Abbasi, Ali; Nooralinejad, Parsa; Pirsiavash, Hamed; Kolouri, Soheil. “.” Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2024, pp. 24057-24067, .听
Continual learning, a field within deep learning, has become increasingly important as it offers solutions to the challenge of learning new tasks over time without forgetting previous ones. However, a largely overlooked issue is how vulnerable continual learning models are to attacks that can intentionally make them forget what they鈥檝e learned. In this paper, we introduce a new attack method called 鈥淏rain-Wash,鈥 which is designed to make a continual learner forget previously learned tasks by poisoning the data it鈥檚 learning from. By adding Brain-Wash noise to various existing models, we show how a trained continual learning model can be made to forget its past tasks dramatically, even when using methods that are supposed to prevent this. What makes our approach particularly interesting is that the attacker doesn鈥檛 need access to the data from past tasks; they only need the model鈥檚 current parameters and the data from the most recent task. Our extensive experiments demonstrate how effective Brain-Wash is, showing that it can significantly reduce the performance of different continual learning methods that use regularization and memory replay techniques. Our code is available online for others to explore: 听
Figure 1.听听
BrainWash is a poisoning attack targeting continual learning systems. It sabotages a task so that, upon learning it, the system’s rate of forgetting previously learned tasks is increased.听
