English
Related papers

Related papers: Manipulating SGD with Data Ordering Attacks

200 papers

These days, deep learning models have achieved great success in multiple fields, from autonomous driving to medical diagnosis. These models have expanded the abilities of artificial intelligence by offering great solutions to complex…

Cryptography and Security · Computer Science 2023-11-27 Gopichandh Golla

Collecting training data from untrusted sources exposes machine learning services to poisoning adversaries, who maliciously manipulate training data to degrade the model accuracy. When trained on offline datasets, poisoning adversaries have…

Machine Learning · Computer Science 2021-10-27 Tianyu Pang , Xiao Yang , Yinpeng Dong , Hang Su , Jun Zhu

In a backdoor attack, an adversary inserts maliciously constructed backdoor examples into a training set to make the resulting model vulnerable to manipulation. Defending against such attacks typically involves viewing these inserted…

Cryptography and Security · Computer Science 2023-07-20 Alaa Khaddaj , Guillaume Leclerc , Aleksandar Makelov , Kristian Georgiev , Hadi Salman , Andrew Ilyas , Aleksander Madry

Machine learning classifiers are known to be vulnerable to inputs maliciously constructed by adversaries to force misclassification. Such adversarial examples have been extensively studied in the context of computer vision applications. In…

Machine Learning · Computer Science 2017-02-09 Sandy Huang , Nicolas Papernot , Ian Goodfellow , Yan Duan , Pieter Abbeel

We propose a novel approach towards adversarial attacks on neural networks (NN), focusing on tampering the data used for training instead of generating attacks on trained models. Our network-agnostic method creates a backdoor during…

The success of machine learning is fueled by the increasing availability of computing power and large training datasets. The training data is used to learn new models or update existing ones, assuming that it is sufficiently representative…

We consider availability data poisoning attacks, where an adversary aims to degrade the overall test accuracy of a machine learning model by crafting small perturbations to its training data. Existing poisoning strategies can achieve the…

Cryptography and Security · Computer Science 2024-06-07 Yiyong Liu , Michael Backes , Xiao Zhang

Backdoor data poisoning is an emerging form of adversarial attack usually against deep neural network image classifiers. The attacker poisons the training set with a relatively small set of images from one (or several) source class(es),…

Machine Learning · Computer Science 2020-10-16 Zhen Xiang , David J. Miller , George Kesidis

Federated Learning (FL) is a new machine learning framework, which enables millions of participants to collaboratively train machine learning model without compromising data privacy and security. Due to the independence and confidentiality…

Machine Learning · Computer Science 2020-11-17 Anbu Huang

We study data poisoning attacks in the online setting where training items arrive sequentially, and the attacker may perturb the current item to manipulate online learning. Importantly, the attacker has no knowledge of future training items…

Machine Learning · Computer Science 2019-06-03 Xuezhou Zhang , Xiaojin Zhu , Laurent Lessard

Recent studies have revealed a security threat to natural language processing (NLP) models, called the Backdoor Attack. Victim models can maintain competitive performance on clean samples while behaving abnormally on samples with a specific…

Computation and Language · Computer Science 2021-03-30 Wenkai Yang , Lei Li , Zhiyuan Zhang , Xuancheng Ren , Xu Sun , Bin He

We investigate security concerns of the emergent instruction tuning paradigm, that models are trained on crowdsourced datasets with task instructions to achieve superior performance. Our studies demonstrate that an attacker can inject…

Computation and Language · Computer Science 2024-04-04 Jiashu Xu , Mingyu Derek Ma , Fei Wang , Chaowei Xiao , Muhao Chen

Collaborative machine learning settings like federated learning can be susceptible to adversarial interference and attacks. One class of such attacks is termed model inversion attacks, characterised by the adversary reverse-engineering the…

Machine Learning · Computer Science 2022-03-02 Dmitrii Usynin , Daniel Rueckert , Georgios Kaissis

Data poisoning is one of the most relevant security threats against machine learning and data-driven technologies. Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into…

Cryptography and Security · Computer Science 2021-12-01 Nicolas M. Müller , Simon Roschmann , Konstantin Böttinger

Machine learning is data hungry; the more data a model has access to in training, the more likely it is to perform well at inference time. Distinct parties may want to combine their local data to gain the benefits of a model trained on a…

Cryptography and Security · Computer Science 2019-01-09 Jamie Hayes , Olga Ohrimenko

Data-poisoning backdoor attacks are serious security threats to machine learning models, where an adversary can manipulate the training dataset to inject backdoors into models. In this paper, we focus on in-training backdoor defense, aiming…

Cryptography and Security · Computer Science 2024-10-16 Shaokui Wei , Hongyuan Zha , Baoyuan Wu

We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the…

Machine Learning · Computer Science 2024-08-02 Jimmy Z. Di , Jack Douglas , Jayadev Acharya , Gautam Kamath , Ayush Sekhari

Backdoor attacks compromise the integrity and reliability of machine learning models by embedding a hidden trigger during the training process, which can later be activated to cause unintended misbehavior. We propose a novel backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-10-01 Felix Hsieh , Huy H. Nguyen , AprilPyone MaungMaung , Dmitrii Usynin , Isao Echizen

A backdoor data poisoning attack is an adversarial attack wherein the attacker injects several watermarked, mislabeled training examples into a training set. The watermark does not impact the test-time performance of the model on typical…

Machine Learning · Computer Science 2021-11-05 Naren Sarayu Manoj , Avrim Blum

Genomic foundation models trained on DNA sequences have demonstrated remarkable capabilities across diverse biological tasks, from variant effect prediction to genome design. These models are typically trained on massive, publicly sourced…

Genomics · Quantitative Biology 2026-03-31 Charalampos Koilakos , Ioannis Mouratidis , Ilias Georgakopoulos-Soares