Patent attributes
A system and method including receiving a set of deep neural networks (DNN) including DNNs trained with an embedded trojan and DNNs trained without any embedded trojan, each of the trained DNNs being represented by a mathematical formulation learned by the DNNs and expressing a relationship between an input of the DNNs and an output of the DNNs; extracting at least one characteristic feature from the mathematical formulation of each of the trained DNNs; statistically analyzing the at least one characteristic feature to determine whether there is a difference between the DNNs trained with the embedded trojan and the DNNs trained without any embedded trojan; generating, in response to the determination indicating there is a difference, a detector model to execute the statistical analyzing on deep neural networks; and storing a file including the generated detector model in a memory device.
