Open Access iconOpen Access

ARTICLE

crossmark

A Gaussian Noise-Based Algorithm for Enhancing Backdoor Attacks

by Hong Huang, Yunfei Wang*, Guotao Yuan, Xin Li

School of Computer Science and Engineering, Sichuan University of Science & Engineering, Yibin, 644000, China

* Corresponding Author: Yunfei Wang. Email: email

(This article belongs to the Special Issue: Security, Privacy, and Robustness for Trustworthy AI Systems)

Computers, Materials & Continua 2024, 80(1), 361-387. https://doi.org/10.32604/cmc.2024.051633

Abstract

Deep Neural Networks (DNNs) are integral to various aspects of modern life, enhancing work efficiency. Nonetheless, their susceptibility to diverse attack methods, including backdoor attacks, raises security concerns. We aim to investigate backdoor attack methods for image categorization tasks, to promote the development of DNN towards higher security. Research on backdoor attacks currently faces significant challenges due to the distinct and abnormal data patterns of malicious samples, and the meticulous data screening by developers, hindering practical attack implementation. To overcome these challenges, this study proposes a Gaussian Noise-Targeted Universal Adversarial Perturbation (GN-TUAP) algorithm. This approach restricts the direction of perturbations and normalizes abnormal pixel values, ensuring that perturbations progress as much as possible in a direction perpendicular to the decision hyperplane in linear problems. This limits anomalies within the perturbations improves their visual stealthiness, and makes them more challenging for defense methods to detect. To verify the effectiveness, stealthiness, and robustness of GN-TUAP, we proposed a comprehensive threat model. Based on this model, extensive experiments were conducted using the CIFAR-10, CIFAR-100, GTSRB, and MNIST datasets, comparing our method with existing state-of-the-art attack methods. We also tested our perturbation triggers using various defense methods and further experimented on the robustness of the triggers against noise filtering techniques. The experimental outcomes demonstrate that backdoor attacks leveraging perturbations generated via our algorithm exhibit cross-model attack effectiveness and superior stealthiness. Furthermore, they possess robust anti-detection capabilities and maintain commendable performance when subjected to noise-filtering methods.

Keywords


Cite This Article

APA Style
Huang, H., Wang, Y., Yuan, G., Li, X. (2024). A gaussian noise-based algorithm for enhancing backdoor attacks. Computers, Materials & Continua, 80(1), 361-387. https://doi.org/10.32604/cmc.2024.051633
Vancouver Style
Huang H, Wang Y, Yuan G, Li X. A gaussian noise-based algorithm for enhancing backdoor attacks. Comput Mater Contin. 2024;80(1):361-387 https://doi.org/10.32604/cmc.2024.051633
IEEE Style
H. Huang, Y. Wang, G. Yuan, and X. Li, “A Gaussian Noise-Based Algorithm for Enhancing Backdoor Attacks,” Comput. Mater. Contin., vol. 80, no. 1, pp. 361-387, 2024. https://doi.org/10.32604/cmc.2024.051633



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 640

    View

  • 268

    Download

  • 0

    Like

Share Link