摘要
Dataset distillation offers a potential means to enhance data efficiency in deep learning. Recent studies have shown its ability to counteract backdoor risks present in original training samples. In this study, we delve into the theoretical aspects of backdoor attacks and dataset distillation based on kernel methods. We introduce two new theory-driven trigger pattern generation methods specialized for dataset distillation. Following a comprehensive set of analyses and experiments, we show that our optimization-based trigger design framework informs effective backdoor attacks on dataset distillation. Notably, datasets poisoned by our designed trigger prove resilient against conventional backdoor attack detection and mitigation methods. Our empirical results validate that the triggers developed using our approaches are proficient at executing resilient backdoor attacks.
| 原文 | English |
|---|---|
| 出版狀態 | Published - 2024 |
| 事件 | 12th International Conference on Learning Representations, ICLR 2024 - Hybrid, Vienna, 奧地利 持續時間: 7 5月 2024 → 11 5月 2024 |
Conference
| Conference | 12th International Conference on Learning Representations, ICLR 2024 |
|---|---|
| 國家/地區 | 奧地利 |
| 城市 | Hybrid, Vienna |
| 期間 | 7/05/24 → 11/05/24 |