Yuntao Liu scite author profile

While neural networks demonstrate stronger capabilities in pattern recognition nowadays, they are also becoming larger and deeper. As a result, the effort needed to train a network also increases dramatically. In many cases, it is more practical to use a neural network intellectual property (IP) that an IP vendor has already trained. As we do not know about the training process, there can be security threats in the neural IP: the IP vendor (attacker) may embed hidden malicious functionality, i.e. neural Trojans, into the neural IP. We show that this is an effective attack and provide three mitigation techniques: input anomaly detection, re-training, and input preprocessing. All the techniques are proven effective. The input anomaly detection approach is able to detect 99.8% of Trojan triggers although with 12.2% false positive. The re-training approach is able to prevent 94.1% of Trojan triggers from triggering the Trojan although it requires that the neural IP be reconfigurable. In the input preprocessing approach, 90.2% of Trojan triggers are rendered ineffective and no assumption about the neural IP is needed.

show abstract

Keynote: A Disquisition on Logic Locking

Chakraborty

Jayasankaran

Liu

et al. 2020

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

A Combined Optimization-Theoretic and Side- Channel Approach for Attacking Strong Physical Unclonable Functions

Liu

Xie

Bao

et al. 2018

IEEE Trans. VLSI Syst.

View full text Add to dashboard Cite

Mitigating Reverse Engineering Attacks on Deep Neural Networks

Liu

Dachman-Soled

Srivastava

2019

View full text Add to dashboard Cite

2.5D/3D Integration Technologies for Circuit Obfuscation

Xie

Bao

Liu

et al. 2016

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yuntao Liu

Neural Trojans

Keynote: A Disquisition on Logic Locking

A Combined Optimization-Theoretic and Side- Channel Approach for Attacking Strong Physical Unclonable Functions

Mitigating Reverse Engineering Attacks on Deep Neural Networks

2.5D/3D Integration Technologies for Circuit Obfuscation

Contact Info

Product

Resources

About