Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Der vollständige Artikel ist beim Verlag verfügbar.
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks\n Trained from Scratch
34
Zitationen
5
Autoren
2021
Jahr
Abstract
As the curation of data for machine learning becomes increasingly automated,\ndataset tampering is a mounting threat. Backdoor attackers tamper with training\ndata to embed a vulnerability in models that are trained on that data. This\nvulnerability is then activated at inference time by placing a "trigger" into\nthe model's input. Typical backdoor attacks insert the trigger directly into\nthe training data, although the presence of such an attack may be visible upon\ninspection. In contrast, the Hidden Trigger Backdoor Attack achieves poisoning\nwithout placing a trigger into the training data at all. However, this hidden\ntrigger attack is ineffective at poisoning neural networks trained from\nscratch. We develop a new hidden trigger attack, Sleeper Agent, which employs\ngradient matching, data selection, and target model re-training during the\ncrafting process. Sleeper Agent is the first hidden trigger backdoor attack to\nbe effective against neural networks trained from scratch. We demonstrate its\neffectiveness on ImageNet and in black-box settings. Our implementation code\ncan be found at https://github.com/hsouri/Sleeper-Agent.\n
Ähnliche Arbeiten
Rethinking the Inception Architecture for Computer Vision
2016 · 30.378 Zit.
MobileNetV2: Inverted Residuals and Linear Bottlenecks
2018 · 24.475 Zit.
CBAM: Convolutional Block Attention Module
2018 · 21.373 Zit.
An Image is Worth 16x16 Words: Transformers for Image Recognition at Scale
2020 · 21.322 Zit.
Delving Deep into Rectifiers: Surpassing Human-Level Performance on ImageNet Classification
2015 · 18.514 Zit.