English
Related papers

Related papers: Beyond Full Poisoning: Effective Availability Atta…

200 papers

Membership inference attacks (MIA) can reveal whether a particular data point was part of the training dataset, potentially exposing sensitive information about individuals. This article provides theoretical guarantees by exploring the…

Machine Learning · Statistics 2025-10-08 Eric Aubinais , Elisabeth Gassiat , Pablo Piantanida

Upcoming certification actions related to the security of machine learning (ML) based systems raise major evaluation challenges that are amplified by the large-scale deployment of models in many hardware platforms. Until recently, most of…

Cryptography and Security · Computer Science 2023-09-15 Mathieu Dumont , Kevin Hector , Pierre-Alain Moellic , Jean-Max Dutertre , Simon Pontié

To leverage data and computation capabilities of mobile devices, machine learning algorithms are deployed at the network edge for training artificial intelligence (AI) models, resulting in the new paradigm of edge learning. In this paper,…

Information Theory · Computer Science 2020-07-01 Dingzhu Wen , Mehdi Bennis , Kaibin Huang

We introduce a new class of attacks on machine learning models. We show that an adversary who can poison a training dataset can cause models trained on this dataset to leak significant private details of training points belonging to other…

Cryptography and Security · Computer Science 2022-10-07 Florian Tramèr , Reza Shokri , Ayrton San Joaquin , Hoang Le , Matthew Jagielski , Sanghyun Hong , Nicholas Carlini

Model poisoning attacks on federated learning (FL) intrude in the entire system via compromising an edge model, resulting in malfunctioning of machine learning models. Such compromised models are tampered with to perform adversary-desired…

Machine Learning · Computer Science 2022-05-11 Yuwei Sun , Hideya Ochiai , Jun Sakuma

Large language models (LLMs) can leak sensitive training data through memorization and membership inference attacks. Prior work has primarily focused on strong adversarial assumptions, including attacker access to entire samples or long,…

Machine Learning · Computer Science 2025-05-21 Lucas Rosenblatt , Bin Han , Robert Wolfe , Bill Howe

In a poisoning attack, an adversary with control over a small fraction of the training data attempts to select that data in a way that induces a corrupted model that misbehaves in favor of the adversary. We consider poisoning attacks…

Machine Learning · Computer Science 2021-04-22 Fnu Suya , Saeed Mahloujifar , Anshuman Suri , David Evans , Yuan Tian

Parameter-efficient fine-tuning (PEFT) enables efficient adaptation of pre-trained language models (PLMs) to specific tasks. By tuning only a minimal set of (extra) parameters, PEFT achieves performance that is comparable to standard…

Computation and Language · Computer Science 2024-04-01 Lauren Hong , Ting Wang

The performance of machine learning models depends on the quality of the underlying data. Malicious actors can attack the model by poisoning the training data. Current detectors are tied to either specific data types, models, or attacks,…

Cryptography and Security · Computer Science 2023-10-26 Xinglong Chang , Katharina Dost , Gillian Dobbie , Jörg Wicker

Increased interconnectivity of Cyber-Physical Systems, by design or otherwise, increases the cyber attack surface and attack vectors. Observing the effects of these attacks is helpful in detecting them. In this paper, we show that many…

Cryptography and Security · Computer Science 2019-03-25 Suresh K. Damodaran , Paul D. Rowe

Poisoning attacks have emerged as a significant security threat to machine learning algorithms. It has been demonstrated that adversaries who make small changes to the training set, such as adding specially crafted data points, can hurt the…

Machine Learning · Computer Science 2021-12-14 Samuel Deng , Sanjam Garg , Somesh Jha , Saeed Mahloujifar , Mohammad Mahmoody , Abhradeep Thakurta

Machine learning algorithms are vulnerable to poisoning attacks: An adversary can inject malicious points in the training dataset to influence the learning process and degrade the algorithm's performance. Optimal poisoning attacks have…

Machine Learning · Computer Science 2019-09-26 Luis Muñoz-González , Bjarne Pfitzner , Matteo Russo , Javier Carnerero-Cano , Emil C. Lupu

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of…

Cryptography and Security · Computer Science 2021-09-29 Matthew Jagielski , Alina Oprea , Battista Biggio , Chang Liu , Cristina Nita-Rotaru , Bo Li

With the rise of third parties in the machine learning pipeline, the service provider in "Machine Learning as a Service" (MLaaS), or external data contributors in online learning, or the retraining of existing models, the need to ensure the…

Cryptography and Security · Computer Science 2021-05-20 Jialin Wen , Benjamin Zi Hao Zhao , Minhui Xue , Alina Oprea , Haifeng Qian

Attributing APT (Advanced Persistent Threat) malware to their respective groups is crucial for threat intelligence and cybersecurity. However, APT adversaries often conceal their identities, rendering attribution inherently adversarial.…

Cryptography and Security · Computer Science 2025-02-18 Yuxia Sun , Huihong Chen , Jingcai Guo , Aoxiang Sun , Zhetao Li , Haolin Liu

As deep learning models are increasingly deployed in safety-critical applications, evaluating their vulnerabilities to adversarial perturbations is essential for ensuring their reliability and trustworthiness. Over the past decade, a large…

Machine Learning · Computer Science 2025-03-12 Yong Xie , Weijie Zheng , Hanxun Huang , Guangnan Ye , Xingjun Ma

Modern processors widely equip the Performance Monitoring Unit (PMU) to collect various architecture and microarchitecture events. Software developers often utilize the PMU to enhance program's performance, but the potential side effects…

Cryptography and Security · Computer Science 2025-02-18 Zhouyang Li , Pengfei Qiu , Yu Qing , Chunlu Wang , Dongsheng Wang , Xiao Zhang , Gang Qu

Over-parameterized models are typically vulnerable to membership inference attacks, which aim to determine whether a specific sample is included in the training of a given model. Previous Weight regularizations (e.g., L1 regularization)…

Machine Learning · Computer Science 2024-10-10 Qiang Hu , Hengxiang Zhang , Hongxin Wei

A membership inference attack allows an adversary to query a trained machine learning model to predict whether or not a particular example was contained in the model's training dataset. These attacks are currently evaluated using…

Cryptography and Security · Computer Science 2022-04-13 Nicholas Carlini , Steve Chien , Milad Nasr , Shuang Song , Andreas Terzis , Florian Tramer

Machine learning (ML) has become a core component of many real-world applications and training data is a key factor that drives current progress. This huge success has led Internet companies to deploy machine learning as a service (MLaaS).…

Cryptography and Security · Computer Science 2018-12-18 Ahmed Salem , Yang Zhang , Mathias Humbert , Pascal Berrang , Mario Fritz , Michael Backes