Topics of deep learning in security and compression
MetadataShow full item record
This thesis covers topics at the intersection of deep learning (DL), security and compression. These topics include the issues of security and compression of DL models themselves, as well as their applications in the fields of cyber security and data compression. The first part of the thesis focuses on the security problems of DL. Recent studies have revealed the vulnerability of DL under several malicious attacks such as adversarial attacks, where the output of a DL model is manipulated through an invisibly small perturbation of the model's input. We propose to defend against these threats by incorporating stochasticity into DL models. Multiple randomization schemes are introduced including Defensive Dropout (DD), Hierarchical Random Switching (HRS) and Adversarially Trained Model Switching (AdvMS). The next part of the thesis discusses the usage of DL in security domain. In particular, we consider anomaly detection problems in an unsupervised learning setting using auto-encoders and apply this method to both side-channel signals and proxy logs. In the third part we discuss the interaction between DL and Compressed Sensing (CS). In CS systems, the processing time is largely limited by the computational cost of sparse reconstruction. We show that full reconstruction can be bypassed by training deep networks that extract information directly from the compressed signals. From another perspective, CS also help reducing the complexity of DL models by providing a more compact data representation. The last topic is DL based codecs for image compression. As an extension to the current framework, we propose Substitutional Neural Image Compression (SNIC) that finds the optimal input substitute for a specific compression target. SNIC leads to both improved rate-distortion trade-off and easier bit-rate control.