Backdoor Attacks to Deep Neural Networks: A Survey of the Literature, Challenges, and Future Research Directions

Orson Mengara; Anderson Avila; Tiago H. Falk

doi:10.1109/ACCESS.2024.3355816

IEEE Access (Jan 2024)

Backdoor Attacks to Deep Neural Networks: A Survey of the Literature, Challenges, and Future Research Directions

Orson Mengara,
Anderson Avila,
Tiago H. Falk

Affiliations

Orson Mengara: ORCiD; INRS-EMT, University of Quebec, Montreal, Canada
Anderson Avila: INRS-EMT, University of Quebec, Montreal, Canada
Tiago H. Falk: ORCiD; INRS-EMT, University of Quebec, Montreal, Canada

DOI: https://doi.org/10.1109/ACCESS.2024.3355816
Journal volume & issue: Vol. 12
pp. 29004 – 29023

Abstract

Read online

Deep neural network (DNN) classifiers are potent instruments that can be used in various security-sensitive applications. Nonetheless, they are vulnerable to certain attacks that impede or distort their learning process. For example, backdoor attacks involve polluting the DNN learning set with a few samples from one or more source classes, which are then labeled as target classes by an attacker. Even if the DNN is trained on clean samples with no backdoors, this attack will still be successful if a backdoor pattern exists in the training data. Backdoor attacks are difficult to spot and can be used to make the DNN behave maliciously, depending on the target selected by the attacker. In this study, we survey the literature and highlight the latest advances in backdoor attack strategies and defense mechanisms. We finalize the discussion on challenges and open issues, as well as future research opportunities.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords