信息安全研究2026,Vol.12Issue(4):359-365,7.DOI:10.12379/j.issn.2096-1057.2026.04.08
自适应层级化神经网络后门防御方法研究
Research on Adaptive Hierarchical Neural Network Backdoor Defense Method
摘要
Abstract
Backdoor attacks force the deep learning models to output a preset result at a specific inputs by implanting a covert trigger patterns into the training data,which seriously threatens the security of the model.Traditional defense methods(such as pruning and fine-tuning)are difficult to balance defense effect and model performance due to the partial overlap between the posterior portal neurons and the normal neurons.To this challenge,an adaptive hierarchical neural network backdoor defense(AHBD)method is proposed,which locates the backdoor through gradient direction consistency analysis,and designs adaptive defense strategies based on the functional characteristics of different levels of neural networks.Experiments show that AHBD significantly reduces the attack success rate(ASR decreases to 2.63%and 1.71%,respectively)on the CIFAR-10 and GTSRB datasets,while maintaining the original classification accuracy of the model(ACC decreases by less than 1%),which is better than the existing mainstream defense methods.关键词
深度学习/深度神经网络/后门攻击/后门防御/人工智能安全Key words
deep learning/deep neural network/backdoor attack/backdoor defense/artificial intelligence security分类
信息技术与安全科学引用本文复制引用
徐媛屏,马伟锋,张宇来..自适应层级化神经网络后门防御方法研究[J].信息安全研究,2026,12(4):359-365,7.基金项目
国家自然科学青年科学基金项目(61803337) (61803337)
