A Chaos Driven Metric for Backdoor Attack Detection

TL;DR

This paper introduces a novel chaos theory-based metric called PDS for detecting backdoor data poisoning attacks in AI models, combining manifold learning to improve detection accuracy across various datasets.

Contribution

It presents a new defense mechanism that integrates chaos theory with manifold learning, introducing the PDS metric for identifying poisoned training samples.

Findings

PDS effectively distinguishes poisoned from clean samples.

The method works across diverse datasets.

It enhances backdoor attack detection accuracy.

Abstract

The advancement and adoption of Artificial Intelligence (AI) models across diverse domains have transformed the way we interact with technology. However, it is essential to recognize that while AI models have introduced remarkable advancements, they also present inherent challenges such as their vulnerability to adversarial attacks. The current work proposes a novel defense mechanism against one of the most significant attack vectors of AI models - the backdoor attack via data poisoning of training datasets. In this defense technique, an integrated approach that combines chaos theory with manifold learning is proposed. A novel metric - Precision Matrix Dependency Score (PDS) that is based on the conditional variance of Neurochaos features is formulated. The PDS metric has been successfully evaluated to distinguish poisoned samples from non-poisoned samples across diverse datasets.