@inproceedings{dff8101bfbeb4a76966de592ebb2c3de,
title = "DFaP: Data Filtering and Purification Against Backdoor Attacks",
abstract = "The rapid development of deep learning has led to a dramatic increase in user demand for training data. As a result, users are often compelled to acquire data from unsecured external sources through automated methods or outsourcing. Therefore, severe backdoor attacks occur during the training data collection phase of the DNNs pipeline, where adversaries can stealthily control DNNs to make expected or unintended outputs by contaminating the training data. In this paper, we propose a novel backdoor defense framework called DFaP (Data Filter and Purify). DFaP can make backdoor samples with local-patch or full-image triggers added harmless without needing additional clean samples. With DFaP, users can safely train clean DNN models with unsecured data. We have conducted experiments on two networks (AlexNet, ResNet-34) and two datasets (CIFAR10, GTSRB). The experimental results show that DFaP can defend against six state-of-the-art backdoor attacks. In comparison to the other four defense methods, DFaP demonstrates superior performance with an average reduction in attack success rate of 98.01%.",
keywords = "AI security, artificial intelligence, backdoor defense, data filtering, data purification, deep learning",
author = "Haochen Wang and Tianshi Mu and Guocong Feng and Wu, {Shang Bo} and Yuanzhang Li",
note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.; 1st International Conference on Artificial Intelligence Security and Privacy, AIS and P 2023 ; Conference date: 03-12-2023 Through 05-12-2023",
year = "2024",
doi = "10.1007/978-981-99-9785-5_7",
language = "English",
isbn = "9789819997848",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "81--97",
editor = "Jaideep Vaidya and Moncef Gabbouj and Jin Li",
booktitle = "Artificial Intelligence Security and Privacy - 1st International Conference on Artificial Intelligence Security and Privacy, AIS and P 2023, Proceedings",
address = "Germany",
}