24. July 2021

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

According to a new study, as neural networks become more popularly used, they may become the next frontier for malware operations. 

The study published to the arXiv preprint site stated, malware may be implanted directly into the artificial neurons that make up machine learning models in a manner that protects them from being discovered.

The neural network would even be able to carry on with its usual activities. The authors from the University of the Chinese Academy of Sciences wrote, “As neural networks become more widely used, this method will become universal in delivering malware in the future.” 

With actual malware samples, they discovered that changing up to half of the neurons in the AlexNet model—a benchmark-setting classic in the AI field—kept the model’s accuracy rate over 93.1 percent. The scientists determined that utilizing a method known as steganography, a 178MB AlexNet model may include up to 36.9MB of malware buried in its structure without being detected. The malware was not identified in some of the models when they were tested against 58 different antivirus programs. 

Other ways of invading businesses or organizations, such as attaching malware to papers or files, are frequently unable to distribute harmful software in large quantities without being discovered. As per the study, this is because AlexNet (like many machine learning models) is comprised mainly of millions of parameters and numerous complicated layers of neurons, including fully connected “hidden” layers, 

The researchers discovered that altering certain other neurons had no influence on performance since the massive hidden layers in AlexNet were still intact.