TY - GEN
T1 - A System-level Perspective to Understand the Vulnerability of Deep Learning Systems
AU - Liu, Tao
AU - Xu, Nuo
AU - Liu, Qi
AU - Wang, Yanzhi
AU - Wen, Wujie
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019/1/21
Y1 - 2019/1/21
N2 - Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.
AB - Deep neural network (DNN) is nowadays achieving the human-level performance on many machine learning applications like self-driving car, gaming and computer-aided diagnosis. However, recent studies show that such a promising technique has gradually become the major attack target, signiicantly threatening the safety of machine learning services. On one hand, the adversarial or poisoning attacks incurred by DNN algorithm vulnerabilities can cause the decision misleading with very high conidence. On the other hand, the system-level DNN attacks built upon models, training/inference algorithms and hardware and software in DNN execution, have also emerged for more diversiied damages like denial of service, private data stealing. In this paper, we present an overview of such emerging system-level DNN attacks by systematically formulating their attack routines. Several representative cases are selected in our study to summarize the characteristics of system-level DNN attacks. Based on our formulation, we further discuss the challenges and several possible techniques to mitigate such emerging system-level DNN attacks.
KW - DNN
KW - Machine learning
KW - Mitigation
KW - Security
KW - System-level
UR - http://www.scopus.com/inward/record.url?scp=85061144194&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85061144194&partnerID=8YFLogxK
U2 - 10.1145/3287624.3288751
DO - 10.1145/3287624.3288751
M3 - Conference contribution
AN - SCOPUS:85061144194
T3 - Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC
SP - 544
EP - 549
BT - ASP-DAC 2019 - 24th Asia and South Pacific Design Automation Conference
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 24th Asia and South Pacific Design Automation Conference, ASPDAC 2019
Y2 - 21 January 2019 through 24 January 2019
ER -