defender in the context of a DNN backdoor attack.
The contribution of this approach is multifaceted. First, it models the interaction between the attacker and the defender using a game-theoretic framework. Second, it designs a utility function that captures the objectives of both parties, integrating clean data accuracy and attack success rate. Third, it reduces the game model to a two-player zero-sum game, allowing for the identification of Nash equilibrium points through linear programming and a thorough analysis of equilibrium strategies. Additionally, the framework provides varying levels of flexibility regarding the control afforded to each player, thereby representing a range of real-world scenarios.
Through extensive numerical simulations, the paper demonstrates the validity of the proposed framework and identifies insightful equilibrium points that guide both players in following their optimal strategies under different assumptions. The results indicate that fully using attack or defense capabilities is not always the optimal strategy for either party. Instead, attackers must balance inducing errors and minimizing the information conveyed to the defender, while defenders should focus on minimizing attack risks while preserving benign sample performance. These findings underscore the effectiveness and versatility of the proposed approach, showcasing optimal strategies across different game scenarios and highlighting its potential to enhance DNN security against backdoor attacks.
Springer Science and Business Media LLC
Title: Strategic Safeguarding: A Game Theoretic Approach for Analyzing Attacker-Defender Behavior in DNN Backdoors
Description:
Abstract
Deep neural networks (DNNs) are fundamental to modern applications like face recognition and autonomous driving.
However, their security is a significant concern due to various integrity risks, such as backdoor attacks.
In these attacks, compromised training data introduce malicious behaviors into the DNN, which can be exploited during inference or deployment.
This paper presents a novel game-theoretic approach to model the interactions between an attacker and a defender in the context of a DNN backdoor attack.
The contribution of this approach is multifaceted.
First, it models the interaction between the attacker and the defender using a game-theoretic framework.
Second, it designs a utility function that captures the objectives of both parties, integrating clean data accuracy and attack success rate.
Third, it reduces the game model to a two-player zero-sum game, allowing for the identification of Nash equilibrium points through linear programming and a thorough analysis of equilibrium strategies.
Additionally, the framework provides varying levels of flexibility regarding the control afforded to each player, thereby representing a range of real-world scenarios.
Through extensive numerical simulations, the paper demonstrates the validity of the proposed framework and identifies insightful equilibrium points that guide both players in following their optimal strategies under different assumptions.
The results indicate that fully using attack or defense capabilities is not always the optimal strategy for either party.
Instead, attackers must balance inducing errors and minimizing the information conveyed to the defender, while defenders should focus on minimizing attack risks while preserving benign sample performance.
These findings underscore the effectiveness and versatility of the proposed approach, showcasing optimal strategies across different game scenarios and highlighting its potential to enhance DNN security against backdoor attacks.
Related Results
Schule und Spiel – mehr als reine Wissensvermittlung
Schule und Spiel – mehr als reine Wissensvermittlung
Die öffentliche Schule Quest to learn in New York City ist eine Modell-Schule, die in ihren Lehrmethoden auf spielbasiertes Lernen, Game Design und den Game Design Prozess setzt. I...
Well-Integrity Assessment Across Different Geological Areas by Deriving Insights from Complex Knowledge Base
Well-Integrity Assessment Across Different Geological Areas by Deriving Insights from Complex Knowledge Base
Abstract
Over the lifetime of multiple wells, in different fields, data produced from integrity assessment of the casing and mechanical parts of oil and gas wells ac...
DEFENDER-ATTACKER MODELS FOR RESOURCE ALLOCATION IN INFORMATION SECURITY
DEFENDER-ATTACKER MODELS FOR RESOURCE ALLOCATION IN INFORMATION SECURITY
Today, information security in defender-attacker game models is getting more attention from the research community. A game-theoretic approach applied in resource allocation study...
Defensive Deception Based on Hyper Game Theory against Advanced Persistent Threats
Defensive Deception Based on Hyper Game Theory against Advanced Persistent Threats
Defensive deception techniques have emerged as a promising proactive defense mechanism to mislead an attacker and thereby achieve attack failure. However, most game-theoretic defen...
CSP beyond tractable constraint languages
CSP beyond tractable constraint languages
AbstractThe constraint satisfaction problem (CSP) is among the most studied computational problems. While NP-hard, many tractable subproblems have been identified (Bulatov 2017, Zh...
Classification of Bisyllabic Lexical Stress Patterns Using Deep Neural Networks
Classification of Bisyllabic Lexical Stress Patterns Using Deep Neural Networks
Background and Objectives: As English is a stress-timed language, lexical stress plays an important role in the perception and processing of speech by native speakers. Incorrect st...
MODELING OF THE TARGET’S INTERCEPTION DELAY IN AN ADT GAME WITH ONE OR TWO DEFENDERS
MODELING OF THE TARGET’S INTERCEPTION DELAY IN AN ADT GAME WITH ONE OR TWO DEFENDERS
Рассматривается вариант Attacker-Defender-Target задачи с одним или двумя защитниками в плоской постановке. Предполагается, что цель и защитники двигаются прямолинейно с постоянной...
Multi-Model Ensemble Depth Adaptive Deep Neural Network for Crop Yield Prediction
Multi-Model Ensemble Depth Adaptive Deep Neural Network for Crop Yield Prediction
Accurate prediction of crop yield enables critical tasks such as identifying the optimum crop profile for planting, assigning government resources and decision-making on imports an...