Artificial Intelligence (AI) relies heavily on deep learning - a technology that is becoming increasingly popular in real-life applications of AI, even in the safety-critical and high-risk domains. However, it is recently discovered that deep learning can be manipulated by embedding Trojans inside it. Unfortunately, pragmatic solutions to circumvent the computational requirements of deep learning, e.g. outsourcing model training or data annotation to third parties, further add to model susceptibility to the Trojan attacks. Due to the key importance of the topic in deep learning, recent literature has seen many contributions in this direction. We conduct a comprehensive review of the techniques that devise Trojan attacks for deep learning and explore their defenses. Our informative survey systematically organizes the recent literature and discusses the key concepts of the methods while assuming minimal knowledge of the domain on the readers part. It provides a comprehensible gateway to the broader community to understand the recent developments in Neural Trojans.
翻译:人工智能(AI)严重依赖深层次的学习,这种技术在人工智能的实际应用中日益普及,甚至在安全关键和高风险领域也是如此。然而,最近发现深层次的学习可以通过将特洛伊人嵌入其中来操纵。不幸的是,规避深层学习计算要求的务实解决方案,例如向第三方外包模型培训或数据说明,进一步增加了易受特洛伊人袭击的模型。由于这个专题在深层次学习中具有关键重要性,最近的文献在这方面作出了许多贡献。我们全面审查了特洛伊人为深层学习和探索其防御而设计攻击的技术。我们的信息调查系统整理了最近的文献,并讨论了方法的关键概念,同时假设读者对领域知之甚少。它为广大社区提供了理解Neural Trojans最近动态的可理解的通道。