Debiasing Backdoor Attack: A Benign Application of Backdoor Attack in Eliminating Data Bias
Shangxi Wu, Qiuyang He, Yi Zhang, Jitao Sang
TL;DR
This paper introduces a novel approach called Debiasing Backdoor Attack (DBA) that leverages backdoor attack techniques to reduce data bias and improve model fairness, achieving state-of-the-art results in debiasing tasks.
Contribution
The paper proposes DBA, a new method that uses backdoor attack principles for data debiasing, offering advantages over traditional data removal techniques.
Findings
DBA achieves state-of-the-art debiasing performance.
Pseudo-deletion of data via backdoor attack is more effective than direct deletion.
Backdoor attack can be repurposed for improving model fairness.
Abstract
Backdoor attack is a new AI security risk that has emerged in recent years. Drawing on the previous research of adversarial attack, we argue that the backdoor attack has the potential to tap into the model learning process and improve model performance. Based on Clean Accuracy Drop (CAD) in backdoor attack, we found that CAD came out of the effect of pseudo-deletion of data. We provided a preliminary explanation of this phenomenon from the perspective of model classification boundaries and observed that this pseudo-deletion had advantages over direct deletion in the data debiasing problem. Based on the above findings, we proposed Debiasing Backdoor Attack (DBA). It achieves SOTA in the debiasing task and has a broader application scenario than undersampling.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Network Security and Intrusion Detection