Self-Supervised Learning (SSL) has emerged as a significant paradigm in representation learning thanks to its ability to learn without extensive labeled data, its strong generalization capabilities, and its potential for privacy preservation. However, recent research reveals that SSL models are also vulnerable to backdoor attacks. Existing backdoor attack methods in the SSL context commonly suffer from issues such as high detectability of triggers, feature entanglement, and pronounced out-of-distribution properties in poisoned samples, all of which compromises attack effectiveness and stealthiness. To that, we propose a Dynamic Stealthy Backdoor Attack (DSBA) backed by a new technique we term Collaborative Optimization. This method decouples the attack process into two collaborative optimization layers: the outer-layer optimization trains a backdoor encoder responsible for global feature space remodeling, aiming to achieve precise backdoor implantation while preserving core functionality; meanwhile, the inner-layer optimization employs a dynamically optimized generator to adaptively produce optimally concealed triggers for individual samples, achieving coordinated concealment across feature space and visual space. We also introduce multiple loss functions to dynamically balance attack performance and stealthiness, in which we employ an adaptive weight scheduling mechanism to enhance training stability. Extensive experiments on various mainstream SSL algorithms and five public datasets demonstrate that: (i) DSBA significantly enhances Attack Success Rate (ASR) and stealthiness while maintaining downstream task accuracy; and (ii) DSBA exhibits superior robustness against existing mainstream defense methods.

翻译：自监督学习（SSL）因其无需大量标注数据的学习能力、强大的泛化性能以及隐私保护潜力，已成为表示学习的重要范式。然而，近期研究表明SSL模型同样易受后门攻击。现有SSL环境中的后门攻击方法普遍存在触发器可检测性高、特征纠缠以及中毒样本分布外特性明显等问题，这些问题均会损害攻击效果与隐蔽性。为此，我们提出一种动态隐蔽后门攻击（DSBA），该方法以我们称为协同优化的新技术为支撑。该攻击过程解耦为两个协同优化层：外层优化训练负责全局特征空间重构的后门编码器，旨在实现精确后门植入的同时保持核心功能；与此同时，内层优化采用动态优化生成器，为各样本自适应生成最优隐蔽触发器，实现特征空间与视觉空间的协同隐蔽。我们还引入多种损失函数以动态平衡攻击性能与隐蔽性，其中采用自适应权重调度机制以增强训练稳定性。在多种主流SSL算法及五个公开数据集上的大量实验表明：（i）DSBA在保持下游任务准确率的同时，显著提升了攻击成功率（ASR）与隐蔽性；（ii）DSBA对现有主流防御方法展现出卓越的鲁棒性。