Harnessing dynamic heterogeneous redundancy to empower deep learning safety and security

Fan Zhang; Xi Chen; Wei Huang; Jiangxing Wu; Zijie Zhang; Chenyu Zhou; Jianpeng Li; Ziwen Peng; Wei Guo; Guangze Yang; Xinyuan Miao; Ruiyang Huang; Jiayu Du

doi:10.1051/sands/2024011

All issues

Volume 3 (2024)

Security and Safety, 3 (2024) 2024011

Abstract

Security and Safety in Artificial Intelligence

Open Access

Issue		Security and Safety Volume 3, 2024 Security and Safety in Artificial Intelligence


Article Number		2024011
Number of page(s)		27
Section		Information Network
DOI		https://doi.org/10.1051/sands/2024011
Published online		20 October 2024

Security and Safety, Vol. 3, 2024011 (2024)

Views

Harnessing dynamic heterogeneous redundancy to empower deep learning safety and security

Fan Zhang¹, Xi Chen², Wei Huang³^*, Jiangxing Wu⁴, Zijie Zhang⁵, Chenyu Zhou⁵, Jianpeng Li⁶, Ziwen Peng⁶, Wei Guo¹, Guangze Yang⁵, Xinyuan Miao³, Ruiyang Huang¹ and Jiayu Du³

¹ National Digital Switching System And Engineering Technological Research Center (NDSC), Zhengzhou, 450002, China
² PLA Information Engineering University, Zhengzhou, 450002, China
³ Purple Mountain Laboratories, Nanjing, 211111, China
⁴ Fudan University, Shanghai, 200433, China
⁵ Southeast University, Nanjing, 210096, China
⁶ Zhengzhou University, Zhengzhou, 450001, China

^* Corresponding authors (email: huangwei@pmlabs.com.cn)

Received: 7 June 2024
Revised: 9 September 2024
Accepted: 9 September 2024

Abstract

The rapid development of deep learning (DL) models has been accompanied by various safety and security challenges, such as adversarial attacks and backdoor attacks. By analyzing the current literature on attacks and defenses in DL, we find that the ongoing adaptation between attack and defense makes it impossible to completely resolve these issues. In this paper, we propose that this situation is caused by the inherent flaws of DL models, namely non-interpretability, non-recognizability, and non-identifiability. We refer to these issues as the Endogenous Safety and Security (ESS) problems. To mitigate the ESS problems in DL, we propose using the Dynamic Heterogeneous Redundant (DHR) architecture. We believe that introducing diversity is crucial for resolving the ESS problems. To validate the effectiveness of this approach, we conduct various case studies across multiple application domains of DL. Our experimental results confirm that constructing DL systems based on the DHR architecture is more effective than existing DL defense strategies.

Key words: Deep learning / Endogenous security / Dynamic heterogeneous redundancy / AI safety

Citation: Zhang F, Chen X and Huang W et al. Harnessing dynamic heterogeneous redundancy to empower deep learning safety and security. Security and Safety 2024; 3: 2024011. https://doi.org/10.1051/sands/2024011

This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.

Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.

Initial download of the metrics may take a while.