English
Related papers

Related papers: Clean Label Attacks against SLU Systems

200 papers

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

To gather a significant quantity of annotated training data for high-performance image classification models, numerous companies opt to enlist third-party providers to label their unlabeled data. This practice is widely regarded as secure,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-11 Dazhong Rong , Guoyao Yu , Shuheng Shen , Xinyi Fu , Peng Qian , Jianhai Chen , Qinming He , Xing Fu , Weiqiang Wang

Behavior Cloning (BC) is a popular framework for training sequential decision policies from expert demonstrations via supervised learning. As these policies are increasingly being deployed in the real world, their robustness and potential…

Machine Learning · Computer Science 2025-11-27 Akansha Kalra , Soumil Datta , Ethan Gilmore , Duc La , Guanhong Tao , Daniel S. Brown

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao

Deep learning models have consistently outperformed traditional machine learning models in various classification tasks, including image classification. As such, they have become increasingly prevalent in many real world applications…

Cryptography and Security · Computer Science 2018-08-31 Cong Liao , Haoti Zhong , Anna Squicciarini , Sencun Zhu , David Miller

Large language models (LLMs) are often fine-tuned on uncurated text datasets that adversaries can poison. Existing poisoning attacks primarily rely on fixed trigger phrases that defenses such as outlier detection, clean-data regularization,…

Cryptography and Security · Computer Science 2026-05-27 Zedian Shao , Charles Fleming , Teodora Baluta

Backdoor poisoning attacks pose a well-known risk to neural networks. However, most studies have focused on lenient threat models. We introduce Silent Killer, a novel attack that operates in clean-label, black-box settings, uses a stealthy…

Cryptography and Security · Computer Science 2023-10-03 Tzvi Lederer , Gallil Maimon , Lior Rokach

With the boom in the natural language processing (NLP) field these years, backdoor attacks pose immense threats against deep neural network models. However, previous works hardly consider the effect of the poisoning rate. In this paper, our…

Cryptography and Security · Computer Science 2023-11-27 Yueqi Zeng , Ziqiang Li , Pengfei Xia , Lei Liu , Bin Li

Speaker verification has been widely and successfully adopted in many mission-critical areas for user identification. The training of speaker verification requires a large amount of data, therefore users usually need to adopt third-party…

Cryptography and Security · Computer Science 2021-02-04 Tongqing Zhai , Yiming Li , Ziqi Zhang , Baoyuan Wu , Yong Jiang , Shu-Tao Xia

The advent of Large Language Models (LLMs) has marked significant achievements in language processing and reasoning capabilities. Despite their advancements, LLMs face vulnerabilities to data poisoning attacks, where the adversary inserts…

Machine Learning · Computer Science 2025-05-30 Xiangyu Zhou , Yao Qiang , Saleh Zare Zade , Mohammad Amin Roshani , Prashant Khanduri , Douglas Zytko , Dongxiao Zhu

Data-poisoning backdoor attacks are serious security threats to machine learning models, where an adversary can manipulate the training dataset to inject backdoors into models. In this paper, we focus on in-training backdoor defense, aiming…

Cryptography and Security · Computer Science 2024-10-16 Shaokui Wei , Hongyuan Zha , Baoyuan Wu

Backdoor attacks are a kind of emergent security threat in deep learning. After being injected with a backdoor, a deep neural model will behave normally on standard inputs but give adversary-specified predictions once the input contains…

Cryptography and Security · Computer Science 2022-10-20 Yangyi Chen , Fanchao Qi , Hongcheng Gao , Zhiyuan Liu , Maosong Sun

Deep Neural Networks (DNNs) are shown to be vulnerable to backdoor poisoning attacks, with most research focusing on digital triggers -- artificial patterns added to test-time inputs to induce targeted misclassification. Physical triggers,…

Cryptography and Security · Computer Science 2025-08-18 Thinh Dao , Khoa D Doan , Kok-Seng Wong

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

The generalization bound is a crucial theoretical tool for assessing the generalizability of learning methods and there exist vast literatures on generalizability of normal learning, adversarial learning, and data poisoning. Unlike other…

Machine Learning · Computer Science 2024-06-05 Lijia Yu , Shuang Liu , Yibo Miao , Xiao-Shan Gao , Lijun Zhang

Multimodal contrastive learning methods like CLIP train on noisy and uncurated training datasets. This is cheaper than labeling datasets manually, and even improves out-of-distribution robustness. We show that this practice makes backdoor…

Machine Learning · Computer Science 2022-03-29 Nicholas Carlini , Andreas Terzis

Training-data poisoning attacks can induce targeted, undetectable failure in deep neural networks by corrupting a vanishingly small fraction of training labels. We demonstrate this on acoustic vehicle classification using the MELAUDIS urban…

Cryptography and Security · Computer Science 2026-02-27 Harrison Dahme

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced a series of insidious training-time attacks that inject backdoors in models designed for security…

Cryptography and Security · Computer Science 2025-05-06 Giorgio Severi , Simona Boboila , John Holodnak , Kendra Kratkiewicz , Rauf Izmailov , Michael J. De Lucia , Alina Oprea

Poisoning attacks can compromise the safety of large language models (LLMs) by injecting malicious documents into their training data. Existing work has studied pretraining poisoning assuming adversaries control a percentage of the training…

Deep neural networks (DNNs) are vulnerable to backdoor attacks which can hide backdoor triggers in DNNs by poisoning training data. A backdoored model behaves normally on clean test images, yet consistently predicts a particular target…

Computer Vision and Pattern Recognition · Computer Science 2020-06-17 Shihao Zhao , Xingjun Ma , Xiang Zheng , James Bailey , Jingjing Chen , Yu-Gang Jiang