English
Related papers

Related papers: Towards Understanding How Self-training Tolerates …

200 papers

Multimodal contrastive learning methods like CLIP train on noisy and uncurated training datasets. This is cheaper than labeling datasets manually, and even improves out-of-distribution robustness. We show that this practice makes backdoor…

Machine Learning · Computer Science 2022-03-29 Nicholas Carlini , Andreas Terzis

Recent progress in semi- and self-supervised learning has caused a rift in the long-held belief about the need for an enormous amount of labeled data for machine learning and the irrelevancy of unlabeled data. Although it has been…

Machine Learning · Computer Science 2023-03-14 Minwook Kim , Juseong Kim , Giltae Song

It is commonplace to produce application-specific models by fine-tuning large pre-trained models using a small bespoke dataset. The widespread availability of foundation model checkpoints on the web poses considerable risks, including the…

Cryptography and Security · Computer Science 2024-04-02 Yuxin Wen , Leo Marchyok , Sanghyun Hong , Jonas Geiping , Tom Goldstein , Nicholas Carlini

This paper investigates poisoning attacks against data-driven control methods. This work is motivated by recent trends showing that, in supervised learning, slightly modifying the data in a malicious manner can drastically deteriorate the…

Systems and Control · Electrical Eng. & Systems 2021-03-11 Alessio Russo , Alexandre Proutiere

Backdoor attack has emerged as a major security threat to deep neural networks (DNNs). While existing defense methods have demonstrated promising results on detecting or erasing backdoors, it is still not clear whether robust training…

Machine Learning · Computer Science 2021-12-02 Yige Li , Xixiang Lyu , Nodens Koren , Lingjuan Lyu , Bo Li , Xingjun Ma

Modern machine learning pipelines leverage large amounts of public data, making it infeasible to guarantee data quality and leaving models open to poisoning and backdoor attacks. Provably bounding model behavior under such attacks remains…

Machine Learning · Computer Science 2024-10-31 Philip Sosnin , Mark N. Müller , Maximilian Baader , Calvin Tsay , Matthew Wicker

In autonomous driving, behavior prediction is fundamental for safe motion planning, hence the security and robustness of prediction models against adversarial attacks are of paramount importance. We propose a novel adversarial backdoor…

Computer Vision and Pattern Recognition · Computer Science 2023-11-23 Mozhgan Pourkeshavarz , Mohammad Sabokrou , Amir Rasouli

Deep neural networks (DNNs) are vulnerable to backdoor attacks which can hide backdoor triggers in DNNs by poisoning training data. A backdoored model behaves normally on clean test images, yet consistently predicts a particular target…

Computer Vision and Pattern Recognition · Computer Science 2020-06-17 Shihao Zhao , Xingjun Ma , Xiang Zheng , James Bailey , Jingjing Chen , Yu-Gang Jiang

Machine learning is vulnerable to a wide variety of attacks. It is now well understood that by changing the underlying data distribution, an adversary can poison the model trained with it or introduce backdoors. In this paper we present a…

Machine Learning · Computer Science 2021-06-08 Ilia Shumailov , Zakhar Shumaylov , Dmitry Kazhdan , Yiren Zhao , Nicolas Papernot , Murat A. Erdogdu , Ross Anderson

Classifiers in supervised learning have various security and privacy issues, e.g., 1) data poisoning attacks, backdoor attacks, and adversarial examples on the security side as well as 2) inference attacks and the right to be forgotten for…

Cryptography and Security · Computer Science 2022-12-08 Hongbin Liu , Wenjie Qu , Jinyuan Jia , Neil Zhenqiang Gong

Deep neural networks are vulnerable to adversarial attacks, such as backdoor attacks in which a malicious adversary compromises a model during training such that specific behaviour can be triggered at test time by attaching a specific word…

Cryptography and Security · Computer Science 2022-10-21 You Guo , Jun Wang , Trevor Cohn

Backdoor (trojan) attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly…

Cryptography and Security · Computer Science 2025-09-10 Bilal Hussain Abbasi , Yanjun Zhang , Leo Zhang , Shang Gao

Federated learning has seen increased adoption in recent years in response to the growing regulatory demand for data privacy. However, the opaque local training process of federated learning also sparks rising concerns about model…

Artificial Intelligence · Computer Science 2023-08-24 Yuxi Mi , Yiheng Sun , Jihong Guan , Shuigeng Zhou

Data poisoning is a threat model in which a malicious actor tampers with training data to manipulate outcomes at inference time. A variety of defenses against this threat model have been proposed, but each suffers from at least one of the…

Machine Learning · Computer Science 2022-02-21 Jonas Geiping , Liam Fowl , Gowthami Somepalli , Micah Goldblum , Michael Moeller , Tom Goldstein

Recent studies have verified that semi-supervised learning (SSL) is vulnerable to data poisoning backdoor attacks. Even a tiny fraction of contaminated training data is sufficient for adversaries to manipulate up to 90\% of the test outputs…

Machine Learning · Computer Science 2025-02-11 Xinrui Wang , Chuanxing Geng , Wenhai Wan , Shao-yuan Li , Songcan Chen

Because state-of-the-art language models are expensive to train, most practitioners must make use of one of the few publicly available language models or language model APIs. This consolidation of trust increases the potency of backdoor…

Cryptography and Security · Computer Science 2023-07-28 Nikhil Kandpal , Matthew Jagielski , Florian Tramèr , Nicholas Carlini

Federated learning (FL) allows a set of agents to collaboratively train a model without sharing their potentially sensitive data. This makes FL suitable for privacy-preserving applications. At the same time, FL is susceptible to adversarial…

Machine Learning · Computer Science 2021-08-02 Mustafa Safa Ozdayi , Murat Kantarcioglu , Yulia R. Gel

Self-supervised learning (SSL) models are vulnerable to backdoor attacks. Existing backdoor attacks that are effective in SSL often involve noticeable triggers, like colored patches or visible noise, which are vulnerable to human…

Computer Vision and Pattern Recognition · Computer Science 2025-04-04 Hanrong Zhang , Zhenting Wang , Boheng Li , Fulin Lin , Tingxu Han , Mingyu Jin , Chenlu Zhan , Mengnan Du , Hongwei Wang , Shiqing Ma

Backdoor attacks aim to inject a backdoor into a classifier such that it predicts any input with an attacker-chosen backdoor trigger as an attacker-chosen target class. Existing backdoor attacks require either retraining the classifier with…

Cryptography and Security · Computer Science 2024-12-10 Bochuan Cao , Jinyuan Jia , Chuxuan Hu , Wenbo Guo , Zhen Xiang , Jinghui Chen , Bo Li , Dawn Song

Recent studies have shown that federated learning (FL) is vulnerable to poisoning attacks that inject a backdoor into the global model. These attacks are effective even when performed by a single client, and undetectable by most existing…

Cryptography and Security · Computer Science 2021-04-20 Sebastien Andreina , Giorgia Azzurra Marson , Helen Möllering , Ghassan Karame
‹ Prev 1 4 5 6 7 8 10 Next ›