English
Related papers

Related papers: Invisible Backdoor Attack with Sample-Specific Tri…

200 papers

Trojan (backdoor) attack is a form of adversarial attack on deep neural networks where the attacker provides victims with a model trained/retrained on malicious data. The backdoor can be activated when a normal input is stamped with a…

Machine Learning · Computer Science 2021-01-05 Siyuan Cheng , Yingqi Liu , Shiqing Ma , Xiangyu Zhang

Modern autonomous vehicles adopt state-of-the-art DNN models to interpret the sensor data and perceive the environment. However, DNN models are vulnerable to different types of adversarial attacks, which pose significant risks to the…

Computer Vision and Pattern Recognition · Computer Science 2022-07-14 Xingshuo Han , Guowen Xu , Yuan Zhou , Xuehuan Yang , Jiwei Li , Tianwei Zhang

Transforming off-the-shelf deep neural network (DNN) models into dynamic multi-exit architectures can achieve inference and transmission efficiency by fragmenting and distributing a large DNN model in edge computing scenarios (e.g., edge…

Cryptography and Security · Computer Science 2022-12-23 Tian Dong , Ziyuan Zhang , Han Qiu , Tianwei Zhang , Hewu Li , Terry Wang

Recently, it has been shown that deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch.…

Computer Vision and Pattern Recognition · Computer Science 2020-06-11 Haripriya Harikumar , Vuong Le , Santu Rana , Sourangshu Bhattacharya , Sunil Gupta , Svetha Venkatesh

Recent studies have revealed a security threat to natural language processing (NLP) models, called the Backdoor Attack. Victim models can maintain competitive performance on clean samples while behaving abnormally on samples with a specific…

Computation and Language · Computer Science 2021-03-30 Wenkai Yang , Lei Li , Zhiyuan Zhang , Xuancheng Ren , Xu Sun , Bin He

Backdoor attacks have been widely studied to hide the misclassification rules in the normal models, which are only activated when the model is aware of the specific inputs (i.e., the trigger). However, despite their success in the…

Artificial Intelligence · Computer Science 2022-01-19 Liang Chen , Qibiao Peng , Jintang Li , Yang Liu , Jiawei Chen , Yong Li , Zibin Zheng

Backdoor attacks pose a critical threat to the security of deep neural networks, yet existing efforts on universal backdoors often rely on visually salient patterns, making them easier to detect and less practical at scale. In this work, we…

Cryptography and Security · Computer Science 2026-03-03 Hsin Lin , Yan-Lun Chen , Ren-Hung Hwang , Chia-Mu Yu

Recent studies have revealed that GNNs are highly susceptible to multiple adversarial attacks. Among these, graph backdoor attacks pose one of the most prominent threats, where attackers cause models to misclassify by learning the…

Cryptography and Security · Computer Science 2024-10-21 Hao Sui , Bing Chen , Jiale Zhang , Chengcheng Zhu , Di Wu , Qinghua Lu , Guodong Long

Machine Learning using neural networks has received prominent attention recently because of its success in solving a wide variety of computational tasks, in particular in the field of computer vision. However, several works have drawn…

Machine Learning · Computer Science 2024-08-01 C. A. Martínez-Mejía , J. Solano , J. Breier , D. Bucko , X. Hou

One major goal of the AI security community is to securely and reliably produce and deploy deep learning models for real-world applications. To this end, data poisoning based backdoor attacks on deep neural networks (DNNs) in the production…

Cryptography and Security · Computer Science 2022-05-30 Xiangyu Qi , Tinghao Xie , Ruizhe Pan , Jifeng Zhu , Yong Yang , Kai Bu

Speech recognition is an essential start ring of human-computer interaction, and recently, deep learning models have achieved excellent success in this task. However, when the model training and private data provider are always separated,…

Sound · Computer Science 2024-10-21 Wenhan Yao , Jiangkun Yang , Yongqiang He , Jia Liu , Weiping Wen

Backdoor attacks have been considered a severe security threat to deep learning. Such attacks can make models perform abnormally on inputs with predefined triggers and still retain state-of-the-art performance on clean data. While backdoor…

Machine Learning · Computer Science 2022-01-27 Yi Zeng , Won Park , Z. Morley Mao , Ruoxi Jia

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many…

Cryptography and Security · Computer Science 2017-12-18 Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , Dawn Song

Spiking Neural Networks (SNNs) are energy-efficient counterparts of Deep Neural Networks (DNNs) with high biological plausibility, as information is transmitted through temporal spiking patterns. The core element of an SNN is the spiking…

Cryptography and Security · Computer Science 2026-05-04 Abdullah Arafat Miah , Kevin Vu , Yu Bi

Existing research on training-time attacks for deep neural networks (DNNs), such as backdoors, largely assume that models are static once trained, and hidden backdoors trained into models remain active indefinitely. In practice, models are…

Cryptography and Security · Computer Science 2023-02-10 Huiying Li , Arjun Nitin Bhagoji , Yuxin Chen , Haitao Zheng , Ben Y. Zhao

Backdoor attacks insert malicious data into a training set so that, during inference time, it misclassifies inputs that have been patched with a backdoor trigger as the malware specified label. For backdoor attacks to bypass human…

Cryptography and Security · Computer Science 2022-04-18 Yi Zeng , Minzhou Pan , Hoang Anh Just , Lingjuan Lyu , Meikang Qiu , Ruoxi Jia

Recent studies have demonstrated that deep neural networks (DNNs) are vulnerable to backdoor attacks during the training process. Specifically, the adversaries intend to embed hidden backdoors in DNNs so that malicious model predictions can…

Computer Vision and Pattern Recognition · Computer Science 2023-03-07 Sheng Yang , Yiming Li , Yong Jiang , Shu-Tao Xia

Backdoor attack has been considered as a serious security threat to deep neural networks (DNNs). Poisoned sample detection (PSD) that aims at filtering out poisoned samples from an untrustworthy training dataset has shown very promising…

Computer Vision and Pattern Recognition · Computer Science 2024-11-19 Mingda Zhang , Mingli Zhu , Zihao Zhu , Baoyuan Wu

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…