Adversarial attack defenses for neural networks
The widespread adoption of deep neural networks (DNNs) across various domains has led to the creation of high-performance models trained on extensive datasets. As a result, there is a growing need to protect the intellectual property of these models, leading to the development of various watermar...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/175196 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-175196 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1751962024-04-19T15:42:44Z Adversarial attack defenses for neural networks Puah, Yi Hao Anupam Chattopadhyay School of Computer Science and Engineering anupam@ntu.edu.sg Computer and Information Science Watermark Adversarial The widespread adoption of deep neural networks (DNNs) across various domains has led to the creation of high-performance models trained on extensive datasets. As a result, there is a growing need to protect the intellectual property of these models, leading to the development of various watermarking techniques. However, these techniques are not impervious to attacks. In this report, I explore the vulnerabilities of state-of-the-art neural network watermarking techniques and propose a novel framework for attacking and neutralizing these watermarks. Our proposed approach focuses on the removal of embedded watermarking techniques using adversarial, out-of-distribution (OOD) and random label trigger data, demonstrating effective strategies for their detection and removal. By providing a comprehensive analysis of the weaknesses in current watermarking methods, our work contributes to the ongoing discussion on model security and intellectual property protection in the realm of deep learning. Bachelor's degree 2024-04-19T13:12:54Z 2024-04-19T13:12:54Z 2024 Final Year Project (FYP) Puah, Y. H. (2024). Adversarial attack defenses for neural networks. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/175196 https://hdl.handle.net/10356/175196 en application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Computer and Information Science Watermark Adversarial |
| spellingShingle |
Computer and Information Science Watermark Adversarial Puah, Yi Hao Adversarial attack defenses for neural networks |
| description |
The widespread adoption of deep neural networks (DNNs) across various domains has
led to the creation of high-performance models trained on extensive datasets. As a
result, there is a growing need to protect the intellectual property of these models,
leading to the development of various watermarking techniques.
However, these techniques are not impervious to attacks. In this report, I explore the
vulnerabilities of state-of-the-art neural network watermarking techniques and propose
a novel framework for attacking and neutralizing these watermarks.
Our proposed approach focuses on the removal of embedded watermarking techniques
using adversarial, out-of-distribution (OOD) and random label trigger data, demonstrating
effective strategies for their detection and removal. By providing a comprehensive
analysis of the weaknesses in current watermarking methods, our work contributes to
the ongoing discussion on model security and intellectual property protection in the
realm of deep learning. |
| author2 |
Anupam Chattopadhyay |
| author_facet |
Anupam Chattopadhyay Puah, Yi Hao |
| format |
Final Year Project |
| author |
Puah, Yi Hao |
| author_sort |
Puah, Yi Hao |
| title |
Adversarial attack defenses for neural networks |
| title_short |
Adversarial attack defenses for neural networks |
| title_full |
Adversarial attack defenses for neural networks |
| title_fullStr |
Adversarial attack defenses for neural networks |
| title_full_unstemmed |
Adversarial attack defenses for neural networks |
| title_sort |
adversarial attack defenses for neural networks |
| publisher |
Nanyang Technological University |
| publishDate |
2024 |
| url |
https://hdl.handle.net/10356/175196 |
| _version_ |
1800916136904097792 |