CVPR 2023 - Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning

In this episode we discuss Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning by Authors: - Ajinkya Tejankar - Maziar Sanjabi - Qifan Wang - Sinong Wang - Hamed Firooz - Hamed Pirsiavash - Liang Tan Affiliations: - University of California, Davis (Ajinkya Tejankar, Hamed Pirsiavash) - Meta AI (Maziar Sanjabi, Qifan Wang, Sinong Wang, Hamed Firooz, Liang Tan). The paper discusses a vulnerability of self-supervised learning to backdoor attacks through patch-based data poisoning. To defend against such attacks, the paper proposes a three-step defense pipeline involving training a model on the poisoned data, using a defense algorithm called PatchSearch to remove poisoned samples from the training set, and finally training a model on the cleaned-up training set. The results show that PatchSearch is an effective defense, outperforming baselines and state-of-the-art defense approaches. The code is available online.