English
Related papers

Related papers: MetaPoison: Practical General-purpose Clean-label …

200 papers

Data poisoning is an attack on machine learning models wherein the attacker adds examples to the training set to manipulate the behavior of the model at test time. This paper explores poisoning attacks on neural nets. The proposed attacks…

Machine Learning · Computer Science 2018-11-13 Ali Shafahi , W. Ronny Huang , Mahyar Najibi , Octavian Suciu , Christoph Studer , Tudor Dumitras , Tom Goldstein

Deep neural networks are vulnerable to backdoor attacks, a type of adversarial attack that poisons the training data to manipulate the behavior of models trained on such data. Clean-label attacks are a more stealthy form of backdoor attacks…

Machine Learning · Computer Science 2024-07-17 Quang H. Nguyen , Nguyen Ngoc-Hieu , The-Anh Ta , Thanh Nguyen-Tang , Kok-Seng Wong , Hoang Thanh-Tung , Khoa D. Doan

The unprecedented availability of training data fueled the rapid development of powerful neural networks in recent years. However, the need for such large amounts of data leads to potential threats such as poisoning attacks: adversarial…

Machine Learning · Computer Science 2024-03-21 Fabio De Gaspari , Dorjan Hitaj , Luigi V. Mancini

Semi-supervised machine learning models learn from a (small) set of labeled training examples, and a (large) set of unlabeled training examples. State-of-the-art models can reach within a few percentage points of fully-supervised training,…

Machine Learning · Computer Science 2021-08-11 Nicholas Carlini

We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the…

Machine Learning · Computer Science 2024-08-02 Jimmy Z. Di , Jack Douglas , Jayadev Acharya , Gautam Kamath , Ayush Sekhari

Deep neural networks are susceptible to poisoning attacks by purposely polluted training data with specific triggers. As existing episodes mainly focused on attack success rate with patch-based samples, defense algorithms can easily detect…

Cryptography and Security · Computer Science 2021-01-11 Jinyin Chen , Longyuan Zhang , Haibin Zheng , Xueke Wang , Zhaoyan Ming

Data Poisoning attacks modify training data to maliciously control a model trained on such data. In this work, we focus on targeted poisoning attacks which cause a reclassification of an unmodified test image and as such breach model…

Computer Vision and Pattern Recognition · Computer Science 2021-05-11 Jonas Geiping , Liam Fowl , W. Ronny Huang , Wojciech Czaja , Gavin Taylor , Michael Moeller , Tom Goldstein

Instruction tuning is an effective technique to align large language models (LLMs) with human intents. In this work, we investigate how an adversary can exploit instruction tuning by injecting specific instruction-following examples into…

Cryptography and Security · Computer Science 2023-10-31 Manli Shu , Jiongxiao Wang , Chen Zhu , Jonas Geiping , Chaowei Xiao , Tom Goldstein

Data poisoning causes misclassification of test time target examples by injecting maliciously crafted samples in the training data. Existing defenses are often effective only against a specific type of targeted attack, significantly degrade…

Machine Learning · Computer Science 2022-10-19 Yu Yang , Tian Yu Liu , Baharan Mirzasoleiman

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Data poisoning is a training-time attack that undermines the trustworthiness of learned models. In a targeted data poisoning attack, an adversary manipulates the training dataset to alter the classification of a targeted test point. Given…

Machine Learning · Computer Science 2025-11-18 Nakshatra Gupta , Sumanth Prabhu , Supratik Chakraborty , R Venkatesh

Deep learning has become a cornerstone of modern artificial intelligence, enabling transformative applications across a wide range of domains. As the core element of deep learning, the quality and security of training data critically…

Cryptography and Security · Computer Science 2025-04-01 Pinlong Zhao , Weiyao Zhu , Pengfei Jiao , Di Gao , Ou Wu

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao

Poisoning attacks on machine learning systems compromise the model performance by deliberately injecting malicious samples in the training dataset to influence the training process. Prior works focus on either availability attacks (i.e.,…

Machine Learning · Computer Science 2021-10-13 Bingyin Zhao , Yingjie Lao

Clean-label poisoning attacks inject innocuous looking (and "correctly" labeled) poison images into training data, causing a model to misclassify a targeted image after being trained on this data. We consider transferable poisoning attacks…

Machine Learning · Statistics 2019-05-17 Chen Zhu , W. Ronny Huang , Ali Shafahi , Hengduo Li , Gavin Taylor , Christoph Studer , Tom Goldstein

The generalization bound is a crucial theoretical tool for assessing the generalizability of learning methods and there exist vast literatures on generalizability of normal learning, adversarial learning, and data poisoning. Unlike other…

Machine Learning · Computer Science 2024-06-05 Lijia Yu , Shuang Liu , Yibo Miao , Xiao-Shan Gao , Lijun Zhang

Continual learning algorithms are typically exposed to untrusted sources that contain training data inserted by adversaries and bad actors. An adversary can insert a small number of poisoned samples, such as mislabeled samples from…

Machine Learning · Computer Science 2023-11-21 Huayu Li , Gregory Ditzler

Machine learning is susceptible to poisoning attacks, in which an attacker controls a small fraction of the training data and chooses that data with the goal of inducing some behavior unintended by the model developer in the trained model.…

Machine Learning · Computer Science 2023-11-21 Evan Rose , Fnu Suya , David Evans

With the increase in machine learning (ML) applications in different domains, incentives for deceiving these models have reached more than ever. As data is the core backbone of ML algorithms, attackers shifted their interest toward…

Cryptography and Security · Computer Science 2023-01-04 Kshitiz Aryal , Maanak Gupta , Mahmoud Abdelsalam
‹ Prev 1 2 3 10 Next ›