Summary of Proactive Adversarial Defense: Harnessing Prompt Tuning in Vision-language Models to Detect Unseen Backdoored Images, by Kyle Stein et al.
Proactive Adversarial Defense: Harnessing Prompt Tuning in Vision-Language Models to Detect Unseen Backdoored Images
by Kyle Stein, Andrew Arash Mahyari, Guillermo Francia, Eman El-Sheikh
First submitted to arxiv on: 11 Dec 2024
Categories
- Main: Computer Vision and Pattern Recognition (cs.CV)
- Secondary: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR); Machine Learning (cs.LG)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The paper presents a groundbreaking approach to detect backdoored images during both training and inference. It focuses on mitigating the impact of hidden triggers that cause models to misclassify input images into target labels. The authors introduce a method that trains learnable text prompts to differentiate clean images from those with hidden backdoor triggers, leveraging the success of prompt tuning in Vision Language Models (VLMs). The approach achieves an impressive average accuracy of 86% across two renowned datasets for detecting unseen backdoor triggers, establishing a new standard in backdoor defense. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary The paper is about a way to stop bad guys from tricking artificial intelligence models into making mistakes. They hide special signals in pictures that make the AI think those pictures are something they’re not. Right now, it’s hard to find these signals by looking at lots of pictures, and even the best defenses can’t completely stop them. The new method uses words to teach computers what a real picture looks like compared to one with hidden signals. It does very well on two big tests, showing that it can help keep AI safe from being tricked. |
Keywords
» Artificial intelligence » Inference » Prompt
