Gotta Catch'Em All: Using Honeypots to Catch Adversarial Attacks on Neural Networks

@article{Shan2020GottaCA,
  title={Gotta Catch'Em All: Using Honeypots to Catch Adversarial Attacks on Neural Networks},
  author={Shawn Shan and Emily Wenger and Bolun Wang and B. Li and Haitao Zheng and B. Zhao},
  journal={Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security},
  year={2020}
}
  • Shawn Shan, Emily Wenger, +3 authors B. Zhao
  • Published 2020
  • Computer Science, Mathematics
  • Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Deep neural networks (DNN) are known to be vulnerable to adversarial attacks. Numerous efforts either try to patch weaknesses in trained models, or try to make it difficult or costly to compute adversarial examples that exploit them. In our work, we explore a new "honeypot" approach to protect DNN models. We intentionally inject trapdoors, honeypot weaknesses in the classification manifold that attract attackers searching for adversarial examples. Attackers' optimization algorithms gravitate… Expand
11 Citations
Detecting Universal Trigger's Adversarial Attack with Honeypot
  • Highly Influenced
  • PDF
Hidden Trigger Backdoor Attacks
  • 48
  • PDF
Backdoor Learning: A Survey
  • 20
  • Highly Influenced
  • PDF
"What's in the box?!": Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
  • PDF
Attack as Defense: Characterizing Adversarial Examples using Robustness
  • PDF
A Partial Break of the Honeypots Defense to Catch Adversarial Attacks
  • 3
  • PDF
Universal Litmus Patterns: Revealing Backdoor Attacks in CNNs
  • 21
  • PDF
Deep Learning Backdoors
  • 5
  • PDF
Fawkes: Protecting Privacy against Unauthorized Deep Learning Models
  • 15
  • PDF
...
1
2
...

References

SHOWING 1-10 OF 13 REFERENCES
Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks
  • 173
  • Highly Influential
  • PDF
Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks
  • 725
  • Highly Influential
  • PDF
Adversarial Risk and the Dangers of Evaluating Against Weak Attacks
  • 274
  • Highly Influential
  • PDF
Towards Evaluating the Robustness of Neural Networks
  • 3,169
  • Highly Influential
  • PDF
MagNet: A Two-Pronged Defense against Adversarial Examples
  • 566
  • Highly Influential
  • PDF
Defending Neural Backdoors via Generative Distribution Modeling
  • 45
  • Highly Influential
  • PDF
BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain
  • 374
  • Highly Influential
  • PDF
Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality
  • 301
  • Highly Influential
  • PDF
Adversarial examples in the physical world
  • 2,352
  • Highly Influential
  • PDF
MagNet and "Efficient Defenses Against Adversarial Attacks" are Not Robust to Adversarial Examples
  • 147
  • Highly Influential
  • PDF
...
1
2
...