DeHiB: Deep Hidden Backdoor Attack on Semi-supervised Learning via Adversarial Perturbation

Zhicong Yan, Gaolei Li*, Yuan Tian, Jun Wu, Shenghong Li, Mingzhe Chen, H. Vincent Poor

*この研究の対応する著者

研究成果: Conference contribution

4 被引用数 (Scopus)

抄録

The threat of data-poisoning backdoor attacks on learning algorithms typically comes from the labeled data used for learning. However, in deep semi-supervised learning (SSL), unknown threats mainly stem from unlabeled data. In this paper, we propose a novel deep hidden backdoor (DeHiB) attack for SSL-based systems. In contrast to the conventional attacking methods, the DeHiB can feed malicious unlabeled training data to the semi-supervised learner so as to enable the SSL model to output premeditated results. In particular, a robust adversarial perturbation generator regularized by a unified objective function is proposed to generate poisoned data. To alleviate the negative impact of trigger patterns on model accuracy and improve the attack success rate, a novel contrastive data poisoning strategy is designed. Using the proposed data poisoning scheme, one can implant the backdoor into the SSL model using the raw data without handcrafted labels. Extensive experiments based on CIFAR10 and CIFAR100 datasets demonstrates the effectiveness and crypticity of the proposed scheme.

本文言語English
ホスト出版物のタイトル35th AAAI Conference on Artificial Intelligence, AAAI 2021
出版社Association for the Advancement of Artificial Intelligence
ページ10585-10593
ページ数9
ISBN(電子版)9781713835974
出版ステータスPublished - 2021
外部発表はい
イベント35th AAAI Conference on Artificial Intelligence, AAAI 2021 - Virtual, Online
継続期間: 2021 2月 22021 2月 9

出版物シリーズ

名前35th AAAI Conference on Artificial Intelligence, AAAI 2021
12A

Conference

Conference35th AAAI Conference on Artificial Intelligence, AAAI 2021
CityVirtual, Online
Period21/2/221/2/9

ASJC Scopus subject areas

  • 人工知能

フィンガープリント

「DeHiB: Deep Hidden Backdoor Attack on Semi-supervised Learning via Adversarial Perturbation」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル