English
Related papers

Related papers: BadPre: Task-agnostic Backdoor Attacks to Pre-trai…

200 papers

Prompt-tuning has emerged as an attractive paradigm for deploying large-scale language models due to its strong downstream task performance and efficient multitask serving ability. Despite its wide adoption, we empirically show that…

Computation and Language · Computer Science 2023-10-17 Chengkun Wei , Wenlong Meng , Zhikun Zhang , Min Chen , Minghu Zhao , Wenjing Fang , Lei Wang , Zihui Zhang , Wenzhi Chen

Backdoor attack aims at inducing neural models to make incorrect predictions for poison data while keeping predictions on the clean dataset unchanged, which creates a considerable threat to current natural language processing (NLP) systems.…

Computation and Language · Computer Science 2023-03-28 Xukun Zhou , Jiwei Li , Tianwei Zhang , Lingjuan Lyu , Muqiao Yang , Jun He

Backdoor attacks compromise model reliability by using triggers to manipulate outputs. Trigger inversion can accurately locate these triggers via a generator and is therefore critical for backdoor defense. However, the discrete nature of…

Cryptography and Security · Computer Science 2026-03-18 Ruyi Zhang , Heng Gao , Songlei Jian , Yusong Tan , Haifang Zhou

Fine-tuning pre-trained models for downstream tasks has led to a proliferation of open-sourced task-specific models. Recently, Model Merging (MM) has emerged as an effective approach to facilitate knowledge transfer among these…

Cryptography and Security · Computer Science 2024-09-04 Jinghuai Zhang , Jianfeng Chi , Zheng Li , Kunlin Cai , Yang Zhang , Yuan Tian

Deep neural networks (DNNs) have long been recognized as vulnerable to backdoor attacks. By providing poisoned training data in the fine-tuning process, the attacker can implant a backdoor into the victim model. This enables input samples…

Cryptography and Security · Computer Science 2024-09-10 Abdullah Arafat Miah , Yu Bi

Natural language processing (NLP) models are known to be vulnerable to backdoor attacks, which poses a newly arisen threat to NLP models. Prior online backdoor defense methods for NLP models only focus on the anomalies at either the input…

Computation and Language · Computer Science 2022-10-17 Sishuo Chen , Wenkai Yang , Zhiyuan Zhang , Xiaohan Bi , Xu Sun

Backdoor attack has emerged as a major security threat to deep neural networks (DNNs). While existing defense methods have demonstrated promising results on detecting or erasing backdoors, it is still not clear whether robust training…

Machine Learning · Computer Science 2021-12-02 Yige Li , Xixiang Lyu , Nodens Koren , Lingjuan Lyu , Bo Li , Xingjun Ma

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

Contrastive Vision-Language Pre-training, known as CLIP, has shown promising effectiveness in addressing downstream image recognition tasks. However, recent works revealed that the CLIP model can be implanted with a downstream-oriented…

Computer Vision and Pattern Recognition · Computer Science 2024-03-25 Jiawang Bai , Kuofeng Gao , Shaobo Min , Shu-Tao Xia , Zhifeng Li , Wei Liu

Large Language Models (LLMs) have achieved significantly advanced capabilities in understanding and generating human language text, which have gained increasing popularity over recent years. Apart from their state-of-the-art natural…

Cryptography and Security · Computer Science 2025-02-11 Yihe Zhou , Tao Ni , Wei-Bin Lee , Qingchuan Zhao

Deep Neural Networks (DNNs) are known to be vulnerable to backdoor attacks. In Natural Language Processing (NLP), DNNs are often backdoored during the fine-tuning process of a large-scale Pre-trained Language Model (PLM) with poisoned…

Computation and Language · Computer Science 2022-10-19 Zhiyuan Zhang , Lingjuan Lyu , Xingjun Ma , Chenguang Wang , Xu Sun

Prompt-based learning paradigm bridges the gap between pre-training and fine-tuning, and works effectively under the few-shot setting. However, we find that this learning paradigm inherits the vulnerability from the pre-training stage,…

Computation and Language · Computer Science 2022-04-12 Lei Xu , Yangyi Chen , Ganqu Cui , Hongcheng Gao , Zhiyuan Liu

Backdoor attacks are a kind of insidious security threat against machine learning models. After being injected with a backdoor in training, the victim model will produce adversary-specified outputs on the inputs embedded with predesigned…

Computation and Language · Computer Science 2021-06-04 Fanchao Qi , Mukai Li , Yangyi Chen , Zhengyan Zhang , Zhiyuan Liu , Yasheng Wang , Maosong Sun

Backdoor attack is a major threat to deep learning systems in safety-critical scenarios, which aims to trigger misbehavior of neural network models under attacker-controlled conditions. However, most backdoor attacks have to modify the…

Machine Learning · Computer Science 2023-08-24 Yizhen Yuan , Rui Kong , Shenghao Xie , Yuanchun Li , Yunxin Liu

Textual backdoor attacks are a kind of practical threat to NLP systems. By injecting a backdoor in the training phase, the adversary could control model predictions via predefined triggers. As various attack and defense models have been…

Machine Learning · Computer Science 2022-11-02 Ganqu Cui , Lifan Yuan , Bingxiang He , Yangyi Chen , Zhiyuan Liu , Maosong Sun

Backdoor attacks have emerged as a prominent threat to natural language processing (NLP) models, where the presence of specific triggers in the input can lead poisoned models to misclassify these inputs to predetermined target classes.…

Cryptography and Security · Computer Science 2023-10-30 Lu Yan , Zhuo Zhang , Guanhong Tao , Kaiyuan Zhang , Xuan Chen , Guangyu Shen , Xiangyu Zhang

The study of security in machine learning mainly focuses on downstream task-specific attacks, where the adversarial example is obtained by optimizing a loss function specific to the downstream task. At the same time, it has become standard…

Computer Vision and Pattern Recognition · Computer Science 2025-03-07 Brian Pulfer , Yury Belousov , Vitaliy Kinakh , Teddy Furon , Slava Voloshynovskiy

Backdoor attacks, which maliciously control a well-trained model's outputs of the instances with specific triggers, are recently shown to be serious threats to the safety of reusing deep neural networks (DNNs). In this work, we propose an…

Computation and Language · Computer Science 2021-10-18 Wenkai Yang , Yankai Lin , Peng Li , Jie Zhou , Xu Sun

Deep learning models are susceptible to adversarial attacks, where slight perturbations to input data lead to misclassification. Adversarial attacks become increasingly effective with access to information about the targeted classifier. In…

Machine Learning · Computer Science 2024-05-29 Yu Zhe , Rei Nagaike , Daiki Nishiyama , Kazuto Fukuchi , Jun Sakuma

Deep learning models are well known to be susceptible to backdoor attack, where the attacker only needs to provide a tampered dataset on which the triggers are injected. Models trained on the dataset will passively implant the backdoor, and…

Cryptography and Security · Computer Science 2024-06-21 Zonghao Ying , Bin Wu