BELT: Old-School Backdoor Attacks can Evade the State-of-the-Art Defense with Backdoor Exclusivity Lifting
Huming Qiu, Junjie Sun, Mi Zhang, Xudong Pan, Min Yang
IEEE Symposium on Security and Privacy 2024 · Day 2 · Continental Ballroom 5
This talk introduces BELT, a novel attack technique demonstrating how traditional backdoor attacks can bypass even the most advanced deep learning defense mechanisms by enhancing a property termed "backdoor exclusivity." Presented by Huming Qiu from Fudan University and co-authored with Junjie Sun, Mi Zhang, Xudong Pan, and Min Yang, the research highlights a critical vulnerability in the current deep learning supply chain. With the proliferation of model-sharing platforms like Hugging Face and Model Zoo, the risk of malicious actors disseminating compromised models has escalated, making backdoor attacks a paramount concern for the security of AI systems.
AI review
This is a rare example of novel research that directly challenges the foundations of current AI security. BELT's concept of 'backdoor exclusivity' and its precise implementation expose a critical blind spot in state-of-the-art defenses, demonstrating a sophisticated attack that will force a paradigm shift. This isn't just theory; it's a demonstrable threat to every model-sharing platform out there.