A Textual Backdoor Defense Method Based on Deep Feature Classification

被引：1

作者：

Shao, Kun ^{[1
]}

Yang, Junan ^{[1
]}

Hu, Pengjiang ^{[1
]}

Li, Xiaoshuai ^{[1
]}

机构：

[1] Natl Univ Def Technol, Coll Elect Engn, Hefei 230037, Peoples R China

来源：

ENTROPY | 2023年 / 25卷 / 02期

关键词：

deep neural networks; natural language processing; adversarial machine learning; backdoor attacks; backdoor defenses; ATTACKS;

D O I：

10.3390/e25020220

中图分类号：

O4 [物理学];

学科分类号：

0702 ;

摘要：

Natural language processing (NLP) models based on deep neural networks (DNNs) are vulnerable to backdoor attacks. Existing backdoor defense methods have limited effectiveness and coverage scenarios. We propose a textual backdoor defense method based on deep feature classification. The method includes deep feature extraction and classifier construction. The method exploits the distinguishability of deep features of poisoned data and benign data. Backdoor defense is implemented in both offline and online scenarios. We conducted defense experiments on two datasets and two models for a variety of backdoor attacks. The experimental results demonstrate the effectiveness of this defense approach and outperform the baseline defense method.

引用

页数：13

共 50 条

[1] Survey of Textual Backdoor Attack and Defense
Zheng M.
Lin Z.
Liu Z.
Fu P.
Wang W.
Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2024, 61 (01): : 221 - 242
[2] Textual Backdoor Defense via Poisoned Sample Recognition
Shao, Kun
Zhang, Yu
Yang, Junan
Liu, Hui
APPLIED SCIENCES-BASEL, 2021, 11 (21):
[3] BDDR: An Effective Defense Against Textual Backdoor Attacks
Shao, Kun
Yang, Junan
Ai, Yang
Liu, Hui
Zhang, Yu
Shao, Kun (1608053548@qq.com), 1600, Elsevier Ltd (110):
[4] BDDR: An Effective Defense Against Textual Backdoor Attacks
Shao, Kun
Yang, Junan
Ai, Yang
Liu, Hui
Zhang, Yu
COMPUTERS & SECURITY, 2021, 110
[5] Textual Backdoor Attack for the Text Classification System
Kwon, Hyun
Lee, Sanghyun
SECURITY AND COMMUNICATION NETWORKS, 2021, 2021
[6] ONION: A Simple and Effective Defense Against Textual Backdoor Attacks
Qi, Fanchao
Chen, Yangyi
Li, Mukai
Yao, Yuan
Liu, Zhiyuan
Sun, Maosong
2021 CONFERENCE ON EMPIRICAL METHODS IN NATURAL LANGUAGE PROCESSING (EMNLP 2021), 2021, : 9558 - 9566
[7] Visual and Textual Deep Feature Fusion for Document Image Classification
Bakkali, Souhail
Ming, Zuheng
Coustaty, Mickael
Rusinol, Marcal
2020 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION WORKSHOPS (CVPRW 2020), 2020, : 2394 - 2403
[8] BDEL: A Backdoor Attack Defense Method Based on Ensemble Learning
Xing, Zhihuan
Lan, Yuqing
Yu, Yin
Cao, Yong
Yang, Xiaoyi
Yu, Yichun
Yu, Dan
PRICAI 2024: TRENDS IN ARTIFICIAL INTELLIGENCE, PT I, 2025, 15281 : 221 - 235
[9] Backdoor Attack and Defense on Deep Learning: A Survey
Bai, Yang
Xing, Gaojie
Wu, Hongyan
Rao, Zhihong
Ma, Chuan
Wang, Shiping
Liu, Xiaolei
Zhou, Yimin
Tang, Jiajia
Huang, Kaijun
Kang, Jiale
IEEE TRANSACTIONS ON COMPUTATIONAL SOCIAL SYSTEMS, 2025, 12 (01): : 404 - 434
[10] Backdoor defense method in federated learning based on contrastive training
Zhang J.
Zhu C.
Cheng X.
Sun X.
Chen B.
Tongxin Xuebao/Journal on Communications, 45 (03): : 182 - 196

← 1 2 3 4 5 →