Skip to content
/ cnn-keyleakage Public

In order to defend neural networks against malicious attacks, recent approaches propose the use of secret keys in the training or inference pipelines of learning systems. However, the secrecy of the key is often not discussed. In the Thesis, we explore the issue for the case of a recently proposed key-based deep neural network.

informationsecurity.uibk.ac.at/theses/cnn-keyleakage/
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tkupek/cnn-keyleakage

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
attacks
attacks
 
 
data
data
 
 
model
model
 
 
results
results
 
 
taboo
taboo
 
 
tmp
tmp
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
eval_taboo.py
eval_taboo.py
 
 
generate-keys.py
generate-keys.py
 
 
plot_activation_values.py
plot_activation_values.py
 
 
plotdendrogram.py
plotdendrogram.py
 
 
plotgraph.py
plotgraph.py
 
 
polynomial_distance.py
polynomial_distance.py
 
 
profile_dataset_size.py
profile_dataset_size.py
 
 
profile_models.py
profile_models.py
 
 
profile_models_for_distance.py
profile_models_for_distance.py
 
 
profile_models_for_distance2.py
profile_models_for_distance2.py
 
 
train-taboo.py
train-taboo.py
 
 
traitor-tracing.py
traitor-tracing.py
 
 
transferability.py
transferability.py
 
 

Repository files navigation

Exploring the Difficulty of Hiding Keys in Neural Networks

In order to defend neural networks against malicious attacks, recent approaches propose the use of secret keys in the training or inference pipelines of learning systems. While this concept is innovative and the results are promising in terms of attack mitigation and classification accuracy, the effectiveness lasts on the secrecy of the key. However, this aspect is often not discussed. In this short paper, we explore this issue for the case of a recently proposed key-based deep neural network. White-box experiments on multiple models and datasets, using the original key-based method and our own extensions, show that it is currently possible to extract secret key bits with relatively limited effort.

Link to project: UIBK Security & Privacy Lab

Code Overview

//TODO

Models and Datasets

Taboo Trap

Adversarial Attacks & Transferability

Visualization

Example Usage

//TODO

Results

The final master thesis can be found at [...] //TODO

About

In order to defend neural networks against malicious attacks, recent approaches propose the use of secret keys in the training or inference pipelines of learning systems. However, the secrecy of the key is often not discussed. In the Thesis, we explore the issue for the case of a recently proposed key-based deep neural network.

informationsecurity.uibk.ac.at/theses/cnn-keyleakage/

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages