English
Related papers

Related papers: Clean-image Backdoor Attacks

200 papers

Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…

Cryptography and Security · Computer Science 2025-06-17 Marco Arazzi , Antonino Nocera , Vinod P

Backdoor attacks on deep neural networks have emerged as significant security threats, especially as DNNs are increasingly deployed in security-critical applications. However, most existing works assume that the attacker has access to the…

Cryptography and Security · Computer Science 2024-08-22 Jiahao Wang , Xianglong Zhang , Xiuzhen Cheng , Pengfei Hu , Guoming Zhang

Backdoor attacks threaten the deep learning supply chain by poisoning a small fraction of the training data so that a model behaves normally on clean inputs but misclassifies trigger-carrying inputs to an attacker-chosen target class.…

Cryptography and Security · Computer Science 2026-05-05 Yi Yang , Jinyang Huang , Binbin Liu , Feng-Qi Cui , Xiaokang Zhou , Zhi Liu , Jie Zhang , Meng Li

Poisoning backdoor attacks involve an adversary manipulating the training data to induce certain behaviors in the victim model by inserting a trigger in the signal at inference time. We adapted clean label backdoor (CLBD)-data poisoning…

Cryptography and Security · Computer Science 2024-09-16 Henry Li Xinyuan , Sonal Joshi , Thomas Thebaud , Jesus Villalba , Najim Dehak , Sanjeev Khudanpur

The widespread adoption of deep learning across various industries has introduced substantial challenges, particularly in terms of model explainability and security. The inherent complexity of deep learning models, while contributing to…

Cryptography and Security · Computer Science 2025-01-08 Kealan Dunnett , Reza Arablouei , Dimity Miller , Volkan Dedeoglu , Raja Jurdak

Backdoor attacks aim to inject a backdoor into a classifier such that it predicts any input with an attacker-chosen backdoor trigger as an attacker-chosen target class. Existing backdoor attacks require either retraining the classifier with…

Cryptography and Security · Computer Science 2024-12-10 Bochuan Cao , Jinyuan Jia , Chuxuan Hu , Wenbo Guo , Zhen Xiang , Jinghui Chen , Bo Li , Dawn Song

Clean-label poisoning attacks inject innocuous looking (and "correctly" labeled) poison images into training data, causing a model to misclassify a targeted image after being trained on this data. We consider transferable poisoning attacks…

Machine Learning · Statistics 2019-05-17 Chen Zhu , W. Ronny Huang , Ali Shafahi , Hengduo Li , Gavin Taylor , Christoph Studer , Tom Goldstein

Backdoor attack injects malicious behavior to models such that inputs embedded with triggers are misclassified to a target label desired by the attacker. However, natural features may behave like triggers, causing misclassification once…

Machine Learning · Computer Science 2021-03-18 Yingqi Liu , Guangyu Shen , Guanhong Tao , Zhenting Wang , Shiqing Ma , Xiangyu Zhang

Backdoor attacks are a kind of emergent security threat in deep learning. After being injected with a backdoor, a deep neural model will behave normally on standard inputs but give adversary-specified predictions once the input contains…

Cryptography and Security · Computer Science 2022-10-20 Yangyi Chen , Fanchao Qi , Hongcheng Gao , Zhiyuan Liu , Maosong Sun

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

Backdoor attack aims to compromise a model, which returns an adversary-wanted output when a specific trigger pattern appears yet behaves normally for clean inputs. Current backdoor attacks require changing pixels of clean images, which…

Computer Vision and Pattern Recognition · Computer Science 2023-09-15 Yusheng Guo , Nan Zhong , Zhenxing Qian , Xinpeng Zhang

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced a series of insidious training-time attacks that inject backdoors in models designed for security…

Cryptography and Security · Computer Science 2025-05-06 Giorgio Severi , Simona Boboila , John Holodnak , Kendra Kratkiewicz , Rauf Izmailov , Michael J. De Lucia , Alina Oprea

Deep neural networks have been shown to be vulnerable to backdoor attacks, which could be easily introduced to the training set prior to model training. Recent work has focused on investigating backdoor attacks on natural images or toy…

Cryptography and Security · Computer Science 2021-01-05 Munachiso Nwadike , Takumi Miyawaki , Esha Sarkar , Michail Maniatakos , Farah Shamout

Backdoor attack against image classification task has been widely studied and proven to be successful, while there exist little research on the backdoor attack against vision-language models. In this paper, we explore backdoor attack…

Computer Vision and Pattern Recognition · Computer Science 2024-01-08 Meiling Li , Nan Zhong , Xinpeng Zhang , Zhenxing Qian , Sheng Li

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many…

Cryptography and Security · Computer Science 2017-12-18 Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , Dawn Song

Recent studies on backdoor attacks in model training have shown that polluting a small portion of training data is sufficient to produce incorrect manipulated predictions on poisoned test-time data while maintaining high clean accuracy in…

Machine Learning · Computer Science 2023-01-24 Soumyadeep Pal , Ren Wang , Yuguang Yao , Sijia Liu

Wild images on the web are vulnerable to backdoor (also called trojan) poisoning, causing machine learning models learned on these images to be injected with backdoors. Most previous attacks assumed that the wild images are labeled. In…

Computers and Society · Computer Science 2023-01-03 Le Feng , Zhenxing Qian , Sheng Li , Xinpeng Zhang

As generative models achieve great success, tampering and modifying the sensitive image contents (i.e., human faces, artist signatures, commercial logos, etc.) have induced a significant threat with social impact. The backdoor attack is a…

Cryptography and Security · Computer Science 2024-10-22 Haichuan Zhang , Meiyu Lin , Zhaoyi Liu , Renyuan Li , Zhiyuan Cheng , Carl Yang , Mingjie Tang

Due to its powerful feature learning capability and high efficiency, deep hashing has achieved great success in large-scale image retrieval. Meanwhile, extensive works have demonstrated that deep neural networks (DNNs) are susceptible to…

Computer Vision and Pattern Recognition · Computer Science 2022-07-14 Shengshan Hu , Ziqi Zhou , Yechao Zhang , Leo Yu Zhang , Yifeng Zheng , Yuanyuan HE , Hai Jin

Backdoor attacks against CNNs represent a new threat against deep learning systems, due to the possibility of corrupting the training set so to induce an incorrect behaviour at test time. To avoid that the trainer recognises the presence of…

Cryptography and Security · Computer Science 2019-03-01 Mauro Barni , Kassem Kallas , Benedetta Tondi