Efficient Trigger Word Insertion.
CoRR(2023)
摘要
With the boom in the natural language processing (NLP) field these years,
backdoor attacks pose immense threats against deep neural network models.
However, previous works hardly consider the effect of the poisoning rate. In
this paper, our main objective is to reduce the number of poisoned samples
while still achieving a satisfactory Attack Success Rate (ASR) in text backdoor
attacks. To accomplish this, we propose an efficient trigger word insertion
strategy in terms of trigger word optimization and poisoned sample selection.
Extensive experiments on different datasets and models demonstrate that our
proposed method can significantly improve attack effectiveness in text
classification tasks. Remarkably, our approach achieves an ASR of over 90% with
only 10 poisoned samples in the dirty-label setting and requires merely 1.5% of
the training data in the clean-label setting.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要