BrainWash: A Poisoning Attack to Forget in Continual Learning

Continual learning has garnered substantial attention within the deep learning community, offering promising solutions to the challenging problem of sequential learning. However, a largely unexplored aspect of this paradigm is its vulnerability to adversarial attacks, particularly those designed to induce forgetting. In this paper, we introduce "BrainWash," a novel poisoning attack specifically tailored to impose forgetting on a continual learner. By adding the BrainWash noise to various baselines, we demonstrate that a trained continual learner can be induced to forget its previously learned tasks catastrophically. A key feature of our approach is that the attacker does not require access to the data from previous tasks and only needs the model's current parameters and the data for the next task that the continual learner will undertake. Our extensive experiments underscore the efficacy of BrainWash, showcasing a degradation in performance across various regularization-based continual learning methods.