Open Access iconOpen Access

ARTICLE

crossmark

An Improved Optimized Model for Invisible Backdoor Attack Creation Using Steganography

Daniyal M. Alghazzawi1, Osama Bassam J. Rabie1, Surbhi Bhatia2, Syed Hamid Hasan1,*

1 Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah, 21589, Saudi Arabia
2 Department of Information Systems, College of Computer Sciences and Information Technology, King Faisal University, Saudi Arabia

* Corresponding Author: Syed Hamid Hasan. Email: email

(This article belongs to the Special Issue: Innovations in Artificial Intelligence using Data Mining and Big Data)

Computers, Materials & Continua 2022, 72(1), 1173-1193. https://doi.org/10.32604/cmc.2022.022748

Abstract

The Deep Neural Networks (DNN) training process is widely affected by backdoor attacks. The backdoor attack is excellent at concealing its identity in the DNN by performing well on regular samples and displaying malicious behavior with data poisoning triggers. The state-of-art backdoor attacks mainly follow a certain assumption that the trigger is sample-agnostic and different poisoned samples use the same trigger. To overcome this problem, in this work we are creating a backdoor attack to check their strength to withstand complex defense strategies, and in order to achieve this objective, we are developing an improved Convolutional Neural Network (ICNN) model optimized using a Gradient-based Optimization (GBO)(ICNN-GBO) algorithm. In the ICNN-GBO model, we are injecting the triggers via a steganography and regularization technique. We are generating triggers using a single-pixel, irregular shape, and different sizes. The performance of the proposed methodology is evaluated using different performance metrics such as Attack success rate, stealthiness, pollution index, anomaly index, entropy index, and functionality. When the CNN-GBO model is trained with the poisoned dataset, it will map the malicious code to the target label. The proposed scheme's effectiveness is verified by the experiments conducted on both the benchmark datasets namely CIDAR-10 and MSCELEB 1M dataset. The results demonstrate that the proposed methodology offers significant defense against the conventional backdoor attack detection frameworks such as STRIP and Neutral cleanse.

Keywords


Cite This Article

APA Style
Alghazzawi, D.M., Rabie, O.B.J., Bhatia, S., Hasan, S.H. (2022). An improved optimized model for invisible backdoor attack creation using steganography. Computers, Materials & Continua, 72(1), 1173-1193. https://doi.org/10.32604/cmc.2022.022748
Vancouver Style
Alghazzawi DM, Rabie OBJ, Bhatia S, Hasan SH. An improved optimized model for invisible backdoor attack creation using steganography. Comput Mater Contin. 2022;72(1):1173-1193 https://doi.org/10.32604/cmc.2022.022748
IEEE Style
D.M. Alghazzawi, O.B.J. Rabie, S. Bhatia, and S.H. Hasan, “An Improved Optimized Model for Invisible Backdoor Attack Creation Using Steganography,” Comput. Mater. Contin., vol. 72, no. 1, pp. 1173-1193, 2022. https://doi.org/10.32604/cmc.2022.022748



cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1661

    View

  • 933

    Download

  • 0

    Like

Share Link