IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v11y2023i20p4236-d1257078.html
   My bibliography  Save this article

DB-COVIDNet: A Defense Method against Backdoor Attacks

Author

Listed:
  • Samaneh Shamshiri

    (Division of Electronics & Electrical Engineering, Dongguk University, Seoul 04620, Republic of Korea)

  • Ki Jin Han

    (Division of Electronics & Electrical Engineering, Dongguk University, Seoul 04620, Republic of Korea)

  • Insoo Sohn

    (Division of Electronics & Electrical Engineering, Dongguk University, Seoul 04620, Republic of Korea)

Abstract

With the emergence of COVID-19 disease in 2019, machine learning (ML) techniques, specifically deep learning networks (DNNs), played a key role in diagnosing the disease in the medical industry due to their superior performance. However, the computational cost of deep learning networks (DNNs) can be quite high, making it necessary to often outsource the training process to third-party providers, such as machine learning as a service (MLaaS). Therefore, careful consideration is required to achieve robustness in DNN-based systems against cyber-security attacks. In this paper, we propose a method called the dropout-bagging (DB-COVIDNet) algorithm, which works as a robust defense mechanism against poisoning backdoor attacks. In this model, the trigger-related features will be removed by the modified dropout algorithm, and then we will use the new voting method in the bagging algorithm to achieve the final results. We considered AC-COVIDNet as the main inducer of the bagging algorithm, which is an attention-guided contrastive convolutional neural network (CNN), and evaluated the performance of the proposed method with the malicious COVIDx dataset. The results demonstrated that DB-COVIDNet has strong robustness and can significantly reduce the effect of the backdoor attack. The proposed DB-COVIDNet nullifies backdoors before the attack has been activated, resulting in a tremendous reduction in the attack success rate from 99.5 % to 3 % with high accuracy on the clean data.

Suggested Citation

  • Samaneh Shamshiri & Ki Jin Han & Insoo Sohn, 2023. "DB-COVIDNet: A Defense Method against Backdoor Attacks," Mathematics, MDPI, vol. 11(20), pages 1-23, October.
  • Handle: RePEc:gam:jmathe:v:11:y:2023:i:20:p:4236-:d:1257078
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/11/20/4236/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2227-7390/11/20/4236/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:11:y:2023:i:20:p:4236-:d:1257078. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.