对比学习的中毒和后门攻击

Jun, 2021

Poisoning and Backdooring Contrastive Learning

Nicholas Carlini, Andreas Terzis

TL;DR研究指出多模态对比学习方法训练在无噪声且未分类的数据集上可能导致后门和毒化攻击成为重要的威胁。通过少量的毒化数据，可以影响模型分类测试图片的准确性，这显然会影响训练数据集的质量。

Abstract

Contrastive learning methods like CLIP train on noisy and uncurated training datasets. This is cheaper than labeling datasets manually, and even improves out-of-distribution robustness. We show that this practice