Skip to yearly menu bar Skip to main content

Workshop

Backdoor Attacks and Defenses in Machine Learning

Guanhong Tao ⋅ Kaiyuan Zhang ⋅ Shawn Shan ⋅ Emily Wenger ⋅ Rui Zhu ⋅ Eugene Bagdasaryan ⋅ Naren Sarayu Manoj ⋅ Taylor Kulp-McDowall ⋅ Yousra Aafer ⋅ Shiqing Ma ⋅ Xiangyu Zhang

Project Page

Abstract

Backdoor attacks aim to cause consistent misclassification of any input by adding a specific pattern called a trigger. Recent studies have shown the feasibility of launching backdoor attacks in various domains, such as computer vision (CV), natural language processing (NLP), federated learning (FL), etc. As backdoor attacks are mostly carried out through data poisoning (i.e., adding malicious inputs to training data), it raises major concerns for many publicly available pre-trained models. Defending against backdoor attacks has sparked multiple lines of research. Many defense techniques are effective against some particular types of backdoor attacks. However, with increasingly emerging diverse backdoors, the defense performance of existing work tends to be limited. This workshop, Backdoor Attacks aNd DefenSes in Machine Learning (BANDS), aims to bring together researchers from government, academia, and industry that share a common interest in exploring and building more secure machine learning models against backdoor attacks.

Video

Chat is not available.

Schedule

Timezone: America/Los_Angeles

6:00 AM

Introduction and Opening Remarks

Video

6:10 AM

Keynote Talk by Amir Houmansadr

Video

6:55 AM

Invited Talk by Vitaly Shmatikov

Video

7:25 AM

Coffee Break

7:35 AM

Invited Talk by Yang Zhang

Video

8:05 AM

How to Backdoor Diffusion Models?

Sheng-Yen Chou ⋅ Pin-Yu Chen ⋅ Tsung-Yi Ho

Video

8:20 AM

Invited Talk by Bo Li

Video

8:50 AM

Lunch Break

9:50 AM

IEEE Trojan Removal Competition Remarks

Video

10:20 AM

Invited Talk by Michael Mahoney

Video

10:50 AM

Invited Talk by Ruoxi Jia

Video

11:20 AM

Removing Backdoor Behaviors with Unlabeled Data

Lu Pang ⋅ Tao Sun ⋅ Haibin Ling ⋅ Chao Chen

Video

11:35 AM

Invited Talk by Ben Y. Zhao

Video

12:05 PM

BITE: Textual Backdoor Attacks with Iterative Trigger Injection

Jun Yan ⋅ Vansh Gupta ⋅ Xiang Ren

Video

12:05 PM

Learning the Wrong Lessons: Inserting Trojans During Knowledge Distillation

Leonard Tang ⋅ Tom Shlomi ⋅ Alexander Cai

Video

12:05 PM

Learning to Backdoor Federated Learning

Henger Li ⋅ Chen Wu ⋅ Sencun Zhu ⋅ Zizhan Zheng

Video

12:05 PM

Secure Federated Learning against Model Poisoning Attacks via Client Filtering

Duygu Nur Yaldiz ⋅ Tuo Zhang ⋅ Salman Avestimehr

Video

12:05 PM

Unlearning Backdoor Attacks in Federated Learning

Chen Wu ⋅ SENCUN ZHU ⋅ Prasenjit Mitra

Video

12:05 PM

Rethinking the Necessity of Labels in Backdoor Removal

Zidi Xiong ⋅ Dongxian Wu ⋅ Yifei Wang ⋅ Yisen Wang

Video

12:20 PM

Coffee Break

12:30 PM

Invited Talk by Pin-Yu Chen

Video

1:00 PM

Invited Talk by Wenbo Guo

Video

1:30 PM

Backdoor Attacks Against Transformers with Attention Enhancement

Weimin Lyu ⋅ Songzhu Zheng ⋅ Haibin Ling ⋅ Chao Chen

Video

1:45 PM

BackdoorBox: A Python Toolbox for Backdoor Learning

Yiming Li ⋅ Mengxi Ya ⋅ Yang Bai ⋅ Yong Jiang ⋅ Shu-Tao Xia

Video

1:45 PM

On the Existence of a Trojaned Twin Model

Songzhu Zheng ⋅ Yikai Zhang ⋅ Lu Pang ⋅ Weimin Lyu ⋅ Mayank Goswami ⋅ Anderson Schneider ⋅ Yuriy Nevmyvaka ⋅ Haibin Ling ⋅ Chao Chen

Video

1:45 PM

DABS: Data-Agnostic Backdoor attack at the Server in Federated Learning

Wenqiang Sun ⋅ Sen Li ⋅ Yuchang Sun ⋅ Jun Zhang

Video

1:45 PM

Exploring Vulnerabilities of Semi-Supervised Learning to Simple Backdoor Attacks

Marissa Connor ⋅ Vincent Emanuele

Video

1:45 PM

Augmentation Backdoors

Joseph Rance ⋅ Yiren Zhao ⋅ I Shumailov ⋅ Robert Mullins

Video

1:45 PM

Salient Conditional Diffusion for Backdoors

Brandon May ⋅ Joseph Tatro ⋅ Piyush Kumar ⋅ Nathan Shnidman

Video

2:00 PM

Panel Discussion

Video

3:00 PM

Closing Remarks

Video