Mostrar el registro sencillo del ítem

dc.contributor.authorKhosravy, Mahdi
dc.contributor.authorNakamura, Kazuaki
dc.contributor.authorNitta, Naoko
dc.contributor.authorDey, Nilanjan
dc.contributor.authorGonzález-Crespo, Rubén
dc.contributor.authorHerrera-Viedma, Enrique
dc.contributor.authorBabaguchi, Noboru
dc.identifier.citationM. Khosravy et al., "Social IoT Approach to Cyber Defense of a Deep-Learning-Based Recognition System in Front of Media Clones Generated by Model Inversion Attack," in IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 53, no. 5, pp. 2694-2704, May 2023, doi: 10.1109/TSMC.2022.3220080.es_ES
dc.description.abstractModel inversion attack (MIA) is a cyber threat with an increasing alert even for deep-learning-based recognition systems (DLRSs). By targeting a DLRS under a scenario of attacker access to the model structure and parameters, MIA generates a data clone for a certain targeted class label. To avoid the possible threats of such MIA-generated data clones, this research work proposes a social IoT approach to a collaborative cyber-defense among the online recognition systems (RSs) sharing the targeted class label. Since, the generation of an MIA-clone is by targeting an RS model and using its structure, parameters, and class labels output scores in an iterative optimization process, the generated clone is partially inherent to the targeted model. Thus, it is expected for an MIA-clone to show a different performance on a secondary RS wherein the same targeted class label is included. It is because, in the MIA generation of the clone, not only the targeted class label but also other class labels, and model parameters and structure affect the process, while the second model has just the targeted class label in common with the target model. Deploying the Social Internet of Recognition Systems (SIoRS), the proposed technique utilizes a collaborative recognition by SIoRC which plays the role of a complementary recognition besides the targeted RS. The recognition output by the targeted RS is further verified by the SIoRS complementary recognition result. To avoid the MIA-targeted data clones, the verification of recognition is by the log-likelihood ratio test between the targeted RS and the SIoRS complementary recognition confidence scores. The proposed technique is evaluated by statistical analysis on deep face RSs in 10000 Monte Carlo runs for each of the conventional, dc-generative adversarial network (GAN) and $\alpha $ -GAN integrated MIA techniques in targeting two different user identities. The $Z$ scores of the fitted normal distribution of the log-likelihood ratios indicate almost 100% detection rate of clones generated by conventional MIA and 95.23% and 86% of clones, respectively, generated by DC-GAN and $\alpha $ -GAN integrated deep MIA techniques.es_ES
dc.publisherIEEE Transactions on Systems, Man, and Cybernetics: Systemses_ES
dc.relation.ispartofseries;vol. 53, nº 5
dc.subjectcyber riskes_ES
dc.subjectcyber securityes_ES
dc.subjectdeep learning (DL)es_ES
dc.subjectface recognitiones_ES
dc.subjectmedia clonees_ES
dc.subjectsocial Internet of Things (IoT)es_ES
dc.titleSocial IoT Approach to Cyber Defense of a Deep-Learning-Based Recognition System in front of Media Clones Generated by Model Inversion Attackes_ES
dc.typeArticulo Revista Indexadaes_ES

Ficheros en el ítem


No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem