English
Related papers

Related papers: WeDef: Weakly Supervised Backdoor Defense for Text…

200 papers

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Deep neural networks are vulnerable to adversarial attacks, such as backdoor attacks in which a malicious adversary compromises a model during training such that specific behaviour can be triggered at test time by attaching a specific word…

Cryptography and Security · Computer Science 2022-10-21 You Guo , Jun Wang , Trevor Cohn

Weakly-supervised text classification aims to induce text classifiers from only a few user-provided seed words. The vast majority of previous work assumes high-quality seed words are given. However, the expert-annotated seed words are…

Computation and Language · Computer Science 2021-04-21 Yiping Jin , Akshay Bhatia , Dittaya Wanvarie

Backdoor attacks have become a major security threat for deploying machine learning models in security-critical applications. Existing research endeavors have proposed many defenses against backdoor attacks. Despite demonstrating certain…

Machine Learning · Computer Science 2023-11-28 Hengzhi Pei , Jinyuan Jia , Wenbo Guo , Bo Li , Dawn Song

Weakly-supervised text classification aims to train a classifier using only class descriptions and unlabeled data. Recent research shows that keyword-driven methods can achieve state-of-the-art performance on various tasks. However, these…

Computation and Language · Computer Science 2022-12-16 Tingyu Xia , Yue Wang , Yuan Tian , Yi Chang

Textual backdoor attack, as a novel attack model, has been shown to be effective in adding a backdoor to the model during training. Defending against such backdoor attacks has become urgent and important. In this paper, we propose AttDef,…

Computation and Language · Computer Science 2023-08-08 Jiazhao Li , Zhuofeng Wu , Wei Ping , Chaowei Xiao , V. G. Vinod Vydiswaran

Deep neural networks are gaining increasing popularity for the classic text classification task, due to their strong expressive power and less requirement for feature engineering. Despite such attractiveness, neural text classification…

Information Retrieval · Computer Science 2018-09-13 Yu Meng , Jiaming Shen , Chao Zhang , Jiawei Han

Recently, self-supervised learning (SSL) was shown to be vulnerable to patch-based data poisoning backdoor attacks. It was shown that an adversary can poison a small part of the unlabeled data so that when a victim trains an SSL model on…

Computer Vision and Pattern Recognition · Computer Science 2023-04-05 Ajinkya Tejankar , Maziar Sanjabi , Qifan Wang , Sinong Wang , Hamed Firooz , Hamed Pirsiavash , Liang Tan

Backdoor data poisoning is an emerging form of adversarial attack usually against deep neural network image classifiers. The attacker poisons the training set with a relatively small set of images from one (or several) source class(es),…

Machine Learning · Computer Science 2020-10-16 Zhen Xiang , David J. Miller , George Kesidis

In weakly-supervised text classification, only label names act as sources of supervision. Predominant approaches to weakly-supervised text classification utilize a two-phase framework, where test samples are first assigned pseudo-labels and…

Computation and Language · Computer Science 2022-10-14 Seongmin Park , Jihwa Lee

Recent advances in weakly supervised text classification mostly focus on designing sophisticated methods to turn high-level human heuristics into quality pseudo-labels. In this paper, we revisit the seed matching-based method, which is…

Computation and Language · Computer Science 2023-10-24 Chengyu Dong , Zihan Wang , Jingbo Shang

Dataless text classification, i.e., a new paradigm of weakly supervised learning, refers to the task of learning with unlabeled documents and a few predefined representative words of categories, known as seed words. The recent generative…

Computation and Language · Computer Science 2021-12-07 Bing Wang , Yue Wang , Ximing Li , Jihong Ouyang

Backdoor attacks pose a new threat to NLP models. A standard strategy to construct poisoned data in backdoor attacks is to insert triggers (e.g., rare words) into selected sentences and alter the original label to a target label. This…

Computation and Language · Computer Science 2022-04-28 Leilei Gan , Jiwei Li , Tianwei Zhang , Xiaoya Li , Yuxian Meng , Fei Wu , Yi Yang , Shangwei Guo , Chun Fan

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Under a commonly-studied backdoor poisoning attack against classification models, an attacker adds a small trigger to a subset of the training data, such that the presence of this trigger at test time causes the classifier to always predict…

Machine Learning · Computer Science 2021-10-06 Mingjie Sun , Siddhant Agarwal , J. Zico Kolter

In this paper, we explore text classification with extremely weak supervision, i.e., only relying on the surface text of class names. This is a more challenging setting than the seed-driven weak supervision, which allows a few seed words…

Computation and Language · Computer Science 2022-02-09 Zihan Wang , Dheeraj Mekala , Jingbo Shang

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

We propose VIBE, a model-agnostic framework that trains classifiers resilient to backdoor attacks. The key concept behind our approach is to treat malicious inputs and corrupted labels from the training dataset as observed random variables,…

Machine Learning · Computer Science 2025-08-27 Ivan Sabolić , Matej Grcić , Siniša Šegvić

Deep neural networks are vulnerable to backdoor attacks, a type of adversarial attack that poisons the training data to manipulate the behavior of models trained on such data. Clean-label attacks are a more stealthy form of backdoor attacks…

Machine Learning · Computer Science 2024-07-17 Quang H. Nguyen , Nguyen Ngoc-Hieu , The-Anh Ta , Thanh Nguyen-Tang , Kok-Seng Wong , Hoang Thanh-Tung , Khoa D. Doan

Textual backdoor attacks are a kind of practical threat to NLP systems. By injecting a backdoor in the training phase, the adversary could control model predictions via predefined triggers. As various attack and defense models have been…

Machine Learning · Computer Science 2022-11-02 Ganqu Cui , Lifan Yuan , Bingxiang He , Yangyi Chen , Zhiyuan Liu , Maosong Sun
‹ Prev 1 2 3 10 Next ›