As asynchronous event data is more frequently engaged in various vision tasks, the risk of backdoor attacks becomes more evident. However, research into the potential risk associated with backdoor attacks in asynchronous event data has been scarce, leaving related tasks vulnerable to potential threats. This paper has uncovered the possibility of directly poisoning event data streams by proposing Event Trojan framework, including two kinds of triggers, i.e., immutable and mutable triggers. Specifically, our two types of event triggers are based on a sequence of simulated event spikes, which can be easily incorporated into any event stream to initiate backdoor attacks. Additionally, for the mutable trigger, we design an adaptive learning mechanism to maximize its aggressiveness. To improve the stealthiness, we introduce a novel loss function that constrains the generated contents of mutable triggers, minimizing the difference between triggers and original events while maintaining effectiveness. Extensive experiments on public event datasets show the effectiveness of the proposed backdoor triggers. We hope that this paper can draw greater attention to the potential threats posed by backdoor attacks on event-based tasks. Our code is available at https://github.com/rfww/EventTrojan.

翻译：随着异步事件数据在各类视觉任务中的应用日益频繁，后门攻击的风险也愈发凸显。然而，针对异步事件数据中后门攻击潜在风险的研究尚显匮乏，导致相关任务易受潜在威胁。本文通过提出Event Trojan框架，揭示了直接污染事件数据流的可能性，该框架包含两种触发器，即不可变触发器与可变触发器。具体而言，我们的两类事件触发器均基于模拟事件脉冲序列构建，可轻易嵌入任意事件流以发起后门攻击。此外，针对可变触发器，我们设计了一种自适应学习机制以最大化其攻击性。为提升隐蔽性，我们引入了一种新颖的损失函数，用于约束可变触发器生成的内容，在保持攻击有效性的同时最小化触发器与原始事件之间的差异。在公开事件数据集上的大量实验验证了所提后门触发器的有效性。我们希望本文能引起学界对基于事件的任务所面临后门攻击潜在威胁的更多关注。代码已开源：https://github.com/rfww/EventTrojan。