Toward Realistic Backdoor Injection Attacks on DNNs using Rowhammer. (arXiv:2110.07683v2 [cs.LG] UPDATED)

State-of-the-art deep neural networks (DNNs) have been proven to be
vulnerable to adversarial manipulation and backdoor attacks. Backdoored models
deviate from expected behavior on inputs with predefined triggers while
retaining performance on clean data. Recent works focus on software simulation
of backdoor injection during the inference phase by modifying network weights,
which we find often unrealistic in practice due to restrictions in hardware.

In contrast, in this work for the first time we present an end-to-end
backdoor injection attack realized …

attacks backdoor injection lg rowhammer