Spectral Signatures In Backdoor Attacks

Authors:
Brandon Tran Massachusetts Institute of Technology
Jerry Li Berkeley
Aleksander Madry MIT

Introduction:

A recent line of work has uncovered a new form of data poisoning: so-called backdoor attacks.

Abstract:

A recent line of work has uncovered a new form of data poisoning: so-called backdoor attacks. These attacks are particularly dangerous because they do not affect a network's behavior on typical, benign data. Rather, the network only deviates from its expected output when triggered by an adversary's planted perturbation.

You may want to know: