Detecting and Eliminating Neural Network Backdoors Through Active Paths with Application to Intrusion Detection

TL;DR

This paper introduces an explainable method to detect and eliminate neural network backdoors by analyzing active paths, demonstrated on intrusion detection models with injected backdoors.

Contribution

The paper proposes a novel approach based on active path analysis to detect and remove backdoors in neural networks, enhancing model security.

Findings

Effective detection of backdoors through active path analysis

Successful elimination of backdoors in intrusion detection models

Promising experimental results demonstrating approach viability

Abstract

Machine learning backdoors have the property that the machine learning model should work as expected on normal inputs, but when the input contains a specific $\textit{trigger}$, it behaves as the attacker desires. Detecting such triggers has been proven to be extremely difficult. In this paper, we present a novel and explainable approach to detect and eliminate such backdoor triggers based on active paths found in neural networks. We present promising experimental evidence of our approach, which involves injecting backdoors into a machine learning model used for intrusion detection.