TrojanNet: Embedding Hidden Trojan Horse Models in Neural Networks

  • 2021-02-22 17:27:10
  • Chuan Guo, Ruihan Wu, Kilian Q. Weinberger
  0


The complexity of large-scale neural networks can lead to poor understandingof their internal details. We show that this opaqueness provides an opportunityfor adversaries to embed unintended functionalities into the network in theform of Trojan horses. Our novel framework hides the existence of a Trojannetwork with arbitrary desired functionality within a benign transport network.We prove theoretically that the Trojan network's detection is computationallyinfeasible and demonstrate empirically that the transport network does notcompromise its disguise. Our paper exposes an important, previously unknownloophole that could potentially undermine the security and trustworthiness ofmachine learning.


