From tiny pacemaker chips to aircraft collision avoidance systems, the state-of-the-art Cyber-Physical Systems (CPS) have increasingly started to rely on Deep Neural Networks (DNNs). However, as concluded in various studies, DNNs are highly susceptible to security threats, including adversarial attacks. In this paper, we first discuss different vulnerabilities that can be exploited for generating security attacks for neural network-based systems. We then provide an overview of existing adversarial and fault-injection-based attacks on DNNs. We also present a brief analysis to highlight different challenges in the practical implementation of adversarial attacks. Finally, we also discuss various prospective ways to develop robust DNN-based systems that are resilient to adversarial and fault-injection attacks.
翻译:从小起搏器芯片到避免飞机碰撞系统,最先进的网络物理系统(CPS)开始日益依赖深神经网络(DNNs),然而,正如各种研究所得出的结论,DNNs极易受安全威胁,包括对抗性攻击;在本文件中,我们首先讨论可用于对神经网络系统发动安全攻击的不同弱点;然后,我们概述现有的对DNs进行对抗性攻击和以错误射入为基础的攻击;我们还提出简要分析,以突出在实际实施对抗性攻击中遇到的不同挑战;最后,我们还讨论开发强有力的DNNN系统以抵御对抗性和错误射入攻击的各种可能途径。
相关内容
微信扫码咨询专知VIP会员