The study investigates the susceptibility of few-shot learning (FSL) to backdoor attacks. Initial evaluation showed that existing backdoor attack methods were ineffective in FSL scenarios due to overfitting and easy detection of dirty labels or visible triggers. However, the study proposes a new method, the Few-shot Learning Backdoor Attack (FLBA), that demonstrates FSL can be vulnerable to backdoor attacks. FLBA uses a hidden trigger and imperceptible perturbations to make the attack more stealthy while maintaining a high Attack Success Rate (ASR). The study concludes that the security of FSL should be given more attention.

 

Publication date: 4 Jan 2024
Project Page: Not provided
Paper: https://arxiv.org/pdf/2401.01377