English
Related papers

Related papers: Object-oriented backdoor attack against image capt…

200 papers

We investigate security concerns of the emergent instruction tuning paradigm, that models are trained on crowdsourced datasets with task instructions to achieve superior performance. Our studies demonstrate that an attacker can inject…

Computation and Language · Computer Science 2024-04-04 Jiashu Xu , Mingyu Derek Ma , Fei Wang , Chaowei Xiao , Muhao Chen

Image captioning models are encoder-decoder architectures trained on large-scale image-text datasets, making them susceptible to adversarial attacks. We present CaptionFool, a novel universal (input-agnostic) adversarial attack against…

Computer Vision and Pattern Recognition · Computer Science 2026-03-03 Swapnil Parekh

\textbf{P}re-\textbf{T}rained \textbf{M}odel\textbf{s} have been widely applied and recently proved vulnerable under backdoor attacks: the released pre-trained weights can be maliciously poisoned with certain triggers. When the triggers are…

Cryptography and Security · Computer Science 2021-09-01 Linyang Li , Demin Song , Xiaonan Li , Jiehang Zeng , Ruotian Ma , Xipeng Qiu

Data poisoning attacks manipulate training data to introduce unexpected behaviors into machine learning models at training time. For text-to-image generative models with massive training datasets, current understanding of poisoning attacks…

Cryptography and Security · Computer Science 2024-04-30 Shawn Shan , Wenxin Ding , Josephine Passananti , Stanley Wu , Haitao Zheng , Ben Y. Zhao

Contrastive learning pre-trains an image encoder using a large amount of unlabeled data such that the image encoder can be used as a general-purpose feature extractor for various downstream tasks. In this work, we propose PoisonedEncoder, a…

Cryptography and Security · Computer Science 2023-01-04 Hongbin Liu , Jinyuan Jia , Neil Zhenqiang Gong

Adversarial attacks alter NLP model predictions by perturbing test-time inputs. However, it is much less understood whether, and how, predictions can be manipulated with small, concealed changes to the training data. In this work, we…

Computation and Language · Computer Science 2021-04-13 Eric Wallace , Tony Z. Zhao , Shi Feng , Sameer Singh

Recent research shows deep neural networks are vulnerable to different types of attacks, such as adversarial attack, data poisoning attack and backdoor attack. Among them, backdoor attack is the most cunning one and can occur in almost…

Cryptography and Security · Computer Science 2022-09-14 Jie Zhang , Dongdong Chen , Qidong Huang , Jing Liao , Weiming Zhang , Huamin Feng , Gang Hua , Nenghai Yu

In autonomous driving, behavior prediction is fundamental for safe motion planning, hence the security and robustness of prediction models against adversarial attacks are of paramount importance. We propose a novel adversarial backdoor…

Computer Vision and Pattern Recognition · Computer Science 2023-11-23 Mozhgan Pourkeshavarz , Mohammad Sabokrou , Amir Rasouli

Data-poisoning based backdoor attacks aim to insert backdoor into models by manipulating training datasets without controlling the training process of the target model. Existing attack methods mainly focus on designing triggers or fusion…

Cryptography and Security · Computer Science 2023-07-17 Zihao Zhu , Mingda Zhang , Shaokui Wei , Li Shen , Yanbo Fan , Baoyuan Wu

Deep neural networks (DNNs) have shown unprecedented success in object detection tasks. However, it was also discovered that DNNs are vulnerable to multiple kinds of attacks, including Backdoor Attacks. Through the attack, the attacker…

Computer Vision and Pattern Recognition · Computer Science 2023-09-19 Yize Cheng , Wenbin Hu , Minhao Cheng

Data poisoning has been proposed as a compelling defense against facial recognition models trained on Web-scraped pictures. Users can perturb images they post online, so that models will misclassify future (unperturbed) pictures. We…

Machine Learning · Computer Science 2022-03-15 Evani Radiya-Dixit , Sanghyun Hong , Nicholas Carlini , Florian Tramèr

This paper investigates poisoning attacks against data-driven control methods. This work is motivated by recent trends showing that, in supervised learning, slightly modifying the data in a malicious manner can drastically deteriorate the…

Systems and Control · Electrical Eng. & Systems 2021-03-11 Alessio Russo , Alexandre Proutiere

Many recent studies have shown that deep neural models are vulnerable to adversarial samples: images with imperceptible perturbations, for example, can fool image classifiers. In this paper, we present the first type-specific approach to…

Computer Vision and Pattern Recognition · Computer Science 2021-08-24 Omid Mohamad Nezami , Akshay Chaturvedi , Mark Dras , Utpal Garain

Object detectors are vulnerable to backdoor attacks. In contrast to classifiers, detectors possess unique characteristics, architecturally and in task execution; often operating in challenging conditions, for instance, detecting traffic…

Deep image classification models trained on vast amounts of web-scraped data are susceptible to data poisoning - a mechanism for backdooring models. A small number of poisoned samples seen during training can severely undermine a model's…

Cryptography and Security · Computer Science 2023-06-30 Nils Lukas , Florian Kerschbaum

Recently, the newly emerged multimodal models, which leverage both visual and linguistic modalities to train powerful encoders, have gained increasing attention. However, learning from a large-scale unlabeled dataset also exposes the model…

Cryptography and Security · Computer Science 2023-06-06 Ziqing Yang , Xinlei He , Zheng Li , Michael Backes , Mathias Humbert , Pascal Berrang , Yang Zhang

Recent deep-learning-based compression methods have achieved superior performance compared with traditional approaches. However, deep learning models have proven to be vulnerable to backdoor attacks, where some specific trigger patterns…

Computer Vision and Pattern Recognition · Computer Science 2023-03-01 Yi Yu , Yufei Wang , Wenhan Yang , Shijian Lu , Yap-peng Tan , Alex C. Kot

The rapid growth of natural language processing (NLP) and pre-trained language models have enabled accurate text classification in a variety of settings. However, text classification models are susceptible to backdoor attacks, where an…

Cryptography and Security · Computer Science 2024-12-30 A. Dilara Yavuz , M. Emre Gursoy

While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data…

Targeted data poisoning attacks manipulate model predictions on specific test samples by injecting malicious data into training. Yet existing evaluations report average attack success rates over randomly selected targets, obscuring true…

Machine Learning · Computer Science 2026-05-25 William Xu , Chenyu Zhang , Yihan Wang , Matthew Y. R. Yang , Zuoqiu Liu , Gautam Kamath , Yaoliang Yu , Yiwei Lu