A System-level Perspective to Understand the Vulnerability of Deep Learning Systems

Tao Liu, Nuo Xu, Qi Liu, Yanzhi Wang, Wujie Wen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.

Original languageEnglish (US)
Title of host publicationASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages544-549
Number of pages6
ISBN (Electronic)9781450360074
DOIs
StatePublished - Jan 21 2019
Externally publishedYes
Event24th Asia and South Pacific Design Automation Conference, ASPDAC 2019 - Tokyo, Japan
Duration: Jan 21 2019Jan 24 2019

Publication series

NameProceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC

Conference

Conference24th Asia and South Pacific Design Automation Conference, ASPDAC 2019
CountryJapan
CityTokyo
Period1/21/191/24/19

Fingerprint

Learning systems
Computer aided diagnosis
Deep learning
Deep neural networks
Railroad cars
Hardware

Keywords

  • DNN
  • Machine learning
  • Mitigation
  • Security
  • System-level

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design

Cite this

Liu, T., Xu, N., Liu, Q., Wang, Y., & Wen, W. (2019). A System-level Perspective to Understand the Vulnerability of Deep Learning Systems. In ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference (pp. 544-549). (Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1145/3287624.3288751

A System-level Perspective to Understand the Vulnerability of Deep Learning Systems. / Liu, Tao; Xu, Nuo; Liu, Qi; Wang, Yanzhi; Wen, Wujie.

ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference. Institute of Electrical and Electronics Engineers Inc., 2019. p. 544-549 (Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Liu, T, Xu, N, Liu, Q, Wang, Y & Wen, W 2019, A System-level Perspective to Understand the Vulnerability of Deep Learning Systems. in ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference. Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC, Institute of Electrical and Electronics Engineers Inc., pp. 544-549, 24th Asia and South Pacific Design Automation Conference, ASPDAC 2019, Tokyo, Japan, 1/21/19. https://doi.org/10.1145/3287624.3288751
Liu T, Xu N, Liu Q, Wang Y, Wen W. A System-level Perspective to Understand the Vulnerability of Deep Learning Systems. In ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference. Institute of Electrical and Electronics Engineers Inc. 2019. p. 544-549. (Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC). https://doi.org/10.1145/3287624.3288751
Liu, Tao ; Xu, Nuo ; Liu, Qi ; Wang, Yanzhi ; Wen, Wujie. / A System-level Perspective to Understand the Vulnerability of Deep Learning Systems. ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 544-549 (Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC).
@inproceedings{7db2f98d62e642098c19761a4b6c44f7,
title = "A System-level Perspective to Understand the Vulnerability of Deep Learning Systems",
abstract = "Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.",
keywords = "DNN, Machine learning, Mitigation, Security, System-level",
author = "Tao Liu and Nuo Xu and Qi Liu and Yanzhi Wang and Wujie Wen",
year = "2019",
month = "1",
day = "21",
doi = "10.1145/3287624.3288751",
language = "English (US)",
series = "Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "544--549",
booktitle = "ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference",

}

TY - GEN

T1 - A System-level Perspective to Understand the Vulnerability of Deep Learning Systems

AU - Liu, Tao

AU - Xu, Nuo

AU - Liu, Qi

AU - Wang, Yanzhi

AU - Wen, Wujie

PY - 2019/1/21

Y1 - 2019/1/21

N2 - Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.

AB - Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.

KW - DNN

KW - Machine learning

KW - Mitigation

KW - Security

KW - System-level

UR - http://www.scopus.com/inward/record.url?scp=85061144194&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85061144194&partnerID=8YFLogxK

U2 - 10.1145/3287624.3288751

DO - 10.1145/3287624.3288751

M3 - Conference contribution

AN - SCOPUS:85061144194

T3 - Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC

SP - 544

EP - 549

BT - ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference

PB - Institute of Electrical and Electronics Engineers Inc.

ER -