Abstract. 

The article addresses the pressing issue of trigger-based attacks on artificial neural networks designed for image recognition in the context of ensuring their reliability and security. Various scenarios of trigger-based attacks, their main implementation methods, and the consequences of such attacks are examined. The article provides a detailed analysis of methods for applying triggers to images, approaches for detecting triggers, including identifying key characteristics inherent to images containing triggers. The results of the proposed method for combating trigger-based attacks are presented, enabling the detection of triggers in images during the machine learning phase of neural networks. The prospects for developing protection methods against trigger-based attacks in the context of machine learning and convolutional neural networks are also discussed.

Keywords: 

artificial neural network, machine learning, trigger-based attack, image recognition.

DOI 10.14357/20718632250101 

EDN CPNGAB

PP. 3-13.

References

1. A.A. Zatsarinniy, A.A. Karandeev, A.E. Maslov, V.P. Osipov, N.Yu. Apalkov, "Development of Technologies Based on Additional Properties". Information Technologies and Computing Systems. 2024, No. 1, pp. 67–74, (In Russ.) DOI: 10.14357/20718632240107.

2. Rodrigo D. Moreira, Flávio Coutinho, Luiz Chaimowicz, "Analysis and Compilation of Normal Map Generation Techniques for Pixel Art". arXiv:2212.09692, 2022.

3. Jing Xu, Gorka Abad, Stjepan Picek, "Rethinking the Trigger-injecting Position in Graph Backdoor Attack". arXiv:2304.02277, 2023.

4. Tianlong Chen, Zhenyu Zhang, Yihua Zhang, Shiyu Chang, Sijia Liu, Zhangyang Wang, "Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free", arXiv:2205.11819, 2022.

5. Tzvi Lederer, Gallil Maimon, Lior Rokach, "Silent Killer: Optimizing Backdoor Trigger Yields a Stealthy and Powerful Data Poisoning Attack". arXiv:2301.02615, 2023.

6. Yinghua Gao, Yiming Li, Xueluan Gong, Shu-Tao Xia, Qian Wang, "Backdoor Attack with Sparse and Invisible Trigger". arXiv:2306.06209, 2023.

7. Mohsen Ebrahimi, "Broken Rail Detection With Texture Image Processing Using Two-Dimensional Gray Level Cooccurrence Matrix", arXiv:2304.11592, 2023.

8. Zhenting Wang, Kai Mei, Juan Zhai, Shiqing Ma, "UNICORN: A Unified Backdoor Trigger Inversion Framework", arXiv:2304.02786, 2023.

9. Tong Xu, Yiming Li, Yong Jiang, Shu-Tao Xia, "BATT: Backdoor Attack with Transformation-based Triggers". arXiv:2211.01806.

10. Aniruddha Saha, Akshayvarun Subramanya, Hamed Pirsiavash, "Hidden Trigger Backdoor Attacks", arXiv preprint arXiv:1910.00033, 2019.

11. Sobel, Irwin & Feldman, Gary. (1973). A 3×3 isotropic gradient operator for image processing. Pattern Classification and Scene Analysis. 271-272.

12. Duda, Richard & Hart, Peter & G.Stork, David. (2001). Pattern Classification.

13. Shapiro, L. G. & Stockman, G. C. Computer Vision. — Prentence Hall, 2001. — С. 137, 150.

14. Akshakhi Kumar Pritoonka, Faeze Kiani, "Texture image analysis based on joint of multi directions GLCM and local ternary patterns", arXiv:2209.01866, 2022.

15. Li-Yun Wang, Yeganeh Jalalpour, Wu-chi Feng, "Context-Aware Image Denoising with Auto-Threshold Canny Edge Detection to Suppress Adversarial Perturbation". arXiv:2101.05833, 2021.

16. E.M. Mavrin, "Comparison of Edge Detection Algorithms in Digital Images and Selection of the Best Algorithm for FPGA Implementation." Voprosi Nauki i Obrazovaniya, 2019, No. 14 (61), (In Russ.).