Two Sides of the Same Coin: White-box and Black-box Attacks for Transfer Learning

Yinghua Zhang

Yangqiu Song (宋陽秋)

[0]

Jian Liang

[0]

Kun Bai

[0]

Qiang Yang (杨强)

[0]

KDD '20: The 26th ACM SIGKDD Conference on Knowledge Discovery and Data Mining Virtual Event CA USA July, 2020, pp. 2989-2997, 2020.

Cited by: 0|Views166

Keywords:

learning techniquetraining datumdeep learning modelfine tuninglarge scaleMore(18+)

Weibo:

Results suggest that fine-tuning might introduce potential risks since a fine-tuned model is more likely to be successfully attacked by the adversarial examples crafted from its source model than a model that is learned from scratch

Abstract:

Transfer learning has become a common practice for training deep learning models with limited labeled data in a target domain. On the other hand, deep models are vulnerable to adversarial attacks. Though transfer learning has been widely applied, its effect on model robustness is unclear. To figure out this problem, we conduct extensive e...More

Code:

Data:

Full Text

View via Publisher