Dormant Neural Trojans
This addresses security vulnerabilities in neural networks for applications where malicious actors could hide undetectable backdoors.
The paper tackles the problem of neural network backdoor attacks by introducing dormant Trojans that remain inactive until activated via a specific weight perturbation known only to the attacker, with experimental results showing they evade state-of-the-art detection methods.
We present a novel methodology for neural network backdoor attacks. Unlike existing training-time attacks where the Trojaned network would respond to the Trojan trigger after training, our approach inserts a Trojan that will remain dormant until it is activated. The activation is realized through a specific perturbation to the network's weight parameters only known to the attacker. Our analysis and the experimental results demonstrate that dormant Trojaned networks can effectively evade detection by state-of-the-art backdoor detection methods.