5,337
edits
Deep Learning: Difference between revisions
→Backdoor attacks
| Line 885: | Line 885: | ||
The idea is too add a ''trigger'' or watermark to the image to make it misclassify it. | The idea is too add a ''trigger'' or watermark to the image to make it misclassify it. | ||
Gu ''et al'' (2017) <ref name="gu2017badnets"> randomly select a small portion of training set, apply a backdoor trigger, and ''change the label to the target label''. | Gu ''et al'' (2017) <ref name="gu2017badnets"></ref> randomly select a small portion of training set, apply a backdoor trigger, and ''change the label to the target label''. | ||
==Misc== | ==Misc== | ||
| Line 899: | Line 899: | ||
<ref name="belkin2019reconciling">Mikhail Belkin, Daniel Hsu, Siyuan Ma, Soumik Mandal (2019) Reconciling modern machine learning practice and the bias-variance trade-off (PNAS 2019) [https://arxiv.org/abs/1812.11118 https://arxiv.org/abs/1812.11118]</ref> | <ref name="belkin2019reconciling">Mikhail Belkin, Daniel Hsu, Siyuan Ma, Soumik Mandal (2019) Reconciling modern machine learning practice and the bias-variance trade-off (PNAS 2019) [https://arxiv.org/abs/1812.11118 https://arxiv.org/abs/1812.11118]</ref> | ||
<ref name="jiang2019generalization">Yiding Jiang, Behnam Neyshabur, Hossein Mobahi, Dilip Krishnan, Samy Bengio (2019) Fantastic Generalization Measures and Where to Find Them [https://arxiv.org/abs/1912.02178 https://arxiv.org/abs/1912.02178]</ref> | <ref name="jiang2019generalization">Yiding Jiang, Behnam Neyshabur, Hossein Mobahi, Dilip Krishnan, Samy Bengio (2019) Fantastic Generalization Measures and Where to Find Them [https://arxiv.org/abs/1912.02178 https://arxiv.org/abs/1912.02178]</ref> | ||
<ref name="gu2017badnets">Tianyu Gu, Brendan Dolan-Gavitt, Siddharth Garg (2017) BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain [https://arxiv.org/abs/1708.06733 https://arxiv.org/abs/1708.06733]</ref> | |||
}} | }} | ||