Deep Learning Model Security: Threats and Defenses
This is an incremental survey paper that organizes existing knowledge about security threats and defenses for deep learning practitioners and researchers.
This survey examines security vulnerabilities in deep learning models including adversarial attacks, data poisoning, model theft, and privacy leakage, and explores defenses such as adversarial training, differential privacy, and federated learning to address these threats.
Deep learning has transformed AI applications but faces critical security challenges, including adversarial attacks, data poisoning, model theft, and privacy leakage. This survey examines these vulnerabilities, detailing their mechanisms and impact on model integrity and confidentiality. Practical implementations, including adversarial examples, label flipping, and backdoor attacks, are explored alongside defenses such as adversarial training, differential privacy, and federated learning, highlighting their strengths and limitations. Advanced methods like contrastive and self-supervised learning are presented for enhancing robustness. The survey concludes with future directions, emphasizing automated defenses, zero-trust architectures, and the security challenges of large AI models. A balanced approach to performance and security is essential for developing reliable deep learning systems.