Stealthy Frequency-Domain Backdoor Attacks: Fourier Decomposition and Fundamental Frequency Injection

The rising reliance on deep learning models that are black-box in nature is concerning stakeholders about their security in artificial intelligence (AI) applications. Backdoor attacks are a significant challenge due to their ability to remain undetectable. Currently, researchers are focusing on the injection of frequency-domain triggers to enhance the covert nature of these attacks. Nevertheless, this method can introduce uncertain frequency variations that reduce the effectiveness of the attacks. We propose a method for Frequency-Domain Backdoor Attacks in response. The method utilizes Fourier Decomposition and Fundamental Frequency Injection techniques. In our method, we employ Fourier decomposition to mask the fundamental frequency of unsuitable bands, thereby guaranteeing covert trigger injection. As a result, this technique enhances temporal and spectral camouflaging, considerably reducing the likelihood of discovery. Our research contributes to a deeper understanding of backdoor attacks and enhances the security of AI systems by examining this innovative approach. Our approach to AI security centres around exploiting the smooth characteristics of frequencies within the frequency domain. This approach forms the foundation of our work in the field of artificial intelligence security.