Scientific Calculator for Designing Trojan Detectors in Neural Networks
This work addresses the security issue of trojan detection in neural networks for researchers and practitioners, but it appears incremental as it builds on existing tools like TensorFlow Playground.
The authors tackled the problem of detecting trojans in neural networks by developing a web-based interactive calculator and a novel inefficiency measurement using modified KL divergence, achieving experimental results that document desirable properties for trojan detection across various embeddings.
This work presents a web-based interactive neural network (NN) calculator and a NN inefficiency measurement that has been investigated for the purpose of detecting trojans embedded in NN models. This NN Calculator is designed on top of TensorFlow Playground with in-memory storage of data and NN graphs plus coefficients. It is "like a scientific calculator" with analytical, visualization, and output operations performed on training datasets and NN architectures. The prototype is aaccessible at https://pages.nist.gov/nn-calculator. The analytical capabilities include a novel measurement of NN inefficiency using modified Kullback-Liebler (KL) divergence applied to histograms of NN model states, as well as a quantification of the sensitivity to variables related to data and NNs. Both NN Calculator and KL divergence are used to devise a trojan detector approach for a variety of trojan embeddings. Experimental results document desirable properties of the KL divergence measurement with respect to NN architectures and dataset perturbations, as well as inferences about embedded trojans.