Statistics and Data Science Seminar
Yao Li
UNC Chapel Hill
Defenses Against Backdoor Attacks in Federated Learning and Text Classification
Abstract: As machine learning models become increasingly integrated into distributed and language-intensive applications, ensuring their integrity against backdoor attacks is paramount. This talk presents two defense strategies that target vulnerabilities in federated learning and large language models (LLMs). The first part introduces Trusted Aggregation (TAG), a robust defense mechanism for federated learning that leverages a small validation set to estimate permissible updates and filter out malicious contributions. TAG effectively mitigates backdoor risks while preserving task accuracy, even when up to 40% of client updates are adversarial. The second part addresses the threat of syntactic textual backdoor attacks in LLMs. We propose a novel token substitution strategy that alters semantic content while preserving syntactic structures, enabling the detection of both syntax-based and token-based triggers.
Wednesday April 9, 2025 at 4:00 PM in 636 SEO