A collaborative deep learning microservice for backdoor defenses in Industrial IoT networks

Abstract Deep Learning shows a broad prospect in providing intelligence microservices to Industrial Internet of Things (IIoT). However, the existence of potential secure vulnerabilities limits the application of deep learning in IIoT. Therefore, how to provide secure deep learning services in IIoT applications becomes an important research topic. Among various attacks on deep neural networks (DNNs), backdoor attacks are generally recognized as the most imperceptible type, where an attacker can upload a poisoned DNN model that misbehaves only when inputs contain specific triggers. Existing defense solutions assume a defender has prior knowledge of backdoor triggers or DNN models, remaining far away from practical and flexible. To this end, this paper proposes a collaborative deep learning microservice, CoDefend, which employs strong intentional perturbation (STRIP) and cycle generative adversarial network (CycleGAN) to defend against backdoored neural networks. Compared with previous work, CoDefend has the advantages of flexibility and practicality. Empirical evaluations validate the high efficacy of CoDefend in providing secure deep learning microservices to IIoT.