English
Related papers

Related papers: Defending Against Stealthy Backdoor Attacks

200 papers

Backdoor attacks pose a significant threat to neural networks, enabling adversaries to manipulate model outputs on specific inputs, often with devastating consequences, especially in critical applications. While backdoor attacks have been…

Machine Learning · Computer Science 2025-07-30 Zhen Guo , Abhinav Kumar , Reza Tourani

Language Models (LMs) are becoming increasingly popular in real-world applications. Outsourcing model training and data hosting to third-party platforms has become a standard method for reducing costs. In such a situation, the attacker can…

Cryptography and Security · Computer Science 2024-12-05 Pengzhou Cheng , Zongru Wu , Wei Du , Haodong Zhao , Wei Lu , Gongshen Liu

Deep neural networks are vulnerable to adversarial attacks, such as backdoor attacks in which a malicious adversary compromises a model during training such that specific behaviour can be triggered at test time by attaching a specific word…

Cryptography and Security · Computer Science 2022-10-21 You Guo , Jun Wang , Trevor Cohn

This article deals with adversarial attacks towards deep learning systems for Natural Language Processing (NLP), in the context of privacy protection. We study a specific type of attack: an attacker eavesdrops on the hidden representations…

Computation and Language · Computer Science 2018-08-29 Maximin Coavoux , Shashi Narayan , Shay B. Cohen

Large language models (LLMs) have seen significant advancements, achieving superior performance in various Natural Language Processing (NLP) tasks, from understanding to reasoning. However, they remain vulnerable to backdoor attacks, where…

Computation and Language · Computer Science 2024-11-28 Chen Chen , Yuchen Sun , Xueluan Gong , Jiaxin Gao , Kwok-Yan Lam

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

With the rise of advanced reasoning capabilities, large language models (LLMs) are receiving increasing attention. However, although reasoning improves LLMs' performance on downstream tasks, it also introduces new security risks, as…

Cryptography and Security · Computer Science 2025-10-10 Man Hu , Xinyi Wu , Zuofeng Suo , Jinbo Feng , Linghui Meng , Yanhao Jia , Anh Tuan Luu , Shuai Zhao

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Adversarial attacks and backdoor attacks are two common security threats that hang over deep learning. Both of them harness task-irrelevant features of data in their implementation. Text style is a feature that is naturally irrelevant to…

Computation and Language · Computer Science 2021-10-15 Fanchao Qi , Yangyi Chen , Xurui Zhang , Mukai Li , Zhiyuan Liu , Maosong Sun

Because state-of-the-art language models are expensive to train, most practitioners must make use of one of the few publicly available language models or language model APIs. This consolidation of trust increases the potency of backdoor…

Cryptography and Security · Computer Science 2023-07-28 Nikhil Kandpal , Matthew Jagielski , Florian Tramèr , Nicholas Carlini

In a backdoor attack on a machine learning model, an adversary produces a model that performs well on normal inputs but outputs targeted misclassifications on inputs containing a small trigger pattern. Model compression is a widely-used…

Cryptography and Security · Computer Science 2021-05-03 Yulong Tian , Fnu Suya , Fengyuan Xu , David Evans

Pre-trained Natural Language Processing (NLP) models can be easily adapted to a variety of downstream language tasks. This significantly accelerates the development of language models. However, NLP models have been shown to be vulnerable to…

Computation and Language · Computer Science 2021-10-07 Kangjie Chen , Yuxian Meng , Xiaofei Sun , Shangwei Guo , Tianwei Zhang , Jiwei Li , Chun Fan

Large Language Models (LLMs), which bridge the gap between human language understanding and complex problem-solving, achieve state-of-the-art performance on several NLP tasks, particularly in few-shot and zero-shot settings. Despite the…

Cryptography and Security · Computer Science 2025-01-07 Shuai Zhao , Meihuizi Jia , Zhongliang Guo , Leilei Gan , Xiaoyu Xu , Xiaobao Wu , Jie Fu , Yichao Feng , Fengjun Pan , Luu Anh Tuan

Textual backdoor attacks present a substantial security risk to Large Language Models (LLM). It embeds carefully chosen triggers into a victim model at the training stage, and makes the model erroneously predict inputs containing the same…

Computation and Language · Computer Science 2024-07-08 Xinglin Li , Xianwen He , Yao Li , Minhao Cheng

Backdoor attack is a severe threat to the trustworthiness of DNN-based language models. In this paper, we first extend the definition of memorization of language models from sample-wise to more fine-grained sentence element-wise (e.g.,…

Computation and Language · Computer Science 2024-09-24 Zhenting Wang , Zhizhi Wang , Mingyu Jin , Mengnan Du , Juan Zhai , Shiqing Ma

In a backdoor attack, an adversary inserts maliciously constructed backdoor examples into a training set to make the resulting model vulnerable to manipulation. Defending against such attacks typically involves viewing these inserted…

Cryptography and Security · Computer Science 2023-07-20 Alaa Khaddaj , Guillaume Leclerc , Aleksandar Makelov , Kristian Georgiev , Hadi Salman , Andrew Ilyas , Aleksander Madry

Large Language Models (LLMs) are known to be vulnerable to backdoor attacks, where triggers embedded in poisoned samples can maliciously alter LLMs' behaviors. In this paper, we move beyond attacking LLMs and instead examine backdoor…

Cryptography and Security · Computer Science 2025-02-18 Huaizhi Ge , Yiming Li , Qifan Wang , Yongfeng Zhang , Ruixiang Tang

Backdoor attacks aim to surreptitiously insert malicious triggers into DNN models, granting unauthorized control during testing scenarios. Existing methods lack robustness against defense strategies and predominantly focus on enhancing…

Cryptography and Security · Computer Science 2024-12-03 Pengfei He , Yue Xing , Han Xu , Jie Ren , Yingqian Cui , Shenglai Zeng , Jiliang Tang , Makoto Yamada , Mohammad Sabokrou

At present, backdoor attacks attract attention as they do great harm to deep learning models. The adversary poisons the training data making the model being injected with a backdoor after being trained unconsciously by victims using the…

Cryptography and Security · Computer Science 2023-03-06 Shengfang Zhai , Qingni Shen , Xiaoyi Chen , Weilong Wang , Cong Li , Yuejian Fang , Zhonghai Wu

Natural language processing (NLP) systems have been proven to be vulnerable to backdoor attacks, whereby hidden features (backdoors) are trained into a language model and may only be activated by specific inputs (called triggers), to trick…

Computation and Language · Computer Science 2021-09-29 Shaofeng Li , Hui Liu , Tian Dong , Benjamin Zi Hao Zhao , Minhui Xue , Haojin Zhu , Jialiang Lu