English
Related papers

Related papers: BFClass: A Backdoor-free Text Classification Frame…

200 papers

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

Recently, a special type of data poisoning (DP) attack targeting Deep Neural Network (DNN) classifiers, known as a backdoor, was proposed. These attacks do not seek to degrade classification accuracy, but rather to have the classifier learn…

Machine Learning · Computer Science 2020-08-20 Zhen Xiang , David J. Miller , George Kesidis

Textual backdoor attacks present a substantial security risk to Large Language Models (LLM). It embeds carefully chosen triggers into a victim model at the training stage, and makes the model erroneously predict inputs containing the same…

Computation and Language · Computer Science 2024-07-08 Xinglin Li , Xianwen He , Yao Li , Minhao Cheng

Deep Learning backdoor attacks have a threat model similar to traditional cyber attacks. Attack forensics, a critical counter-measure for traditional cyber attacks, is hence of importance for defending model backdoor attacks. In this paper,…

Cryptography and Security · Computer Science 2023-01-18 Siyuan Cheng , Guanhong Tao , Yingqi Liu , Shengwei An , Xiangzhe Xu , Shiwei Feng , Guangyu Shen , Kaiyuan Zhang , Qiuling Xu , Shiqing Ma , Xiangyu Zhang

Recent studies have widely investigated backdoor attacks on Large Language Models (LLMs) by inserting harmful question-answer (QA) pairs into their training data. However, we revisit existing attacks and identify two critical limitations:…

Computation and Language · Computer Science 2025-10-07 Jiawei Kong , Hao Fang , Xiaochen Yang , Kuofeng Gao , Bin Chen , Shu-Tao Xia , Ke Xu , Han Qiu

Backdoor attacks threaten the deep learning supply chain by poisoning a small fraction of the training data so that a model behaves normally on clean inputs but misclassifies trigger-carrying inputs to an attacker-chosen target class.…

Cryptography and Security · Computer Science 2026-05-05 Yi Yang , Jinyang Huang , Binbin Liu , Feng-Qi Cui , Xiaokang Zhou , Zhi Liu , Jie Zhang , Meng Li

Backdoor attacks have become an emerging threat to NLP systems. By providing poisoned training data, the adversary can embed a "backdoor" into the victim model, which allows input instances satisfying certain textual patterns (e.g.,…

Computation and Language · Computer Science 2023-05-30 Jun Yan , Vansh Gupta , Xiang Ren

Machine learning systems are vulnerable to backdoor attacks, where attackers manipulate model behavior through data tampering or architectural modifications. Traditional backdoor attacks involve injecting malicious samples with specific…

Cryptography and Security · Computer Science 2025-09-24 Yuan Ma , Jiankang Wei , Yilun Lyu , Kehao Chen , Jingtong Huang

In recent years, machine learning models have been shown to be vulnerable to backdoor attacks. Under such attacks, an adversary embeds a stealthy backdoor into the trained model such that the compromised models will behave normally on clean…

Cryptography and Security · Computer Science 2022-10-18 Khoa D. Doan , Yingjie Lao , Ping Li

At present, backdoor attacks attract attention as they do great harm to deep learning models. The adversary poisons the training data making the model being injected with a backdoor after being trained unconsciously by victims using the…

Cryptography and Security · Computer Science 2023-03-06 Shengfang Zhai , Qingni Shen , Xiaoyi Chen , Weilong Wang , Cong Li , Yuejian Fang , Zhonghai Wu

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…

Backdoor attack has emerged as a major security threat to deep neural networks (DNNs). While existing defense methods have demonstrated promising results on detecting or erasing backdoors, it is still not clear whether robust training…

Machine Learning · Computer Science 2021-12-02 Yige Li , Xixiang Lyu , Nodens Koren , Lingjuan Lyu , Bo Li , Xingjun Ma

Recent studies have revealed a security threat to natural language processing (NLP) models, called the Backdoor Attack. Victim models can maintain competitive performance on clean samples while behaving abnormally on samples with a specific…

Computation and Language · Computer Science 2021-03-30 Wenkai Yang , Lei Li , Zhiyuan Zhang , Xuancheng Ren , Xu Sun , Bin He

Backdoor attacks on text classifiers can cause them to predict a predefined label when a particular "trigger" is present. Prior attacks often rely on triggers that are ungrammatical or otherwise unusual, leading to conspicuous attacks. As a…

Machine Learning · Computer Science 2025-04-25 Wencong You , Daniel Lowd

Deep neural networks (DNNs) are vulnerable to backdoor attacks which can hide backdoor triggers in DNNs by poisoning training data. A backdoored model behaves normally on clean test images, yet consistently predicts a particular target…

Computer Vision and Pattern Recognition · Computer Science 2020-06-17 Shihao Zhao , Xingjun Ma , Xiang Zheng , James Bailey , Jingjing Chen , Yu-Gang Jiang

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri

Backdoor attacks are among the most effective, practical, and stealthy attacks in deep learning. In this paper, we consider a practical scenario where a developer obtains a deep model from a third party and uses it as part of a…

Cryptography and Security · Computer Science 2025-03-28 Dorde Popovic , Amin Sadeghi , Ting Yu , Sanjay Chawla , Issa Khalil

Backdoor attacks pose a significant threat to deep neural networks, as backdoored models would misclassify poisoned samples with specific triggers into target classes while maintaining normal performance on clean samples. Among these,…

Cryptography and Security · Computer Science 2025-08-06 Yangxu Yin , Honglong Chen , Yudong Gao , Peng Sun , Liantao Wu , Zhe Li , Weifeng Liu

Machine learning models are vulnerable to data-poisoning attacks, in which an attacker maliciously modifies the training set to change the prediction of a learned model. In a trigger-less attack, the attacker can modify the training set but…

Machine Learning · Computer Science 2022-10-18 Yuhao Zhang , Aws Albarghouthi , Loris D'Antoni

As machine learning (ML) classifiers increasingly oversee the automated monitoring of network traffic, studying their resilience against adversarial attacks becomes critical. This paper focuses on poisoning attacks, specifically backdoor…

Cryptography and Security · Computer Science 2023-06-05 Giorgio Severi , Simona Boboila , Alina Oprea , John Holodnak , Kendra Kratkiewicz , Jason Matterer