Current browse context:
cs.LG
Change to browse by:
References & Citations
Computer Science > Machine Learning
Title: Data Poisoning Attack Aiming the Vulnerability of Continual Learning
(Submitted on 29 Nov 2022 (v1), last revised 3 Jul 2023 (this version, v2))
Abstract: Generally, regularization-based continual learning models limit access to the previous task data to imitate the real-world constraints related to memory and privacy. However, this introduces a problem in these models by not being able to track the performance on each task. In essence, current continual learning methods are susceptible to attacks on previous tasks. We demonstrate the vulnerability of regularization-based continual learning methods by presenting a simple task-specific data poisoning attack that can be used in the learning process of a new task. Training data generated by the proposed attack causes performance degradation on a specific task targeted by the attacker. We experiment with the attack on the two representative regularization-based continual learning methods, Elastic Weight Consolidation (EWC) and Synaptic Intelligence (SI), trained with variants of MNIST dataset. The experiment results justify the vulnerability proposed in this paper and demonstrate the importance of developing continual learning models that are robust to adversarial attacks.
Submission history
From: Jaehyun Choi [view email][v1] Tue, 29 Nov 2022 02:28:05 GMT (245kb,D)
[v2] Mon, 3 Jul 2023 09:50:12 GMT (313kb,D)
Link back to: arXiv, form interface, contact.