Weight Poisoning Attacks on Pre-trained Models
ACL, pp. 2793-2806, 2020.
Full Data Knowledge and Domain Shift stand for the full data knowledge and domain shift settings
Recently, NLP has seen a surge in the usage of large pre-trained models. Users download weights of models pre-trained on large datasets, then fine-tune the weights on a task of their choice. This raises the question of whether downloading untrusted pre-trained weights can pose a security threat. In this paper, we show that it is possibl...More
PPT (Upload PPT)