T-TNet：一种基于多域信息融合的主动防御和分层访问控制的双依赖触发框架

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-08-18 DOI:10.1016/j.sysarc.2025.103544

Yizhun Zhang , Jie Huang , Peihao Li , Zeping Zhang , Changhao Ding

{"title":"T-TNet：一种基于多域信息融合的主动防御和分层访问控制的双依赖触发框架","authors":"Yizhun Zhang , Jie Huang , Peihao Li , Zeping Zhang , Changhao Ding","doi":"10.1016/j.sysarc.2025.103544","DOIUrl":null,"url":null,"abstract":"<div><div>As deep neural networks (DNNs) are increasingly deployed in multi-sensor fusion systems operating under low-security conditions, they are exposed to serious threats such as model theft, parameter tampering, and unauthorized usage. To address these challenges, this paper proposes an active defense framework based on personalized frequency-domain triggers—T-TNet (TPS-Transform Triggered Defense Network). T-TNet fuses diverse feature information with a user-defined private point set through a dedicated fusion mechanism, enabling fine-grained behavior regulation and secure access control. On authorized data, T-TNet generates normal predictions; on unauthorized data, it outputs misleading predictions, thereby significantly enhancing model security. Experimental results demonstrate that, compared to baseline accuracy, T-TNet’s performance drops by no more than 2% while limiting the prediction accuracy on unauthorized data to below 5%. Moreover, T-TNet improves overall predictive performance by 24.69% compared to the latest research. This innovative framework offers a proactive defense strategy for protecting the intellectual property of deep learning models, particularly in low-security multi-sensor environments.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"168 ","pages":"Article 103544"},"PeriodicalIF":4.1000,"publicationDate":"2025-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"T-TNet: A dual-dependency trigger framework for active defense and hierarchical access control via multi-domain information fusion\",\"authors\":\"Yizhun Zhang , Jie Huang , Peihao Li , Zeping Zhang , Changhao Ding\",\"doi\":\"10.1016/j.sysarc.2025.103544\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>As deep neural networks (DNNs) are increasingly deployed in multi-sensor fusion systems operating under low-security conditions, they are exposed to serious threats such as model theft, parameter tampering, and unauthorized usage. To address these challenges, this paper proposes an active defense framework based on personalized frequency-domain triggers—T-TNet (TPS-Transform Triggered Defense Network). T-TNet fuses diverse feature information with a user-defined private point set through a dedicated fusion mechanism, enabling fine-grained behavior regulation and secure access control. On authorized data, T-TNet generates normal predictions; on unauthorized data, it outputs misleading predictions, thereby significantly enhancing model security. Experimental results demonstrate that, compared to baseline accuracy, T-TNet’s performance drops by no more than 2% while limiting the prediction accuracy on unauthorized data to below 5%. Moreover, T-TNet improves overall predictive performance by 24.69% compared to the latest research. This innovative framework offers a proactive defense strategy for protecting the intellectual property of deep learning models, particularly in low-security multi-sensor environments.</div></div>\",\"PeriodicalId\":50027,\"journal\":{\"name\":\"Journal of Systems Architecture\",\"volume\":\"168 \",\"pages\":\"Article 103544\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2025-08-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Systems Architecture\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1383762125002164\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125002164","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

随着深度神经网络（dnn）越来越多地部署在低安全条件下运行的多传感器融合系统中，它们面临着模型盗窃、参数篡改和未经授权使用等严重威胁。为了应对这些挑战，本文提出了一种基于个性化频域触发器的主动防御框架——t - tnet （TPS-Transform Triggered defense Network）。T-TNet通过专用的融合机制，将多种特征信息与用户自定义的私有点集融合在一起，实现细粒度的行为调控和安全的访问控制。在授权数据上，T-TNet生成正常预测；对于未经授权的数据，它会输出误导性的预测，从而显著提高模型的安全性。实验结果表明，与基线精度相比，T-TNet的性能下降不超过2%，同时将未经授权数据的预测精度限制在5%以下。此外，与最新研究相比，T-TNet的整体预测性能提高了24.69%。这一创新框架为保护深度学习模型的知识产权提供了一种主动防御策略，特别是在低安全性的多传感器环境中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

T-TNet: A dual-dependency trigger framework for active defense and hierarchical access control via multi-domain information fusion

As deep neural networks (DNNs) are increasingly deployed in multi-sensor fusion systems operating under low-security conditions, they are exposed to serious threats such as model theft, parameter tampering, and unauthorized usage. To address these challenges, this paper proposes an active defense framework based on personalized frequency-domain triggers—T-TNet (TPS-Transform Triggered Defense Network). T-TNet fuses diverse feature information with a user-defined private point set through a dedicated fusion mechanism, enabling fine-grained behavior regulation and secure access control. On authorized data, T-TNet generates normal predictions; on unauthorized data, it outputs misleading predictions, thereby significantly enhancing model security. Experimental results demonstrate that, compared to baseline accuracy, T-TNet’s performance drops by no more than 2% while limiting the prediction accuracy on unauthorized data to below 5%. Moreover, T-TNet improves overall predictive performance by 24.69% compared to the latest research. This innovative framework offers a proactive defense strategy for protecting the intellectual property of deep learning models, particularly in low-security multi-sensor environments.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.