English
Related papers

Related papers: Poison Ink: Robust and Invisible Backdoor Attack

200 papers

While security vulnerabilities in traditional Deep Neural Networks (DNNs) have been extensively studied, the susceptibility of Spiking Neural Networks (SNNs) to adversarial attacks remains mostly underexplored. Until now, the mechanisms to…

Cryptography and Security · Computer Science 2024-11-06 Roberto Riaño , Gorka Abad , Stjepan Picek , Aitor Urbieta

Outsourced deep neural networks have been demonstrated to suffer from patch-based trojan attacks, in which an adversary poisons the training sets to inject a backdoor in the obtained model so that regular inputs can be still labeled…

Cryptography and Security · Computer Science 2022-05-17 Ying He , Zhili Shen , Chang Xia , Jingyu Hua , Wei Tong , Sheng Zhong

Recent works have demonstrated that deep learning models are vulnerable to backdoor poisoning attacks, where these attacks instill spurious correlations to external trigger patterns or objects (e.g., stickers, sunglasses, etc.). We find…

Computer Vision and Pattern Recognition · Computer Science 2022-07-25 Tong Wu , Tianhao Wang , Vikash Sehwag , Saeed Mahloujifar , Prateek Mittal

Deep Neural Networks are well known to be vulnerable to adversarial attacks and backdoor attacks, where minor modifications on the input are able to mislead the models to give wrong results. Although defenses against adversarial attacks…

Machine Learning · Computer Science 2022-08-01 Kaidi Jin , Tianwei Zhang , Chao Shen , Yufei Chen , Ming Fan , Chenhao Lin , Ting Liu

Backdoor attacks pose serious security threats to deep neural networks (DNNs). Backdoored models make arbitrarily (targeted) incorrect predictions on inputs embedded with well-designed triggers while behaving normally on clean inputs. Many…

Cryptography and Security · Computer Science 2023-07-21 Yudong Gao , Honglong Chen , Peng Sun , Junjian Li , Anqing Zhang , Zhibo Wang

Recent studies show that neural natural language processing (NLP) models are vulnerable to backdoor attacks. Injected with backdoors, models perform normally on benign examples but produce attacker-specified predictions when the backdoor is…

Computation and Language · Computer Science 2021-06-14 Fanchao Qi , Yuan Yao , Sophia Xu , Zhiyuan Liu , Maosong Sun

As machine learning (ML) systems are being increasingly employed in the real world to handle sensitive tasks and make decisions in various fields, the security and privacy of those models have also become increasingly critical. In…

Cryptography and Security · Computer Science 2023-02-21 Marwan Omar

A backdoor data poisoning attack is an adversarial attack wherein the attacker injects several watermarked, mislabeled training examples into a training set. The watermark does not impact the test-time performance of the model on typical…

Machine Learning · Computer Science 2021-11-05 Naren Sarayu Manoj , Avrim Blum

In this work, we investigate the concept of biometric backdoors: a template poisoning attack on biometric systems that allows adversaries to stealthily and effortlessly impersonate users in the long-term by exploiting the template update…

Cryptography and Security · Computer Science 2020-11-06 Giulio Lovisotto , Simon Eberz , Ivan Martinovic

The backdoor or Trojan attack is a severe threat to deep neural networks (DNNs). Researchers find that DNNs trained on benign data and settings can also learn backdoor behaviors, which is known as the natural backdoor. Existing works on…

Machine Learning · Computer Science 2022-10-28 Zhenting Wang , Hailun Ding , Juan Zhai , Shiqing Ma

Spiking Neural Networks (SNNs), the third generation neural networks, are known for their low energy consumption and high robustness. SNNs are developing rapidly and can compete with Artificial Neural Networks (ANNs) in many fields. To…

Cryptography and Security · Computer Science 2024-09-25 Lingxin Jin , Meiyu Lin , Wei Jiang , Jinyu Zhan

Backdoor attacks represent a serious threat to neural network models. A backdoored model will misclassify the trigger-embedded inputs into an attacker-chosen target label while performing normally on other benign inputs. There are already…

Machine Learning · Computer Science 2021-07-14 Jing Xu , Minhui , Xue , Stjepan Picek

Deep neural networks (DNNs) are known to be vulnerable to both backdoor attacks as well as adversarial attacks. In the literature, these two types of attacks are commonly treated as distinct problems and solved separately, since they belong…

Computer Vision and Pattern Recognition · Computer Science 2022-12-29 Bingxu Mu , Zhenxing Niu , Le Wang , Xue Wang , Rong Jin , Gang Hua

Machine learning backdoors have the property that the machine learning model should work as expected on normal inputs, but when the input contains a specific $\textit{trigger}$, it behaves as the attacker desires. Detecting such triggers…

Cryptography and Security · Computer Science 2026-03-12 Eirik Høyheim , Magnus Wiik Eckhoff , Gudmund Grov , Robert Flood , David Aspinall

Speech recognition is an essential start ring of human-computer interaction, and recently, deep learning models have achieved excellent success in this task. However, when the model training and private data provider are always separated,…

Sound · Computer Science 2024-10-21 Wenhan Yao , Jiangkun Yang , Yongqiang He , Jia Liu , Weiping Wen

Poisoning attacks on machine learning systems compromise the model performance by deliberately injecting malicious samples in the training dataset to influence the training process. Prior works focus on either availability attacks (i.e.,…

Machine Learning · Computer Science 2021-10-13 Bingyin Zhao , Yingjie Lao

Spiking Neural Networks (SNNs) are energy-efficient counterparts of Deep Neural Networks (DNNs) with high biological plausibility, as information is transmitted through temporal spiking patterns. The core element of an SNN is the spiking…

Cryptography and Security · Computer Science 2026-05-04 Abdullah Arafat Miah , Kevin Vu , Yu Bi

Pervasive backdoors are triggered by dynamic and pervasive input perturbations. They can be intentionally injected by attackers or naturally exist in normally trained models. They have a different nature from the traditional static and…

Cryptography and Security · Computer Science 2022-06-22 Guanhong Tao , Yingqi Liu , Siyuan Cheng , Shengwei An , Zhuo Zhang , Qiuling Xu , Guangyu Shen , Xiangyu Zhang

We investigate a new method for injecting backdoors into machine learning models, based on compromising the loss-value computation in the model-training code. We use it to demonstrate new classes of backdoors strictly more powerful than…

Cryptography and Security · Computer Science 2021-02-22 Eugene Bagdasaryan , Vitaly Shmatikov

Deep neural networks (DNNs) are vulnerable to backdoor attacks, where adversaries can maliciously trigger model misclassifications by implanting a hidden backdoor during model training. This paper proposes a simple yet effective input-level…

Machine Learning · Computer Science 2024-06-04 Linshan Hou , Ruili Feng , Zhongyun Hua , Wei Luo , Leo Yu Zhang , Yiming Li