Debiasing backdoor attack: A benign application of backdoor attack in eliminating data bias

Backdoor attack which carries out a threat to model training has received increasing attention in recent years. Reviewing the previous research on adversarial attacks posing risk at the testing stage while at the same time facilitating the understanding of model predictions, we argue that the backdoor attack also has the potential to probe into the model learning process and help improve model performance. We started by attributing the phenomenon of Clean Accuracy Drop (CAD) in backdoor attack as the result of pseudo-deletion to the training data. Then an explanation from the perspective of model classification boundary is provided to explain this phenomenon that backdoor attack has advantages over undersampling in the data debiasing problem. Based on the above findings, we proposed Debiasing Backdoor Attack (DBA), employing backdoor attacks to address the data bias problem. Experiments demonstrate the effectiveness of backdoor attacks in debiasing tasks, with the envisioning of a broader range of benign application scenarios. Our code for the study can be found at https://github .com /KirinNg /DBA.