• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Conference on Malicious and Unwanted Software >Resilience of Pruned Neural Network Against Poisoning Attack
【24h】

Resilience of Pruned Neural Network Against Poisoning Attack

机译:修剪神经网络对中毒攻击的恢复能力

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In the past several years, machine learning, especially deep learning, has achieved remarkable success in various fields. However, it has been shown recently that machine learning algorithms are vulnerable to well-crafted attacks. For instance, poisoning attack is effective in manipulating the results of a predictive model by deliberately contaminating the training data. In this paper, we investigate the implication of network pruning on the resilience against poisoning attacks. Our experimental results show that pruning can effectively increase the difficulty of poisoning attack, possibly due to the reduced degrees of freedom in the pruned network. For example, in order to degrade the test accuracy below 60% for the MNIST-1-7 dataset, only less than 10 retraining epochs with poisoning data are needed for the original network, while about 16 and 40 epochs are required for the 90% and 99% pruned networks, respectively.
机译:在过去的几年中,机器学习,尤其是深度学习,在各个领域都取得了令人瞩目的成功。但是,最近显示,机器学习算法容易受到精心设计的攻击。例如,中毒攻击通过故意污染训练数据来有效地操纵预测模型的结果。在本文中,我们调查了网络修剪对抵御中毒攻击的抵御能力的含义。我们的实验结果表明,修剪可能有效地增加了中毒攻击的难度,这可能是由于修剪网络中的自由度降低所致。例如,为了将MNIST-1-7数据集的测试准确度降低到60%以下,原始网络仅需要少于10个带有中毒数据的重新训练时期,而90个需要大约16和40个时期\%和99 \%修剪的网络。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号