English
Related papers

Related papers: MetaPoison: Practical General-purpose Clean-label …

200 papers

Backdoor attacks insert malicious data into a training set so that, during inference time, it misclassifies inputs that have been patched with a backdoor trigger as the malware specified label. For backdoor attacks to bypass human…

Cryptography and Security · Computer Science 2022-04-18 Yi Zeng , Minzhou Pan , Hoang Anh Just , Lingjuan Lyu , Meikang Qiu , Ruoxi Jia

Semi-supervised machine learning (SSL) is gaining popularity as it reduces the cost of training ML models. It does so by using very small amounts of (expensive, well-inspected) labeled data and large amounts of (cheap, non-inspected)…

Cryptography and Security · Computer Science 2022-11-02 Virat Shejwalkar , Lingjuan Lyu , Amir Houmansadr

Our research addresses the overlooked security concerns related to data poisoning in continual learning (CL). Data poisoning - the intentional manipulation of training data to affect the predictions of machine learning models - was recently…

Cryptography and Security · Computer Science 2025-08-12 Stanisław Pawlak , Bartłomiej Twardowski , Tomasz Trzciński , Joost van de Weijer

Targeted data poisoning (TDP) aims to compromise the model's prediction on a specific (test) target by perturbing a small subset of training data. Existing work on TDP has focused on an overly ideal threat model in which the same image…

Computer Vision and Pattern Recognition · Computer Science 2025-07-29 Zhizhen Chen , Zhengyu Zhao , Subrat Kishore Dutta , Chenhao Lin , Chao Shen , Xiao Zhang

Gradient attacks and data poisoning tamper with the training of machine learning algorithms to maliciously alter them and have been proven to be equivalent in convex settings. The extent of harm these attacks can produce in non-convex…

Machine Learning · Computer Science 2024-12-12 Wassim Bouaziz , El-Mahdi El-Mhamdi , Nicolas Usunier

Attacks on machine learning models have been, since their conception, a very persistent and evasive issue resembling an endless cat-and-mouse game. One major variant of such attacks is poisoning attacks which can indirectly manipulate an ML…

Machine Learning · Computer Science 2022-04-05 Alaa Anani , Mohamed Ghanem , Lotfy Abdel Khaliq

Manipulation of local training data and local updates, i.e., the poisoning attack, is the main threat arising from the collaborative nature of the federated learning (FL) paradigm. Most existing poisoning attacks aim to manipulate local…

Machine Learning · Computer Science 2025-05-30 Huazi Pan , Yanjun Zhang , Leo Yu Zhang , Scott Adams , Abbas Kouzani , Suiyang Khoo

Recently, several studies have indicated that data poisoning attacks pose a severe security threat to deep learning-based (DL-based) code search models. Attackers inject carefully crafted malicious patterns into the training data,…

Software Engineering · Computer Science 2025-07-16 Gong Chen , Wenjie Liu , Xiaoyuan Xie , Xunzhu Tang , Tegawendé F. Bissyandé , Songqiang Chen

Property inference attacks consider an adversary who has access to the trained model and tries to extract some global statistics of the training data. In this work, we study property inference in scenarios where the adversary can…

Machine Learning · Computer Science 2021-01-28 Melissa Chase , Esha Ghosh , Saeed Mahloujifar

Code autocompletion is an integral feature of modern code editors and IDEs. The latest generation of autocompleters uses neural language models, trained on public open-source code repositories, to suggest likely (not just statically…

Cryptography and Security · Computer Science 2020-10-12 Roei Schuster , Congzheng Song , Eran Tromer , Vitaly Shmatikov

Machine learning models trained on data from the outside world can be corrupted by data poisoning attacks that inject malicious points into the models' training sets. A common defense against these attacks is data sanitization: first filter…

Machine Learning · Statistics 2021-12-06 Pang Wei Koh , Jacob Steinhardt , Percy Liang

Research in adversarial machine learning (AML) has shown that statistical models are vulnerable to maliciously altered data. However, despite advances in Bayesian machine learning models, most AML research remains concentrated on classical…

Machine Learning · Statistics 2025-06-04 Matthieu Carreau , Roi Naveiro , William N. Caballero

Machine learning has become an important component for many systems and applications including computer vision, spam filtering, malware and network intrusion detection, among others. Despite the capabilities of machine learning algorithms…

Machine Learning · Statistics 2018-02-14 Andrea Paudice , Luis Muñoz-González , Andras Gyorgy , Emil C. Lupu

The growing importance of massive datasets used for deep learning makes robustness to label noise a critical property for classifiers to have. Sources of label noise include automatic labeling, non-expert labeling, and label corruption by…

Machine Learning · Computer Science 2019-01-30 Dan Hendrycks , Mantas Mazeika , Duncan Wilson , Kevin Gimpel

As machine learning models become increasingly complex, concerns about their robustness and trustworthiness have become more pressing. A critical vulnerability of these models is data poisoning attacks, where adversaries deliberately alter…

Machine Learning · Computer Science 2024-10-14 Isha Gupta , Hidde Lycklama , Emanuel Opel , Evan Rose , Anwar Hithnawi

Audio-based machine learning systems frequently use public or third-party data, which might be inaccurate. This exposes deep neural network (DNN) models trained on such data to potential data poisoning attacks. In this type of assault,…

Cryptography and Security · Computer Science 2024-04-09 Orson Mengara

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Recently, NLP has seen a surge in the usage of large pre-trained models. Users download weights of models pre-trained on large datasets, then fine-tune the weights on a task of their choice. This raises the question of whether downloading…

Machine Learning · Computer Science 2020-04-15 Keita Kurita , Paul Michel , Graham Neubig

Poisoning attacks have emerged as a significant security threat to machine learning algorithms. It has been demonstrated that adversaries who make small changes to the training set, such as adding specially crafted data points, can hurt the…

Machine Learning · Computer Science 2021-12-14 Samuel Deng , Sanjam Garg , Somesh Jha , Saeed Mahloujifar , Mohammad Mahmoody , Abhradeep Thakurta

Collecting training data from untrusted sources exposes machine learning services to poisoning adversaries, who maliciously manipulate training data to degrade the model accuracy. When trained on offline datasets, poisoning adversaries have…

Machine Learning · Computer Science 2021-10-27 Tianyu Pang , Xiao Yang , Yinpeng Dong , Hang Su , Jun Zhu