English
Related papers

Related papers: Towards Understanding How Self-training Tolerates …

200 papers

Adversarial training (AT) is a robust learning algorithm that can defend against adversarial attacks in the inference phase and mitigate the side effects of corrupted data in the training phase. As such, it has become an indispensable…

Cryptography and Security · Computer Science 2023-05-02 Jingfeng Zhang , Bo Song , Bo Han , Lei Liu , Gang Niu , Masashi Sugiyama

Data heterogeneity and backdoor attacks rank among the most significant challenges facing federated learning (FL). For data heterogeneity, personalized federated learning (PFL) enables each client to maintain a private personalized model to…

Machine Learning · Computer Science 2025-01-23 Mingyuan Fan , Zhanyi Hu , Fuyi Wang , Cen Chen

Backdoor attacks are a kind of emergent security threat in deep learning. After being injected with a backdoor, a deep neural model will behave normally on standard inputs but give adversary-specified predictions once the input contains…

Cryptography and Security · Computer Science 2022-10-20 Yangyi Chen , Fanchao Qi , Hongcheng Gao , Zhiyuan Liu , Maosong Sun

A backdoor data poisoning attack is an adversarial attack wherein the attacker injects several watermarked, mislabeled training examples into a training set. The watermark does not impact the test-time performance of the model on typical…

Machine Learning · Computer Science 2021-11-05 Naren Sarayu Manoj , Avrim Blum

Poisoning backdoor attacks involve an adversary manipulating the training data to induce certain behaviors in the victim model by inserting a trigger in the signal at inference time. We adapted clean label backdoor (CLBD)-data poisoning…

Cryptography and Security · Computer Science 2024-09-16 Henry Li Xinyuan , Sonal Joshi , Thomas Thebaud , Jesus Villalba , Najim Dehak , Sanjeev Khudanpur

We investigate security concerns of the emergent instruction tuning paradigm, that models are trained on crowdsourced datasets with task instructions to achieve superior performance. Our studies demonstrate that an attacker can inject…

Computation and Language · Computer Science 2024-04-04 Jiashu Xu , Mingyu Derek Ma , Fei Wang , Chaowei Xiao , Muhao Chen

Deep learning models have consistently outperformed traditional machine learning models in various classification tasks, including image classification. As such, they have become increasingly prevalent in many real world applications…

Cryptography and Security · Computer Science 2018-08-31 Cong Liao , Haoti Zhong , Anna Squicciarini , Sencun Zhu , David Miller

Semi-supervised Federated Learning (SSFL) has recently drawn much attention due to its practical consideration, i.e., the clients may only have unlabeled data. In practice, these SSFL systems implement semi-supervised training by assigning…

Machine Learning · Computer Science 2022-05-10 Yi Liu , Xingliang Yuan , Ruihui Zhao , Cong Wang , Dusit Niyato , Yefeng Zheng

Data poisoning and backdoor attacks manipulate training data in order to cause models to fail during inference. A recent survey of industry practitioners found that data poisoning is the number one concern among threats ranging from model…

Machine Learning · Computer Science 2021-06-18 Avi Schwarzschild , Micah Goldblum , Arjun Gupta , John P Dickerson , Tom Goldstein

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao

The widespread adoption of deep learning across various industries has introduced substantial challenges, particularly in terms of model explainability and security. The inherent complexity of deep learning models, while contributing to…

Cryptography and Security · Computer Science 2025-01-08 Kealan Dunnett , Reza Arablouei , Dimity Miller , Volkan Dedeoglu , Raja Jurdak

DNNs' demand for massive data forces practitioners to collect data from the Internet without careful check due to the unacceptable cost, which brings potential risks of backdoor attacks. A backdoored model always predicts a target class in…

Machine Learning · Computer Science 2022-02-23 Yinghua Gao , Dongxian Wu , Jingfeng Zhang , Guanhao Gan , Shu-Tao Xia , Gang Niu , Masashi Sugiyama

In recent years, the security issues of artificial intelligence have become increasingly prominent due to the rapid development of deep learning research and applications. Backdoor attack is an attack targeting the vulnerability of deep…

Cryptography and Security · Computer Science 2023-12-14 Peixin Zhang , Jun Sun , Mingtian Tan , Xinyu Wang

In a backdoor attack, an adversary injects corrupted data into a model's training dataset in order to gain control over its predictions on images with a specific attacker-defined trigger. A typical corrupted training example requires…

Machine Learning · Computer Science 2023-10-31 Rishi D. Jha , Jonathan Hayase , Sewoong Oh

Federated learning allows multiple users to collaboratively train a shared classification model while preserving data privacy. This approach, where model updates are aggregated by a central server, was shown to be vulnerable to poisoning…

Machine Learning · Computer Science 2020-12-17 Chien-Lun Chen , Leana Golubchik , Marco Paolieri

As a new paradigm in machine learning, self-supervised learning (SSL) is capable of learning high-quality representations of complex data without relying on labels. In addition to eliminating the need for labeled data, research has found…

Cryptography and Security · Computer Science 2023-08-15 Changjiang Li , Ren Pang , Zhaohan Xi , Tianyu Du , Shouling Ji , Yuan Yao , Ting Wang

The huge supporting training data on the Internet has been a key factor in the success of deep learning models. However, this abundance of public-available data also raises concerns about the unauthorized exploitation of datasets for…

Cryptography and Security · Computer Science 2023-04-11 Ruixiang Tang , Qizhang Feng , Ninghao Liu , Fan Yang , Xia Hu

Deep neural networks (DNNs) are vulnerable to backdoor attack, which does not affect the network's performance on clean data but would manipulate the network behavior once a trigger pattern is added. Existing defense methods have greatly…

Machine Learning · Computer Science 2025-04-08 Min Liu , Alberto Sangiovanni-Vincentelli , Xiangyu Yue

Data poisoning attacks aim to manipulate the model produced by a learning algorithm by adversarially modifying the training set. We consider differential privacy as a defensive measure against this type of attack. We show that such learners…

Machine Learning · Computer Science 2019-07-08 Yuzhe Ma , Xiaojin Zhu , Justin Hsu

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri