Core Concepts
PEFT introduces security risks through PETA, a trojan attack embedding backdoors in PLMs.
Abstract
PEFT allows efficient adaptation of PLMs with minimal parameter tuning. PETA introduces a novel trojan attack compromising PLMs by embedding backdoors. The attack ensures the backdoor persists post fine-tuning, demonstrating effectiveness across tasks and trigger designs. The attacker's knowledge of the victim user's training process is not essential for successful attacks.
Stats
PEFT achieves performance comparable to full-scale fine-tuning.
PETA demonstrates effectiveness in terms of attack success rate and clean accuracy.
Quotes
"PEFT not only curtails training costs but also achieves performance comparable to full-scale fine-tuning."
"PETA's approach of accounting for PEFT in the bilevel optimization objective is essential for maintaining the correlation between the trigger and the target label."