统计与数据科学系系列学术报告之四百八十一期

时间： 2025年7月22日（周二）10:00-11:00

主持人：复旦大学管理学院统计与数据科学系郁文教授

地点：史带楼301室

报告人：Prof. Yao Li

The Department of Statistics & Operations research

University of North Carolina at Chapel Hill

李垚教授北卡罗来纳大学教堂山分校

题目：Defenses Against Backdoor Attacks in Federated Learning and Text Classification

摘要：As machine learning models become increasingly integrated into distributed and language-intensive applications, ensuring their integrity against backdoor attacks is paramount. This talk presents two defense strategies that target vulnerabilities in federated learning and large language models (LLMs). The first part introduces Trusted Aggregation (TAG), a robust defense mechanism for federated learning that leverages a small validation set to estimate permissible updates and filter out malicious contributions. TAG effectively mitigates backdoor risks while preserving task accuracy, even when up to 40% of client updates are adversarial. The second part addresses the threat of syntactic textual backdoor attacks in LLMs. We propose a novel token substitution strategy that alters semantic content while preserving syntactic structures, enabling the detection of both syntax-based and token-based triggers.

个人简介：Yao is an assistant professor of Statistics at UNC Chapel Hill. She was a Ph.D. student at UC Davis working with Prof. Cho-Jui Hsieh and Prof. Thomas C.M. Lee. Her research focuses on developing new algorithms to resolve the real-world difficulties in the machine learning pipeline. She studies both statistical and computational aspects of machine learning models. Currently, she is working on topics related to security of deep learning and computational pathology.