End-to-End Anti-Backdoor Learning on Images and Time Series
CoRR(2024)
摘要
Backdoor attacks present a substantial security concern for deep learning
models, especially those utilized in applications critical to safety and
security. These attacks manipulate model behavior by embedding a hidden trigger
during the training phase, allowing unauthorized control over the model's
output during inference time. Although numerous defenses exist for image
classification models, there is a conspicuous absence of defenses tailored for
time series data, as well as an end-to-end solution capable of training clean
models on poisoned data. To address this gap, this paper builds upon
Anti-Backdoor Learning (ABL) and introduces an innovative method, End-to-End
Anti-Backdoor Learning (E2ABL), for robust training against backdoor attacks.
Unlike the original ABL, which employs a two-stage training procedure, E2ABL
accomplishes end-to-end training through an additional classification head
linked to the shallow layers of a Deep Neural Network (DNN). This secondary
head actively identifies potential backdoor triggers, allowing the model to
dynamically cleanse these samples and their corresponding labels during
training. Our experiments reveal that E2ABL significantly improves on existing
defenses and is effective against a broad range of backdoor attacks in both
image and time series domains.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要