Articles via Databases
Articles via Journals
Online Catalog
E-books
Research & Information Literacy
Interlibrary loan
Theses & Dissertations
Collections
Policies
Services
About / Contact Us
Administration
Littman Architecture Library

Robert W. Van Houten Library
New Jersey Institute of Technology
323 King Blvd.
Newark, NJ 07102-1982

Phone: 973-596-3206
Fax: 973-643-5601
email: askalibrarian@njit.edu

Copyright 2012 NJIT
This site will be removed in January 2019, please change your bookmarks.
This page will redirect to https://digitalcommons.njit.edu/dissertations/1682/ in 5 seconds

The New Jersey Institute of Technology's
Electronic Theses & Dissertations Project

Title: Fortifying robustness: unveiling the intricacies of training and inference vulnerabilities in centralized and federated neural networks
Author: Liu, Guanxiong
View Online: njit-etd2023-041
(xvi, 177 pages ~ 7.5 MB pdf)
Department: Department of Electrical and Computer Engineering
Degree: Doctor of Philosophy
Program: Electrical Engineering
Document Type: Dissertation
Advisory Committee: Khreishah, Abdallah (Committee co-chair)
Khalil, Issa (Committee co-chair)
Akansu, Ali N. (Committee member)
Curtmola, Reza (Committee member)
Phan, Hai Nhat (Committee member)
Rajendran, Bipin (Committee member)
Date: 2023-08
Keywords: Adversarial attack
Adversarial training
Federated learning
Neural network
Trojan attack
Availability: Unrestricted
Abstract:

Neural network (NN) classifiers have gained significant traction in diverse domains such as natural language processing, computer vision, and cybersecurity, owing to their remarkable ability to approximate complex latent distributions from data. Nevertheless, the conventional assumption of an attack-free operating environment has been challenged by the emergence of adversarial examples. These perturbed samples, which are typically imperceptible to human observers, can lead to misclassifications by the NN classifiers. Moreover, recent studies have uncovered the ability of poisoned training data to generate Trojan backdoored classifiers that exhibit misclassification behavior triggered by predefined patterns.

In recent years, significant research efforts have been dedicated to uncovering the vulnerabilities of NN classifiers and developing defenses or mitigations against them. However, the existing approaches still fall short of providing mature solutions to address this ever-evolving problem. The widely adopted defense mechanisms against adversarial examples are computationally expensive and impractical for certain real-world applications. Likewise, the practical black-box defense against Trojan backdoors has failed to achieve state-of-the-art performance. More concerning is the limited exploration of these vulnerabilities within the context of cooperative attack or Federated learning, leaving NN classifiers exposed to unknown risks. This dissertation aims to address these critical gaps and refine our understanding of these vulnerabilities. The research conducted within this dissertation encompasses both the attack and defense perspectives, aiming to shed light on future research directions for vulnerabilities in NN classifiers.

If you have any questions please contact the ETD Team, libetd@njit.edu.
 
ETD Information
Digital Commons @ NJIT
Theses and DIssertations
ETD Policies & Procedures
ETD FAQ's
ETD home

Request a Scan
NDLTD

NJIT's ETD project was given an ACRL/NJ Technology Innovation Honorable Mention Award in spring 2003