Detecting Trojaned DNNs via Spectral Regression Analysis
Researchers have developed a new method called MIST to detect malicious Trojans embedded in deep neural networks (DNNs) during the fine-tuning process. MIST analyzes the spectral changes in a model's internal representations to identify deviations indicative of a Trojan attack. This approach treats Trojan detection as a regression problem and has demonstrated superior accuracy compared to existing methods, even without prior knowledge of the attack's specifics. AI
IMPACT Introduces a novel technique for enhancing the security of AI models against sophisticated attacks during development.