English
Related papers

Related papers: Model-agnostic clean-label backdoor mitigation in …

200 papers

Backdoor attacks compromise the integrity and reliability of machine learning models by embedding a hidden trigger during the training process, which can later be activated to cause unintended misbehavior. We propose a novel backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-10-01 Felix Hsieh , Huy H. Nguyen , AprilPyone MaungMaung , Dmitrii Usynin , Isao Echizen

Recent studies have shown that deep neural networks (DNNs) are vulnerable to backdoor attacks, where a designed trigger is injected into the dataset, causing erroneous predictions when activated. In this paper, we propose a novel defense…

Machine Learning · Computer Science 2025-08-08 Wenjie Huo , Katinka Wolter

We propose a novel clustering mechanism based on an incompatibility property between subsets of data that emerges during model training. This mechanism partitions the dataset into subsets that generalize only to themselves, i.e., training…

Machine Learning · Computer Science 2023-04-28 Charles Jin , Melinda Sun , Martin Rinard

Backdoor data poisoning is an emerging form of adversarial attack usually against deep neural network image classifiers. The attacker poisons the training set with a relatively small set of images from one (or several) source class(es),…

Machine Learning · Computer Science 2020-10-16 Zhen Xiang , David J. Miller , George Kesidis

Semi-supervised learning methods can train high-accuracy machine learning models with a fraction of the labeled training samples required for traditional supervised learning. Such methods do not typically involve close review of the…

Machine Learning · Computer Science 2022-12-07 Marissa Connor , Vincent Emanuele

Backdoor (trojan) attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly…

Cryptography and Security · Computer Science 2025-09-10 Bilal Hussain Abbasi , Yanjun Zhang , Leo Zhang , Shang Gao

Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…

Cryptography and Security · Computer Science 2025-06-17 Marco Arazzi , Antonino Nocera , Vinod P

Diffusion models (DMs) are regarded as one of the most advanced generative models today, yet recent studies suggest that they are vulnerable to backdoor attacks, which establish hidden associations between particular input patterns and…

Cryptography and Security · Computer Science 2024-08-23 Jiang Hao , Xiao Jin , Hu Xiaoguang , Chen Tianyou , Zhao Jiajia

Backdoor attacks manipulate model predictions by inserting innocuous triggers into training and test data. We focus on more realistic and more challenging clean-label attacks where the adversarial training examples are correctly labeled.…

Machine Learning · Computer Science 2023-10-31 Wencong You , Zayd Hammoudeh , Daniel Lowd

The advent of multimodal deep learning models, such as CLIP, has unlocked new frontiers in a wide range of applications, from image-text understanding to classification tasks. However, these models are not safe for adversarial attacks,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-18 Md. Iqbal Hossain , Afia Sajeeda , Neeresh Kumar Perla , Ming Shao

We propose a Universal Defence against backdoor attacks based on Clustering and Centroids Analysis (CCA-UD). The goal of the defence is to reveal whether a Deep Neural Network model is subject to a backdoor attack by inspecting the training…

Computer Vision and Pattern Recognition · Computer Science 2023-12-12 Wei Guo , Benedetta Tondi , Mauro Barni

The democratization of pre-trained language models through open-source initiatives has rapidly advanced innovation and expanded access to cutting-edge technologies. However, this openness also brings significant security risks, including…

Computation and Language · Computer Science 2024-06-04 Ansh Arora , Xuanli He , Maximilian Mozes , Srinibas Swain , Mark Dras , Qiongkai Xu

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Poisoning-based backdoor attacks pose significant threats to deep neural networks by embedding triggers in training data, causing models to misclassify triggered inputs as adversary-specified labels while maintaining performance on clean…

Cryptography and Security · Computer Science 2026-04-24 Yuchen Shi , Xin Guo , Huajie Chen , Tianqing Zhu , Bo Liu , Wanlei Zhou

Backdoor attacks against CNNs represent a new threat against deep learning systems, due to the possibility of corrupting the training set so to induce an incorrect behaviour at test time. To avoid that the trainer recognises the presence of…

Cryptography and Security · Computer Science 2019-03-01 Mauro Barni , Kassem Kallas , Benedetta Tondi

Backdoor attacks pose a significant threat to the integrity of text classification models used in natural language processing. While several dirty-label attacks that achieve high attack success rates (ASR) have been proposed, clean-label…

Cryptography and Security · Computer Science 2025-08-25 Onur Alp Kirci , M. Emre Gursoy

Targeted clean-label data poisoning is a type of adversarial attack on machine learning systems in which an adversary injects a few correctly-labeled, minimally-perturbed samples into the training data, causing a model to misclassify a…

Machine Learning · Computer Science 2020-08-14 Neehar Peri , Neal Gupta , W. Ronny Huang , Liam Fowl , Chen Zhu , Soheil Feizi , Tom Goldstein , John P. Dickerson

State-of-the-art machine learning models are vulnerable to data poisoning attacks whose purpose is to undermine the integrity of the model. However, the current literature on data poisoning attacks is mainly focused on ad hoc techniques…

Machine Learning · Computer Science 2021-02-12 Pooya Tavallali , Vahid Behzadan , Peyman Tavallali , Mukesh Singhal

Backdoor attacks change a small portion of training data by introducing hand-crafted triggers and rewiring the corresponding labels towards a desired target class. Training on such data injects a backdoor which causes malicious inference in…

Machine Learning · Computer Science 2024-09-05 Ivan Sabolić , Ivan Grubišić , Siniša Šegvić

Backdoor attack has emerged as a major security threat to deep neural networks (DNNs). While existing defense methods have demonstrated promising results on detecting or erasing backdoors, it is still not clear whether robust training…

Machine Learning · Computer Science 2021-12-02 Yige Li , Xixiang Lyu , Nodens Koren , Lingjuan Lyu , Bo Li , Xingjun Ma