English
Related papers

Related papers: Sharpness-Aware Data Poisoning Attack

200 papers

Backdoor attack has been considered as a serious security threat to deep neural networks (DNNs). Poisoned sample detection (PSD) that aims at filtering out poisoned samples from an untrustworthy training dataset has shown very promising…

Computer Vision and Pattern Recognition · Computer Science 2024-11-19 Mingda Zhang , Mingli Zhu , Zihao Zhu , Baoyuan Wu

Data poisoning attacks compromise the integrity of machine-learning models by introducing malicious training samples to influence the results during test time. In this work, we investigate backdoor data poisoning attack on deep neural…

Machine Learning · Computer Science 2019-12-04 Mahesh Subedar , Nilesh Ahuja , Ranganath Krishnan , Ibrahima J. Ndiour , Omesh Tickoo

Deep neural networks (DNNs) are vulnerable to backdoor attacks, where the adversary manipulates a small portion of training data such that the victim model predicts normally on the benign samples but classifies the triggered samples as the…

Computer Vision and Pattern Recognition · Computer Science 2024-06-07 Yinghua Gao , Yiming Li , Xueluan Gong , Zhifeng Li , Shu-Tao Xia , Qian Wang

Recommender Systems~(RS) have been shown to be vulnerable to injective attacks, where attackers inject limited fake user profiles to promote the exposure of target items to real users for unethical gains (e.g., economic or political…

Machine Learning · Computer Science 2026-04-27 Junsong Xie , Yonghui Yang , Pengyang Shao , Le Wu

To promote secure and private artificial intelligence (SPAI), we review studies on the model security and data privacy of DNNs. Model security allows system to behave as intended without being affected by malicious external influences that…

Cryptography and Security · Computer Science 2021-03-11 Ho Bae , Jaehee Jang , Dahuin Jung , Hyemi Jang , Heonseok Ha , Hyungyu Lee , Sungroh Yoon

Backdoor attack has emerged as a novel and concerning threat to AI security. These attacks involve the training of Deep Neural Network (DNN) on datasets that contain hidden trigger patterns. Although the poisoned model behaves normally on…

Cryptography and Security · Computer Science 2024-03-06 Huasong Zhou , Xiaowei Xu , Xiaodong Wang , Leon Bevan Bullock

Backdoor attacks, which maliciously control a well-trained model's outputs of the instances with specific triggers, are recently shown to be serious threats to the safety of reusing deep neural networks (DNNs). In this work, we propose an…

Computation and Language · Computer Science 2021-10-18 Wenkai Yang , Yankai Lin , Peng Li , Jie Zhou , Xu Sun

Data poisoning is a training-time attack that undermines the trustworthiness of learned models. In a targeted data poisoning attack, an adversary manipulates the training dataset to alter the classification of a targeted test point. Given…

Machine Learning · Computer Science 2025-11-18 Nakshatra Gupta , Sumanth Prabhu , Supratik Chakraborty , R Venkatesh

Deep neural networks (DNNs) have been widely used in many fields such as images processing, speech recognition; however, they are vulnerable to adversarial examples, and this is a security issue worthy of attention. Because the training…

Cryptography and Security · Computer Science 2019-08-08 Wenjian Luo , Chenwang Wu , Nan Zhou , Li Ni

Deep learning models can be fooled by small $l_p$-norm adversarial perturbations and natural perturbations in terms of attributes. Although the robustness against each perturbation has been explored, it remains a challenge to address the…

Machine Learning · Computer Science 2023-04-11 Dashan Gao , Yunce Zhao , Yinghua Yao , Zeqi Zhang , Bifei Mao , Xin Yao

Deep Neural Network (DNN) models have vulnerabilities related to security concerns, with attackers usually employing complex hacking techniques to expose their structures. Data poisoning-enabled perturbation attacks are complex adversarial…

Computer Vision and Pattern Recognition · Computer Science 2020-12-10 Mohammed Hassanin , Ibrahim Radwan , Nour Moustafa , Murat Tahtali , Neeraj Kumar

Modern deep neural networks (DNNs) have achieved state-of-the-art performances but are typically over-parameterized. The over-parameterization may result in undesirably large generalization error in the absence of other customized training…

Machine Learning · Computer Science 2023-03-03 Jiawei Du , Daquan Zhou , Jiashi Feng , Vincent Y. F. Tan , Joey Tianyi Zhou

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), such that the attacked model performs well on benign samples, whereas its prediction will be maliciously changed if the hidden backdoor is activated by the…

Cryptography and Security · Computer Science 2022-04-13 Shaik Mohammed Maqsood , Viveros Manuela Ceron , Addluri GowthamKrishna

Property inference attacks allow an adversary to extract global properties of the training dataset from a machine learning model. Such attacks have privacy implications for data owners sharing their datasets to train machine learning…

Machine Learning · Computer Science 2023-06-23 Harsh Chaudhari , John Abascal , Alina Oprea , Matthew Jagielski , Florian Tramèr , Jonathan Ullman

Data poisoning attacks, in which a malicious adversary aims to influence a model by injecting "poisoned" data into the training process, have attracted significant recent attention. In this work, we take a closer look at existing poisoning…

Machine Learning · Computer Science 2024-02-16 Yiwei Lu , Gautam Kamath , Yaoliang Yu

Model inversion attacks pose a significant privacy threat to machine learning models by reconstructing sensitive data from their outputs. While various defenses have been proposed to counteract these attacks, they often come at the cost of…

Cryptography and Security · Computer Science 2024-12-11 Shuai Zhou , Dayong Ye , Tianqing Zhu , Wanlei Zhou

Deep image classification models trained on vast amounts of web-scraped data are susceptible to data poisoning - a mechanism for backdooring models. A small number of poisoned samples seen during training can severely undermine a model's…

Cryptography and Security · Computer Science 2023-06-30 Nils Lukas , Florian Kerschbaum

Energy-efficient deep neural network (DNN) accelerators are prone to non-idealities that degrade DNN performance at inference time. To mitigate such degradation, existing methods typically add perturbations to the DNN weights during…

Machine Learning · Computer Science 2023-03-22 Gonçalo Mordido , Sébastien Henwood , Sarath Chandar , François Leduc-Primeau

Interpretability is crucial to understand the inner workings of deep neural networks (DNNs) and many interpretation methods generate saliency maps that highlight parts of the input image that contribute the most to the prediction made by…

Cryptography and Security · Computer Science 2022-07-21 Shihong Fang , Anna Choromanska

Deep neural networks are often overparameterized and may not easily achieve model generalization. Adversarial training has shown effectiveness in improving generalization by regularizing the change of loss on top of adversarially chosen…

Machine Learning · Computer Science 2022-12-07 Wenxuan Zhou , Fangyu Liu , Huan Zhang , Muhao Chen
‹ Prev 1 2 3 10 Next ›