English
Related papers

Related papers: WaNet -- Imperceptible Warping-based Backdoor Atta…

200 papers

As machine learning (ML) systems are being increasingly employed in the real world to handle sensitive tasks and make decisions in various fields, the security and privacy of those models have also become increasingly critical. In…

Cryptography and Security · Computer Science 2023-02-21 Marwan Omar

As deep neural networks and the datasets used to train them get larger, the default approach to integrating them into research and commercial projects is to download a pre-trained model and fine tune it. But these models can have uncertain…

Machine Learning · Computer Science 2024-01-12 Khondoker Murad Hossain , Tim Oates

While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data…

In the exciting generative AI era, the diffusion model has emerged as a very powerful and widely adopted content generation and editing tool for various data modalities, making the study of their potential security risks very necessary and…

Cryptography and Security · Computer Science 2024-02-06 Yang Sui , Huy Phan , Jinqi Xiao , Tianfang Zhang , Zijie Tang , Cong Shi , Yan Wang , Yingying Chen , Bo Yuan

Backdoor attacks pose a persistent security risk to deep neural networks (DNNs) due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack…

Cryptography and Security · Computer Science 2025-10-16 Baogang Song , Dongdong Zhao , Jianwen Xiang , Qiben Xu , Zizhuo Yu

Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…

Cryptography and Security · Computer Science 2025-06-17 Marco Arazzi , Antonino Nocera , Vinod P

Due to the increasing computational demand of Deep Neural Networks (DNNs), companies and organizations have begun to outsource the training process. However, the externally trained DNNs can potentially be backdoor attacked. It is crucial to…

Machine Learning · Computer Science 2023-07-04 Lu Pang , Tao Sun , Haibin Ling , Chao Chen

Recently backdoor attack has become an emerging threat to the security of deep neural network (DNN) models. To date, most of the existing studies focus on backdoor attack against the uncompressed model; while the vulnerability of compressed…

Cryptography and Security · Computer Science 2022-08-24 Huy Phan , Cong Shi , Yi Xie , Tianfang Zhang , Zhuohang Li , Tianming Zhao , Jian Liu , Yan Wang , Yingying Chen , Bo Yuan

Typical deep neural network (DNN) backdoor attacks are based on triggers embedded in inputs. Existing imperceptible triggers are computationally expensive or low in attack success. In this paper, we propose a new backdoor trigger, which is…

Computer Vision and Pattern Recognition · Computer Science 2022-08-22 Yulong Wang , Minghui Zhao , Shenghong Li , Xin Yuan , Wei Ni

Recently, it has been shown that deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch.…

Computer Vision and Pattern Recognition · Computer Science 2020-06-11 Haripriya Harikumar , Vuong Le , Santu Rana , Sourangshu Bhattacharya , Sunil Gupta , Svetha Venkatesh

The ubiquity of deep neural networks (DNNs), cloud-based training, and transfer learning is giving rise to a new cybersecurity frontier in which unsecure DNNs have `structural malware' (i.e., compromised weights and activation pathways). In…

Machine Learning · Computer Science 2021-02-05 N. Benjamin Erichson , Dane Taylor , Qixuan Wu , Michael W. Mahoney

Explainable machine learning holds great potential for analyzing and understanding learning-based systems. These methods can, however, be manipulated to present unfaithful explanations, giving rise to powerful and stealthy adversaries. In…

Cryptography and Security · Computer Science 2022-04-21 Maximilian Noppel , Lukas Peter , Christian Wressnegger

Backdoor (trojan) attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly…

Cryptography and Security · Computer Science 2025-09-10 Bilal Hussain Abbasi , Yanjun Zhang , Leo Zhang , Shang Gao

Backdoor attack has emerged as a novel and concerning threat to AI security. These attacks involve the training of Deep Neural Network (DNN) on datasets that contain hidden trigger patterns. Although the poisoned model behaves normally on…

Cryptography and Security · Computer Science 2024-03-06 Huasong Zhou , Xiaowei Xu , Xiaodong Wang , Leon Bevan Bullock

At present, backdoor attacks attract attention as they do great harm to deep learning models. The adversary poisons the training data making the model being injected with a backdoor after being trained unconsciously by victims using the…

Cryptography and Security · Computer Science 2023-03-06 Shengfang Zhai , Qingni Shen , Xiaoyi Chen , Weilong Wang , Cong Li , Yuejian Fang , Zhonghai Wu

Backdoor attack intends to inject hidden backdoor into the deep neural networks (DNNs), such that the prediction of the infected model will be maliciously changed if the hidden backdoor is activated by the attacker-defined trigger, while it…

Cryptography and Security · Computer Science 2021-02-02 Yiming Li , Tongqing Zhai , Baoyuan Wu , Yong Jiang , Zhifeng Li , Shutao Xia

Backdoor attacks mislead machine-learning models to output an attacker-specified class when presented a specific trigger at test time. These attacks require poisoning the training data to compromise the learning algorithm, e.g., by…

Machine Learning · Computer Science 2021-11-03 Kathrin Grosse , Taesung Lee , Battista Biggio , Youngja Park , Michael Backes , Ian Molloy

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Backdoor attacks pose a critical threat by embedding hidden triggers into inputs, causing models to misclassify them into target labels. While extensive research has focused on mitigating these attacks in object recognition models through…

Computer Vision and Pattern Recognition · Computer Science 2025-04-09 Kyle Stein , Andrew Arash Mahyari , Guillermo Francia , Eman El-Sheikh

Deep neural networks (DNNs) are vulnerable to backdoor attacks which can hide backdoor triggers in DNNs by poisoning training data. A backdoored model behaves normally on clean test images, yet consistently predicts a particular target…

Computer Vision and Pattern Recognition · Computer Science 2020-06-17 Shihao Zhao , Xingjun Ma , Xiang Zheng , James Bailey , Jingjing Chen , Yu-Gang Jiang