Abstract

In the transfer learning paradigm, models that are pre-trained on large datasets are used as the foundation models for various downstream tasks. However, this paradigm exposes downstream practitioners to data poisoning threats, as attackers can inject malicious samples into the re-training datasets to manipulate the behavior of models in downstream tasks. In this work, we propose a defense strategy that significantly reduces the success rate of various data poisoning attacks in downstream tasks. Our defense aims to pre-train a robust foundation model by reducing adversarial feature distance and increasing inter-class feature distance. Experiments demonstrate the excellent defense performance of the proposed strategy towards state-of-the-art clean-label poisoning attacks in the transfer learning scenario.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Adaptive Transfer Learning on Graph Neural Networks
Xueting Han ... Bang An
-
Xueting Han, et. al.Xueting Han ... Bang An
14 Aug 2021
Optimizing Large Language Models on Multi-Core CPUs: A Case Study of the BERT Model
Lanxin Zhao ... Wanrong Gao
Applied Sciences | VOL. 14
Lanxin Zhao, et. al.Lanxin Zhao ... Wanrong Gao
11 Mar 2024
O-321 A foundation model for embryology trained on time-lapse images
S Rajendran ... I Hajirasouliha
Human Reproduction | VOL. 39
S Rajendran, et. al.S Rajendran ... I Hajirasouliha
03 Jul 2024
CDEST: Class Distinguishability-Enhanced Self-Training Method for Adopting Pre-Trained Models to Downstream Remote Sensing Image Semantic Segmentation
Ming Zhang ... Xin Gu
Remote Sensing | VOL. 16
Ming Zhang, et. al.Ming Zhang ... Xin Gu
06 Apr 2024
View more papers

More From: Neural Networks

Paper Title
Journal
Date
Author
Deep clustering analysis via variational autoencoder with Gamma mixture latent embeddings
Jiaxun Guo ... Nizar Bouguila
Neural Networks | VOL. -
Jiaxun Guo, et. al.Jiaxun Guo ... Nizar Bouguila
01 Dec 2024
Roughness prediction of asphalt pavement using FGM(1,1—sin) model optimized by swarm intelligence and Markov chain
Zhuoxuan Li ... Wei Huang
Neural Networks | VOL. -
Zhuoxuan Li, et. al.Zhuoxuan Li ... Wei Huang
01 Dec 2024
Dual-tower model with semantic perception and timespan-coupled hypergraph for next-basket recommendation
Yangtao Zhou ... Wanqiang Yang
Neural Networks | VOL. -
Yangtao Zhou, et. al.Yangtao Zhou ... Wanqiang Yang
01 Dec 2024
Heterogeneous Graph Embedding with Dual Edge Differentiation
Yuhong Chen ... Shiping Wang
Neural Networks | VOL. -
Yuhong Chen, et. al.Yuhong Chen ... Shiping Wang
01 Dec 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.