| Title | When Does Backdoor Attack Succeed in Image Reconstruction? A Study of Heuristics vs. Bi-Level Solution |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Taneja, Vardaan, Chen, Pin-Yu, Yao, Yuguang, Liu, Sijia |
| Conference Name | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |
| Keywords | Acoustics, Backdoor Attacks, Bilevel Optimization, Conferences, data poisoning, Image reconstruction, pubcrawl, resilience, Resiliency, Robustness, Scalability, security, Security Heuristics, Signal processing, speech processing, Task Analysis |
| Abstract | Recent studies have demonstrated the lack of robustness of image reconstruction networks to test-time evasion attacks, posing security risks and potential for misdiagnoses. In this paper, we evaluate how vulnerable such networks are to training-time poisoning attacks for the first time. In contrast to image classification, we find that trigger-embedded basic backdoor attacks on these models executed using heuristics lead to poor attack performance. Thus, it is non-trivial to generate backdoor attacks for image reconstruction. To tackle the problem, we propose a bi-level optimization (BLO)-based attack generation method and investigate its effectiveness on image reconstruction. We show that BLO-generated back-door attacks can yield a significant improvement over the heuristics-based attack strategy. |
| DOI | 10.1109/ICASSP43922.2022.9746433 |
| Citation Key | taneja_when_2022 |
When Does Backdoor Attack Succeed in Image Reconstruction? A Study of Heuristics vs. Bi-Level Solution