Today, at The Eleventh International Conference on Learning Representations (ICLR), participants of the IEEE Trojan Removal Competition presented their research on their findings related to effectively and efficiently mitigating neural network trojans while maintaining high performance. With a winning team from the Harbin Institute of Technology in Shenzhen, the set HZZQ Defense achieved a 98.14% poisoned accuracy rate and a 0.12% attack success rate – worthy of a first-place prize of $5,000 USD.
This competition is the result of the IEEE Computer Society’s Emerging Technology Fund, which granted $25,000 USD to the IEEE Special Technical Committee in 2021. Researchers were asked to explore solutions to enhance the security of neural networks using efficient and effective white-box trojan removal techniques. More than 1,700 valid submissions from 44 teams worldwide contributed to the development of new data sets and metrics for AI security research – which would be soon released for public access.
Two key findings related to improving the security of neural networks were discovered during this competition. Firstly, backdoor model detection was found to be largely inefficient – and secondly, a generalized approach to mitigating attacks on neural networks was found not to be the most effective approach.
The two discoveries point to the urgent need for a comprehensive AI security solution. In order to do that, the team plans to conduct this competition again – further strengthening the security parameters of neural networks. The findings of this competition and the public benchmark data which it generates could allow developers to explore new defense methods and remove remaining vulnerabilities in AI systems.
Prof. Meikang Qiu, chair of IEEE Smart Computing Special Technical Committee (SCSTC), has been credited with the contribution of IEEE Computer Society in 2021. With his help, along with the rest of the steering committee Professors Ruoxi Jia from Virginia Tech, Neil Gong from Duke University, Tianwei Zhang from Nanyang Technological University, Shu-Tao Xia from Tsinghua University, and Bo Li from University of Illinois Urbana-Champaign, IEEE TRC ’22 was made possible with the focus on creating a more secure AI environment.
The IEEE Computer Society is working to make the future of machine learning and artificial intelligence safer and more dependable – a mission aided by this competition and the innovations generated by it. As the world becomes increasingly dependent on AI, the security and privacy of these new technologies has become paramount – something that IEEE TRC ’22 is determined to ensure.
About IEEE Computer Society
The IEEE Computer Society is the world’s home for computer science, engineering and technology. It provides members with a comprehensive array of resources including conferences and events, publications, and professional development opportunities. Its mission is to empower the people who drive technology and advocate trustworthy AI systems by providing open-access machine learning security metrics and benchmarks. With the development of the Emerging Technology Fund, the IEEE CS is supporting research related to AI and machine learning security, with the ultimate goal of making these technologies more available and dependable for everyone.
