+
Skip to main content
Springer Nature Link
Log in

TRGE: A Backdoor Detection After Quantization

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14527))

Included in the following conference series:

  • 632 Accesses

Abstract

Quantization is evolving as the main technique for efficient deployment of deep neural networks to hardware devices, especially edge devices. However, we observe that quantization hardly has negative impact on backdoor attacks, but leads trigger reverse-based defenses to fail. We argue that the round operation in quantization that blocks the backward propagation of the gradient in the quantized model is the main reason for the failure of the trigger reverse-based approaches. We then propose a novel Trigger Reverse method with Gradient Estimation (TRGE) to synthesize triggers for backdoor detection in quantized models. Experiments on MNIST, CIFAR10, and GTSRB demonstrate that our proposed method is effective in detecting backdoor attacks in quantized models.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from $39.99 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

References

  1. Howell, D.C.: Fundamental statistics for the behavioral sciences. Cengage Learning (2016)

    Google Scholar 

  2. Tu, C.C., Ting, P., Chen, P.Y., et al.: Autozoom: autoencoder-based zeroth order optimization method for attacking black-box neural networks. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 33, no. 01, pp. 742–749 (2019)

    Google Scholar 

Download references

Acknowledgments

This paper was supported in part by the Natural Science Foundation of China under Grants 61871468 and 62111540270, the Zhejiang Provincial Natural Science Foundation of China (LZ23F010003, LQ23F010009), Zhejiang Provincial Key Laboratory of New Network Standards and Technologies (NNST) (No. 2013E10012).

Author information

Authors and Affiliations

  1. School of Information and Electronic Engineering, Zhejiang Gongshang University, Hangzhou, China

    Renhua Xie, Xuxin Fang, Bo Ma & Chuanhuang Li

  2. College of Computing, Michigan Technological University, Houghton, USA

    Xiaoyong Yuan

Authors
  1. Renhua Xie
    View author publications

    Search author on:PubMed Google Scholar

  2. Xuxin Fang
    View author publications

    Search author on:PubMed Google Scholar

  3. Bo Ma
    View author publications

    Search author on:PubMed Google Scholar

  4. Chuanhuang Li
    View author publications

    Search author on:PubMed Google Scholar

  5. Xiaoyong Yuan
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Chuanhuang Li .

Editor information

Editors and Affiliations

  1. Shandong University, Jinan, China

    Chunpeng Ge

  2. Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xie, R., Fang, X., Ma, B., Li, C., Yuan, X. (2024). TRGE: A Backdoor Detection After Quantization. In: Ge, C., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2023. Lecture Notes in Computer Science, vol 14527. Springer, Singapore. https://doi.org/10.1007/978-981-97-0945-8_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-0945-8_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-0944-1

  • Online ISBN: 978-981-97-0945-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Keywords

Publish with us

Policies and ethics

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载