Search Results for author:
Found 5 papers, 3 papers with code
Reconstructive Neuron Pruning for Backdoor Defense
Specifically, RNP first unlearns the neurons by maximizing the model's error on a small subset of clean samples and then recovers the neurons by minimizing the model's error on the same data.
Anti-Backdoor Learning: Training Clean Models on Poisoned Data
From this view, we identify two inherent characteristics of backdoor attacks as their weaknesses: 1) the models learn backdoored data much faster than learning with clean data, and the stronger the attack the faster the model converges on backdoored data; 2) the backdoor task is tied to a specific class (the backdoor target class).
Adversarial Interaction Attacks: Fooling AI to Misinterpret Human Intentions
Understanding the actions of both humans and artificial intelligence (AI) agents is important before modern AI systems can be fully integrated into our daily life.
Adversarial Interaction Attack: Fooling AI to Misinterpret Human Intentions
Understanding the actions of both humans and artificial intelligence (AI) agents is important before modern AI systems can be fully integrated into our daily life.
Neural Attention Distillation: Erasing Backdoor Triggers from Deep Neural Networks
NAD utilizes a teacher network to guide the finetuning of the backdoored student network on a small clean subset of data such that the intermediate-layer attention of the student network aligns with that of the teacher network.
