Exploiting Vulnerabilities in Deep Neural Networks: Adversarial and Fault-Injection Attacks
Faiq Khalid, Muhammad Abdullah Hanif, Muhammad Shafique
TL;DR
This paper reviews vulnerabilities in deep neural networks used in critical systems, focusing on adversarial and fault-injection attacks, and discusses challenges and potential defenses to improve robustness.
Contribution
It provides a comprehensive overview of attack methods and challenges in implementing adversarial attacks on DNNs, along with strategies for developing more resilient systems.
Findings
DNNs are highly vulnerable to adversarial attacks.
Fault-injection attacks pose significant security risks.
Challenges exist in practically implementing adversarial attacks.
Abstract
From tiny pacemaker chips to aircraft collision avoidance systems, the state-of-the-art Cyber-Physical Systems (CPS) have increasingly started to rely on Deep Neural Networks (DNNs). However, as concluded in various studies, DNNs are highly susceptible to security threats, including adversarial attacks. In this paper, we first discuss different vulnerabilities that can be exploited for generating security attacks for neural network-based systems. We then provide an overview of existing adversarial and fault-injection-based attacks on DNNs. We also present a brief analysis to highlight different challenges in the practical implementation of adversarial attacks. Finally, we also discuss various prospective ways to develop robust DNN-based systems that are resilient to adversarial and fault-injection attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Physical Unclonable Functions (PUFs) and Hardware Security · Software Testing and Debugging Techniques