Planting Undetectable Backdoors in Machine Learning Models
We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key”, the mechanism is hidden and cannot Read more about Planting Undetectable Backdoors in Machine Learning Models[…]