Poisoning Web-Scale Training Datasets is Practical

Thu 23Mar2023
Since June 2016 you need to have a valid API key enabled to display Google maps, see plugin settings

Florian Tramèr, ETH Zürich

From 11:30 until 13:00

At CAB H 52 (Seminar) + CNB/F/110 (Lunch) , ETH Zurich

CAB H 52 (Seminar) + CNB/F/110 (Lunch), ETH Zurich


Deep learning models are often trained on distributed, webscale datasets crawled from the internet. We introduce two new dataset poisoning attacks that intentionally introduce malicious examples to degrade a model's performance. Our attacks are immediately practical and could, today, poison 10 popular datasets. We will discuss how the attacks work; why (we think) these haven't been exploited yet; and why defending against them comes with non-negligible costs.

Join us in CAB G 52 (Seminar) + CNB/F/110 (Lunch).

Download Event to Calendar