English
Related papers

Related papers: Towards Sample-specific Backdoor Attack with Clean…

200 papers

Poisoning-based backdoor attacks expose vulnerabilities in the data preparation stage of deep neural network (DNN) training. The DNNs trained on the poisoned dataset will be embedded with a backdoor, making them behave well on clean data…

Computer Vision and Pattern Recognition · Computer Science 2024-05-10 Binxiao Huang , Jason Chun Lok , Chang Liu , Ngai Wong

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Backdoor attacks create significant security threats to language models by embedding hidden triggers that manipulate model behavior during inference, presenting critical risks for AI systems deployed in healthcare and other sensitive…

Cryptography and Security · Computer Science 2026-04-30 Mohamed Afane , Abhishek Satyam , Ke Chen , Tao Li , Junaid Farooq , Juntao Chen

Backdoor attacks insert malicious data into a training set so that, during inference time, it misclassifies inputs that have been patched with a backdoor trigger as the malware specified label. For backdoor attacks to bypass human…

Cryptography and Security · Computer Science 2022-04-18 Yi Zeng , Minzhou Pan , Hoang Anh Just , Lingjuan Lyu , Meikang Qiu , Ruoxi Jia

Prompt-based learning paradigm has demonstrated remarkable efficacy in enhancing the adaptability of pretrained language models (PLMs), particularly in few-shot scenarios. However, this learning paradigm has been shown to be vulnerable to…

Machine Learning · Computer Science 2024-04-02 Xiaopeng Xie , Ming Yan , Xiwen Zhou , Chenlong Zhao , Suli Wang , Yong Zhang , Joey Tianyi Zhou

A backdoored deep hashing model is expected to behave normally on original query images and return the images with the target label when a specific trigger pattern presents. To this end, we propose the confusing perturbations-induced…

Computer Vision and Pattern Recognition · Computer Science 2023-09-06 Kuofeng Gao , Jiawang Bai , Bin Chen , Dongxian Wu , Shu-Tao Xia

Deep neural networks (DNNs) are vulnerable to backdoor attacks, where the adversary manipulates a small portion of training data such that the victim model predicts normally on the benign samples but classifies the triggered samples as the…

Computer Vision and Pattern Recognition · Computer Science 2024-06-07 Yinghua Gao , Yiming Li , Xueluan Gong , Zhifeng Li , Shu-Tao Xia , Qian Wang

Backdoor attack is a new AI security risk that has emerged in recent years. Drawing on the previous research of adversarial attack, we argue that the backdoor attack has the potential to tap into the model learning process and improve model…

Cryptography and Security · Computer Science 2022-02-23 Shangxi Wu , Qiuyang He , Yi Zhang , Jitao Sang

Due to its powerful feature learning capability and high efficiency, deep hashing has achieved great success in large-scale image retrieval. Meanwhile, extensive works have demonstrated that deep neural networks (DNNs) are susceptible to…

Computer Vision and Pattern Recognition · Computer Science 2022-07-14 Shengshan Hu , Ziqi Zhou , Yechao Zhang , Leo Yu Zhang , Yifeng Zheng , Yuanyuan HE , Hai Jin

Image anomaly detection (IAD) is essential in applications such as industrial inspection, medical imaging, and security. Despite the progress achieved with deep learning models like Deep Semi-Supervised Anomaly Detection (DeepSAD), these…

Computer Vision and Pattern Recognition · Computer Science 2024-12-19 He Cheng , Depeng Xu , Shuhan Yuan

Outsourced deep neural networks have been demonstrated to suffer from patch-based trojan attacks, in which an adversary poisons the training sets to inject a backdoor in the obtained model so that regular inputs can be still labeled…

Cryptography and Security · Computer Science 2022-05-17 Ying He , Zhili Shen , Chang Xia , Jingyu Hua , Wei Tong , Sheng Zhong

Backdoor data detection is traditionally studied in an end-to-end supervised learning (SL) setting. However, recent years have seen the proliferating adoption of self-supervised learning (SSL) and transfer learning (TL), due to their lesser…

Machine Learning · Computer Science 2023-08-08 Minzhou Pan , Yi Zeng , Lingjuan Lyu , Xue Lin , Ruoxi Jia

Backdoor attacks have severely threatened deep neural network (DNN) models in the past several years. These attacks can occur in almost every stage of the deep learning pipeline. Although the attacked model behaves normally on benign…

Computer Vision and Pattern Recognition · Computer Science 2024-05-21 Yangming Chen

Relying only on unlabeled data, Self-supervised learning (SSL) can learn rich features in an economical and scalable way. As the drive-horse for building foundation models, SSL has received a lot of attention recently with wide…

Machine Learning · Computer Science 2024-04-24 Yifei Wang , Wenhan Ma , Stefanie Jegelka , Yisen Wang

Despite recent progress in backdoor attacks, existing methods remain susceptible to post-training defenses that erase the backdoor through fine-tuning or pruning. We revisit the core objectives of backdoor attacks and derive principled…

Machine Learning · Computer Science 2026-05-29 Qiyuan Wang , Yao Li , Raymond K. W. Wong

Active learning(AL), which serves as the representative label-efficient learning paradigm, has been widely applied in resource-constrained scenarios. The achievement of AL is attributed to acquisition functions, which are designed for…

Cryptography and Security · Computer Science 2025-08-11 Yuhan Zhi , Longtian Wang , Xiaofei Xie , Chao Shen , Qiang Hu , Xiaohong Guan

Deep neural networks have been demonstrated to be vulnerable to backdoor attacks. Specifically, by injecting a small number of maliciously constructed inputs into the training set, an adversary is able to plant a backdoor into the trained…

Machine Learning · Statistics 2019-12-10 Alexander Turner , Dimitris Tsipras , Aleksander Madry

Test-time adaptation (TTA) effectively counters distribution shifts but exposes models to adversarial manipulation via the unlabeled test stream. Existing class-wise targeted attacks remain impractical for stealthy exploitation in this…

Machine Learning · Computer Science 2026-05-25 Phuc Duc Nguyen , Quang Duc Nguyen

Poisoning backdoor attacks involve an adversary manipulating the training data to induce certain behaviors in the victim model by inserting a trigger in the signal at inference time. We adapted clean label backdoor (CLBD)-data poisoning…

Cryptography and Security · Computer Science 2024-09-16 Henry Li Xinyuan , Sonal Joshi , Thomas Thebaud , Jesus Villalba , Najim Dehak , Sanjeev Khudanpur

Semantic communication systems, which leverage Generative AI (GAI) to transmit semantic meaning rather than raw data, are poised to revolutionize modern communications. However, they are vulnerable to backdoor attacks, a type of poisoning…

Cryptography and Security · Computer Science 2025-02-07 Ziyang Wei , Yili Jiang , Jiaqi Huang , Fangtian Zhong , Sohan Gyawali