English
Related papers

Related papers: Weight Poisoning Attacks on Pre-trained Models

200 papers

Machine learning is vulnerable to adversarial manipulation. Previous literature has demonstrated that at the training stage attackers can manipulate data and data sampling procedures to control model behaviour. A common attack goal is to…

Machine Learning · Computer Science 2022-06-17 Mikel Bober-Irizar , Ilia Shumailov , Yiren Zhao , Robert Mullins , Nicolas Papernot

Backdoors and poisoning attacks are a major threat to the security of machine-learning and vision systems. Often, however, these attacks leave visible artifacts in the images that can be visually detected and weaken the efficacy of the…

Cryptography and Security · Computer Science 2020-03-20 Erwin Quiring , Konrad Rieck

Deep image classification models trained on vast amounts of web-scraped data are susceptible to data poisoning - a mechanism for backdooring models. A small number of poisoned samples seen during training can severely undermine a model's…

Cryptography and Security · Computer Science 2023-06-30 Nils Lukas , Florian Kerschbaum

Instruction tuning is an effective technique to align large language models (LLMs) with human intents. In this work, we investigate how an adversary can exploit instruction tuning by injecting specific instruction-following examples into…

Cryptography and Security · Computer Science 2023-10-31 Manli Shu , Jiongxiao Wang , Chen Zhu , Jonas Geiping , Chaowei Xiao , Tom Goldstein

Deep learning models are well known to be susceptible to backdoor attack, where the attacker only needs to provide a tampered dataset on which the triggers are injected. Models trained on the dataset will passively implant the backdoor, and…

Cryptography and Security · Computer Science 2024-06-21 Zonghao Ying , Bin Wu

Machine learning models have achieved great success in supervised learning tasks for end-to-end training, which requires a large amount of labeled data that is not always feasible. Recently, many practitioners have shifted to…

Machine Learning · Computer Science 2024-02-21 Yiwei Lu , Matthew Y. R. Yang , Gautam Kamath , Yaoliang Yu

Dense retrieval systems have been widely used in various NLP applications. However, their vulnerabilities to potential attacks have been underexplored. This paper investigates a novel attack scenario where the attackers aim to mislead the…

Computation and Language · Computer Science 2025-08-26 Quanyu Long , Yue Deng , LeiLei Gan , Wenya Wang , Sinno Jialin Pan

With the broad application of deep neural networks (DNNs), backdoor attacks have gradually attracted attention. Backdoor attacks are insidious, and poisoned models perform well on benign samples and are only triggered when given specific…

Machine Learning · Computer Science 2022-07-12 Chang Yue , Peizhuo Lv , Ruigang Liang , Kai Chen

Prompt injection attack, where an attacker injects a prompt into the original one, aiming to make an Large Language Model (LLM) follow the injected prompt to perform an attacker-chosen task, represent a critical security threat. Existing…

Cryptography and Security · Computer Science 2025-09-16 Zedian Shao , Hongbin Liu , Jaden Mu , Neil Zhenqiang Gong

With the success of deep learning algorithms in various domains, studying adversarial attacks to secure deep models in real world applications has become an important research topic. Backdoor attacks are a form of adversarial attacks on…

Computer Vision and Pattern Recognition · Computer Science 2019-12-24 Aniruddha Saha , Akshayvarun Subramanya , Hamed Pirsiavash

Targeted data poisoning attacks manipulate model predictions on specific test samples by injecting malicious data into training. Yet existing evaluations report average attack success rates over randomly selected targets, obscuring true…

Machine Learning · Computer Science 2026-05-25 William Xu , Chenyu Zhang , Yihan Wang , Matthew Y. R. Yang , Zuoqiu Liu , Gautam Kamath , Yaoliang Yu , Yiwei Lu

Recently, backdoor attacks pose a new security threat to the training process of deep neural networks (DNNs). Attackers intend to inject hidden backdoors into DNNs, such that the attacked model performs well on benign samples, whereas its…

Cryptography and Security · Computer Science 2021-08-16 Yuezun Li , Yiming Li , Baoyuan Wu , Longkang Li , Ran He , Siwei Lyu

Semi-supervised machine learning models learn from a (small) set of labeled training examples, and a (large) set of unlabeled training examples. State-of-the-art models can reach within a few percentage points of fully-supervised training,…

Machine Learning · Computer Science 2021-08-11 Nicholas Carlini

Language Models (LMs) are becoming increasingly popular in real-world applications. Outsourcing model training and data hosting to third-party platforms has become a standard method for reducing costs. In such a situation, the attacker can…

Cryptography and Security · Computer Science 2024-12-05 Pengzhou Cheng , Zongru Wu , Wei Du , Haodong Zhao , Wei Lu , Gongshen Liu

Deep neural networks are highly susceptible to backdoor attacks, yet most defense methods to date rely on balanced data, overlooking the pervasive class imbalance in real-world scenarios that can amplify backdoor threats. This paper…

Cryptography and Security · Computer Science 2026-02-03 Miao Lin , Feng Yu , Rui Ning , Lusi Li , Jiawei Chen , Qian Lou , Mengxin Zheng , Chunsheng Xin , Hongyi Wu

Deep neural networks (DNNs) are vulnerable to the \emph{backdoor attack}, which intends to embed hidden backdoors in DNNs by poisoning training data. The attacked model behaves normally on benign samples, whereas its prediction will be…

Cryptography and Security · Computer Science 2021-04-06 Yiming Li , Yanjie Li , Yalei Lv , Yong Jiang , Shu-Tao Xia

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao

The use of third-party datasets and pre-trained machine learning models poses a threat to NLP systems due to possibility of hidden backdoor attacks. Existing attacks involve poisoning the data samples such as insertion of tokens or sentence…

Computation and Language · Computer Science 2024-04-09 Irina Alekseevskaia , Konstantin Arkhipenko

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri

Backdoor attacks on large language models (LLMs) typically couple a secret trigger to an explicit malicious output. We show that this explicit association is unnecessary for common LLMs. We introduce a compliance-only backdoor: supervised…

Machine Learning · Computer Science 2025-11-18 Yuting Tan , Yi Huang , Zhuo Li
‹ Prev 1 3 4 5 6 7 10 Next ›