Security Risks in Deep Learning Implementations
It highlights critical security risks in widely used deep learning software, calling for community action to improve framework security.
The paper identifies security vulnerabilities in popular deep learning frameworks like Caffe, TensorFlow, and Torch, showing that attackers can exploit these to cause denial-of-service or control-flow hijacking attacks in applications such as voice recognition and image classification.
Advance in deep learning algorithms overshadows their security risk in software implementations. This paper discloses a set of vulnerabilities in popular deep learning frameworks including Caffe, TensorFlow, and Torch. Contrast to the small code size of deep learning models, these deep learning frameworks are complex and contain heavy dependencies on numerous open source packages. This paper considers the risks caused by these vulnerabilities by studying their impact on common deep learning applications such as voice recognition and image classifications. By exploiting these framework implementations, attackers can launch denial-of-service attacks that crash or hang a deep learning application, or control-flow hijacking attacks that cause either system compromise or recognition evasions. The goal of this paper is to draw attention on the software implementations and call for the community effort to improve the security of deep learning frameworks.