Researchers at the University of Maryland developed a new attack variant that would force machine learning systems to slow down called DeepSloth, leading to critical server and application failures. This attack was presented at a recent cybersecurity event and is based on the disruption of optimization techniques present in neural networks.
DeepSloth relies on carefully crafted information that manipulates the behavior of machine learning systems. However, while the classic confrontational examples force the target model to make incorrect predictions, DeepSloth interrupts the calculations. The DeepSloth attack slows down shallow networks by preventing them from performing early exits and forces them to perform full calculations for all layers.
In recent years, there has been a growing interest in machine learning and deep learning security, and there are numerous articles and techniques on hacking and neural network defense. But one thing made DeepSloth particularly interesting: The University of Maryland researchers had a vulnerability in a technique they had developed two years earlier.
This attack involves imperceptible changes in the input data, preventing the neural networks from carrying out the early output process and forcing the application of a complete calculation of this information. In addition, the researchers assured that this attack eliminates the optimization of neural networks: This kind of architecture can reach half of its regular consumption of resources; Using DeepSloth, it is possible to reduce the effectiveness of the early exit approach by almost 100% similar to how it would occur in a denial of service (DoS) attack.
On the other hand, in scenarios where a multi-outlet network is split between local devices and cloud deployments, an attack can force the device to send all of its data to a single server, which can cause all kinds of device failures. final results expected by neural network administrators.
Dumitras (a member of the Maryland Cybersecurity Center) concluded his presentation by asking developers to adopt new security approaches to protecting these systems: This is just the first of many attacks against neural networks, so the community will need to adopt a preventive approach before it’s too late.
Check also:
Simps Botnet, a threat that executes DDoS attacks
SYN Flood variant of DDoS attack
