Model hijacking exploitation and mitigation
In today's digital era, the utilization of machine learning has proliferated, making it an invaluable tool across various automotive applications. Machine learning has found its way into numerous facets of automotive engineering and operations. Additionally, machine learning is harnessed in...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Year Project / Dissertation / Thesis |
| Published: |
2024
|
| Subjects: | |
| Online Access: | http://eprints.utar.edu.my/6632/1/fyp_CS_2024_CZY.pdf http://eprints.utar.edu.my/6632/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utar-eprints.6632 |
|---|---|
| record_format |
eprints |
| spelling |
my-utar-eprints.66322024-10-23T05:49:55Z Model hijacking exploitation and mitigation Chew, Zi Ying T Technology (General) TD Environmental technology. Sanitary engineering In today's digital era, the utilization of machine learning has proliferated, making it an invaluable tool across various automotive applications. Machine learning has found its way into numerous facets of automotive engineering and operations. Additionally, machine learning is harnessed in predictive maintenance, where it analyses sensor data from vehicles to forecast potential mechanical issues, thereby optimizing maintenance schedules and minimizing downtime. However, things are two sides. There are vulnerabilities in machine learning that can cause adversarial attack, namely model hijacking attack. In prior research, there are experiment that shows that it is possible to insert trigger into the input to trigger backdoor attack without the user notice. The severity of this problem stems from the attacker's ability to wield this attack method at their discretion, resulting in highly erroneous outcomes. The profound danger lies in the fact that once a malicious actor successfully gains control of a machine learning model, they can manipulate it to generate intentionally misleading results or predictions. Incorrect decisions prompted by a poisoned machine learning model can lead to substantial financial losses, damage to a company's reputation, and even bankruptcy, life and death. In critical applications such as healthcare, autonomous vehicles, and industrial control systems, the reliability of machine learning models is paramount. Thus, in this project, I will focus on the backdoor attack to identify how the attack make use of the loopholes of machine learning. Think from the perspective of an attacker, I propose model that can be backdoor without being realize. It can have face recognition real-time and enter the backdoor mode when physical backdoor is being detected. When the model is in a backdoor mode, it will misclassify the face into the wrong class as attacker intentions. By understanding how the attack works, it can be twisted into a model that gives positives use such as steganography. Thus, in this research, I will develop a backdoor machine learning that can be used for good intention. 2024-01 Final Year Project / Dissertation / Thesis NonPeerReviewed application/pdf http://eprints.utar.edu.my/6632/1/fyp_CS_2024_CZY.pdf Chew, Zi Ying (2024) Model hijacking exploitation and mitigation. Final Year Project, UTAR. http://eprints.utar.edu.my/6632/ |
| institution |
Universiti Tunku Abdul Rahman |
| building |
UTAR Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Tunku Abdul Rahman |
| content_source |
UTAR Institutional Repository |
| url_provider |
http://eprints.utar.edu.my |
| topic |
T Technology (General) TD Environmental technology. Sanitary engineering |
| spellingShingle |
T Technology (General) TD Environmental technology. Sanitary engineering Chew, Zi Ying Model hijacking exploitation and mitigation |
| description |
In today's digital era, the utilization of machine learning has proliferated, making it an
invaluable tool across various automotive applications. Machine learning has found its way
into numerous facets of automotive engineering and operations. Additionally, machine learning
is harnessed in predictive maintenance, where it analyses sensor data from vehicles to forecast
potential mechanical issues, thereby optimizing maintenance schedules and minimizing
downtime. However, things are two sides. There are vulnerabilities in machine learning that
can cause adversarial attack, namely model hijacking attack. In prior research, there are
experiment that shows that it is possible to insert trigger into the input to trigger backdoor
attack without the user notice. The severity of this problem stems from the attacker's ability to
wield this attack method at their discretion, resulting in highly erroneous outcomes. The
profound danger lies in the fact that once a malicious actor successfully gains control of a
machine learning model, they can manipulate it to generate intentionally misleading results or
predictions. Incorrect decisions prompted by a poisoned machine learning model can lead to
substantial financial losses, damage to a company's reputation, and even bankruptcy, life and
death. In critical applications such as healthcare, autonomous vehicles, and industrial control
systems, the reliability of machine learning models is paramount. Thus, in this project, I will
focus on the backdoor attack to identify how the attack make use of the loopholes of machine
learning. Think from the perspective of an attacker, I propose model that can be backdoor
without being realize. It can have face recognition real-time and enter the backdoor mode when
physical backdoor is being detected. When the model is in a backdoor mode, it will misclassify
the face into the wrong class as attacker intentions. By understanding how the attack works, it
can be twisted into a model that gives positives use such as steganography. Thus, in this
research, I will develop a backdoor machine learning that can be used for good intention. |
| format |
Final Year Project / Dissertation / Thesis |
| author |
Chew, Zi Ying |
| author_facet |
Chew, Zi Ying |
| author_sort |
Chew, Zi Ying |
| title |
Model hijacking exploitation and mitigation |
| title_short |
Model hijacking exploitation and mitigation |
| title_full |
Model hijacking exploitation and mitigation |
| title_fullStr |
Model hijacking exploitation and mitigation |
| title_full_unstemmed |
Model hijacking exploitation and mitigation |
| title_sort |
model hijacking exploitation and mitigation |
| publishDate |
2024 |
| url |
http://eprints.utar.edu.my/6632/1/fyp_CS_2024_CZY.pdf http://eprints.utar.edu.my/6632/ |
| _version_ |
1814061974937403392 |
| score |
13.209306 |