Is it really safe to outsource model training? New research: outsourcers may implant backdoors to control bank lending

Deep learning is important for big data 、 The rigid requirement of large computing power forces more and more enterprises to outsource model training tasks to special platforms or companies , But is this really safe ？ In an article entitled 《Planting Undetectable Backdoors in Machine Learning Models》 In my new paper , come from UC Berkeley、MIT and IAS Researchers have shown a powerful force ： A service provider with hostile motives can maintain this power for a long time after the delivery of the learning model , Even for the smartest customers .

Thesis link ：

https://arxiv.org/pdf/2204.06974.pdf

In this paper , The author systematically discusses the undetectable back door , That is, the classifier output can be easily changed , But the hidden mechanism that users will never detect . They give undetectability （undetectability） A clear definition of , And under the standard encryption assumption , It proves that it is possible to implant undetectable back doors in various environments . These common structures present significant risks in the outsourcing of supervised learning tasks .