English
Related papers

Related papers: Weight Poisoning Attacks on Pre-trained Models

200 papers

Deep neural networks have been demonstrated to be vulnerable to backdoor attacks. Specifically, by injecting a small number of maliciously constructed inputs into the training set, an adversary is able to plant a backdoor into the trained…

Machine Learning · Statistics 2019-12-10 Alexander Turner , Dimitris Tsipras , Aleksander Madry

Backdoor attack against image classification task has been widely studied and proven to be successful, while there exist little research on the backdoor attack against vision-language models. In this paper, we explore backdoor attack…

Computer Vision and Pattern Recognition · Computer Science 2024-01-08 Meiling Li , Nan Zhong , Xinpeng Zhang , Zhenxing Qian , Sheng Li

Fine-tuning is a common and effective method for tailoring large language models (LLMs) to specialized tasks and applications. In this paper, we study the privacy implications of fine-tuning LLMs on user data. To this end, we consider a…

Cryptography and Security · Computer Science 2024-02-27 Nikhil Kandpal , Krishna Pillutla , Alina Oprea , Peter Kairouz , Christopher A. Choquette-Choo , Zheng Xu

In this paper, we investigate the safety mechanisms of instruction fine-tuned large language models (LLMs). We discover that re-weighting MLP neurons can significantly compromise a model's safety, especially for MLPs in end-of-sentence…

Computation and Language · Computer Science 2024-10-15 Yifan Luo , Zhennan Zhou , Meitan Wang , Bin Dong

Prompt-based learning has been widely applied in many low-resource NLP tasks such as few-shot scenarios. However, this paradigm has been shown to be vulnerable to backdoor attacks. Most of the existing attack methods focus on inserting…

Computation and Language · Computer Science 2023-11-30 Zihao Tan , Qingliang Chen , Yongjian Huang , Chen Liang

Data poisoning attacks aim to manipulate the model produced by a learning algorithm by adversarially modifying the training set. We consider differential privacy as a defensive measure against this type of attack. We show that such learners…

Machine Learning · Computer Science 2019-07-08 Yuzhe Ma , Xiaojin Zhu , Justin Hsu

This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited…

Cryptography and Security · Computer Science 2025-11-05 Patrick Karlsen , Even Eilertsen

Deep neural networks (DNNs) are vulnerable to "backdoor" poisoning attacks, in which an adversary implants a secret trigger into an otherwise normally functioning model. Detection of backdoors in trained models without access to the…

Machine Learning · Computer Science 2021-03-19 Todd Huster , Emmanuel Ekwedike

Recent studies show that despite achieving high accuracy on a number of real-world applications, deep neural networks (DNNs) can be backdoored: by injecting triggered data samples into the training dataset, the adversary can mislead the…

Machine Learning · Computer Science 2022-11-03 Shuwen Chai , Jinghui Chen

Data poisoning is an attack on machine learning models wherein the attacker adds examples to the training set to manipulate the behavior of the model at test time. This paper explores poisoning attacks on neural nets. The proposed attacks…

Machine Learning · Computer Science 2018-11-13 Ali Shafahi , W. Ronny Huang , Mahyar Najibi , Octavian Suciu , Christoph Studer , Tudor Dumitras , Tom Goldstein

Backdoor poisoning attacks are a threat to machine learning models trained on large data collected from untrusted sources; these attacks enable attackers to inject malicious behavior into the model that can be triggered by specially crafted…

Machine Learning · Computer Science 2026-01-06 Thorsten Peinemann , Paula Arnold , Sebastian Berndt , Thomas Eisenbarth , Esfandiar Mohammadi

Backdoor attack intends to inject hidden backdoor into the deep neural networks (DNNs), such that the prediction of infected models will be maliciously changed if the hidden backdoor is activated by the attacker-defined trigger. Currently,…

Cryptography and Security · Computer Science 2021-04-27 Yiming Li , Tongqing Zhai , Yong Jiang , Zhifeng Li , Shu-Tao Xia

The releases of powerful open-weight large language models (LLMs) are often not accompanied by access to their full training data. Existing interpretability methods, particularly those based on activations, often require or assume…

Machine Learning · Computer Science 2026-04-22 Ziqian Zhong , Aditi Raghunathan

Large visual language models (LVLMs) have demonstrated excellent instruction-following capabilities, yet remain vulnerable to stealthy backdoor attacks when finetuned using contaminated data. Existing backdoor defense techniques are usually…

Cryptography and Security · Computer Science 2025-06-09 Yuan Xun , Siyuan Liang , Xiaojun Jia , Xinwei Liu , Xiaochun Cao

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Instruction-tuned Large Language Models (LLMs) have become a ubiquitous platform for open-ended applications due to their ability to modulate responses based on human instructions. The widespread use of LLMs holds significant potential for…

Computation and Language · Computer Science 2024-04-04 Jun Yan , Vikas Yadav , Shiyang Li , Lichang Chen , Zheng Tang , Hai Wang , Vijay Srinivasan , Xiang Ren , Hongxia Jin

With the development of technology, large language models (LLMs) have dominated the downstream natural language processing (NLP) tasks. However, because of the LLMs' instruction-following abilities and inability to distinguish the…

Cryptography and Security · Computer Science 2025-10-07 Yulin Chen , Haoran Li , Yuan Sui , Yangqiu Song , Bryan Hooi

Deep neural networks are vulnerable to backdoor attacks. Among the existing backdoor defense methods, trigger reverse engineering based approaches, which reconstruct the backdoor triggers via optimizations, are the most versatile and…

Cryptography and Security · Computer Science 2024-04-22 Beichen Li , Yuanfang Guo , Heqi Peng , Yangxi Li , Yunhong Wang

Medical foundation models are gaining prominence in the medical community for their ability to derive general representations from extensive collections of medical image-text pairs. Recent research indicates that these models are…

Computer Vision and Pattern Recognition · Computer Science 2024-08-16 Asif Hanif , Fahad Shamshad , Muhammad Awais , Muzammal Naseer , Fahad Shahbaz Khan , Karthik Nandakumar , Salman Khan , Rao Muhammad Anwer