Here's a Free Lunch: Sanitizing Backdoored Models with Model Merge

arXiv:2402.19334v1 Announce Type: new
Abstract: The democratization of pre-trained language models through open-source initiatives has rapidly advanced innovation and expanded access to cutting-edge technologies. However, this openness also brings significant security risks, including backdoor attacks, where hidden malicious behaviors are triggered by specific inputs, compromising natural language processing (NLP) system integrity and reliability. This paper suggests that merging a backdoored model with other homogeneous models can remediate backdoor vulnerabilities even if such models are not entirely secure. In our experiments, …

abstract advanced arxiv attacks backdoor cs.cl democratization edge edge technologies free hidden innovation inputs language language models language processing merge natural natural language natural language processing nlp processing risks security technologies through type