แนวคิดหลัก
The author introduces MaleficNet 2.0, a technique to embed malware in neural networks stealthily and effectively, raising awareness of potential threats in the deep learning ecosystem.
บทคัดย่อ
Training high-quality deep learning models is challenging due to computational requirements. MaleficNet 2.0 injects malware into neural networks without degrading performance, posing a significant threat. The study evaluates stealthiness against anti-virus tools and statistical analysis, showing undetectability and minimal impact on parameter distribution.
สถิติ
"MaleficNet 2.0 uses spread-spectrum channel coding combined with error correction techniques."
"MaleficNet can embed megabytes of malware payloads into DNN parameters."
"State-of-the-art architectures reach up to trillions of parameters in size."
คำพูด
"Therefore, as a first step, the adversary downloads the global model, optionally performs local training, and selects the malicious payload to embed in the network."
"MaleficNet achieves embedding in just one round of communication with a single malicious user encoding the malware payload."