Detect Backdoor Attack using Siamese Neural Network in Watermarking based on Wet Paper Coding and Optimal Parameter Selection Strategy - Dalam bentuk buku karya ilmiah
ANNISA PUTRI
Informasi Umum
Kode
25.05.263
Klasifikasi
000 - General Works
Jenis
Karya Ilmiah - Thesis (S2) - Reference
Subjek
Thesis
Dilihat
56 kali
Informasi Lainnya
Abstraksi
<br /> Deep Neural Networks (DNNs) in machine learning are vulnerable to backdoor attacks, where attackers insert unauthorized watermarks into the model to conceal specific patterns that can be exploited to manipulate predictions. These attacks can reduce model accuracy and cause misclassification when triggered by specially crafted inputs containing backdoors.<br /> <br /> To address this issue, this research proposes a watermarking method based on Wet Paper Coding (WPC), embedding watermarks directly into DNN model parameters, and using a Siamese Neural Network (SNN) for verification and backdoor attack detection. The watermark used is an email identifier, ensuring dataset integrity and ownership verification.The embedding process utilizes the Optimized Probabilistic Selection Strategy (OPSS) to select model parameters that have minimal impact on accuracy. WPC embeds the watermark by modifying "dry blocks" while preserving "wet blocks" to maintain model stability. After embedding, the watermark is extracted and verified using SNN, which compares it against registered email identifiers. If the extracted watermark does not match the authorized list, the model is flagged as potentially compromised by a backdoor attack.<br /> <br /> Experiments on the MNIST dataset show optimal results with a Layer Ratio of 0.5, Prob Alpha of 0.5, and Dry Block Ratio of 0.2, a Bit Error Rate (BER) of 0.0078. The model remains stable, with accuracy improving from 90.37 % to 92.09 % after watermarking. However, the extraction process still encounters errors due to high watermark capacity, and SNN achieves only 56.66 % accuracy in detecting backdoor attacks, indicating challenges in distinguishing authorized watermarks from unauthorized ones.<br /> <br />
- TTI7Z4 - TESIS
Koleksi & Sirkulasi
Tersedia 1 dari total 1 Koleksi
Anda harus log in untuk mengakses flippingbook
Pengarang
| Nama | ANNISA PUTRI |
| Jenis | Perorangan |
| Penyunting | Gelar Budiman, Inung Wijayanto |
| Penerjemah |
Penerbit
| Nama | Universitas Telkom, S2 Teknik Elektro |
| Kota | Bandung |
| Tahun | 2025 |
Sirkulasi
| Harga sewa | IDR 0,00 |
| Denda harian | IDR 0,00 |
| Jenis | Non-Sirkulasi |
