English
Related papers

Related papers: Weight Poisoning Attacks on Pre-trained Models

200 papers

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), such that the attacked model performs well on benign samples, whereas its prediction will be maliciously changed if the hidden backdoor is activated by the…

Cryptography and Security · Computer Science 2022-04-13 Shaik Mohammed Maqsood , Viveros Manuela Ceron , Addluri GowthamKrishna

Large pre-trained models have achieved notable success across a range of downstream tasks. However, recent research shows that a type of adversarial attack ($\textit{i.e.,}$ backdoor attack) can manipulate the behavior of machine learning…

Artificial Intelligence · Computer Science 2024-10-29 Dongliang Guo , Mengxuan Hu , Zihan Guan , Junfeng Guo , Thomas Hartvigsen , Sheng Li

Adversarial machine learning has exposed several security hazards of neural models and has become an important research topic in recent times. Thus far, the concept of an "adversarial perturbation" has exclusively been used with reference…

Machine Learning · Computer Science 2020-09-22 Siddhant Garg , Adarsh Kumar , Vibhor Goel , Yingyu Liang

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

The recent success of machine learning (ML) has been fueled by the increasing availability of computing power and large amounts of data in many different applications. However, the trustworthiness of the resulting models can be compromised…

Cryptography and Security · Computer Science 2024-03-11 Antonio Emanuele Cinà , Kathrin Grosse , Ambra Demontis , Battista Biggio , Fabio Roli , Marcello Pelillo

Deep learning models have consistently outperformed traditional machine learning models in various classification tasks, including image classification. As such, they have become increasingly prevalent in many real world applications…

Cryptography and Security · Computer Science 2018-08-31 Cong Liao , Haoti Zhong , Anna Squicciarini , Sencun Zhu , David Miller

The financial industry relies on deep learning models for making important decisions. This adoption brings new danger, as deep black-box models are known to be vulnerable to adversarial attacks. In computer vision, one can shape the output…

Machine Learning · Computer Science 2024-08-27 Alina Ermilova , Elizaveta Kovtun , Dmitry Berestnev , Alexey Zaytsev

Data poisoning is a training-time attack that undermines the trustworthiness of learned models. In a targeted data poisoning attack, an adversary manipulates the training dataset to alter the classification of a targeted test point. Given…

Machine Learning · Computer Science 2025-11-18 Nakshatra Gupta , Sumanth Prabhu , Supratik Chakraborty , R Venkatesh

Backdoor data poisoning attacks have recently been demonstrated in computer vision research as a potential safety risk for machine learning (ML) systems. Traditional data poisoning attacks manipulate training data to induce unreliability of…

Computer Vision and Pattern Recognition · Computer Science 2020-04-27 Loc Truong , Chace Jones , Brian Hutchinson , Andrew August , Brenda Praggastis , Robert Jasper , Nicole Nichols , Aaron Tuor

Recent advances in federated learning have demonstrated its promising capability to learn on decentralized datasets. However, a considerable amount of work has raised concerns due to the potential risks of adversaries participating in the…

Machine Learning · Computer Science 2022-10-25 KiYoon Yoo , Nojun Kwak

Recent studies have shown that Large Language Models (LLMs) are vulnerable to data poisoning attacks, where malicious training examples embed hidden behaviours triggered by specific input patterns. However, most existing works assume a…

Computation and Language · Computer Science 2025-10-10 Sanhanat Sivapiromrat , Caiqi Zhang , Marco Basaldella , Nigel Collier

Backdoor attacks have become an emerging threat to NLP systems. By providing poisoned training data, the adversary can embed a "backdoor" into the victim model, which allows input instances satisfying certain textual patterns (e.g.,…

Computation and Language · Computer Science 2023-05-30 Jun Yan , Vansh Gupta , Xiang Ren

Recently, various parameter-efficient fine-tuning (PEFT) strategies for application to language models have been proposed and successfully implemented. However, this raises the question of whether PEFT, which only updates a limited set of…

Cryptography and Security · Computer Science 2024-04-01 Shuai Zhao , Leilei Gan , Luu Anh Tuan , Jie Fu , Lingjuan Lyu , Meihuizi Jia , Jinming Wen

Large language models are pre-trained on uncurated text datasets consisting of trillions of tokens scraped from the Web. Prior work has shown that: (1) web-scraped pre-training datasets can be practically poisoned by malicious actors; and…

Cryptography and Security · Computer Science 2024-10-18 Yiming Zhang , Javier Rando , Ivan Evtimov , Jianfeng Chi , Eric Michael Smith , Nicholas Carlini , Florian Tramèr , Daphne Ippolito

While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data…

Backdoor attacks are a kind of emergent security threat in deep learning. After being injected with a backdoor, a deep neural model will behave normally on standard inputs but give adversary-specified predictions once the input contains…

Cryptography and Security · Computer Science 2022-10-20 Yangyi Chen , Fanchao Qi , Hongcheng Gao , Zhiyuan Liu , Maosong Sun

In-context learning, a paradigm bridging the gap between pre-training and fine-tuning, has demonstrated high efficacy in several NLP tasks, especially in few-shot settings. Despite being widely applied, in-context learning is vulnerable to…

Computation and Language · Computer Science 2024-10-10 Shuai Zhao , Meihuizi Jia , Luu Anh Tuan , Fengjun Pan , Jinming Wen

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of…

Cryptography and Security · Computer Science 2021-09-29 Matthew Jagielski , Alina Oprea , Battista Biggio , Chang Liu , Cristina Nita-Rotaru , Bo Li