Summary of Ibd-psc: Input-level Backdoor Detection Via Parameter-oriented Scaling Consistency, by Linshan Hou et al.
IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency
by Linshan Hou, Ruili Feng, Zhongyun Hua, Wei Luo, Leo Yu Zhang, Yiming Li
First submitted to arxiv on: 16 May 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary This paper proposes a novel approach to detecting backdoor attacks on deep neural networks (DNNs). The authors introduce input-level backdoor detection (IBD-PSC), which uses the phenomenon of parameter-oriented scaling consistency (PSC) to identify malicious testing images. PSC is characterized by the prediction confidences of poisoned samples being more consistent than those of benign ones when model parameters are amplified. The method is motivated by a theoretical analysis that safeguards the foundations of the PSC phenomenon and an adaptive approach to selecting Batch Normalization layers for effective detection. Experimental results on benchmark datasets demonstrate the effectiveness and efficiency of IBD-PSC, as well as its resistance to adaptive attacks. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper helps keep deep neural networks safe from hackers. It introduces a way to detect when someone is trying to trick a model into making mistakes by adding hidden “backdoors” during training. The approach uses a special property called parameter-oriented scaling consistency (PSC) to figure out which images are likely to be malicious. The method is tested on lots of different datasets and shows that it can find backdoors even when the attackers try to make it harder. |
Keywords
» Artificial intelligence » Batch normalization
