Security and Privacy Challenges in Deep Learning Models
Authors:
Gopichandh Golla
Abstract:
These days, deep learning models have achieved great success in multiple fields, from autonomous driving to medical diagnosis. These models have expanded the abilities of artificial intelligence by offering great solutions to complex problems that were very difficult to solve earlier. In spite of their unseen success in various, it has been identified, through research conducted, that deep learnin…
▽ More
These days, deep learning models have achieved great success in multiple fields, from autonomous driving to medical diagnosis. These models have expanded the abilities of artificial intelligence by offering great solutions to complex problems that were very difficult to solve earlier. In spite of their unseen success in various, it has been identified, through research conducted, that deep learning models can be subjected to various attacks that compromise model security and data privacy of the Deep Neural Network models. Deep learning models can be subjected to various attacks at different stages of their lifecycle. During the testing phase, attackers can exploit vulnerabilities through different kinds of attacks such as Model Extraction Attacks, Model Inversion attacks, and Adversarial attacks. Model Extraction Attacks are aimed at reverse-engineering a trained deep learning model, with the primary objective of revealing its architecture and parameters. Model inversion attacks aim to compromise the privacy of the data used in the Deep learning model. These attacks are done to compromise the confidentiality of the model by going through the sensitive training data from the model's predictions. By analyzing the model's responses, attackers aim to reconstruct sensitive information. In this way, the model's data privacy is compromised. Adversarial attacks, mainly employed on computer vision models, are made to corrupt models into confidently making incorrect predictions through malicious testing data. These attacks subtly alter the input data, making it look normal but misleading deep learning models to make incorrect decisions. Such attacks can happen during both the model's evaluation and training phases. Data Poisoning Attacks add harmful data to the training set, disrupting the learning process and reducing the reliability of the deep learning mode.
△ Less
Submitted 22 November, 2023;
originally announced November 2023.
NGC 5775: anatomy of a disk-halo interface
Authors:
S. -W. Lee,
J. A. Irwin,
R. -J. Dettmar,
C. T. Cunningham,
G. Golla,
Q. D. Wang
Abstract:
We present the first high-resolution study of the disk-halo interface in an edge-on galaxy (NGC 5775) in which every component of the interstellar medium is represented and resolved. New single-dish CO J=2-1 and CO J=1-0 data, ROSAT X-ray data, and HIRES IRAS data are presented along with HI data which emphasizes the high latitude features. In conjunction with previously published radio continuu…
▽ More
We present the first high-resolution study of the disk-halo interface in an edge-on galaxy (NGC 5775) in which every component of the interstellar medium is represented and resolved. New single-dish CO J=2-1 and CO J=1-0 data, ROSAT X-ray data, and HIRES IRAS data are presented along with HI data which emphasizes the high latitude features. In conjunction with previously published radio continuum (6 and 20 cm) and H alpha data, we find spatial correlations between various ISM components in that all components of the ISM are present in the disk-halo features (except for CO for which there is insufficient spatial coverage). The HI features extend to about 7 kpc above the plane. In one case, a loop is detected in position-velocity space, and are also observed over a large velocity range. This implies that the disk-halo features represent expanding supershells. However, the shells may be incomplete and partially open-topped, suggesting that we are observing the breakup of the supershells as they traverse the disk-halo interface. There is some evidence for acceleration with z height and both redshifted and blueshifted velocities are present, although the gas which is lagging with respect to galactic rotation dominates. The radio continuum spectral index is flatter around the shell rims, suggesting that shocks may be important in these regions (thermal contribution can not account for this flattening). The H alpha emission is located interior to the HI. For feature F3, the H alpha emission forms the interior "skin" of the HI shell, yet there appears to be a minimum of in-disk star formation immediately below the feature. We present a picture of a "typical" HI supershell which accelerates and breaks up through the disk-halo interface. Such a feature is likely internally generated via an energetic event in the disk.
△ Less
Submitted 31 August, 2001;
originally announced August 2001.