Exploring Secure Machine Learning Through Payload Injection and FGSM Attacks on ResNet-50
Umesh Yadav, Suman Niroula, Gaurav Kumar Gupta, and Bicky Yadav
TL;DR
This study examines the security vulnerabilities of ResNet-50 against FGSM adversarial attacks and payload injection, revealing significant risks in deploying neural networks in security-sensitive environments.
Contribution
It provides a comprehensive analysis of ResNet-50's robustness against specific attack methods and demonstrates the effectiveness of payload injection in manipulating model predictions.
Findings
FGSM attacks increase model confidence in wrong predictions
Payload injection achieves 93.33% success rate in manipulation
Model accuracy remains at 53.33% on clean images
Abstract
This paper investigates the resilience of a ResNet-50 image classification model under two prominent security threats: Fast Gradient Sign Method (FGSM) adversarial attacks and malicious payload injection. Initially, the model attains a 53.33% accuracy on clean images. When subjected to FGSM perturbations, its overall accuracy remains unchanged; however, the model's confidence in incorrect predictions notably increases. Concurrently, a payload injection scheme is successfully executed in 93.33% of the tested samples, revealing how stealthy attacks can manipulate model predictions without degrading visual quality. These findings underscore the vulnerability of even high-performing neural networks and highlight the urgency of developing more robust defense mechanisms for security-critical applications.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Network Security and Intrusion Detection · Anomaly Detection Techniques and Applications