TY - GEN
T1 - MT-MTD
T2 - 2021 IEEE International Conference on Communications, ICC 2021
AU - Qiu, Yihao
AU - Wu, Jun
AU - Mumtaz, Shahid
AU - Li, Jianhua
AU - Al-Dulaimi, Anwer
AU - Rodrigues, Joel J.P.C.
N1 - Funding Information:
ACKNOWLEDGMENT This work is sponsored by the National Natural Science Foundation of China (Grant No. 61972255). This work was partially supported by FCT/MCTES through national funds and when applicable co-funded EU funds under the Project UIDB/50008/2020; and by Brazilian National Council for Scientific and Technological Development - CNPq, via Grant No. 313036/2020-9.
Publisher Copyright:
© 2021 IEEE.
PY - 2021/6
Y1 - 2021/6
N2 - The evolution of deep learning has promoted the popularization of smart devices. However, due to the insufficient development of computing hardware, the ability to conduct local training on smart devices is greatly restricted, and it is usually necessary to deploy ready-made models. This opacity makes smart devices vulnerable to deep learning backdoor attacks. Some existing countermeasures against backdoor attacks are based on the attacker's ignorance of defense. Once the attacker knows the defense mechanism, he can easily overturn it. In this paper, we propose a Trojaning attack defense framework based on moving target defense(MTD) strategy. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. The simulation results show that in most cases, our technology can greatly increase the attack cost of the attacker, thereby ensuring the availability of Deep Neural Networks(DNN) and protecting it from Trojaning attacks.
AB - The evolution of deep learning has promoted the popularization of smart devices. However, due to the insufficient development of computing hardware, the ability to conduct local training on smart devices is greatly restricted, and it is usually necessary to deploy ready-made models. This opacity makes smart devices vulnerable to deep learning backdoor attacks. Some existing countermeasures against backdoor attacks are based on the attacker's ignorance of defense. Once the attacker knows the defense mechanism, he can easily overturn it. In this paper, we propose a Trojaning attack defense framework based on moving target defense(MTD) strategy. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. The simulation results show that in most cases, our technology can greatly increase the attack cost of the attacker, thereby ensuring the availability of Deep Neural Networks(DNN) and protecting it from Trojaning attacks.
KW - Edged-AI
KW - Trojaning attack
KW - deep neural network
KW - moving target defense
UR - http://www.scopus.com/inward/record.url?scp=85115689733&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115689733&partnerID=8YFLogxK
U2 - 10.1109/ICC42927.2021.9500545
DO - 10.1109/ICC42927.2021.9500545
M3 - Conference contribution
AN - SCOPUS:85115689733
T3 - IEEE International Conference on Communications
BT - ICC 2021 - IEEE International Conference on Communications, Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 14 June 2021 through 23 June 2021
ER -