Backdoor Attacks on Multi-modal Contrastive Learning

TL;DR

This paper reviews backdoor attack vulnerabilities in contrastive learning, analyzing threat models, attack methods, defenses, and discussing future research directions to enhance security in various domains.

Contribution

It provides a comprehensive comparison of backdoor attacks in contrastive learning and highlights specific vulnerabilities and challenges for future research.

Findings

Contrastive learning is vulnerable to backdoor and data poisoning attacks.

Current defenses are limited and need further development.

Understanding attack methods aids in designing more secure contrastive learning systems.

Abstract

Contrastive learning has become a leading self- supervised approach to representation learning across domains, including vision, multimodal settings, graphs, and federated learning. However, recent studies have shown that contrastive learning is susceptible to backdoor and data poisoning attacks. In these attacks, adversaries can manipulate pretraining data or model updates to insert hidden malicious behavior. This paper offers a thorough and comparative review of backdoor attacks in contrastive learning. It analyzes threat models, attack methods, target domains, and available defenses. We summarize recent advancements in this area, underline the specific vulnerabilities inherent to contrastive learning, and discuss the challenges and future research directions. Our findings have significant implications for the secure deployment of systems in industrial and distributed environments.