Jakub Breier, Xiaolu Hou, Martín Ochoa, Jesús Solano,
Neural network implementations are known to be vulnerable to physical attack vectors such as fault injection attacks. As of now, these attacks were only utilized during the inference phase. In this work, we explore a novel attack paradigm by injecting faults during the training phase in a way that the resulting network can be attacked during deployment without the necessity of further faulting. We discuss attacks against ReLU activation functions that make it possible to generate a family of malicious ...
Tópico(s): Anomaly Detection Techniques and Applications
2022 - IEEE Computer Society | IEEE Transactions on Dependable and Secure Computing