Stability-Based Analysis and Defense against Backdoor Attacks on Edge Computing Services
Ruoxi Jia
Abstract
With the explosive development of mobile Internet and deep learning (DL), intelligent edge computing services based on collaborative learning are widely deployed in various application scenarios. These intelligent services include intelligent applications based on edge computing and DL-based optimization for edge computing (e.g., caching and communicating). However, in a wide variety of domains, DL has been found to be vulnerable to adversarial attacks, especially architecture-independent backdoor attacks. It embeds the attack pattern into the learned model and only performs the attack when it encounters the corresponding trigger. In this article, for the first time we analyze the impact of backdoor attacks on intelligent edge computing services. The simulation results demonstrate that once one or more edge nodes implement backdoor attacks, the embedded attack pattern will rapidly expand to all relevant edge nodes, which poses huge challenges to security-sensitive intelligent edge computing services. Subsequently, we analyze the trade-off between expected performance and ability to defend against backdoor attacks, which sheds new light on designing defense mechanisms for intelligent edge computing services. To address the challenges posed by backdoor attacks, we propose a stability-based defense mechanism. The experimental results demonstrate that the newly proposed defense mechanism can effectively defend against different levels of backdoor attacks without knowing whether there are adversaries, which is conducive to the deployment of the stability-based defense mechanism in real-world scenarios.
People
-
Bio Item
Publication Details
Date of publication: February 15, 2021
Journal: IEEE Network
Page number(s): 163-169
Volume: 35
Issue Number: 1
Publication Note: Yi Zhao, Ke Xu, Haiyang Wang, Bo Li, Ruoxi Jia: Stability-Based Analysis and Defense against Backdoor Attacks on Edge Computing Services. IEEE Netw. 35(1): 163-169 (2021)