Go to OpenReview Archive homepageTowards Adversarial Robustness And Backdoor Mitigation in SSL
Abstract: Self-Supervised Learning (SSL) has shown great promise in learning representations from unlabeled data, making it widely used in real-world applications. However, SSL methods have been shown to be vulnerable to backdoor attacks, where adversaries manipulate representations by tampering with training data or the model. This work focuses on defending against backdoor attacks in SSL, assuming the adversary has partial access to training data but no access to the model. We propose computationally efficient and generalizable methods for SSL robustness using two frequency domain augmentations: Gaussian Blur and Frequency Patching. Our method mitigates backdoor attack success by 60-80% while increasing performance by 5-8% on downstream classification tasks. We also demonstrate increased adversarial robustness using the RobustBench framework. Code for our work is available at https://github.com/Aryan-Satpathy/Backdoor.
Loading