BriefGPT.xyz
Jun, 2021
可扩展的神经网络全新训练的隐藏触发后门
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch
HTML
PDF
Hossein Souri, Micah Goldblum, Liam Fowl, Rama Chellappa, Tom Goldstein
TL;DR
本研究致力于研究针对机器学习中数据集篡改的潜在威胁,分析了目前存在的后门攻击方法及不足,提出了采用梯度匹配,数据选择和目标模型重训练的Sleeper Agent攻击方法,并在ImageNet和黑盒环境下验证多个神经网络的攻击效果。
Abstract
As the curation of data for
machine learning
becomes increasingly automated,
dataset tampering
is a mounting threat. Backdoor attackers tamper with training data to embed a vulnerability in models that are traine
→