Natural Backdoor Attacks on Deep Neural Networks via Raindrops Zhao, F, Zhou, L, Zhong, Qi, Lan, R and Zhang, Leo 2022, Natural Backdoor Attacks on Deep Neural Networks via Raindrops, Security and Communication Networks, vol. 2022, pp. 1-11, doi: 10.1155/2022/4593002. Attached Files Name Description MIMEType Size Downloads Title Natural Backdoor Attacks on Deep Neural Networks via Raindrops Author(s) Zhao, F Zhou, L Zhong, Qi Lan, R orcid.org/0000-0001-9330-2662 Zhang, Leo Journal name Security and Communication Networks Volume number 2022 Article ID 4593002 Start page 1 End page 11 Total pages 11 Publisher Hindawi Place of publication Cairo, Egypt Publication date 2022 ISSN 1939-0114 1939-0122 Summary Recently, deep learning has made significant inroads into the Internet of Things due to its great potential for processing big data. Backdoor attacks, which try to influence model prediction on specific inputs, have become a serious threat to deep neural network models. However, because the poisoned data used to plant a backdoor into the victim model typically follows a fixed specific pattern, most existing backdoor attacks can be readily prevented by common defense. In this paper, we leverage natural behavior and present a stealthy backdoor attack for image classification tasks: the raindrop backdoor attack (RDBA). We use raindrops as the backdoor trigger, and they are naturally merged with clean instances to synthesize poisoned data that are close to their natural counterparts in the rain. The raindrops dispersed over images are more diversified than the triggers in the literature, which are fixed, confined, and unpleasant patterns to the host content, making the triggers more stealthy. Extensive experiments on ImageNet and GTSRB datasets demonstrate the fidelity, effectiveness, stealthiness, and sustainability of RDBA in attacking models with current popular defense mechanisms. Language eng DOI 10.1155/2022/4593002 Indigenous content off Field of Research 0802 Computation Theory and Mathematics 0805 Distributed Computing 0899 Other Information and Computing Sciences HERDC Research category C1 Refereed article in a scholarly journal Free to Read? Yes Persistent URL http://hdl.handle.net/10536/DRO/DU:30166479 Document type: Journal Article Collections: Faculty of Science, Engineering and Built Environment School of Information Technology Open Access Collection Related Links Link Description Link to full text (Open Access) Go to link with your DU access privileges   Connect to Elements publication management system Go to link with your DU access privileges     Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved. Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au. Versions Version Filter Type Wed, 06 Apr 2022, 08:15:08 EST Wed, 06 Apr 2022, 08:49:51 EST Mon, 02 May 2022, 15:00:49 EST Mon, 02 May 2022, 15:02:06 EST Thu, 30 Jun 2022, 08:17:40 EST Thu, 30 Jun 2022, 12:13:51 EST Thu, 30 Jun 2022, 12:17:01 EST Thu, 30 Jun 2022, 13:30:26 EST Filtered Full Citation counts:   Cited 0 times in TR Web of Science Cited 0 times in Scopus Search Google Scholar Access Statistics: 18 Abstract Views, 0 File Downloads  -  Detailed Statistics Created: Wed, 06 Apr 2022, 08:15:08 EST