English
Related papers

Related papers: Clean Label Attacks against SLU Systems

200 papers

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…

Data poisoning and backdoor attacks manipulate training data in order to cause models to fail during inference. A recent survey of industry practitioners found that data poisoning is the number one concern among threats ranging from model…

Machine Learning · Computer Science 2021-06-18 Avi Schwarzschild , Micah Goldblum , Arjun Gupta , John P Dickerson , Tom Goldstein

Vision-Language Models (VLMs) have achieved impressive progress in multimodal text generation, yet their rapid adoption raises increasing concerns about security vulnerabilities. Existing backdoor attacks against VLMs primarily rely on…

Cryptography and Security · Computer Science 2025-12-08 Haoyu Shen , Weimin Lyu , Haotian Xu , Tengfei Ma

Adversaries can embed backdoors in deep learning models by introducing backdoor poison samples into training datasets. In this work, we investigate how to detect such poison samples to mitigate the threat of backdoor attacks. First, we…

Machine Learning · Computer Science 2023-06-21 Xiangyu Qi , Tinghao Xie , Jiachen T. Wang , Tong Wu , Saeed Mahloujifar , Prateek Mittal

\textbf{P}re-\textbf{T}rained \textbf{M}odel\textbf{s} have been widely applied and recently proved vulnerable under backdoor attacks: the released pre-trained weights can be maliciously poisoned with certain triggers. When the triggers are…

Cryptography and Security · Computer Science 2021-09-01 Linyang Li , Demin Song , Xiaonan Li , Jiehang Zeng , Ruotian Ma , Xipeng Qiu

Deep neural networks have played a crucial part in many critical domains, such as autonomous driving, face recognition, and medical diagnosis. However, deep neural networks are facing security threats from backdoor attacks and can be…

Cryptography and Security · Computer Science 2023-11-30 Jiyang Guan , Jian Liang , Ran He

Backdoor attacks in the traditional graph neural networks (GNNs) field are easily detectable due to the dilemma of confusing labels. To explore the backdoor vulnerability of GNNs and create a more stealthy backdoor attack method, a…

Cryptography and Security · Computer Science 2024-01-02 Xiaogang Xing , Ming Xu , Yujing Bai , Dongdong Yang

Genomic foundation models trained on DNA sequences have demonstrated remarkable capabilities across diverse biological tasks, from variant effect prediction to genome design. These models are typically trained on massive, publicly sourced…

Genomics · Quantitative Biology 2026-03-31 Charalampos Koilakos , Ioannis Mouratidis , Ilias Georgakopoulos-Soares

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Recently, self-supervised learning (SSL) was shown to be vulnerable to patch-based data poisoning backdoor attacks. It was shown that an adversary can poison a small part of the unlabeled data so that when a victim trains an SSL model on…

Computer Vision and Pattern Recognition · Computer Science 2023-04-05 Ajinkya Tejankar , Maziar Sanjabi , Qifan Wang , Sinong Wang , Hamed Firooz , Hamed Pirsiavash , Liang Tan

Backdoor attack against image classification task has been widely studied and proven to be successful, while there exist little research on the backdoor attack against vision-language models. In this paper, we explore backdoor attack…

Computer Vision and Pattern Recognition · Computer Science 2024-01-08 Meiling Li , Nan Zhong , Xinpeng Zhang , Zhenxing Qian , Sheng Li

At present, backdoor attacks attract attention as they do great harm to deep learning models. The adversary poisons the training data making the model being injected with a backdoor after being trained unconsciously by victims using the…

Cryptography and Security · Computer Science 2023-03-06 Shengfang Zhai , Qingni Shen , Xiaoyi Chen , Weilong Wang , Cong Li , Yuejian Fang , Zhonghai Wu

Preference learning is a central component for aligning current LLMs, but this process can be vulnerable to data poisoning attacks. To address this concern, we introduce PoisonBench, a benchmark for evaluating large language models'…

Cryptography and Security · Computer Science 2025-06-09 Tingchen Fu , Mrinank Sharma , Philip Torr , Shay B. Cohen , David Krueger , Fazl Barez

Contrastive learning (CL) reduces annotation cost via auto-derived supervisory signals. Since large-scale in-house CL datasets are infeasible, reliance on third-party or internet data is common. Recent studies show CL models are vulnerable…

Cryptography and Security · Computer Science 2026-05-05 Zhiyang Dai , Yansong Gao , Boyu Kuang , Haodong Li , Qi Chang , Gaurav Varshney , Derek Abbott , Anmin Fu

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

Customized Large Language Model (LLM) agents face a critical security threat from black-box instruction backdoors, where malicious behaviors are covertly injected through hidden system instructions. Although existing prompt-based defenses…

Cryptography and Security · Computer Science 2026-04-17 Zhengxian Wu , Juan Wen , Wanli Peng , Haowei Chang , Yinghan Zhou , Yiming Xue

The advent of multimodal deep learning models, such as CLIP, has unlocked new frontiers in a wide range of applications, from image-text understanding to classification tasks. However, these models are not safe for adversarial attacks,…

Computer Vision and Pattern Recognition · Computer Science 2025-11-18 Md. Iqbal Hossain , Afia Sajeeda , Neeresh Kumar Perla , Ming Shao

Graph-based Semi-Supervised Learning (GSSL) is a practical solution to learn from a limited amount of labelled data together with a vast amount of unlabelled data. However, due to their reliance on the known labels to infer the unknown…

Machine Learning · Computer Science 2022-05-12 Adriano Franci , Maxime Cordy , Martin Gubri , Mike Papadakis , Yves Le Traon

Data poisoning causes misclassification of test time target examples by injecting maliciously crafted samples in the training data. Existing defenses are often effective only against a specific type of targeted attack, significantly degrade…

Machine Learning · Computer Science 2022-10-19 Yu Yang , Tian Yu Liu , Baharan Mirzasoleiman

Backdoor attacks mislead machine-learning models to output an attacker-specified class when presented a specific trigger at test time. These attacks require poisoning the training data to compromise the learning algorithm, e.g., by…

Machine Learning · Computer Science 2021-11-03 Kathrin Grosse , Taesung Lee , Battista Biggio , Youngja Park , Michael Backes , Ian Molloy