English
Related papers

Related papers: A Proxy Attack-Free Strategy for Practically Impro…

200 papers

Recent studies have proven that deep neural networks are vulnerable to backdoor attacks. Specifically, by mixing a small number of poisoned samples into the training set, the behavior of the trained model can be maliciously controlled.…

Computer Vision and Pattern Recognition · Computer Science 2022-06-07 Pengfei Xia , Ziqiang Li , Wei Zhang , Bin Li

As the number of parameters in Deep Neural Networks (DNNs) scales, the thirst for training data also increases. To save costs, it has become common for users and enterprises to delegate time-consuming data collection to third parties.…

Cryptography and Security · Computer Science 2023-10-17 Ziqiang Li , Pengfei Xia , Hong Sun , Yueqi Zeng , Wei Zhang , Bin Li

Data-poisoning based backdoor attacks aim to insert backdoor into models by manipulating training datasets without controlling the training process of the target model. Existing attack methods mainly focus on designing triggers or fusion…

Cryptography and Security · Computer Science 2023-07-17 Zihao Zhu , Mingda Zhang , Shaokui Wei , Li Shen , Yanbo Fan , Baoyuan Wu

Adversaries can embed backdoors in deep learning models by introducing backdoor poison samples into training datasets. In this work, we investigate how to detect such poison samples to mitigate the threat of backdoor attacks. First, we…

Machine Learning · Computer Science 2023-06-21 Xiangyu Qi , Tinghao Xie , Jiachen T. Wang , Tong Wu , Saeed Mahloujifar , Prateek Mittal

Data-poisoning backdoor attacks are serious security threats to machine learning models, where an adversary can manipulate the training dataset to inject backdoors into models. In this paper, we focus on in-training backdoor defense, aiming…

Cryptography and Security · Computer Science 2024-10-16 Shaokui Wei , Hongyuan Zha , Baoyuan Wu

Backdoor attacks aim to surreptitiously insert malicious triggers into DNN models, granting unauthorized control during testing scenarios. Existing methods lack robustness against defense strategies and predominantly focus on enhancing…

Cryptography and Security · Computer Science 2024-12-03 Pengfei He , Yue Xing , Han Xu , Jie Ren , Yingqian Cui , Shenglai Zeng , Jiliang Tang , Makoto Yamada , Mohammad Sabokrou

Backdoor attack has been considered as a serious security threat to deep neural networks (DNNs). Poisoned sample detection (PSD) that aims at filtering out poisoned samples from an untrustworthy training dataset has shown very promising…

Computer Vision and Pattern Recognition · Computer Science 2024-11-19 Mingda Zhang , Mingli Zhu , Zihao Zhu , Baoyuan Wu

The prompt-based learning paradigm, which bridges the gap between pre-training and fine-tuning, achieves state-of-the-art performance on several NLP tasks, particularly in few-shot settings. Despite being widely applied, prompt-based…

Computation and Language · Computer Science 2024-02-05 Shuai Zhao , Jinming Wen , Luu Anh Tuan , Junbo Zhao , Jie Fu

Backdoor attacks involve the injection of a limited quantity of poisoned examples containing triggers into the training dataset. During the inference stage, backdoor attacks can uphold a high level of accuracy for normal examples, yet when…

Cryptography and Security · Computer Science 2024-06-25 Hanfeng Xia , Haibo Hong , Ruili Wang

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…

Modern neural networks are often trained on massive datasets that are web scraped with minimal human inspection. As a result of this insecure curation pipeline, an adversary can poison or backdoor the resulting model by uploading malicious…

Recently, various parameter-efficient fine-tuning (PEFT) strategies for application to language models have been proposed and successfully implemented. However, this raises the question of whether PEFT, which only updates a limited set of…

Cryptography and Security · Computer Science 2024-04-01 Shuai Zhao , Leilei Gan , Luu Anh Tuan , Jie Fu , Lingjuan Lyu , Meihuizi Jia , Jinming Wen

Poison-only Clean-label Backdoor Attacks aim to covertly inject attacker-desired behavior into DNNs by merely poisoning the dataset without changing the labels. To effectively implant a backdoor, multiple \textbf{triggers} are proposed for…

Cryptography and Security · Computer Science 2025-10-08 Zhixiao Wu , Yao Lu , Jie Wen , Hao Sun , Qi Zhou , Guangming Lu

Prototype-based federated learning (PFL) has emerged as a promising paradigm to address data heterogeneity problems in federated learning, as it leverages mean feature vectors as prototypes to enhance model generalization. However, its…

Machine Learning · Computer Science 2025-09-17 Honghong Zeng , Jiong Lou , Zhe Wang , Hefeng Zhou , Chentao Wu , Wei Zhao , Jie Li

Despite recent progress in backdoor attacks, existing methods remain susceptible to post-training defenses that erase the backdoor through fine-tuning or pruning. We revisit the core objectives of backdoor attacks and derive principled…

Machine Learning · Computer Science 2026-05-29 Qiyuan Wang , Yao Li , Raymond K. W. Wong

When an adversary provides poison samples to a machine learning model, privacy leakage, such as membership inference attacks that infer whether a sample was included in the training of the model, becomes effective by moving the sample to an…

Cryptography and Security · Computer Science 2023-03-23 Yumeki Goto , Nami Ashizawa , Toshiki Shibahara , Naoto Yanai

With the broad application of deep neural networks (DNNs), backdoor attacks have gradually attracted attention. Backdoor attacks are insidious, and poisoned models perform well on benign samples and are only triggered when given specific…

Machine Learning · Computer Science 2022-07-12 Chang Yue , Peizhuo Lv , Ruigang Liang , Kai Chen

Model poisoning attacks greatly jeopardize the application of federated learning (FL). The effectiveness of existing defenses is susceptible to the latest model poisoning attacks, leading to a decrease in prediction accuracy. Besides, these…

Cryptography and Security · Computer Science 2023-10-10 Haonan Yan , Wenjing Zhang , Qian Chen , Xiaoguang Li , Wenhai Sun , Hui Li , Xiaodong Lin

Training deep neural networks (DNNs) usually requires massive training data and computational resources. Users who cannot afford this may prefer to outsource training to a third party or resort to publicly available pre-trained models.…

Cryptography and Security · Computer Science 2023-02-27 Najeeb Moharram Jebreel , Josep Domingo-Ferrer , Yiming Li

Prompt-based learning paradigm has demonstrated remarkable efficacy in enhancing the adaptability of pretrained language models (PLMs), particularly in few-shot scenarios. However, this learning paradigm has been shown to be vulnerable to…

Machine Learning · Computer Science 2024-04-02 Xiaopeng Xie , Ming Yan , Xiwen Zhou , Chenlong Zhao , Suli Wang , Yong Zhang , Joey Tianyi Zhou
‹ Prev 1 2 3 10 Next ›