Poisoning Web-Scale Training Datasets is Practical

Thu 23Mar2023

Florian Tramèr, ETH Zürich

From 11:30 until 13:00

At CAB H 52 (Seminar) + CNB/F/110 (Lunch) , ETH Zurich

CAB H 52 (Seminar) + CNB/F/110 (Lunch), ETH Zurich


Deep learning models are often trained on distributed, webscale datasets crawled from the internet. We introduce two new dataset poisoning attacks that intentionally introduce malicious examples to degrade a model's performance. Our attacks are immediately practical and could, today, poison 10 popular datasets. We will discuss how the attacks work; why (we think) these haven't been exploited yet; and why defending against them comes with non-negligible costs.

Join us in CAB H 52 (Seminar) + CNB/F/110 (Lunch).

Download Event to Calendar