A Robust Countermeasures for Poisoning Attacks on Deep Neural Networks of Computer Interaction Systems

I. Hsien Liu, Jung Shian Li, Yen Chu Peng, Chuan Gang Liu

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)

Abstract

In recent years, human–computer interactions have begun to apply deep neural networks (DNNs), known as deep learning, to make them work more friendly. Nowadays, adversarial example attacks, poisoning attacks, and backdoor attacks are the typical attack examples for DNNs. In this paper, we focus on poisoning attacks and analyze three poisoning attacks on DNNs. We develop a countermeasure for poisoning attacks, which is Data Washing, an algorithm based on a denoising autoencoder. It can effectively alleviate the damages inflicted upon datasets caused by poisoning attacks. Furthermore, we also propose the Integrated Detection Algorithm (IDA) to detect various types of attacks. In our experiments, for Paralysis Attacks, Data Washing represents a significant improvement (0.5384) over accuracy increment, and can help IDA detect those attacks, while for Target Attacks, Data Washing makes it so that the false positive rate is reduced to just 1% and IDA can have a high accuracy detection rate of greater than 99%.

Original languageEnglish
Article number7753
JournalApplied Sciences (Switzerland)
Volume12
Issue number15
DOIs
Publication statusPublished - 2022 Aug

All Science Journal Classification (ASJC) codes

  • General Materials Science
  • Instrumentation
  • General Engineering
  • Process Chemistry and Technology
  • Computer Science Applications
  • Fluid Flow and Transfer Processes

Fingerprint

Dive into the research topics of 'A Robust Countermeasures for Poisoning Attacks on Deep Neural Networks of Computer Interaction Systems'. Together they form a unique fingerprint.

Cite this