Summary of Dede: Detecting Backdoor Samples For Ssl Encoders Via Decoders, by Sizai Hou et al.
DeDe: Detecting Backdoor Samples for SSL Encoders via Decoders
by Sizai Hou, Songze Li, Duanyi Yao
First submitted to arxiv on: 25 Nov 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The proposed method, DeDe, detects self-supervised learning (SSL) backdoor attacks by recognizing the co-occurrence of victim encoder and trigger inputs. It trains a decoder on an auxiliary dataset to produce an image significantly different from the input when triggered to mislead the target embedding. This novel detection mechanism is evaluated on contrastive learning and CLIP models, demonstrating superior performance in both upstream detection and preventing backdoors in downstream tasks. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary A group of researchers has found that self-supervised learning (SSL) can be tricked into producing bad results by intentionally polluting some training data. This type of attack is called a “backdoor” because it activates a specific output or behavior when triggered. The problem is that existing methods for detecting these attacks are not very good at catching the more sophisticated ones. To solve this issue, they have developed a new method called DeDe, which identifies backdoors by looking at how well an SSL model can predict what kind of image it’s seeing when given a fake input. They tested DeDe on different types of models and showed that it works better than other methods. |
Keywords
» Artificial intelligence » Decoder » Embedding » Encoder » Self supervised
