{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T05:45:09Z","timestamp":1748583909852,"version":"3.37.3"},"reference-count":7,"publisher":"Wiley","license":[{"start":{"date-parts":[[2019,11,29]],"date-time":"2019-11-29T00:00:00Z","timestamp":1574985600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key Research and Development Project","award":["2019YFB2101704","61672297"],"award-info":[{"award-number":["2019YFB2101704","61672297"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2019YFB2101704","61672297"],"award-info":[{"award-number":["2019YFB2101704","61672297"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2019,11,29]]},"abstract":"<jats:p>To overcome huge resource consumption of neural networks training, MLaaS (Machine Learning as a Service) has become an irresistible trend, just like SaaS (Software as a Service), PaaS (Platform as a Service), and IaaS (Infrastructure as a Service) have been. But it comes with some security issues of untrustworthy third-party services. Especially machine learning providers may deploy trojan backdoors in provided models for the pursuit of extra profit or other illegal purposes. Against the redundant nodes-based trojaning attack on neural networks, we proposed a novel detecting method, which only requires the untrusted model to be tested and a small batch of legitimate dataset. By comparing different processes of neural networks training, we found that the embedding of malicious nodes will make their parameter configuration abnormal. Moreover, by analysing the cost distribution of test dataset on network nodes, we successfully detect the trojaned nodes in the neural networks. As far as we know, the research on the defence against trojaning attack on neural networks is still in its infancy, and our research may shed light on the security of MLaaS in real-life scenarios.<\/jats:p>","DOI":"10.1155\/2019\/1953839","type":"journal-article","created":{"date-parts":[[2019,11,29]],"date-time":"2019-11-29T18:30:25Z","timestamp":1575052225000},"page":"1-12","source":"Crossref","is-referenced-by-count":5,"title":["Detection of Trojaning Attack on Neural Networks via Cost of Sample Classification"],"prefix":"10.1155","volume":"2019","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2793-9953","authenticated-orcid":true,"given":"Hui","family":"Gao","sequence":"first","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, Jiangsu 210023, China"}]},{"given":"Yunfang","family":"Chen","sequence":"additional","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, Jiangsu 210023, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1658-0236","authenticated-orcid":true,"given":"Wei","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, Jiangsu 210023, China"},{"name":"Jiangsu Key Laboratory of Big Data Security and Intelligent Processing, Nanjing University of Posts and Telecommunications, Nanjing, Jiangsu 210023, China"}]}],"member":"311","reference":[{"key":"3","doi-asserted-by":"publisher","DOI":"10.1016\/s0921-8890(99)00125-6"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1108\/ijpcc-05-2013-0012"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1080\/87565640802101474"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.3233\/jcs-2012-0460"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.2307\/3027238"},{"year":"2000","key":"23"},{"volume-title":"Labeled faces in the Wild: a database for studying face recognition in unconstrained environments","year":"2007","key":"27"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/1953839.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/1953839.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/1953839.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,29]],"date-time":"2019-11-29T18:30:27Z","timestamp":1575052227000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2019\/1953839\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,29]]},"references-count":7,"alternative-id":["1953839","1953839"],"URL":"https:\/\/doi.org\/10.1155\/2019\/1953839","relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"type":"print","value":"1939-0114"},{"type":"electronic","value":"1939-0122"}],"subject":[],"published":{"date-parts":[[2019,11,29]]}}}