English
Related papers

Related papers: Towards Understanding How Self-training Tolerates …

200 papers

Machine learning models are vulnerable to data-poisoning attacks, in which an attacker maliciously modifies the training set to change the prediction of a learned model. In a trigger-less attack, the attacker can modify the training set but…

Machine Learning · Computer Science 2022-10-18 Yuhao Zhang , Aws Albarghouthi , Loris D'Antoni

Federated learning (FL), which aims to facilitate data collaboration across multiple organizations without exposing data privacy, encounters potential security risks. One serious threat is backdoor attacks, where an attacker injects a…

Cryptography and Security · Computer Science 2023-06-21 Yuexin Xuan , Xiaojun Chen , Zhendong Zhao , Bisheng Tang , Ye Dong

Malicious clients can attack federated learning systems using malicious data, including backdoor samples, during the training phase. The compromised global model will perform well on the validation dataset designed for the task, but a small…

Cryptography and Security · Computer Science 2021-01-18 Chen Wu , Xian Yang , Sencun Zhu , Prasenjit Mitra

Self-training is a classical approach in semi-supervised learning which is successfully applied to a variety of machine learning problems. Self-training algorithm generates pseudo-labels for the unlabeled examples and progressively refines…

Machine Learning · Computer Science 2020-06-22 Samet Oymak , Talha Cihad Gulcu

With the increase in machine learning (ML) applications in different domains, incentives for deceiving these models have reached more than ever. As data is the core backbone of ML algorithms, attackers shifted their interest toward…

Cryptography and Security · Computer Science 2023-01-04 Kshitiz Aryal , Maanak Gupta , Mahmoud Abdelsalam

Deep models are highly susceptible to adversarial attacks. Such attacks are carefully crafted imperceptible noises that can fool the network and can cause severe consequences when deployed. To encounter them, the model requires training…

Machine Learning · Computer Science 2022-04-11 Gaurav Kumar Nayak , Ruchit Rawal , Anirban Chakraborty

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Supervised fine-tuning has become the predominant method for adapting large pretrained models to downstream tasks. However, recent studies have revealed that these models are vulnerable to backdoor attacks, where even a small number of…

Cryptography and Security · Computer Science 2025-01-08 Peihai Jiang , Xixiang Lyu , Yige Li , Jing Ma

Transfer learning from pre-trained encoders has become essential in modern machine learning, enabling efficient model adaptation across diverse tasks. However, this combination of pre-training and downstream adaptation creates an expanded…

Machine Learning · Computer Science 2025-04-17 Yechao Zhang , Yuxuan Zhou , Tianyu Li , Minghui Li , Shengshan Hu , Wei Luo , Leo Yu Zhang

Multimodal contrastive learning uses various data modalities to create high-quality features, but its reliance on extensive data sources on the Internet makes it vulnerable to backdoor attacks. These attacks insert malicious behaviors…

Cryptography and Security · Computer Science 2024-10-01 Kuanrong Liu , Siyuan Liang , Jiawei Liang , Pengwen Dai , Xiaochun Cao

Targeted clean-label data poisoning is a type of adversarial attack on machine learning systems in which an adversary injects a few correctly-labeled, minimally-perturbed samples into the training data, causing a model to misclassify a…

Machine Learning · Computer Science 2020-08-14 Neehar Peri , Neal Gupta , W. Ronny Huang , Liam Fowl , Chen Zhu , Soheil Feizi , Tom Goldstein , John P. Dickerson

Backdoors pose a serious threat to machine learning, as they can compromise the integrity of security-critical systems, such as self-driving cars. While different defenses have been proposed to address this threat, they all rely on the…

Cryptography and Security · Computer Science 2025-02-04 Alexander Warnecke , Julian Speith , Jan-Niklas Möller , Konrad Rieck , Christof Paar

Training pipelines for machine learning (ML) based malware classification often rely on crowdsourced threat feeds, exposing a natural attack injection point. In this paper, we study the susceptibility of feature-based ML malware classifiers…

Cryptography and Security · Computer Science 2021-01-12 Giorgio Severi , Jim Meyer , Scott Coull , Alina Oprea

We propose a semi-supervised text classifier based on self-training using one positive and one negative property of neural networks. One of the weaknesses of self-training is the semantic drift problem, where noisy pseudo-labels accumulate…

Computation and Language · Computer Science 2024-01-02 Payam Karisani

Well-known (non-malicious) sources of overfitting in deep neural net (DNN) classifiers include: i) large class imbalances; ii) insufficient training-set diversity; and iii) over-training. In recent work, it was shown that backdoor…

Machine Learning · Computer Science 2023-10-02 Hang Wang , David J. Miller , George Kesidis

Model adaptation tackles the distribution shift problem with a pre-trained model instead of raw data, which has become a popular paradigm due to its great privacy protection. Existing methods always assume adapting to a clean target domain,…

Cryptography and Security · Computer Science 2025-02-18 Lijun Sheng , Jian Liang , Ran He , Zilei Wang , Tieniu Tan

Since there are multiple parties in collaborative learning, malicious parties might manipulate the learning process for their own purposes through backdoor attacks. However, most of existing works only consider the federated learning…

Machine Learning · Computer Science 2020-07-08 Yang Liu , Zhihao Yi , Tianjian Chen

In the domain of backdoor attacks, accurate labeling of injected data is essential for evading rudimentary detection mechanisms. This imperative has catalyzed the development of clean-label attacks, which are notably more elusive as they…

Cryptography and Security · Computer Science 2024-01-18 Binhao Ma , Jiahui Wang , Dejun Wang , Bo Meng

Federated learning (FL) is a machine learning (ML) approach that allows the use of distributed data without compromising personal privacy. However, the heterogeneous distribution of data among clients in FL can make it difficult for the…

Machine Learning · Computer Science 2023-03-07 Thuy Dung Nguyen , Tuan Nguyen , Phi Le Nguyen , Hieu H. Pham , Khoa Doan , Kok-Seng Wong

Backdoor attacks become a significant security concern for deep neural networks in recent years. An image classification model can be compromised if malicious backdoors are injected into it. This corruption will cause the model to function…

Cryptography and Security · Computer Science 2024-03-13 Hongwei Zhang , Xiaoyin Xu , Dongsheng An , Xianfeng Gu , Min Zhang