English
Related papers

Related papers: Backdoor Attacks on Pre-trained Models by Layerwis…

200 papers

Deep Neural Networks (DNNs) are known to be vulnerable to backdoor attacks. In Natural Language Processing (NLP), DNNs are often backdoored during the fine-tuning process of a large-scale Pre-trained Language Model (PLM) with poisoned…

Computation and Language · Computer Science 2022-10-19 Zhiyuan Zhang , Lingjuan Lyu , Xingjun Ma , Chenguang Wang , Xu Sun

Data poisoning attacks compromise the integrity of machine-learning models by introducing malicious training samples to influence the results during test time. In this work, we investigate backdoor data poisoning attack on deep neural…

Machine Learning · Computer Science 2019-12-04 Mahesh Subedar , Nilesh Ahuja , Ranganath Krishnan , Ibrahima J. Ndiour , Omesh Tickoo

Backdoor and data-poisoning attacks can flip predictions with tiny training corruptions, yet a sharp theory linking poisoning strength, overparameterization, and regularization is lacking. We analyze ridge least squares with an unpenalized…

Machine Learning · Statistics 2026-01-06 Donald Flynn , Diego Granziol

Backdoor attacks pose a new threat to NLP models. A standard strategy to construct poisoned data in backdoor attacks is to insert triggers (e.g., rare words) into selected sentences and alter the original label to a target label. This…

Computation and Language · Computer Science 2022-04-28 Leilei Gan , Jiwei Li , Tianwei Zhang , Xiaoya Li , Yuxian Meng , Fei Wu , Yi Yang , Shangwei Guo , Chun Fan

Under a commonly-studied backdoor poisoning attack against classification models, an attacker adds a small trigger to a subset of the training data, such that the presence of this trigger at test time causes the classifier to always predict…

Machine Learning · Computer Science 2021-10-06 Mingjie Sun , Siddhant Agarwal , J. Zico Kolter

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data…

During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited…

Cryptography and Security · Computer Science 2025-10-13 Shuai Zhao , Xinyi Wu , Shiqian Zhao , Xiaobao Wu , Zhongliang Guo , Yanhao Jia , Anh Tuan Luu

Backdoors and poisoning attacks are a major threat to the security of machine-learning and vision systems. Often, however, these attacks leave visible artifacts in the images that can be visually detected and weaken the efficacy of the…

Cryptography and Security · Computer Science 2020-03-20 Erwin Quiring , Konrad Rieck

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many…

Cryptography and Security · Computer Science 2017-12-18 Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , Dawn Song

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-03-06 Aftab Hussain , Md Rafiqul Islam Rabin , Navid Ayoobi , Mohammad Amin Alipour

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-05-21 Aftab Hussain , Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Although deep neural networks (DNNs) have made rapid progress in recent years, they are vulnerable in adversarial environments. A malicious backdoor could be embedded in a model by poisoning the training dataset, whose intention is to make…

Cryptography and Security · Computer Science 2021-03-25 Yinpeng Dong , Xiao Yang , Zhijie Deng , Tianyu Pang , Zihao Xiao , Hang Su , Jun Zhu

Recent studies have widely investigated backdoor attacks on Large Language Models (LLMs) by inserting harmful question-answer (QA) pairs into their training data. However, we revisit existing attacks and identify two critical limitations:…

Computation and Language · Computer Science 2025-10-07 Jiawei Kong , Hao Fang , Xiaochen Yang , Kuofeng Gao , Bin Chen , Shu-Tao Xia , Ke Xu , Han Qiu

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Machine learning systems are vulnerable to backdoor attacks, where attackers manipulate model behavior through data tampering or architectural modifications. Traditional backdoor attacks involve injecting malicious samples with specific…

Cryptography and Security · Computer Science 2025-09-24 Yuan Ma , Jiankang Wei , Yilun Lyu , Kehao Chen , Jingtong Huang

Backdoor data poisoning attacks have recently been demonstrated in computer vision research as a potential safety risk for machine learning (ML) systems. Traditional data poisoning attacks manipulate training data to induce unreliability of…

Computer Vision and Pattern Recognition · Computer Science 2020-04-27 Loc Truong , Chace Jones , Brian Hutchinson , Andrew August , Brenda Praggastis , Robert Jasper , Nicole Nichols , Aaron Tuor

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang