Backdoors in machine learning have gotten little attention, but researchers have demonstrated proofs of concept for how such backdoors might work. ‘It’s possible they could add machine learning-specific backdoors of the style we proposed last year that makes it ignore their own state-sponsored malware,’ Brendan Dolan-Gavitt, an assistant professor in the computer science and engineering department at New York University [Tandon School of Engineering], tells CSO. ‘We showed that when you’re training something like a deep learning system you can teach it to recognize specific triggers and then misclassify any inputs that have that trigger,’ Dolan-Gavitt adds. ‘We haven’t looked at anti-malware systems specifically, but I think it would work.’
December 4, 2018December 4, 2018Emerald Knox
CCS News