Trojan Attack Prediction. In Data Science & Engineering Master of Advanced Study (DSE MAS) Capstone Projects

As machine learning (ML) has gained prominence in the business world, the implementation of deep neural networks (DNN) has become more widespread. The security of DNN models has recently come under scrutiny as they are at risk of adversarial attacks such as backdoor Trojan attacks. These attacks depend on a trigger to activate malicious behavior. Due to the lack of transparency in DNNs, the effects of Trojans may remain undetected until activated by an attacker. This project demonstrates a significant reduction in the time and resources necessary to detect a poisoned model through the use of dimensionality reduction techniques. The detector utilizes Principal Component Analysis and Independent Component Analysis to reduce model weights that can then be used to train a classification model. This work builds on previous research, integrating reduction techniques to significantly reduce inference time while maintaining model accuracy at 85%. Are you protected from malicious AI? Jacobs School of Engineering Data Science and Engineering Masters of Applied Science Program (DSE MAS) DSE 260 Capstone Project.