English
Related papers

Related papers: Manipulating SGD with Data Ordering Attacks

200 papers

Attack vectors that compromise machine learning pipelines in the physical world have been demonstrated in recent research, from perturbations to architectural components. Building on this work, we illustrate the self-obfuscation attack:…

Machine Learning · Computer Science 2022-01-25 Siddhartha Datta , Nigel Shadbolt

Instruction tuning is an effective technique to align large language models (LLMs) with human intents. In this work, we investigate how an adversary can exploit instruction tuning by injecting specific instruction-following examples into…

Cryptography and Security · Computer Science 2023-10-31 Manli Shu , Jiongxiao Wang , Chen Zhu , Jonas Geiping , Chaowei Xiao , Tom Goldstein

Machine learning models have achieved great success in supervised learning tasks for end-to-end training, which requires a large amount of labeled data that is not always feasible. Recently, many practitioners have shifted to…

Machine Learning · Computer Science 2024-02-21 Yiwei Lu , Matthew Y. R. Yang , Gautam Kamath , Yaoliang Yu

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), such that the attacked model performs well on benign samples, whereas its prediction will be maliciously changed if the hidden backdoor is activated by the…

Cryptography and Security · Computer Science 2022-04-13 Shaik Mohammed Maqsood , Viveros Manuela Ceron , Addluri GowthamKrishna

Recently, the newly emerged multimodal models, which leverage both visual and linguistic modalities to train powerful encoders, have gained increasing attention. However, learning from a large-scale unlabeled dataset also exposes the model…

Cryptography and Security · Computer Science 2023-06-06 Ziqing Yang , Xinlei He , Zheng Li , Michael Backes , Mathias Humbert , Pascal Berrang , Yang Zhang

This paper examines the robustness of deployed few-shot meta-learning systems when they are fed an imperceptibly perturbed few-shot dataset. We attack amortized meta-learners, which allows us to craft colluding sets of inputs that are…

Machine Learning · Computer Science 2022-11-24 Elre T. Oldewage , John Bronskill , Richard E. Turner

The right to erasure requires removal of a user's information from data held by organizations, with rigorous interpretations extending to downstream products such as learned models. Retraining from scratch with the particular user's data…

Machine Learning · Computer Science 2022-02-11 Neil G. Marchant , Benjamin I. P. Rubinstein , Scott Alfeld

Deep learning models suffer from a phenomenon called adversarial attacks: we can apply minor changes to the model input to fool a classifier for a particular example. The literature mostly considers adversarial attacks on models with images…

Machine Learning · Computer Science 2020-10-13 Ivan Fursov , Alexey Zaytsev , Nikita Kluchnikov , Andrey Kravchenko , Evgeny Burnaev

Recent works have demonstrated the vulnerability of Deep Reinforcement Learning (DRL) algorithms against training-time, backdoor poisoning attacks. The objectives of these attacks are twofold: induce pre-determined, adversarial behavior in…

Machine Learning · Computer Science 2025-06-04 Ethan Rathbun , Alina Oprea , Christopher Amato

Adversarial attacks on machine learning models often rely on small, imperceptible perturbations to mislead classifiers. Such strategy focuses on minimizing the visual perturbation for humans so they are not confused, and also maximizing the…

Computer Vision and Pattern Recognition · Computer Science 2025-02-28 Anthony Etim , Jakub Szefer

Because state-of-the-art language models are expensive to train, most practitioners must make use of one of the few publicly available language models or language model APIs. This consolidation of trust increases the potency of backdoor…

Cryptography and Security · Computer Science 2023-07-28 Nikhil Kandpal , Matthew Jagielski , Florian Tramèr , Nicholas Carlini

Semi-supervised learning methods can train high-accuracy machine learning models with a fraction of the labeled training samples required for traditional supervised learning. Such methods do not typically involve close review of the…

Machine Learning · Computer Science 2022-12-07 Marissa Connor , Vincent Emanuele

Federated learning is a popular strategy for training models on distributed, sensitive data, while preserving data privacy. Prior work identified a range of security threats on federated learning protocols that poison the data or the model.…

Cryptography and Security · Computer Science 2022-08-30 Giorgio Severi , Matthew Jagielski , Gökberk Yar , Yuxuan Wang , Alina Oprea , Cristina Nita-Rotaru

The ability to transfer adversarial attacks from one model (the surrogate) to another model (the victim) has been an issue of concern within the machine learning (ML) community. The ability to successfully evade unseen models represents an…

Machine Learning · Computer Science 2021-09-28 Luke E. Richards , André Nguyen , Ryan Capps , Steven Forsythe , Cynthia Matuszek , Edward Raff

Backdoor attacks mislead machine-learning models to output an attacker-specified class when presented a specific trigger at test time. These attacks require poisoning the training data to compromise the learning algorithm, e.g., by…

Machine Learning · Computer Science 2021-11-03 Kathrin Grosse , Taesung Lee , Battista Biggio , Youngja Park , Michael Backes , Ian Molloy

There is an increasing interest in analyzing the behavior of machine learning systems against adversarial attacks. However, most of the research in adversarial machine learning has focused on studying weaknesses against evasion or poisoning…

Machine Learning · Statistics 2025-06-12 Pablo G. Arce , Roi Naveiro , David Ríos Insua

Audio-based machine learning systems frequently use public or third-party data, which might be inaccurate. This exposes deep neural network (DNN) models trained on such data to potential data poisoning attacks. In this type of assault,…

Cryptography and Security · Computer Science 2024-04-09 Orson Mengara

Research in adversarial machine learning (AML) has shown that statistical models are vulnerable to maliciously altered data. However, despite advances in Bayesian machine learning models, most AML research remains concentrated on classical…

Machine Learning · Statistics 2025-06-04 Matthieu Carreau , Roi Naveiro , William N. Caballero

Machine learning algorithms are vulnerable to data poisoning attacks. Prior taxonomies that focus on specific scenarios, e.g., indiscriminate or targeted, have enabled defenses for the corresponding subset of known attacks. Yet, this…

Cryptography and Security · Computer Science 2020-03-02 Sanghyun Hong , Varun Chandrasekaran , Yiğitcan Kaya , Tudor Dumitraş , Nicolas Papernot

The emergence of deep learning led to the broad usage of neural networks in the time series domain for various applications, including finance and medicine. While powerful, these models are prone to adversarial attacks: a benign targeted…

Machine Learning · Computer Science 2025-03-03 Petr Sokerin , Dmitry Anikin , Sofia Krehova , Alexey Zaytsev