Dataset distillation offers a potential means to enhance data efficiency in deep learning. Recent studies have shown its ability to counteract backdoor risks present in original training samples. In this study, we delve into the theoretical aspects of backdoor attacks and dataset distillation based on kernel methods. We introduce two new theory-driven trigger pattern generation methods specialized for dataset distillation. Following a comprehensive set of analyses and experiments, we show that our optimization-based trigger design framework informs effective backdoor attacks on dataset distillation. Notably, datasets poisoned by our designed trigger prove resilient against conventional backdoor attack detection and mitigation methods. Our empirical results validate that the triggers developed using our approaches are proficient at executing resilient backdoor attacks.

翻译：数据集蒸馏为提升深度学习中的数据效率提供了一种潜在手段。近期研究表明，其能够抵御原始训练样本中存在的后门风险。本研究基于核方法，深入探讨后门攻击与数据集蒸馏的理论层面。我们提出两种针对数据集蒸馏的、由理论驱动的触发器模式生成新方法。通过一系列综合分析及实验，我们证明基于优化的触发器设计框架能够有效实现针对数据集蒸馏的后门攻击。值得注意的是，经我们设计的触发器污染后的数据集，能够抵御传统后门攻击检测与缓解方法。实证结果表明，运用我们方法开发的触发器能够高效实施具有鲁棒性的后门攻击。