网络与信息安全学报2025,Vol.11Issue(5):137-148,12.DOI:10.11959/j.issn.2096-109x.2025059
基于扩散模型的机器学习后门攻击防御方法
method for machine learning backdoor attacks based on defense method based on diffusion models
摘要
Abstract
Backdoor attacks were recognized as one of the primary security threats faced by machine learning mod-els during the training phase.Although significant progress had been achieved in existing defense methods against backdoor attacks,these approaches were often found to result in a substantial decline in model accuracy on clean test sets.To address this issue,a method named defending against backdoor attacks with diffusion model(DBADM)was proposed.The core idea of this method was to preprocess poisoned samples containing backdoor triggers using a diffusion model before model training.By altering the hidden trigger features in the samples,back-door attacks were effectively mitigated.Systematic offensive and defensive comparison experiments were con-ducted on four benchmark datasets:MNIST,CIFAR-10,Tiny ImageNet,and LFW.The experimental results demon-strate that the DBADM method not only successfully defends against various backdoor attacks but also maintains the model's high accuracy performance on the clean dataset.关键词
机器学习/后门攻击/触发器/扩散模型Key words
machine learning/backdoor attack/trigger/diffusion model分类
计算机与自动化引用本文复制引用
王孙平,张爱清,叶新荣,王勇..基于扩散模型的机器学习后门攻击防御方法[J].网络与信息安全学报,2025,11(5):137-148,12.基金项目
国家自然科学基金项目(62072005) (62072005)
安徽省自然科学基金优秀青年科学基金项目(2108085Y22) The National Natural Science Foundation of China(62072005),Anhui Provincial Natural Science Founda-tion for Outstanding Young Scientists Project(2108085Y22) (2108085Y22)
