English
Related papers

Related papers: BFClass: A Backdoor-free Text Classification Frame…

200 papers

With the boom in the natural language processing (NLP) field these years, backdoor attacks pose immense threats against deep neural network models. However, previous works hardly consider the effect of the poisoning rate. In this paper, our…

Cryptography and Security · Computer Science 2023-11-27 Yueqi Zeng , Ziqiang Li , Pengfei Xia , Lei Liu , Bin Li

Backdoor attacks for neural code models have gained considerable attention due to the advancement of code intelligence. However, most existing works insert triggers into task-specific data for code-related downstream tasks, thereby limiting…

Cryptography and Security · Computer Science 2023-06-16 Yanzhou Li , Shangqing Liu , Kangjie Chen , Xiaofei Xie , Tianwei Zhang , Yang Liu

Deep learning models have recently shown to be vulnerable to backdoor poisoning, an insidious attack where the victim model predicts clean images correctly but classifies the same images as the target class when a trigger poison pattern is…

Computer Vision and Pattern Recognition · Computer Science 2019-11-20 Alvin Chan , Yew-Soon Ong

Machine learning is vulnerable to adversarial manipulation. Previous literature has demonstrated that at the training stage attackers can manipulate data and data sampling procedures to control model behaviour. A common attack goal is to…

Machine Learning · Computer Science 2022-06-17 Mikel Bober-Irizar , Ilia Shumailov , Yiren Zhao , Robert Mullins , Nicolas Papernot

Backdoor attacks create significant security threats to language models by embedding hidden triggers that manipulate model behavior during inference, presenting critical risks for AI systems deployed in healthcare and other sensitive…

Cryptography and Security · Computer Science 2026-04-30 Mohamed Afane , Abhishek Satyam , Ke Chen , Tao Li , Junaid Farooq , Juntao Chen

Recent studies show that neural natural language processing (NLP) models are vulnerable to backdoor attacks. Injected with backdoors, models perform normally on benign examples but produce attacker-specified predictions when the backdoor is…

Computation and Language · Computer Science 2021-06-14 Fanchao Qi , Yuan Yao , Sophia Xu , Zhiyuan Liu , Maosong Sun

As a distributed machine learning paradigm, Federated Learning (FL) enables large-scale clients to collaboratively train a model without sharing their raw data. However, due to the lack of data auditing for untrusted clients, FL is…

Machine Learning · Computer Science 2025-09-10 Yanxin Yang , Ming Hu , Xiaofei Xie , Yue Cao , Pengyu Zhang , Yihao Huang , Mingsong Chen

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced a series of insidious training-time attacks that inject backdoors in models designed for security…

Cryptography and Security · Computer Science 2025-05-06 Giorgio Severi , Simona Boboila , John Holodnak , Kendra Kratkiewicz , Rauf Izmailov , Michael J. De Lucia , Alina Oprea

Medical foundation models are gaining prominence in the medical community for their ability to derive general representations from extensive collections of medical image-text pairs. Recent research indicates that these models are…

Computer Vision and Pattern Recognition · Computer Science 2024-08-16 Asif Hanif , Fahad Shamshad , Muhammad Awais , Muzammal Naseer , Fahad Shahbaz Khan , Karthik Nandakumar , Salman Khan , Rao Muhammad Anwer

Backdoor attacks compromise the integrity and reliability of machine learning models by embedding a hidden trigger during the training process, which can later be activated to cause unintended misbehavior. We propose a novel backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-10-01 Felix Hsieh , Huy H. Nguyen , AprilPyone MaungMaung , Dmitrii Usynin , Isao Echizen

We investigate security concerns of the emergent instruction tuning paradigm, that models are trained on crowdsourced datasets with task instructions to achieve superior performance. Our studies demonstrate that an attacker can inject…

Computation and Language · Computer Science 2024-04-04 Jiashu Xu , Mingyu Derek Ma , Fei Wang , Chaowei Xiao , Muhao Chen

Large Language Models (LLMs) have greatly advanced Natural Language Processing (NLP), particularly through instruction tuning, which enables broad task generalization without additional fine-tuning. However, their reliance on large-scale…

Computation and Language · Computer Science 2026-04-21 San Kim , Gary Geunbae Lee

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-05-21 Aftab Hussain , Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Training pipelines for machine learning (ML) based malware classification often rely on crowdsourced threat feeds, exposing a natural attack injection point. In this paper, we study the susceptibility of feature-based ML malware classifiers…

Cryptography and Security · Computer Science 2021-01-12 Giorgio Severi , Jim Meyer , Scott Coull , Alina Oprea

Backdoor attack injects malicious behavior to models such that inputs embedded with triggers are misclassified to a target label desired by the attacker. However, natural features may behave like triggers, causing misclassification once…

Machine Learning · Computer Science 2021-03-18 Yingqi Liu , Guangyu Shen , Guanhong Tao , Zhenting Wang , Shiqing Ma , Xiangyu Zhang

Backdoor attacks have emerged as a prominent threat to natural language processing (NLP) models, where the presence of specific triggers in the input can lead poisoned models to misclassify these inputs to predetermined target classes.…

Cryptography and Security · Computer Science 2023-10-30 Lu Yan , Zhuo Zhang , Guanhong Tao , Kaiyuan Zhang , Xuan Chen , Guangyu Shen , Xiangyu Zhang

Deep learning achieves outstanding results in many machine learning tasks. Nevertheless, it is vulnerable to backdoor attacks that modify the training set to embed a secret functionality in the trained model. The modified training samples…

Computer Vision and Pattern Recognition · Computer Science 2023-04-24 Gorka Abad , Jing Xu , Stefanos Koffas , Behrad Tajalli , Stjepan Picek , Mauro Conti

Deep learning models have been deployed in numerous real-world applications such as autonomous driving and surveillance. However, these models are vulnerable in adversarial environments. Backdoor attack is emerging as a severe security…

Computer Vision and Pattern Recognition · Computer Science 2022-05-31 Shih-Han Chan , Yinpeng Dong , Jun Zhu , Xiaolu Zhang , Jun Zhou

In recent years, the security issues of artificial intelligence have become increasingly prominent due to the rapid development of deep learning research and applications. Backdoor attack is an attack targeting the vulnerability of deep…

Cryptography and Security · Computer Science 2023-12-14 Peixin Zhang , Jun Sun , Mingtian Tan , Xinyu Wang

Trojan backdoors can be injected into large language models at various stages, including pretraining, fine-tuning, and in-context learning, posing a significant threat to the model's alignment. Due to the nature of causal language modeling,…

Computation and Language · Computer Science 2025-01-22 Vedant Bhasin , Matthew Yudin , Razvan Stefanescu , Rauf Izmailov