English
Related papers

Related papers: Concealed Data Poisoning Attacks on NLP Models

200 papers

Recent studies have revealed a security threat to natural language processing (NLP) models, called the Backdoor Attack. Victim models can maintain competitive performance on clean samples while behaving abnormally on samples with a specific…

Computation and Language · Computer Science 2021-03-30 Wenkai Yang , Lei Li , Zhiyuan Zhang , Xuancheng Ren , Xu Sun , Bin He

Recently, advanced NLP models have seen a surge in the usage of various applications. This raises the security threats of the released models. In addition to the clean models' unintentional weaknesses, {\em i.e.,} adversarial attacks, the…

Computation and Language · Computer Science 2021-01-18 Lichao Sun

Machine learning is vulnerable to a wide variety of attacks. It is now well understood that by changing the underlying data distribution, an adversary can poison the model trained with it or introduce backdoors. In this paper we present a…

Machine Learning · Computer Science 2021-06-08 Ilia Shumailov , Zakhar Shumaylov , Dmitry Kazhdan , Yiren Zhao , Nicolas Papernot , Murat A. Erdogdu , Ross Anderson

Fake news detection models are critical to countering disinformation but can be manipulated through adversarial attacks. In this position paper, we analyze how an attacker can compromise the performance of an online learning detector on…

Machine Learning · Computer Science 2024-01-05 Federico Siciliano , Luca Maiano , Lorenzo Papa , Federica Baccini , Irene Amerini , Fabrizio Silvestri

We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the…

Machine Learning · Computer Science 2024-08-02 Jimmy Z. Di , Jack Douglas , Jayadev Acharya , Gautam Kamath , Ayush Sekhari

Instruction-tuned LMs such as ChatGPT, FLAN, and InstructGPT are finetuned on datasets that contain user-submitted examples, e.g., FLAN aggregates numerous open-source datasets and OpenAI leverages examples submitted in the browser…

Computation and Language · Computer Science 2023-05-02 Alexander Wan , Eric Wallace , Sheng Shen , Dan Klein

Data poisoning attacks aim to manipulate the model produced by a learning algorithm by adversarially modifying the training set. We consider differential privacy as a defensive measure against this type of attack. We show that such learners…

Machine Learning · Computer Science 2019-07-08 Yuzhe Ma , Xiaojin Zhu , Justin Hsu

We consider data poisoning attacks, a class of adversarial attacks on machine learning where an adversary has the power to alter a small fraction of the training data in order to make the trained classifier satisfy certain objectives. While…

Machine Learning · Computer Science 2018-08-29 Yizhen Wang , Kamalika Chaudhuri

Attacks on deep learning models are often difficult to identify and therefore are difficult to protect against. This problem is exacerbated by the use of public datasets that typically are not manually inspected before use. In this paper,…

Computation and Language · Computer Science 2022-02-14 Abigail Swenor , Jugal Kalita

Targeted data poisoning attacks manipulate model predictions on specific test samples by injecting malicious data into training. Yet existing evaluations report average attack success rates over randomly selected targets, obscuring true…

Machine Learning · Computer Science 2026-05-25 William Xu , Chenyu Zhang , Yihan Wang , Matthew Y. R. Yang , Zuoqiu Liu , Gautam Kamath , Yaoliang Yu , Yiwei Lu

Recently, NLP has seen a surge in the usage of large pre-trained models. Users download weights of models pre-trained on large datasets, then fine-tune the weights on a task of their choice. This raises the question of whether downloading…

Machine Learning · Computer Science 2020-04-15 Keita Kurita , Paul Michel , Graham Neubig

Data poisoning is a threat model in which a malicious actor tampers with training data to manipulate outcomes at inference time. A variety of defenses against this threat model have been proposed, but each suffers from at least one of the…

Machine Learning · Computer Science 2022-02-21 Jonas Geiping , Liam Fowl , Gowthami Somepalli , Micah Goldblum , Michael Moeller , Tom Goldstein

Data poisoning attacks, in which a malicious adversary aims to influence a model by injecting "poisoned" data into the training process, have attracted significant recent attention. In this work, we take a closer look at existing poisoning…

Machine Learning · Computer Science 2024-02-16 Yiwei Lu , Gautam Kamath , Yaoliang Yu

The financial industry relies on deep learning models for making important decisions. This adoption brings new danger, as deep black-box models are known to be vulnerable to adversarial attacks. In computer vision, one can shape the output…

Machine Learning · Computer Science 2024-08-27 Alina Ermilova , Elizaveta Kovtun , Dmitry Berestnev , Alexey Zaytsev

Large language models (LLMs) are often fine-tuned on uncurated text datasets that adversaries can poison. Existing poisoning attacks primarily rely on fixed trigger phrases that defenses such as outlier detection, clean-data regularization,…

Cryptography and Security · Computer Science 2026-05-27 Zedian Shao , Charles Fleming , Teodora Baluta

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of…

Cryptography and Security · Computer Science 2021-09-29 Matthew Jagielski , Alina Oprea , Battista Biggio , Chang Liu , Cristina Nita-Rotaru , Bo Li

Backdoor attacks have become an emerging threat to NLP systems. By providing poisoned training data, the adversary can embed a "backdoor" into the victim model, which allows input instances satisfying certain textual patterns (e.g.,…

Computation and Language · Computer Science 2023-05-30 Jun Yan , Vansh Gupta , Xiang Ren

Poisoning attacks on machine learning systems compromise the model performance by deliberately injecting malicious samples in the training dataset to influence the training process. Prior works focus on either availability attacks (i.e.,…

Machine Learning · Computer Science 2021-10-13 Bingyin Zhao , Yingjie Lao

Instruction tuning is an effective technique to align large language models (LLMs) with human intents. In this work, we investigate how an adversary can exploit instruction tuning by injecting specific instruction-following examples into…

Cryptography and Security · Computer Science 2023-10-31 Manli Shu , Jiongxiao Wang , Chen Zhu , Jonas Geiping , Chaowei Xiao , Tom Goldstein

The use of third-party datasets and pre-trained machine learning models poses a threat to NLP systems due to possibility of hidden backdoor attacks. Existing attacks involve poisoning the data samples such as insertion of tokens or sentence…

Computation and Language · Computer Science 2024-04-09 Irina Alekseevskaia , Konstantin Arkhipenko
‹ Prev 1 2 3 10 Next ›