Exploring Secure Machine Learning Through Payload Injection and FGSM Attacks on ResNet-50
It addresses security risks for neural networks in critical applications, but is incremental as it applies known attacks to a standard model.
This paper tackled the vulnerability of a ResNet-50 image classification model to security threats, finding that FGSM attacks increased confidence in incorrect predictions without changing overall accuracy, and payload injection succeeded in 93.33% of samples.
This paper investigates the resilience of a ResNet-50 image classification model under two prominent security threats: Fast Gradient Sign Method (FGSM) adversarial attacks and malicious payload injection. Initially, the model attains a 53.33% accuracy on clean images. When subjected to FGSM perturbations, its overall accuracy remains unchanged; however, the model's confidence in incorrect predictions notably increases. Concurrently, a payload injection scheme is successfully executed in 93.33% of the tested samples, revealing how stealthy attacks can manipulate model predictions without degrading visual quality. These findings underscore the vulnerability of even high-performing neural networks and highlight the urgency of developing more robust defense mechanisms for security-critical applications.