Loading…
Efficient Trigger Word Insertion
With the rapid advancements in the natural language processing (NLP) domain in recent years, the emergence of backdoor attacks presents substantial threats to deep neural network models. However, prior research has often overlooked the influence of the poisoning rate. This paper aims to address this...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | Conference Proceeding |
Language: | English |
Subjects: | |
Online Access: | Request full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | With the rapid advancements in the natural language processing (NLP) domain in recent years, the emergence of backdoor attacks presents substantial threats to deep neural network models. However, prior research has often overlooked the influence of the poisoning rate. This paper aims to address this gap by prioritizing the reduction of poisoned samples while still attaining a comparable Attack Success Rate (ASR) in the context of text backdoor attacks. Our primary focus revolves around introducing an efficient strategy for trigger word insertion, encompassing both trigger word optimization and poisoned sample selection. To achieve our objectives, extensive experiments were conducted across diverse datasets and models, showcasing the significant enhancements brought forth by our proposed methodology in the realm of text classification tasks. Remarkable outcomes include an ASR surpassing 90%, utilizing a mere 10 poisoned samples in the dirty-label setting, and delivering compelling performance with only 1.5% of the training data in the clean-label setting. |
---|---|
ISSN: | 2771-6902 |
DOI: | 10.1109/BigDIA60676.2023.10429630 |