Prof. Xinlei He, Wuhan University, China
Bio: Dr.Xinlei He is a research fellow in the Institude for Math & AI, Wuhan University. He obtained his Ph.D. from CISPA Helmholtz Center for Information Security. His research lies in the domain of trustworthy machine learning, with a special focus on privacy, security, and accountability issues stemming from machine learning paradigms. He has published over 40 papers in top-tier conferences/journals such as IEEE S&P, ACM CCS, NDSS, and USENIX Security. He served as the AE of TDSC and the TPC member of multiple conferences such as IEEE S&P, AAAI, KDD, etc. He was the recipient of the Norton Labs Graduate Fellowship 2022 (only two recipients around the world), LAMPS 2024 Best Paper Award, and NDSS 2025 Distinguished Poster Award. More details are at https://xinleihe.github.io/.
个人简介:何新磊,武汉大学武汉数学与智能研究院研究员,入选国家级青年人才,广东省优青,湖北省百人,主持和参与多项海内外项目,在ACM CCS、IEEE S&P、USENIX Security、NDSS、IEEE TDSC、ACM TMC等重要学术会议与期刊上发表论文40余篇,谷歌学术引用2900余次;担任IEEE TDSC编委、SocialMeta2024程序委员会共同主席、ACL领域主席、多个CCF-A类会议PC(IEEE S&P、AAAI、KDD、IJCAI、ICLR等),获得2022年度诺顿Graduate Fellowship(全球仅2人),LAMPS 2024最佳论文奖及NDSS 2025杰出海报奖。
Speech Title: Exploring Backdoor Attacks and Defenses for Generative AI Models 浅谈生成式人工智能模型后门攻防
Abstract: Backdoor attacks in generative AI models has emerged as a critical issue in the field of AI security. Backdoor attacks involve embedding malicious patterns into training data or the models themselves, causing the model to produce erroneous outputs when activated by specific trigger conditions. This poses a significant threat to the reliability and security of AI systems. In this talk, we focus on backdoor attack and defense mechanisms in critical contexts, including model merging and parameter-efficient fine-tuning (PEFT). We will examine current attack techniques, evaluate existing defense strategies, and introduce potential solutions to mitigate these risks.
生成式人工智能模型的后门攻防是当前人工智能安全领域的关键问题之一。后门攻击通过在训练数据或模型中植入恶意模式,使模型在特定触发条件下输出错误结果,严重威胁模型的可靠性和安全性。本报告将重点探讨生成式人工智能模型在模型融合、参数高效微调等关键场景下的后门攻防问题,分析攻击手段与防御策略,并提出相应的解决方案。