A Textual Backdoor Defense Method Based on Deep Feature Classification

被引：2

作者：

Shao, Kun ^{[1
]}

Yang, Junan ^{[1
]}

Hu, Pengjiang ^{[1
]}

Li, Xiaoshuai ^{[1
]}

机构：

[1] Natl Univ Def Technol, Coll Elect Engn, Hefei 230037, Peoples R China

来源：

ENTROPY | 2023年 / 25卷 / 02期

关键词：

deep neural networks; natural language processing; adversarial machine learning; backdoor attacks; backdoor defenses; ATTACKS;

D O I：

10.3390/e25020220

中图分类号：

O4 [物理学];

学科分类号：

0702 ;

摘要：

Natural language processing (NLP) models based on deep neural networks (DNNs) are vulnerable to backdoor attacks. Existing backdoor defense methods have limited effectiveness and coverage scenarios. We propose a textual backdoor defense method based on deep feature classification. The method includes deep feature extraction and classifier construction. The method exploits the distinguishability of deep features of poisoned data and benign data. Backdoor defense is implemented in both offline and online scenarios. We conducted defense experiments on two datasets and two models for a variety of backdoor attacks. The experimental results demonstrate the effectiveness of this defense approach and outperform the baseline defense method.

引用

页数：13

共 50 条

[21] CBPF: A Novel Method for Filtering Poisoned Data Based on Composite Backdoor Attacks [J].

Xia, Hanfeng ;

Hong, Haibo ;

Wang, Ruili ;

Sun, Yiru ;

Ding, Hao .

IEEE INTERNET OF THINGS JOURNAL, 2025, 12 (13) :25136-25147

[22] A Backdoor Attack Against LSTM-Based Text Classification Systems [J].

Dai, Jiazhu ;

Chen, Chuanshuai ;

Li, Yufeng .

IEEE ACCESS, 2019, 7 :138872-138878

[23] Invisible trigger image: A dynamic neural backdoor attack based on hidden feature [J].

Chen, Xiong ;

Li, Mohan ;

Sun, Yanbin ;

Tian, Zhihong .

NEUROCOMPUTING, 2025, 639

[24] FedRAB: Robust federated learning against backdoor attacks based on collaborative defense with smoothing [J].

Tan, Xue ;

Chen, Ping .

JOURNAL OF COMPUTER SECURITY, 2025,

[25] FEAT: Frequency Energy Based Backdoor Attack in Deep Neural Networks [J].

Li, Junwei ;

Chen, Honglong ;

Gao, Yudong ;

Li, Junjian ;

Wang, Wenjie ;

Yu, Jimiao ;

Qiu, Jinghan .

EXPERT SYSTEMS WITH APPLICATIONS, 2025, 278

[26] A Review on Medical Textual Question Answering Systems Based on Deep Learning Approaches [J].

Mutabazi, Emmanuel ;

Ni, Jianjun ;

Tang, Guangyi ;

Cao, Weidong .

APPLIED SCIENCES-BASEL, 2021, 11 (12)

[27] Deep learning-based sentiment classification of evaluative text based on Multi-feature fusion [J].

Abdi, Asad ;

Shamsuddin, Siti Mariyam ;

Hasan, Shafaatunnur ;

Piran, Jalil .

INFORMATION PROCESSING & MANAGEMENT, 2019, 56 (04) :1245-1259

[28] Deep Feature Extraction and Classification of Android Malware Images [J].

Singh, Jaiteg ;

Thakur, Deepak ;

Ali, Farman ;

Gera, Tanya ;

Kwak, Kyung Sup .

SENSORS, 2020, 20 (24) :1-29

[29] SecureNet: Proactive intellectual property protection and model security defense for DNNs based on backdoor learning [J].

Li, Peihao ;

Huang, Jie ;

Wu, Huaqing ;

Zhang, Zeping ;

Qi, Chunyang .

NEURAL NETWORKS, 2024, 174

[30] Defending Against Backdoor Attacks with Feature Activation-Based Detection and Model Recovery [J].

Ma, Xiao ;

Shen, Hong ;

Lam, Chan-Tong .

2024 22ND INTERNATIONAL SYMPOSIUM ON NETWORK COMPUTING AND APPLICATIONS, NCA, 2024, :294-301

← 1 2 3 4 5 →