View Document


The Viability of Trojan Attacks on Machine Learning Models and Defense Mechanisms
Department: Computer Science
ResourceLengthWidthThickness
Paper000
Specimen Elements
Pocatello
Unknown to Unknown
Kallie McLaren
Idaho State University
Thesis
No
2/5/2025
digital
City: Pocatello
Master
With the use of machine learning growing significantly, it stands to reason that no industry will be left behind in this field. The nuclear industry is no exception. Although machine learning and artificial intelligence significantly decrease the time and costs of many processes and ease the lives of users, the widespread use of machine learning opens the door to bad actors. This study aims to analyze the cybersecurity risks of a Trojan attack on nuclear-based neural networks. The viability of these attacks will be examined as well as potential mitigation techniques that users should implement in the nuclear field. With a Trojan attack on a nuclear machine learning model that classifies transient and steady state data, a black hat hacker could change the classifications to fool the model into viewing a transient as steady state data and vice versa. This poses a significant risk to the nuclear reactor itself and could have devastating consequences for communities around the nuclear plant. Within the scope of this research, a Trojan attack will be developed against a neural network trained on nuclear datasets, namely the GPWR [ 11] and Asherah datasets [ 17]. After an attack has been successfully implemented and the capabilities of an actor explored, mitigation techniques will be examined for their effectiveness. Among these techniques are retraining the model on clean data [ 9], using an autoencoder to detect the Trojaned data (anomalies) [12], and examining the model weights and parameters to see if a Trojaned model can be successfully detected [3]. Once the success of each of the techniques above has been explored, their use cases will be discussed. Keywords: Trojan attack, Neural Networks, Autoencoder, Machine Learning

The Viability of Trojan Attacks on Machine Learning Models and Defense Mechanisms

Necessary Documents

Paper

Document

Information
Paper -Document

2008 - 2016 Informatics Research Institute (IRI)
Version 0.6.1.5 | beta | 6 April 2016

Other Projects