TY - GEN
T1 - When Not to Classify
T2 - 44th IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2019
AU - Wang, Yujia
AU - Miller, David J.
AU - Kesidis, George
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/5
Y1 - 2019/5
N2 - This paper addresses detection of a reverse engineering (RE) attack targeting a deep neural network (DNN) image classifier; by querying, RE's aim is to discover the classifier's decision rule. RE can enable test-time evasion attacks, which require knowledge of the classifier. Recently, we proposed a quite effective approach (ADA) to detect test-time evasion attacks. In this paper, we extend ADA to detect RE attacks (ADA-RE). We demonstrate our method is successful in detecting »stealthy» RE attacks before they learn enough to launch effective test-time evasion attacks.
AB - This paper addresses detection of a reverse engineering (RE) attack targeting a deep neural network (DNN) image classifier; by querying, RE's aim is to discover the classifier's decision rule. RE can enable test-time evasion attacks, which require knowledge of the classifier. Recently, we proposed a quite effective approach (ADA) to detect test-time evasion attacks. In this paper, we extend ADA to detect RE attacks (ADA-RE). We demonstrate our method is successful in detecting »stealthy» RE attacks before they learn enough to launch effective test-time evasion attacks.
UR - http://www.scopus.com/inward/record.url?scp=85068969241&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85068969241&partnerID=8YFLogxK
U2 - 10.1109/ICASSP.2019.8682578
DO - 10.1109/ICASSP.2019.8682578
M3 - Conference contribution
AN - SCOPUS:85068969241
T3 - ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings
SP - 8063
EP - 8066
BT - 2019 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2019 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 12 May 2019 through 17 May 2019
ER -