高级检索

    深度学习模型供应链的安全性研究综述

    Security of Deep Neural Network Supply Chains: A Survey

    • 摘要: 预训练模缓解了训练数据和算力受限的问题,也催生了模型开发和应用的新范式——深度学习模型供应链.在这一供应链中,预训练模型由原始发布者上传,并经二次开发者进行必要的迁移、压缩与部署,以适应不同的应用需求。然而,这一过程引入了新的环节和多元要素,随之产生了数据泄露和计算安全等风险。尽管深度学习模型供应链已被广泛采纳,目前对于其安全性威胁的系统性研究仍然不足.针对这一研究空白,本文概括并介绍了深度学习模型供应链的概念及其基本框架,调研了相关的研究工作.文章依据模型生命周期的不同阶段,详细分析了设计、二次开发、部署和使用各环节的安全脆弱点,对可能遭遇的安全性攻击手段进行了系统的梳理、比较和总结,并探讨了相应的防护策略.为了帮助读者更好地使用预训练模型,本文还对现有预训练模型仓库进行了比较.最后,基于目前深度学习模型供应链所面临的挑战,本文从安全性审查、实时检测和问题溯源等不同角度分析和讨论了未来可能的研究发展方向,为更安全可靠地开发和使用预训练模型提供了思路.本文中涉及到论文方法和相关代码归纳整理在https://github.com/Dipsy0830/DNN-supply-chain-survey,方便研究人员下载使用.

       

      Abstract: Pre-trained models have mitigated the challenges posed by extensive training data and computational resources, and also give birth to the new paradigm of model development and application, which we refer to as model supply chain. In this framework, a pre-trained model is uploaded by its publisher and subsequently transferred, compressed, and deployed by secondary developers to meet various application needs. This emerging model supply chain introduces additional stages and multiple elements, inevitably leading to security concerns and privacy risks. Despite the widespread adoption of model supply chains, there is currently a lack of systematic review of security threats in them. To address this research gap, in this paper, we provide a comprehensive overview of the deep learning model supply chain, introducing its concept and fundamental structure. We conduct an in-depth analysis of vulnerabilities at various stages of the model's lifecycle, including design, development, deployment, and usage. Furthermore, we compare and summarize prevalent attack methods, alongside introducing corresponding security protection strategies. To assist readers in effectively utilizing pre-trained models, we review and compare publicly available model repositories. Finally, we discuss potential future research avenues in areas such as security checks, real-time detection, and problem tracing. It aims to offer insights for safer and more reliable development and use of pre-training models. For the benefit of ongoing research, related papers and open-source codes of the methods discussed are accessible at https://github.com/Dipsy0830/DNN-supply-chain-survey.

       

    /

    返回文章
    返回