We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.LG
< prev | next >
new | recent | 2109

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Machine Learning

Title: SanitAIs: Unsupervised Data Augmentation to Sanitize Trojaned Neural Networks

Authors: Kiran Karra, Chace Ashcraft, Cash Costello
(Submitted on 9 Sep 2021 (v1), last revised 1 Jun 2022 (this version, v3))
Abstract: Self-supervised learning (SSL) methods have resulted in broad improvements to neural network performance by leveraging large, untapped collections of unlabeled data to learn generalized underlying structure. In this work, we harness unsupervised data augmentation (UDA), an SSL technique, to mitigate backdoor or Trojan attacks on deep neural networks. We show that UDA is more effective at removing trojans than current state-of-the-art methods for both feature space and point triggers, over a range of model architectures, trojans, and data quantities provided for trojan removal. These results demonstrate that UDA is both an effective and practical approach to mitigating the effects of backdoors on neural networks.
Comments: 7 pages, 5 figures
Subjects: Machine Learning (cs.LG)
Cite as: arXiv:2109.04566 [cs.LG]
  (or arXiv:2109.04566v3 [cs.LG] for this version)

Submission history

From: Kiran Karra [view email]
[v1] Thu, 9 Sep 2021 21:29:12 GMT (306kb,D)
[v2] Tue, 14 Sep 2021 20:24:47 GMT (183kb,D)
[v3] Wed, 1 Jun 2022 21:34:48 GMT (735kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.