Los Alamitos, Calif., May 5, 2023 – Participants in the IEEE Trojan Removal Competition today at the 11th International Conference on Learned Representations (ICLR) Virtual Backdoor Attacks and Defenses in Machine Learning (BANDS) workshop announced its findings and successes. Effectively and efficiently mitigate the impact of neural Trojans while maintaining high performance. Evaluated by clean accuracy, poison accuracy, and attack success rate, the winning team of the Harbin Institute of Technology in Shenzhen used the set HZZQ defense to formulate a highly effective solution, with a poison accuracy of 98.14%. rate and yielded results of only 0.12%. attack success rate. The group will be awarded a first place prize of US$5,000.
Professor Meikang Qiu, chair of the IEEE Smart Computing Special Technical Committee (SCSTC) and full professor at the Beacom College of Computer and Cyber said: Dakota State University, Madison, SD, US Science Also, in 2021 he was named an IEEE Computer Society Distinguished Contributor.
In 2022, IEEE CS established the Emerging Technology Fund, awarded IEEE SCSTC US$25,000 for the first “Annual Competition on Emerging Issues in Data Security and Privacy (EDISP)” for the first time, and won the IEEE Trojan Removal Competition (TRC) produced. ‘twenty two). This proposal offered a fresh take on cyber topics as it encouraged participants to explore solutions that could enhance the security of neural networks, unlike most existing contests that only focused on backdoor model detection. provided. By developing a common, effective, and efficient white-box Trojan removal technique, participants will be able to develop specifically pre-trained models that are essential for protecting artificial intelligence from potential attacks. has helped build trust in deep learning and artificial intelligence when using it in practice.
With 1,706 valid submissions from 44 teams around the world, 6 groups successfully developed the technique, outperforming state-of-the-art baseline metrics published in major machine learning forums. Achieved. A benchmark summarizing the models and attacks used during the competition has been released to allow for additional research and evaluation.
Yi Zeng, competition chair of IEEE TRC’22 and research assistant in the Bradley Department of Electrical and Computer, said. Engineering, Virginia Tech, Blacksburg, Va. Explore new defenses and eliminate remaining vulnerabilities. ”
Two important findings emerged from the overall results of the participants during the competition.
- Many classical techniques for mitigating the effects of backdoors can over-modify key elements of the code if they don’t “learn”, and are typically proposed and highlighted in IEEE TRC’22. The model performance degrades because it ignores a new metric, a measure of impact on tainted accuracy. .
- Many existing techniques have low generalizability, which means that some methods are only valid for specific data sets or specific machine learning model architectures.
These findings demonstrate the fact that general approaches to mitigating attacks on neural networks are not recommended for the foreseeable future. Zeng emphasized the urgent need for a comprehensive AI security solution. We hope that the insights gleaned from this competition, coupled with the release of our benchmarks, will inspire the community to develop more robust and adaptable security measures for AI systems. ”
“As the world relies more and more on AI and machine learning, it will be important to address the security and privacy issues that these technologies pose,” said Qiu. “The IEEE TRC ’22 competition at EDISP has made a big difference in this field. Professor Shu-Tao Xia, University of Illinois Urbana Champaign — thank you for their help and support.”
Ideas and insights from this event, along with publicly available benchmark data, will help make the future of machine learning and artificial intelligence safer and more reliable. The team plans to conduct his second year of the contest, and these findings will further strengthen the security parameters of neural networks.
2023 IEEE Computer Society President Nita Patel said: “As technology advances, machine learning and he will go a long way in enhancing the iterative development that strengthens the security of AI platforms.”
For more information on the entire Emerging Technology Grants Program, please visit https://www.computer.org/communities/emerging-technology-fund.
About the IEEE Trojan Removal Contest
IEEE TRC’22 aims to encourage the development of innovative end-to-end neural network backdoor removal techniques to combat backdoor attacks. See https://www.trojan-removal.com/ for more information.
About the IEEE Computer Society
The IEEE Computer Society is the world’s hub for computer science, engineering, and technology. A world leader in providing access to computer science research, analysis, and information, the IEEE Computer Society offers unparalleled products, services, and opportunities to professionals and individuals at all stages of their careers. We offer comprehensive. Recognized as the premier organization for empowering those who advance technology, the IEEE Computer Society offers international conferences, peer-reviewed publications, a unique digital library, and training programs. For more information, visit computer.org.
Source: IEEE Computer Society
