English
Related papers

Related papers: BadCS: A Backdoor Attack Framework for Code search

200 papers

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Data-poisoning backdoor attacks are serious security threats to machine learning models, where an adversary can manipulate the training dataset to inject backdoors into models. In this paper, we focus on in-training backdoor defense, aiming…

Cryptography and Security · Computer Science 2024-10-16 Shaokui Wei , Hongyuan Zha , Baoyuan Wu

With the broad application of deep neural networks (DNNs), backdoor attacks have gradually attracted attention. Backdoor attacks are insidious, and poisoned models perform well on benign samples and are only triggered when given specific…

Machine Learning · Computer Science 2022-07-12 Chang Yue , Peizhuo Lv , Ruigang Liang , Kai Chen

Backdoor attack has emerged as a major security threat to deep neural networks (DNNs). While existing defense methods have demonstrated promising results on detecting or erasing backdoors, it is still not clear whether robust training…

Machine Learning · Computer Science 2021-12-02 Yige Li , Xixiang Lyu , Nodens Koren , Lingjuan Lyu , Bo Li , Xingjun Ma

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

The rapid expansion of connected devices has made them prime targets for cyberattacks. To address these threats, deep learning-based, data-driven intrusion detection systems (IDS) have emerged as powerful tools for detecting and mitigating…

Machine Learning · Computer Science 2025-01-29 Ajesh Koyatan Chathoth , Stephen Lee

Data-poisoning based backdoor attacks aim to insert backdoor into models by manipulating training datasets without controlling the training process of the target model. Existing attack methods mainly focus on designing triggers or fusion…

Cryptography and Security · Computer Science 2023-07-17 Zihao Zhu , Mingda Zhang , Shaokui Wei , Li Shen , Yanbo Fan , Baoyuan Wu

Backdoor attack has been considered as a serious security threat to deep neural networks (DNNs). Poisoned sample detection (PSD) that aims at filtering out poisoned samples from an untrustworthy training dataset has shown very promising…

Computer Vision and Pattern Recognition · Computer Science 2024-11-19 Mingda Zhang , Mingli Zhu , Zihao Zhu , Baoyuan Wu

Recent studies have widely investigated backdoor attacks on Large Language Models (LLMs) by inserting harmful question-answer (QA) pairs into their training data. However, we revisit existing attacks and identify two critical limitations:…

Computation and Language · Computer Science 2025-10-07 Jiawei Kong , Hao Fang , Xiaochen Yang , Kuofeng Gao , Bin Chen , Shu-Tao Xia , Ke Xu , Han Qiu

Large language models (LLMs) are shown to benefit from chain-of-thought (COT) prompting, particularly when tackling tasks that require systematic reasoning processes. On the other hand, COT prompting also poses new vulnerabilities in the…

Cryptography and Security · Computer Science 2024-01-24 Zhen Xiang , Fengqing Jiang , Zidi Xiong , Bhaskar Ramasubramanian , Radha Poovendran , Bo Li

Deep learning models have recently shown to be vulnerable to backdoor poisoning, an insidious attack where the victim model predicts clean images correctly but classifies the same images as the target class when a trigger poison pattern is…

Computer Vision and Pattern Recognition · Computer Science 2019-11-20 Alvin Chan , Yew-Soon Ong

Backdoor attacks insert malicious data into a training set so that, during inference time, it misclassifies inputs that have been patched with a backdoor trigger as the malware specified label. For backdoor attacks to bypass human…

Cryptography and Security · Computer Science 2022-04-18 Yi Zeng , Minzhou Pan , Hoang Anh Just , Lingjuan Lyu , Meikang Qiu , Ruoxi Jia

Chat template is a common technique used in the training and inference stages of Large Language Models (LLMs). It can transform input and output data into role-based and templated expressions to enhance the performance of LLMs. However,…

Cryptography and Security · Computer Science 2026-02-06 Zihan Wang , Hongwei Li , Rui Zhang , Wenbo Jiang , Guowen Xu

Despite the remarkable progress of diffusion models in image generation, recent studies reveal their vulnerability to backdoor attacks via covert visual or textual triggers. Although evolving defense mechanisms can detect most existing…

Cryptography and Security · Computer Science 2026-05-29 Jia Wu , Yu Pan , Junjun Yang , Yi Du

Neural code models (NCMs) have demonstrated extraordinary capabilities in code intelligence tasks. Meanwhile, the security of NCMs and NCMs-based systems has garnered increasing attention. In particular, NCMs are often trained on…

Software Engineering · Computer Science 2025-02-25 Weisong Sun , Yuchen Chen , Mengzhe Yuan , Chunrong Fang , Zhenpeng Chen , Chong Wang , Yang Liu , Baowen Xu , Zhenyu Chen

Recently, self-supervised learning (SSL) was shown to be vulnerable to patch-based data poisoning backdoor attacks. It was shown that an adversary can poison a small part of the unlabeled data so that when a victim trains an SSL model on…

Computer Vision and Pattern Recognition · Computer Science 2023-04-05 Ajinkya Tejankar , Maziar Sanjabi , Qifan Wang , Sinong Wang , Hamed Firooz , Hamed Pirsiavash , Liang Tan

Recent studies have revealed that deep neural networks (DNNs) are vulnerable to backdoor attacks, where attackers embed hidden backdoors in the DNN model by poisoning a few training samples. The attacked model behaves normally on benign…

Cryptography and Security · Computer Science 2022-02-09 Kunzhe Huang , Yiming Li , Baoyuan Wu , Zhan Qin , Kui Ren

Federated Learning (FL) allows multiple clients to collaboratively train a Neural Network (NN) model on their private data without revealing the data. Recently, several targeted poisoning attacks against FL have been introduced. These…

Cryptography and Security · Computer Science 2022-01-04 Phillip Rieger , Thien Duc Nguyen , Markus Miettinen , Ahmad-Reza Sadeghi

Poisoning-based backdoor attacks pose significant threats to deep neural networks by embedding triggers in training data, causing models to misclassify triggered inputs as adversary-specified labels while maintaining performance on clean…

Cryptography and Security · Computer Science 2026-04-24 Yuchen Shi , Xin Guo , Huajie Chen , Tianqing Zhu , Bo Liu , Wanlei Zhou

Code LLMs are increasingly employed in software development. However, studies have shown that they are vulnerable to backdoor attacks: when a trigger (a specific input pattern) appears in the input, the backdoor will be activated and cause…

Cryptography and Security · Computer Science 2025-10-07 Chenyu Wang , Zhou Yang , Yaniv Harel , David Lo