No Time to Spare

Adversarial Machine Learning at Training and Inference Time

Xiaoyun Xu • Boek • paperback

• Samenvatting
  Free download at https://doi.org/10.54195/9789465152103
  
  This thesis addresses the critical challenge of adversarial machine learning in deep learning models, focusing on the defense mechanisms against evasion (adversarial) attacks and backdoor attacks. Part I analyzes evasion attacks through the lens of information bottleneck theory, revealing that compressing redundant information in the input space enhances model robustness. This insight leads to the proposal of novel, theoretically grounded adversarial training methods for stronger defense against evasion attacks. Part II shifts to backdoor attacks, exploring the sensitivity of backdoored models to adversarial examples. The research introduces an innovative backdoor trigger inversion method and investigates how adversarial perturbations can influence neuron weights to activate the backdoor functionality directly, bypassing the need for trigger recovery. This highlights the potential of parameter space analysis for effective backdoor detection and mitigation. An additional chapter systematically examines existing backdoor attacks, identifying a vulnerability: the detectability of backdoor-related neurons. To counter this, a novel backdoor attack is proposed, incorporating an adversarial backdoor injection module to ensure multi-space stealthiness (input, feature, and parameter spaces). The thesis concludes by emphasizing the importance of adopting defense mechanisms before deploying machine learning in critical applications to ensure the security and reliability of these systems.
• Productinformatie
  Binding : Paperback
  Distributievorm : Boek (print, druk)
  Formaat : 170mm x 240mm
  Aantal pagina's : 189
  Uitgeverij : Radboud University Press
  ISBN : 9789465152103
  Datum publicatie : 01-2026
  
• Inhoudsopgave
  niet beschikbaar
• Reviews (0 uit 0 reviews)
  Wil je meer weten over hoe reviews worden verzameld? Lees onze uitleg hier.