Backdoor attacks insert hidden associations or triggers to the deep learning models to override correct inference such as classification and make the system perform maliciously according to the attacker-chosen target while behaving normally in the absence of the trigger. As a new and rapidly evolving realistic attack, it could result in dire consequences, especially considering that the backdoor attack surfaces are broad. This talk first provides a brief overview of backdoor attacks, and then present countermeasures towards building trustworthy deep neural networks.
Dr Surya Nepal is a Senior Principal Research Scientist at CSIRO Data61. He currently leads the distributed systems security group comprising 30+ research staff and 50+ postgraduate students. His main research focus is on the development and implementation of technologies in the area of cybersecurity and privacy, and AI and Cybersecurity. He has more than 250 peer-reviewed publications to his credit. He is a member of the editorial boards of IEEE Transactions on Service Computing, ACM Transactions on Internet Technology, IEEE Transactions on Dependable and Secure Computing, and Frontiers of Big Data- Security Privacy, and Trust. He is currently a deputy research director of Cybersecurity Cooperative Research Centre (CRC), a national initiative in Australia.