English
Related papers

Related papers: Poisoning and Backdooring Contrastive Learning

200 papers

Large-scale unlabeled data has spurred recent progress in self-supervised learning methods that learn rich visual representations. State-of-the-art self-supervised methods for learning representations from images (e.g., MoCo, BYOL, MSF) use…

Computer Vision and Pattern Recognition · Computer Science 2022-06-10 Aniruddha Saha , Ajinkya Tejankar , Soroush Abbasi Koohpayegani , Hamed Pirsiavash

Recent studies on backdoor attacks in model training have shown that polluting a small portion of training data is sufficient to produce incorrect manipulated predictions on poisoned test-time data while maintaining high clean accuracy in…

Machine Learning · Computer Science 2023-01-24 Soumyadeep Pal , Ren Wang , Yuguang Yao , Sijia Liu

Due to the popularity of Artificial Intelligence (AI) techniques, we are witnessing an increasing number of backdoor injection attacks that are designed to maliciously threaten Deep Neural Networks (DNNs) causing misclassification. Although…

Machine Learning · Computer Science 2022-05-18 Zhihao Yue , Jun Xia , Zhiwei Ling , Ming Hu , Ting Wang , Xian Wei , Mingsong Chen

Machine learning models are vulnerable to data-poisoning attacks, in which an attacker maliciously modifies the training set to change the prediction of a learned model. In a trigger-less attack, the attacker can modify the training set but…

Machine Learning · Computer Science 2022-10-18 Yuhao Zhang , Aws Albarghouthi , Loris D'Antoni

Adversaries can embed backdoors in deep learning models by introducing backdoor poison samples into training datasets. In this work, we investigate how to detect such poison samples to mitigate the threat of backdoor attacks. First, we…

Machine Learning · Computer Science 2023-06-21 Xiangyu Qi , Tinghao Xie , Jiachen T. Wang , Tong Wu , Saeed Mahloujifar , Prateek Mittal

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

As collaborative learning allows joint training of a model using multiple sources of data, the security problem has been a central concern. Malicious users can upload poisoned data to prevent the model's convergence or inject hidden…

Cryptography and Security · Computer Science 2021-01-21 Ximing Qiao , Yuhua Bai , Siping Hu , Ang Li , Yiran Chen , Hai Li

We study backdoor poisoning attacks against image classification networks, whereby an attacker inserts a trigger into a subset of the training data, in such a way that at test time, this trigger causes the classifier to predict some target…

Cryptography and Security · Computer Science 2022-02-03 Muhammad Usman , Youcheng Sun , Divya Gopinath , Corina S. Pasareanu

Self-supervised pre-training of deep learning models with contrastive learning is a widely used technique in image analysis. Current findings indicate a strong potential for contrastive pre-training on medical images. However, further…

Image and Video Processing · Electrical Eng. & Systems 2024-10-21 Daniel Wolf , Tristan Payer , Catharina Silvia Lisson , Christoph Gerhard Lisson , Meinrad Beer , Michael Götz , Timo Ropinski

Deep image classification models trained on vast amounts of web-scraped data are susceptible to data poisoning - a mechanism for backdooring models. A small number of poisoned samples seen during training can severely undermine a model's…

Cryptography and Security · Computer Science 2023-06-30 Nils Lukas , Florian Kerschbaum

Backdoors and poisoning attacks are a major threat to the security of machine-learning and vision systems. Often, however, these attacks leave visible artifacts in the images that can be visually detected and weaken the efficacy of the…

Cryptography and Security · Computer Science 2020-03-20 Erwin Quiring , Konrad Rieck

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many…

Cryptography and Security · Computer Science 2017-12-18 Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , Dawn Song

Split learning is a collaborative learning design that allows several participants (clients) to train a shared model while keeping their datasets private. Recent studies demonstrate that collaborative learning models, specifically federated…

Cryptography and Security · Computer Science 2023-05-29 Behrad Tajalli , Oguzhan Ersoy , Stjepan Picek

Recent works have demonstrated that deep learning models are vulnerable to backdoor poisoning attacks, where these attacks instill spurious correlations to external trigger patterns or objects (e.g., stickers, sunglasses, etc.). We find…

Computer Vision and Pattern Recognition · Computer Science 2022-07-25 Tong Wu , Tianhao Wang , Vikash Sehwag , Saeed Mahloujifar , Prateek Mittal

Behavior Cloning (BC) is a popular framework for training sequential decision policies from expert demonstrations via supervised learning. As these policies are increasingly being deployed in the real world, their robustness and potential…

Machine Learning · Computer Science 2025-11-27 Akansha Kalra , Soumil Datta , Ethan Gilmore , Duc La , Guanhong Tao , Daniel S. Brown

Data-poisoning based backdoor attacks aim to insert backdoor into models by manipulating training datasets without controlling the training process of the target model. Existing attack methods mainly focus on designing triggers or fusion…

Cryptography and Security · Computer Science 2023-07-17 Zihao Zhu , Mingda Zhang , Shaokui Wei , Li Shen , Yanbo Fan , Baoyuan Wu

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced a series of insidious training-time attacks that inject backdoors in models designed for security…

Cryptography and Security · Computer Science 2025-05-06 Giorgio Severi , Simona Boboila , John Holodnak , Kendra Kratkiewicz , Rauf Izmailov , Michael J. De Lucia , Alina Oprea

Vision-Language models like CLIP have been shown to be highly effective at linking visual perception and natural language understanding, enabling sophisticated image-text capabilities, including strong retrieval and zero-shot classification…

Machine Learning · Computer Science 2026-04-08 Naman Deep Singh , Francesco Croce , Matthias Hein

Poisoning attacks can compromise the safety of large language models (LLMs) by injecting malicious documents into their training data. Existing work has studied pretraining poisoning assuming adversaries control a percentage of the training…