The last Dance : Robust backdoor attack via diffusion models and bayesian approach
This addresses a security vulnerability in audio AI models, but it is incremental as it applies known backdoor attack techniques to a new domain (audio transformers).
The paper tackles the problem of fooling audio-based DNN models, specifically transformer models from Hugging Face, by developing a backdoor attack called BacKBayDiffMod that uses diffusion models and a Bayesian approach to poison training data, demonstrating its feasibility.
Diffusion models are state-of-the-art deep learning generative models that are trained on the principle of learning forward and backward diffusion processes via the progressive addition of noise and denoising. In this paper, we aim to fool audio-based DNN models, such as those from the Hugging Face framework, primarily those that focus on audio, in particular transformer-based artificial intelligence models, which are powerful machine learning models that save time and achieve results faster and more efficiently. We demonstrate the feasibility of backdoor attacks (called `BacKBayDiffMod`) on audio transformers derived from Hugging Face, a popular framework in the world of artificial intelligence research. The backdoor attack developed in this paper is based on poisoning model training data uniquely by incorporating backdoor diffusion sampling and a Bayesian approach to the distribution of poisoned data.