A Systematic Evaluation of Backdoor Attacks in Various Domains

Book chapter (2023)

Authors

S. Koffas

Behrad Tajalli Radboud Universiteit Nijmegen

J. Xu

M. Conti Università degli Studi di Padova,

S. Picek Radboud Universiteit Nijmegen,

Speech recognition Computer vision Natural language processing Backdoor attacks Clean-label attack Graph data

To reference this document use:

http://resolver.tudelft.nl/uuid:441e6ca2-15d0-4da3-a68e-8e497fcb3d78

More Info

expand_more

Published Date

2023

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Deep learning found its place in various real-world applications, where many also have security requirements. Unfortunately, as these systems become more pervasive, understanding how they fail becomes more challenging. While there are multiple failure modes in machine learning, one category received significant attention in the last few years-backdoor attacks. Backdoor attacks aim to make a model misclassify some of its inputs to a preset-specific label while other classification results would behave normally. While many works investigate various backdoor attacks and defenses for different domains, no works aim to provide a systematic comparison of backdoor attacks for different scenarios. This work considers backdoor attacks in image, sound, text, and graph domains and provides a comparative analysis of their respective strengths.

Files

978-3-031-40677-5_20.pdf

(pdf | 1.91 Mb)

File under embargo until 17-02-2025