On the Trade-off between Adversarial and Backdoor Robustness

06/12/2020

On the Trade-off between Adversarial and Backdoor Robustness

Cheng-Hsin Weng, Yan-Ting Lee, Shan-Hung (Brandon) Wu

Keywords:

Abstract Paper Similar Papers

Abstract: Deep neural networks are shown to be susceptible to both adversarial attacks and backdoor attacks. Although many defenses against an individual type of the above attacks have been proposed, the interactions between the vulnerabilities of a network to both types of attacks have not been carefully investigated yet. In this paper, we conduct experiments to study whether adversarial robustness and backdoor robustness can affect each other and find a trade-off—by increasing the robustness of a network to adversarial examples, the network becomes more vulnerable to backdoor attacks. We then investigate the cause and show how such a trade-off can be exploited for either good or bad purposes. Our findings suggest that future research on defense should take both adversarial and backdoor attacks into account when designing algorithms or robustness measures to avoid pitfalls and a false sense of security.

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at NeurIPS 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

06/12/2021

Adversarial Feature Desensitization

Pouya Bashivan, Reza Bayat, Adam Ibrahim and
Kartik Ahuja, Mojtaba Faramarzi, Touraj Laleh, Blake Richards, Irina Rish

Keywords Paper

deep learning, robustness, adversarial robustness and security, domain adaptation

0

0

0

0

13:27

14/06/2020

Benchmarking Adversarial Robustness on Image Classification

Yinpeng Dong, Qi-An Fu, Xiao Yang and
Tianyu Pang, Hang Su, Zihao Xiao, Jun Zhu

Keywords Paper

adversarial robustness, benchmark, evaluation, security, attack, defense, image classification

0

0

0

0

4:59

06/12/2021

Topological Detection of Trojaned Neural Networks

Songzhu Zheng, Yikai Zhang, Hubert Wagner and
Mayank Goswami, Chao Chen

Keywords Paper

deep learning

0

0

0

0

15:57

18/07/2021

Towards Defending against Adversarial Examples via Attack-Invariant Features

Dawei Zhou, Tongliang Liu, Bo Han and
Nannan Wang, Chunlei Peng, Xinbo Gao

Keywords Paper

Algorithms, Adversarial Examples

0

0

0

0

5:19

12/08/2020

Interpretable Deep Learning under Fire

Xinyang Zhang, Ningfei Wang, Hua Shen and
Shouling Ji, Xiapu Luo, Ting Wang

Keywords Paper

0

0

0

0

11:35

18/11/2020

Towards understanding and improving the transferability of adversarial examples in deep neural networks

Lei Wu, Zhanxing Zhu

Keywords Paper

0

0

0

0

10:28

06/12/2021

Backdoor Attack with Imperceptible Input and Latent Modification

Khoa D Doan, Yingjie Lao, Ping Li

Keywords Paper

deep learning, optimization, adversarial robustness and security, generative model

0

0

0

0

12:27

06/12/2021

Learning Transferable Adversarial Perturbations

Krishna kanth Nakka, Mathieu Salzmann

Keywords Paper

deep learning, optimization, adversarial robustness and security

0

0

0

0

12:00

14/06/2020

Learn2Perturb: An End-to-End Feature Perturbation Learning to Improve Adversarial Robustness

Ahmadreza Jeddi, Mohammad Javad Shafiee, Michelle Karg and
Christian Scharfenberger, Alexander Wong

Keywords Paper

adversarial robustness, network randomization, alternative back-propagation, trainable noise, adversarial training

0

0

0

0

1:01

06/12/2021

Adversarial Robustness with Non-uniform Perturbations

Ecenaz Erdemir, Jeffrey Bickford, Luca Melis, Sergul Aydore

Keywords Paper

deep learning, optimization, machine learning, robustness, adversarial robustness and security

0

0

0

0

15:05

23/08/2020

Interpretability is a kind of safety: An interpreter-based ensemble for adversary defense

Jingyuan Wang, Yufan Wu, Mingxuan Li and
Xin Lin, Junjie Wu, Chao Li

Keywords Paper

DNN interpretation, adversarial example defense, ensemble

0

0

0

0

10:04

12/07/2020

On Breaking Deep Generative Model-based Defenses and Beyond

Yanzhi Chen, Renjie Xie, Zhanxing Zhu

Keywords Paper

Adversarial Examples

0

0

0

0

10:33

26/04/2020

Optimal Strategies Against Generative Attacks

Roy Mor, Erez Peterfreund, Matan Gavish, Amir Globerson

Keywords Paper

0

0

0

0

13:35

07/09/2020

Robust Ensemble Model Training via Random Layer Sampling Against Adversarial Attack

Hakmin Lee, Hong Joo Lee, Seong Tae Kim, Yong Man Ro

Keywords Paper

ensemble model, adversarial attack, adversarial defense, adversarial robustnessl, random layer sampling

0

0

0

0

7:19

06/12/2021

Anti-Backdoor Learning: Training Clean Models on Poisoned Data

Yige Li, Xixiang Lyu, Nodens Koren and
Lingjuan Lyu, Bo Li, Xingjun Ma

Keywords Paper

deep learning

0

0

0

0

7:58

14/06/2020

Robust Design of Deep Neural Networks Against Adversarial Attacks Based on Lyapunov Theory

Arash Rahnama, Andre T. Nguyen, Edward Raff

Keywords Paper

adversarial machine learning, robustness, control theory, lyapunov theory, spectral norm regularization, stability and robustness analysis of dnns, dissipativity and passivity theory, adversarial attacks, learning theory, mathematical analysis of dnns

0

0

0

0

1:00

14/06/2020

Enhancing Cross-Task Black-Box Transferability of Adversarial Examples With Dispersion Reduction

Yantao Lu, Yunhan Jia, Jianyu Wang and
Bai Li, Weiheng Chai, Lawrence Carin, Senem Velipasalar

Keywords Paper

adversarial example, black-box attack, cross tasks, transferability, deep neural network

0

0

0

0

1:01

22/11/2021

Selection of Source Images Heavily Influences the Effectiveness of Adversarial Attacks

Utku Ozbulak, Esla Timothy Anzaku, Wesley De Neve, Arnout Van Messem

Keywords Paper

adversarial attacks, adversarial examples, adversarial perturbation, adversarial transferability, adversarial vulnerability, model-to-model transferability, robustness, source images, image suitability, imagenet

0

0

0

0

9:56

12/08/2020

DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips

Fan Yao, Adnan Siraj Rakin, Deliang Fan

Keywords Paper

0

0

0

0

12:50

18/07/2021

Neural Tangent Generalization Attacks

Jimmy Yuan, Shan-Hung (Brandon) Wu

Keywords Paper

Algorithms, Adversarial Examples

0

0

0

0

5:14

14/06/2020

One Man’s Trash Is Another Man’s Treasure: Resisting Adversarial Examples by Adversarial Examples

Chang Xiao, Changxi Zheng

Keywords Paper

adversarial defense, adversarial examples, adversarial learning, deep learning

0

0

0

0

1:01

18/07/2021

Enhancing Robustness of Neural Networks through Fourier Stabilization

Netanel Raviv, Aidan Kelley, Minzhe Guo, Yevgeniy Vorobeychik

Keywords Paper

Probabilistic Methods, Variational Inference, Algorithms, Boosting and Ensemble Methods; Probabilistic Methods; Probabilistic Methods, Bayesian Theory, Social Aspects of Machine Learning, Privacy, Anonymity, and Security

0

0

0

0

4:57

06/12/2021

Periodic Activation Functions Induce Stationarity

Lassi Meronen, Martin Trapp, Arno Solin

Keywords Paper

deep learning, kernel methods

0

0

0

0

12:24

19/08/2021

Adversarial Examples in Physical World

Jiakai Wang

Keywords Paper

AI Ethics, Trust, Fairness, Explainability, Adversarial Machine Learning, Trustable Learning

0

0

0

0

14:17

06/12/2020

Input-Aware Dynamic Backdoor Attack

Tuan Anh Nguyen, Anh Tran

Keywords Paper

0

0

0

0

3:21

06/12/2020

On 1/n neural representation and robustness

Josue Nassar, Piotr Sokol, Sueyeon Chung and
Daniel D Harris, Memming Park

Keywords Paper

0

0

0

0

3:14

12/07/2020

Adversarial Robustness via Runtime Masking and Cleansing

Yi-Hsuan Wu, Chia-Hung Yuan, Shan-Hung (Brandon) Wu

Keywords Paper

Adversarial Examples

0

0

0

0

13:38

14/06/2020

When NAS Meets Robustness: In Search of Robust Architectures Against Adversarial Attacks

Minghao Guo, Yuzhe Yang, Rui Xu and
Ziwei Liu, Dahua Lin

Keywords Paper

adversarial robustness, neural architecture search, adversarial examples, deep learning architectures, adversarial attacks

0

0

0

0

1:01

18/07/2021

Weight-covariance alignment for adversarially robust neural networks

Panagiotis Eustratiadis, Henry Gouk, Da Li, Timothy Hospedales

Keywords Paper

Deep Learning, Adversarial Networks

0

0

0

0

4:46

06/12/2021

Towards Efficient and Effective Adversarial Training

Gaurang Sriramanan, Sravanti Addepalli, Arya Baburaj, Venkatesh Babu R

Keywords Paper

deep learning, optimization, robustness, adversarial robustness and security

0

0

0

0

14:24

18/07/2021

Adversarial Robustness Guarantees for Random Deep Neural Networks

Giacomo De Palma, Bobak T Kiani, Seth Lloyd

Keywords Paper

Theory, Deep learning Theory

0

0

0

0

5:20

12/07/2020

Adversarial Neural Pruning with Latent Vulnerability Suppression

Divyam Madaan, Jinwoo Shin, Sung Ju Hwang

Keywords Paper

Adversarial Examples

0

0

0

0

14:43

26/04/2020

Interpretable Complex-Valued Neural Networks for Privacy Protection

Liyao Xiang, Hao Zhang, Haotian Ma and
Yifan Zhang, Jie Ren, Quanshi Zhang

Keywords Paper

Deep Learning, Privacy Protection, Complex-Valued Neural Networks

0

0

0

0

4:38

06/12/2021

Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks

Hanxun Huang, Yisen Wang, Sarah Erfani and
Quanquan Gu, James Bailey, Xingjun Ma

Keywords Paper

deep learning, robustness, adversarial robustness and security

0

0

0

0

13:58

26/04/2020

Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness

Pu Zhao, Pin-Yu Chen, Payel Das and
Karthikeyan Natesan Ramamurthy, Xue Lin

Keywords Paper

mode connectivity, adversarial robustness, backdoor attack, error-injection attack, evasion attacks, loss landscapes

0

0

0

0

4:30

02/02/2021

Exploring the Vulnerability of Deep Neural Networks: A Study of Parameter Corruption

Xu Sun, Zhiyuan Zhang, Xuancheng Ren and
Ruixuan Luo, Liangyou Li

Keywords Paper

0

0

0

0

15:18

12/08/2020

Stolen Memories: Leveraging Model Memorization for Calibrated White-Box Membership Inference

Klas Leino, Matt Fredrikson

Keywords Paper

0

0

0

0

12:07

26/08/2020

Non-Parametric Calibration for Classification

Jonathan Wenger, Hedvig Kjellström, Rudolph Triebel )

Keywords Paper

0

0

0

0

15:29

14/06/2020

A Self-supervised Approach for Adversarial Robustness

Muzammal Naseer, Salman Khan, Munawar Hayat and
Fahad Shahbaz Khan, Fatih Porikli

Keywords Paper

self-supervision, defense, attack, perceptual-features, classification, segmentation, object-detection, adversarial-learning, dynamic-defense, zero-shot

0

0

0

0

5:01

26/04/2020

Improving Adversarial Robustness Requires Revisiting Misclassified Examples

Yisen Wang, Difan Zou, Jinfeng Yi and
James Bailey, Xingjun Ma, Quanquan Gu

Keywords Paper

Robustness, Adversarial Defense, Adversarial Training

0

0

0

0

5:02