English
Related papers

Related papers: Towards Understanding How Self-training Tolerates …

200 papers

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Recent studies have shown that deep neural networks (DNNs) are vulnerable to backdoor attacks, where a designed trigger is injected into the dataset, causing erroneous predictions when activated. In this paper, we propose a novel defense…

Machine Learning · Computer Science 2025-08-08 Wenjie Huo , Katinka Wolter

Backdoor attacks compromise the integrity and reliability of machine learning models by embedding a hidden trigger during the training process, which can later be activated to cause unintended misbehavior. We propose a novel backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-10-01 Felix Hsieh , Huy H. Nguyen , AprilPyone MaungMaung , Dmitrii Usynin , Isao Echizen

Neural networks are widely known to be vulnerable to backdoor attacks, a method that poisons a portion of the training data to make the target model perform well on normal data sets, while outputting attacker-specified or random categories…

Computer Vision and Pattern Recognition · Computer Science 2024-06-07 Yong Li , Han Gao

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced a series of insidious training-time attacks that inject backdoors in models designed for security…

Cryptography and Security · Computer Science 2025-05-06 Giorgio Severi , Simona Boboila , John Holodnak , Kendra Kratkiewicz , Rauf Izmailov , Michael J. De Lucia , Alina Oprea

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Semi-supervised learning approaches train on small sets of labeled data along with large sets of unlabeled data. Self-training is a semi-supervised teacher-student approach that often suffers from the problem of "confirmation bias" that…

Machine Learning · Computer Science 2023-01-19 Aswathnarayan Radhakrishnan , Jim Davis , Zachary Rabin , Benjamin Lewis , Matthew Scherreik , Roman Ilin

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

Contrastive learning has become a leading self- supervised approach to representation learning across domains, including vision, multimodal settings, graphs, and federated learning. However, recent studies have shown that contrastive…

Machine Learning · Computer Science 2026-01-19 Simi D Kuniyilh , Rita Machacy

Backdoor data poisoning attacks have recently been demonstrated in computer vision research as a potential safety risk for machine learning (ML) systems. Traditional data poisoning attacks manipulate training data to induce unreliability of…

Computer Vision and Pattern Recognition · Computer Science 2020-04-27 Loc Truong , Chace Jones , Brian Hutchinson , Andrew August , Brenda Praggastis , Robert Jasper , Nicole Nichols , Aaron Tuor

In a backdoor attack, an adversary inserts maliciously constructed backdoor examples into a training set to make the resulting model vulnerable to manipulation. Defending against such attacks typically involves viewing these inserted…

Cryptography and Security · Computer Science 2023-07-20 Alaa Khaddaj , Guillaume Leclerc , Aleksandar Makelov , Kristian Georgiev , Hadi Salman , Andrew Ilyas , Aleksander Madry

Backdoor attacks undermine the integrity of machine learning models by allowing attackers to manipulate predictions using poisoned training data. Such attacks lead to targeted misclassification when specific triggers are present, while the…

Cryptography and Security · Computer Science 2025-02-12 Shaokui Wei , Jiayin Liu , Hongyuan Zha

Multimodal contrastive learning has emerged as a powerful paradigm for building high-quality features using the complementary strengths of various data modalities. However, the open nature of such systems inadvertently increases the…

Computer Vision and Pattern Recognition · Computer Science 2024-03-26 Siyuan Liang , Kuanrong Liu , Jiajun Gong , Jiawei Liang , Yuan Xun , Ee-Chien Chang , Xiaochun Cao

Self-Supervised Learning (SSL) has shown great promise in learning representations from unlabeled data. The power of learning representations without the need for human annotations has made SSL a widely used technique in real-world…

Computer Vision and Pattern Recognition · Computer Science 2024-09-17 Aryan Satpathy , Nilaksh Singh , Dhruva Rajwade , Somesh Kumar

We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the…

Machine Learning · Computer Science 2024-08-02 Jimmy Z. Di , Jack Douglas , Jayadev Acharya , Gautam Kamath , Ayush Sekhari

The recent success of machine learning (ML) has been fueled by the increasing availability of computing power and large amounts of data in many different applications. However, the trustworthiness of the resulting models can be compromised…

Cryptography and Security · Computer Science 2024-03-11 Antonio Emanuele Cinà , Kathrin Grosse , Ambra Demontis , Battista Biggio , Fabio Roli , Marcello Pelillo

Decentralised post-training of large language models utilises data and pipeline parallelism techniques to split the data and the model. Unfortunately, decentralised post-training can be vulnerable to poisoning and backdoor attacks by one or…

Cryptography and Security · Computer Science 2026-04-06 Oğuzhan Ersoy , Nikolay Blagoev , Jona te Lintelo , Stefanos Koffas , Marina Krček , Stjepan Picek

Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…

Cryptography and Security · Computer Science 2025-06-17 Marco Arazzi , Antonino Nocera , Vinod P

Wild images on the web are vulnerable to backdoor (also called trojan) poisoning, causing machine learning models learned on these images to be injected with backdoors. Most previous attacks assumed that the wild images are labeled. In…

Computers and Society · Computer Science 2023-01-03 Le Feng , Zhenxing Qian , Sheng Li , Xinpeng Zhang