We present the covert task embedding (CTE) attack, a new general threat affecting deep neural networks (DNNs). The new attack consists in hiding a malicious privacy-sensitive task within a seemingly innocuous network, in such a way that the result of the malicious task is delivered together with the legitimate output in a stealthy way. The result of the covert task is further protected by requiring that its extraction depends on a secret key shared by the embedder and the detector. We demonstrate the feasibility of the CTE attack in various settings, wherein a face-based age estimation DNN is trained in such a way as to also detect the gender (binary classification task) or ethnicity (multiclassification task) of the framed individual and stealthily pass along such information together with the estimated age. The results of the experiments we carried out show that, in all cases, the gender and ethnicity information can be reliably extracted without impairing the accuracy of the age estimation functionality. Despite the simplicity of the estting considered in the brief, our experiments show the feasibility of the CTE attack, thus calling for the development of suitable remedies against it.

Download full-text PDF

Source
http://dx.doi.org/10.1109/TNNLS.2022.3216010DOI Listing

Publication Analysis

Top Keywords

covert task
12
cte attack
12
task embedding
8
feasibility cte
8
age estimation
8
task
6
embedding turning
4
turning dnn
4
dnn insider
4
insider agent
4

Similar Publications

Want AI Summaries of new PubMed Abstracts delivered to your In-box?

Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!