English
Related papers

Related papers: Preventing Clean Label Poisoning using Gaussian Mi…

200 papers

Recent studies have shown that deep neural networks (DNNs) are vulnerable to backdoor attacks, where a designed trigger is injected into the dataset, causing erroneous predictions when activated. In this paper, we propose a novel defense…

Machine Learning · Computer Science 2025-08-08 Wenjie Huo , Katinka Wolter

Deep neural networks (DNNs) have the capacity to fit extremely noisy labels nonetheless they tend to learn data with clean labels first and then memorize those with noisy labels. We examine this behavior in light of the Shannon entropy of…

Machine Learning · Computer Science 2021-04-28 Hao Wu , Jiangchao Yao , Jiajie Wang , Yinru Chen , Ya Zhang , Yanfeng Wang

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Graph Neural Networks (GNNs) have achieved remarkable results in various tasks. Recent studies reveal that graph backdoor attacks can poison the GNN model to predict test nodes with triggers attached as the target class. However, apart from…

Machine Learning · Computer Science 2026-04-15 Yuxiang Zhang , Bin Ma , Enyan Dai

Data Poisoning attacks modify training data to maliciously control a model trained on such data. In this work, we focus on targeted poisoning attacks which cause a reclassification of an unmodified test image and as such breach model…

Computer Vision and Pattern Recognition · Computer Science 2021-05-11 Jonas Geiping , Liam Fowl , W. Ronny Huang , Wojciech Czaja , Gavin Taylor , Michael Moeller , Tom Goldstein

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Recent research has highlighted the vulnerability of Deep Neural Networks (DNNs) against data poisoning attacks. These attacks aim to inject poisoning samples into the models' training dataset such that the trained models have inference…

Cryptography and Security · Computer Science 2025-06-03 Pengfei He , Han Xu , Jie Ren , Yingqian Cui , Hui Liu , Charu C. Aggarwal , Jiliang Tang

Deep neural networks (DNNs) are recently shown to be vulnerable to backdoor attacks, where attackers embed hidden backdoors in the DNN model by injecting a few poisoned examples into the training dataset. While extensive efforts have been…

Artificial Intelligence · Computer Science 2023-03-14 Zaixi Zhang , Qi Liu , Zhicai Wang , Zepu Lu , Qingyong Hu

Backdoor attacks against CNNs represent a new threat against deep learning systems, due to the possibility of corrupting the training set so to induce an incorrect behaviour at test time. To avoid that the trainer recognises the presence of…

Cryptography and Security · Computer Science 2019-03-01 Mauro Barni , Kassem Kallas , Benedetta Tondi

Training pipelines for machine learning (ML) based malware classification often rely on crowdsourced threat feeds, exposing a natural attack injection point. In this paper, we study the susceptibility of feature-based ML malware classifiers…

Cryptography and Security · Computer Science 2021-01-12 Giorgio Severi , Jim Meyer , Scott Coull , Alina Oprea

Data poisoning considers an adversary that distorts the training set of machine learning algorithms for malicious purposes. In this work, we bring to light one conjecture regarding the fundamentals of data poisoning, which we call the…

Machine Learning · Computer Science 2022-10-20 Wenxiao Wang , Alexander Levine , Soheil Feizi

Backdoor attacks pose a new threat to NLP models. A standard strategy to construct poisoned data in backdoor attacks is to insert triggers (e.g., rare words) into selected sentences and alter the original label to a target label. This…

Computation and Language · Computer Science 2022-04-28 Leilei Gan , Jiwei Li , Tianwei Zhang , Xiaoya Li , Yuxian Meng , Fei Wu , Yi Yang , Shangwei Guo , Chun Fan

Federated learning (FL) has garnered significant attention as a prominent privacy-preserving Machine Learning (ML) paradigm. Decentralized FL (DFL) eschews traditional FL's centralized server architecture, enhancing the system's robustness…

Machine Learning · Computer Science 2025-02-10 Chao Feng , Yunlong Li , Yuanzhe Gao , Alberto Huertas Celdrán , Jan von der Assen , Gérôme Bovet , Burkhard Stiller

Poisoning-based backdoor attacks expose vulnerabilities in the data preparation stage of deep neural network (DNN) training. The DNNs trained on the poisoned dataset will be embedded with a backdoor, making them behave well on clean data…

Computer Vision and Pattern Recognition · Computer Science 2024-05-10 Binxiao Huang , Jason Chun Lok , Chang Liu , Ngai Wong

We present a certified defense to clean-label poisoning attacks under $\ell_2$-norm. These attacks work by injecting a small number of poisoning samples (e.g., 1%) that contain bounded adversarial perturbations into the training data to…

Cryptography and Security · Computer Science 2025-06-03 Sanghyun Hong , Nicholas Carlini , Alexey Kurakin

With the increase in machine learning (ML) applications in different domains, incentives for deceiving these models have reached more than ever. As data is the core backbone of ML algorithms, attackers shifted their interest toward…

Cryptography and Security · Computer Science 2023-01-04 Kshitiz Aryal , Maanak Gupta , Mahmoud Abdelsalam

Graph-based Semi-Supervised Learning (GSSL) is a practical solution to learn from a limited amount of labelled data together with a vast amount of unlabelled data. However, due to their reliance on the known labels to infer the unknown…

Machine Learning · Computer Science 2022-05-12 Adriano Franci , Maxime Cordy , Martin Gubri , Mike Papadakis , Yves Le Traon

Continual learning algorithms are typically exposed to untrusted sources that contain training data inserted by adversaries and bad actors. An adversary can insert a small number of poisoned samples, such as mislabeled samples from…

Machine Learning · Computer Science 2023-11-21 Huayu Li , Gregory Ditzler

Due to its powerful feature learning capability and high efficiency, deep hashing has achieved great success in large-scale image retrieval. Meanwhile, extensive works have demonstrated that deep neural networks (DNNs) are susceptible to…

Computer Vision and Pattern Recognition · Computer Science 2022-07-14 Shengshan Hu , Ziqi Zhou , Yechao Zhang , Leo Yu Zhang , Yifeng Zheng , Yuanyuan HE , Hai Jin

Most recent studies have shown several vulnerabilities to attacks with the potential to jeopardize the integrity of the model, opening in a few recent years a new window of opportunity in terms of cyber-security. The main interest of this…