Jun Zhai scite author profile

With the fast spread of machine learning techniques, sharing and adopting public machine learning models become very popular. This gives attackers many new opportunities. In this paper, we propose a trojaning attack on neural networks. As the models are not intuitive for human to understand, the attack features stealthiness. Deploying trojaned models can cause various severe consequences including endangering human lives (in applications like autonomous driving). We first inverse the neural network to generate a general trojan trigger, and then retrain the model with reversed engineered training data to inject malicious behaviors to the model. The malicious behaviors are only activated by inputs stamped with the trojan trigger. In our attack, we do not need to tamper with the original training process, which usually takes weeks to months. Instead, it takes minutes to hours to apply our attack. Also, we do not require the datasets that are used to train the model. In practice, the datasets are usually not shared due to privacy or copyright concerns. We use five different applications to demonstrate the power of our attack, and perform a deep analysis on the possible factors that affect the attack. The results show that our attack is highly effective and efficient. The trojaned behaviors can be successfully triggered (with nearly 100% possibility) without affecting its test accuracy for normal input and even with better accuracy on public dataset. Also, it only takes a small amount of time to attack a complex neuron network model. In the end, we also discuss possible defense against such attacks.

show abstract

Assessing the effects of land use and topography on soil erosion on the Loess Plateau in China

Sun

Shao

Liu

et al. 2014

CATENA

365

221

View full text Add to dashboard Cite

Drought losses in China might double between the 1.5 °C and 2.0 °C warming

Huang

Fischer

et al. 2018

Proc. Natl. Acad. Sci. U.S.A.

387

197

View full text Add to dashboard Cite

SignificanceWe project drought losses in China under global warming of 1.5 °C and 2.0 °C. To assess future drought losses, we project the regional gross domestic product under shared socioeconomic pathways instead of using a static socioeconomic scenario. We identify increasing precipitation and evapotranspiration patterns. With increasing drought intensity and areal coverage across China, drought losses will increase considerably. The estimated losses in a sustainable development pathway at 1.5 °C warming will be 10 times higher than in the reference period 1986–2005 and three times higher than in 2006–2015. Yet, climate change mitigation, limiting the temperature increase to 1.5 °C, can considerably reduce the annual drought losses in China, compared with 2.0 °C warming.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jun Zhai

Trojaning Attack on Neural Networks

Assessing the effects of land use and topography on soil erosion on the Loess Plateau in China

Drought losses in China might double between the 1.5 °C and 2.0 °C warming

Contact Info

Product

Resources

About