Two Sides of the Same Coin: White-box and Black-box Attacks for Transfer Learning
KDD '20: The 26th ACM SIGKDD Conference on Knowledge Discovery and Data Mining Virtual Event CA USA July, 2020, pp. 2989-2997, 2020.
Results suggest that fine-tuning might introduce potential risks since a fine-tuned model is more likely to be successfully attacked by the adversarial examples crafted from its source model than a model that is learned from scratch
Transfer learning has become a common practice for training deep learning models with limited labeled data in a target domain. On the other hand, deep models are vulnerable to adversarial attacks. Though transfer learning has been widely applied, its effect on model robustness is unclear. To figure out this problem, we conduct extensive e...More
PPT (Upload PPT)