[CFP] "Backdoors in Deep Learning: The Good, the Bad, and the Ugly" workshop @ NeurIPS 2023

[Khoa Doan]

Dear everyone, 

I am very excited to share with you that the 1st Edition of Backdoors in Deep Learning: The Good, the Bad, and the Ugly workshop will be hosted at NeurIPS 2023 in New Orleans (workshop date to be announced soon). Please find the workshop's details in the Call for Papers below.  

=== Modern AI development requires using and sharing of models and data safely. Uncovering backdoor, a foe and a friend at the front door. ===

Sincerely,

Khoa D Doan on behalf of the Organizing Committee!

********************************************************************************
The 2023 Backdoors in Deep Learning: The Good, the Bad, and the Ugly workshop @ NeurIPS 2023
********************************************************************************

We cordially invite submissions and participation in our “Backdoors in Deep Learning: The Good, the Bad, and the Ugly” workshop (https://neurips2023-bugs.github.io) that will be held on December 15 or 16, 2023 at NeurIPS 2023, New Orleans, USA. 

The submission deadline is September 29, 2023, 23:59 AoE and the submission link https://openreview.net/group?id=NeurIPS.cc/2023/Workshop/BUGS.

Motivations and Topics

Deep neural networks (DNNs) are revolutionizing almost all AI domains and have become the core of many modern AI systems. Despite their superior performance compared to classical methods, DNNs also face new security problems, such as adversarial and backdoor attacks, that are hard to discover and resolve due to their black-box-like property. Backdoor attacks are possible because of insecure model pretraining and outsourcing practices. Due to the complexity and the tremendous cost of collecting data and training models, many individuals/companies employ models or training data from third parties. Malicious third parties can add backdoors into their models or poison their released data before delivering it to the victims to gain illegal benefits. This threat seriously damages the safety and trustworthiness of AI development.

While most works consider backdoors “evil”, some studies leverage them for good purposes. A popular approach is to use the backdoor as a watermark to detect illegal uses of commercialized data/models. Watermarks can also be used to mark generated data, which becomes crucial with the introduction of big generative models (LLMs, text-to-image generators). For instance, the paper “A Watermark for Large Language Models” has received an outstanding paper award at ICML 2023, showing the community’s great interest in this critical topic. Besides, a few works employ the backdoor as a trapdoor for adversarial defense. Learning the underlying working mechanisms of backdoors also elevates our understanding of how deep learning models work.

This workshop is designed to provide a comprehensive understanding of the current state of backdoor research. Our goal is to foster discussion and perspective exchange, as well as to engage the community in identifying social good applications of backdoors. As such, we welcome submissions related to any aspect of backdoor research, including but not limited to:

• Backdoor attacks

  • Poisoning attacks

  • Dirty-label backdoor attacks

  • Clean-label backdoor attacks

  • Backdoors in various learning paradigms (e.g., supervised, semi-supervised, self-supervised)

  • Backdoors in various computer vision tasks (e.g., object detection, segmentation)

  • Backdoors in multimodal models (e.g., vision+language)

  • Backdoors in federated learning

  • Backdoors in NLP and less-studied domains (e.g., speech, graphs)

  • Backdoors in generative models (e.g., Diffusion models) 

  • Backdoors in Large Language Models

• Backdoor defenses

  • Backdoor detection (poisoned inputs, poisoned models) – Backdoor mitigation (data sanitization, model repair)

  • Understanding backdoor behaviors

• Backdoor for social good

  • Watermarking (for IP Protection, Ownership Verification, Generative Data Marking, etc...)

  • Trapdoor/Honeypot defenses

  • Model unlearning

  • Deep model behavior understanding

The workshop will employ a double-blind review process. Each submission will be evaluated based on the following criteria:

• Soundness of the methodology

• Relevance to the workshop

• Societal impacts

We only consider submissions that haven’t been published in any peer-reviewed venue, including NeurIPS 2023 conference. We allow dual submissions with other workshops or conferences. The workshop is non-archival and will not have any official proceedings. All accepted papers will be allocated either a poster presentation or a talk slot.

Important Dates

Submission Deadline: September 29, 2023, Anywhere on Earth (AoE) 

Author notification: October 27, 2023, Anywhere on Earth (AoE)

Camera-ready deadline: December 1, 2023, Anywhere on Earth (AoE)

Workshop Date: December 15 or 16, 2023

Organizers

Khoa D Doan, VinUniversity, Vietnam

Aniruddha Saha, University of Maryland, College Park, USA

Anh Tuan Tran, VinAI Research, Vietnam

Yingjie Lao, Clemson University, USA

Kok-seng Wong, VinUniversity, Vietnam

Ang Li, Simular Research, USA

Haripriya Harikumar, Deakin University, Australia

Eugene Bagdasaryan, Cornell Tech, USA

Micah Goldblum, New York University, USA

Tom Goldstein, University of Maryland, College Park, USA

Author Instructions Papers should be submitted to OpenReview: https://openreview.net/group?id=NeurIPS.cc/2023/Workshop/BUGS

Submitted papers should have up to 6 pages (excluding references, acknowledgments, or appendices). Please use the NeurIPS submission template provided at https://neurips.cc/Conferences/2023/PaperInformation/StyleFiles

Submissions must be anonymous following NeurIPS double-blind reviewing guidelines, NeurIPS Code of Conduct, and Code of Ethics. Accepted papers will be hosted on the workshop website but are considered non-archival and can be submitted to other workshops, conferences, or journals if their submission policy allows.