Neural Network Security: Hiding CNN Parameters with Guided Grad-CAM
Linda Guiga, A. Roscoe
2020
Abstract
Nowadays, machine learning is prominent in most research fields. Neural Networks (NNs) are considered to be the most efficient and popular architecture nowadays. Among NNs, Convolutional Neural Networks (CNNs) are the most popular algorithms for image processing and image recognition. They are therefore widely used in the industry, for instance for facial recognition software. However, they are targeted by several reverse-engineering attacks on embedded systems. These attacks can potentially find the architecture and parameters of the trained neural networks, which might be considered Intellectual Property (IP). This paper introduces a method to protect a CNN’s parameters against one of these attacks (Tramèr et al., 2016). For this, the victim model’s first step consists in adding noise to the input image so as to prevent the attacker from correctly reverse-engineering the weights
DownloadPaper Citation
in Harvard Style
Guiga L. and Roscoe A. (2020). Neural Network Security: Hiding CNN Parameters with Guided Grad-CAM. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 611-618. DOI: 10.5220/0009061206110618
in Bibtex Style
@conference{icissp20,
author={Linda Guiga and A. Roscoe},
title={Neural Network Security: Hiding CNN Parameters with Guided Grad-CAM},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={611-618},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009061206110618},
isbn={978-989-758-399-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Neural Network Security: Hiding CNN Parameters with Guided Grad-CAM
SN - 978-989-758-399-5
AU - Guiga L.
AU - Roscoe A.
PY - 2020
SP - 611
EP - 618
DO - 10.5220/0009061206110618