A Survey on Backdoor Attack and Defense in Natural Language Processing

TL;DR

This paper provides a comprehensive survey of backdoor attacks and defenses in NLP, highlighting current challenges, datasets, and open issues for building secure NLP systems.

Contribution

It offers a detailed review of existing backdoor attack methods, defense strategies, benchmark datasets, and identifies open problems in NLP security.

Findings

Summarizes key backdoor attack techniques in NLP.

Reviews defense mechanisms and their effectiveness.

Highlights open issues and future research directions.

Abstract

Deep learning is becoming increasingly popular in real-life applications, especially in natural language processing (NLP). Users often choose training outsourcing or adopt third-party data and models due to data and computation resources being limited. In such a situation, training data and models are exposed to the public. As a result, attackers can manipulate the training process to inject some triggers into the model, which is called backdoor attack. Backdoor attack is quite stealthy and difficult to be detected because it has little inferior influence on the model's performance for the clean samples. To get a precise grasp and understanding of this problem, in this paper, we conduct a comprehensive review of backdoor attacks and defenses in the field of NLP. Besides, we summarize benchmark datasets and point out the open issues to design credible systems to defend against backdoor attacks.