English
Related papers

Related papers: Blind Backdoors in Deep Learning Models

200 papers

In a backdoor attack on a machine learning model, an adversary produces a model that performs well on normal inputs but outputs targeted misclassifications on inputs containing a small trigger pattern. Model compression is a widely-used…

Cryptography and Security · Computer Science 2021-05-03 Yulong Tian , Fnu Suya , Fengyuan Xu , David Evans

Machine learning (ML) models that use deep neural networks are vulnerable to backdoor attacks. Such attacks involve the insertion of a (hidden) trigger by an adversary. As a consequence, any input that contains the trigger will cause the…

Cryptography and Security · Computer Science 2022-03-30 Arezoo Rajabi , Bhaskar Ramasubramanian , Radha Poovendran

With the widespread use of deep learning system in many applications, the adversary has strong incentive to explore vulnerabilities of deep neural networks and manipulate them. Backdoor attacks against deep neural networks have been…

Cryptography and Security · Computer Science 2019-06-05 Jiazhu Dai , Chuanshuai Chen

Self-supervised learning (SSL) models are vulnerable to backdoor attacks. Existing backdoor attacks that are effective in SSL often involve noticeable triggers, like colored patches or visible noise, which are vulnerable to human…

Computer Vision and Pattern Recognition · Computer Science 2025-04-04 Hanrong Zhang , Zhenting Wang , Boheng Li , Fulin Lin , Tingxu Han , Mingyu Jin , Chenlu Zhan , Mengnan Du , Hongwei Wang , Shiqing Ma

Backdoor attacks embed hidden malicious behaviors into deep learning models, which only activate and cause misclassifications on model inputs containing a specific trigger. Existing works on backdoor attacks and defenses, however, mostly…

Computer Vision and Pattern Recognition · Computer Science 2021-09-08 Emily Wenger , Josephine Passananti , Arjun Bhagoji , Yuanshun Yao , Haitao Zheng , Ben Y. Zhao

Deep learning models are increasingly used in mobile applications as critical components. Unlike the program bytecode whose vulnerabilities and threats have been widely-discussed, whether and how the deep learning models deployed in the…

Cryptography and Security · Computer Science 2021-01-19 Yuanchun Li , Jiayi Hua , Haoyu Wang , Chunyang Chen , Yunxin Liu

Although deep neural networks (DNNs) have made rapid progress in recent years, they are vulnerable in adversarial environments. A malicious backdoor could be embedded in a model by poisoning the training dataset, whose intention is to make…

Cryptography and Security · Computer Science 2021-03-25 Yinpeng Dong , Xiao Yang , Zhijie Deng , Tianyu Pang , Zihao Xiao , Hang Su , Jun Zhu

Deep learning is becoming increasingly popular in real-life applications, especially in natural language processing (NLP). Users often choose training outsourcing or adopt third-party data and models due to data and computation resources…

Computation and Language · Computer Science 2022-11-23 Xuan Sheng , Zhaoyang Han , Piji Li , Xiangmao Chang

When machine learning training is outsourced to third parties, $backdoor$ $attacks$ become practical as the third party who trains the model may act maliciously to inject hidden behaviors into the otherwise accurate model. Until now, the…

Cryptography and Security · Computer Science 2022-11-16 Sanghyun Hong , Nicholas Carlini , Alexey Kurakin

Backdoor attacks for neural code models have gained considerable attention due to the advancement of code intelligence. However, most existing works insert triggers into task-specific data for code-related downstream tasks, thereby limiting…

Cryptography and Security · Computer Science 2023-06-16 Yanzhou Li , Shangqing Liu , Kangjie Chen , Xiaofei Xie , Tianwei Zhang , Yang Liu

This work provides the community with a timely comprehensive review of backdoor attacks and countermeasures on deep learning. According to the attacker's capability and affected stage of the machine learning pipeline, the attack surfaces…

Cryptography and Security · Computer Science 2020-08-04 Yansong Gao , Bao Gia Doan , Zhi Zhang , Siqi Ma , Jiliang Zhang , Anmin Fu , Surya Nepal , Hyoungshick Kim

Machine Learning using neural networks has received prominent attention recently because of its success in solving a wide variety of computational tasks, in particular in the field of computer vision. However, several works have drawn…

Machine Learning · Computer Science 2024-08-01 C. A. Martínez-Mejía , J. Solano , J. Breier , D. Bucko , X. Hou

Deep learning models are vulnerable to backdoor attacks, where adversaries inject malicious functionality during training that activates on trigger inputs at inference time. Extensive research has focused on developing stealthy backdoor…

Cryptography and Security · Computer Science 2024-11-26 Jeongjin Shin , Sangdon Park

Deep learning models have been deployed in numerous real-world applications such as autonomous driving and surveillance. However, these models are vulnerable in adversarial environments. Backdoor attack is emerging as a severe security…

Computer Vision and Pattern Recognition · Computer Science 2022-05-31 Shih-Han Chan , Yinpeng Dong , Jun Zhu , Xiaolu Zhang , Jun Zhou

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Practitioners commonly download pretrained machine learning models from open repositories and finetune them to fit specific applications. We show that this practice introduces a new risk of privacy backdoors. By tampering with a pretrained…

Cryptography and Security · Computer Science 2024-04-02 Shanglun Feng , Florian Tramèr

Recent studies show that neural natural language processing (NLP) models are vulnerable to backdoor attacks. Injected with backdoors, models perform normally on benign examples but produce attacker-specified predictions when the backdoor is…

Computation and Language · Computer Science 2021-06-14 Fanchao Qi , Yuan Yao , Sophia Xu , Zhiyuan Liu , Maosong Sun

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Backdoor attack intends to inject hidden backdoor into the deep neural networks (DNNs), such that the prediction of the infected model will be maliciously changed if the hidden backdoor is activated by the attacker-defined trigger, while it…

Cryptography and Security · Computer Science 2021-02-02 Yiming Li , Tongqing Zhai , Baoyuan Wu , Yong Jiang , Zhifeng Li , Shutao Xia

Backdoor attacks pose a critical threat by embedding hidden triggers into inputs, causing models to misclassify them into target labels. While extensive research has focused on mitigating these attacks in object recognition models through…

Computer Vision and Pattern Recognition · Computer Science 2025-04-09 Kyle Stein , Andrew Arash Mahyari , Guillermo Francia , Eman El-Sheikh