Beyond Native Success: Auditing Deployment-Interface Exposure of CLIP Backdoors
Researchers have developed a new framework called DIFE to evaluate the security vulnerabilities of Contrastive Language-Image Pre-training (CLIP) models when reused across different interfaces. The study found that backdoors in CLIP models do not guarantee continued effectiveness when applied to new tasks, and exposure is dependent on specific model components. To address a identified gap, a new method called BadTextTower was introduced, which creates a reusable carrier for adversarial behavior in the text encoder. AI
IMPACT New auditing framework reveals that CLIP model backdoors may not transfer effectively to downstream tasks, highlighting component-specific risks.