English
Related papers

Related papers: Claim-Guided Textual Backdoor Attack for Practical…

200 papers

Outsourced deep neural networks have been demonstrated to suffer from patch-based trojan attacks, in which an adversary poisons the training sets to inject a backdoor in the obtained model so that regular inputs can be still labeled…

Cryptography and Security · Computer Science 2022-05-17 Ying He , Zhili Shen , Chang Xia , Jingyu Hua , Wei Tong , Sheng Zhong

With the burgeoning advancements in the field of natural language processing (NLP), the demand for training data has increased significantly. To save costs, it has become common for users and businesses to outsource the labor-intensive task…

Computation and Language · Computer Science 2024-08-22 Ziqiang Li , Yueqi Zeng , Pengfei Xia , Lei Liu , Zhangjie Fu , Bin Li

Defenses against security threats have been an interest of recent studies. Recent works have shown that it is not difficult to attack a natural language processing (NLP) model while defending against them is still a cat-mouse game. Backdoor…

Cryptography and Security · Computer Science 2022-05-31 Sangeet Sagar , Abhinav Bhatt , Abhijith Srinivas Bidaralli

Backdoor attacks pose an important security threat to textual large language models. Exploring textual backdoor attacks not only helps reveal the potential security risks of models, but also promotes innovation and development of defense…

Cryptography and Security · Computer Science 2025-07-21 Yang Hou , Qiuling Yue , Lujia Chai , Guozhao Liao , Wenbao Han , Wei Ou

Large Language Models (LLMs), which bridge the gap between human language understanding and complex problem-solving, achieve state-of-the-art performance on several NLP tasks, particularly in few-shot and zero-shot settings. Despite the…

Cryptography and Security · Computer Science 2025-01-07 Shuai Zhao , Meihuizi Jia , Zhongliang Guo , Leilei Gan , Xiaoyu Xu , Xiaobao Wu , Jie Fu , Yichao Feng , Fengjun Pan , Luu Anh Tuan

By injecting a small number of poisoned samples into the training set, backdoor attacks aim to make the victim model produce designed outputs on any input injected with pre-designed backdoors. In order to achieve a high attack success rate…

Cryptography and Security · Computer Science 2024-07-23 Minlong Peng , Zidi Xiong , Quang H. Nguyen , Mingming Sun , Khoa D. Doan , Ping Li

Natural language processing (NLP) systems have been proven to be vulnerable to backdoor attacks, whereby hidden features (backdoors) are trained into a language model and may only be activated by specific inputs (called triggers), to trick…

Computation and Language · Computer Science 2021-09-29 Shaofeng Li , Hui Liu , Tian Dong , Benjamin Zi Hao Zhao , Minhui Xue , Haojin Zhu , Jialiang Lu

The rapid growth of natural language processing (NLP) and pre-trained language models have enabled accurate text classification in a variety of settings. However, text classification models are susceptible to backdoor attacks, where an…

Cryptography and Security · Computer Science 2024-12-30 A. Dilara Yavuz , M. Emre Gursoy

With the prosperity of large language models (LLMs), powerful LLM-based intelligent agents have been developed to provide customized services with a set of user-defined tools. State-of-the-art methods for constructing LLM agents adopt…

Computation and Language · Computer Science 2024-06-06 Yifei Wang , Dizhan Xue , Shengjie Zhang , Shengsheng Qian

Content Warning: This paper may contain unsafe or harmful content generated by LLMs that may be offensive to readers. Large Language Models (LLMs) increasingly serve as tooling platforms through structured output APIs, but the…

Cryptography and Security · Computer Science 2026-05-22 Shuoming Zhang , Jiacheng Zhao , Hanyuan Dong , Ruiyuan Xu , Zhicheng Li , Yangyu Zhang , Shuaijiang Li , Yuan Wen , Chunwei Xia , Zheng Wang , Xiaobing Feng , Huimin Cui

Graph Prompt Learning (GPL) has been introduced as a promising approach that uses prompts to adapt pre-trained GNN models to specific downstream tasks without requiring fine-tuning of the entire model. Despite the advantages of GPL, little…

Machine Learning · Computer Science 2025-05-30 Minhua Lin , Zhiwei Zhang , Enyan Dai , Zongyu Wu , Yilong Wang , Xiang Zhang , Suhang Wang

Graph Foundation Models (GFMs) are pre-trained on diverse source domains and adapted to unseen targets, enabling broad generalization for graph machine learning. Despite that GFMs have attracted considerable attention recently, their…

Cryptography and Security · Computer Science 2025-11-25 Jiayi Luo , Qingyun Sun , Lingjuan Lyu , Ziwei Zhang , Haonan Yuan , Xingcheng Fu , Jianxin Li

Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…

Cryptography and Security · Computer Science 2025-06-17 Marco Arazzi , Antonino Nocera , Vinod P

Backdoor attacks are an insidious security threat against machine learning models. Adversaries can manipulate the predictions of compromised models by inserting triggers into the training phase. Various backdoor attacks have been devised…

Computation and Language · Computer Science 2023-05-29 Xuanli He , Jun Wang , Benjamin Rubinstein , Trevor Cohn

Existing studies in backdoor defense have predominantly focused on the training phase, overlooking the critical aspect of testing time defense. This gap becomes pronounced in the context of LLMs deployed as Web Services, which typically…

Computation and Language · Computer Science 2025-02-13 Wenjie Mo , Jiashu Xu , Qin Liu , Jiongxiao Wang , Jun Yan , Hadi Askari , Chaowei Xiao , Muhao Chen

Backdoor attacks against pre-trained models (PTMs) have traditionally operated under an ``immediacy assumption,'' where malicious behavior manifests instantly upon trigger occurrence. This work revisits and challenges this paradigm by…

Cryptography and Security · Computer Science 2026-03-13 Zikang Ding , Haomiao Yang , Meng Hao , Wenbo Jiang , Kunlan Xiang , Runmeng Du , Yijing Liu , Ruichen Zhang , Dusit Niyato

Backdoor attacks (BA) are an emerging threat to deep neural network classifiers. A classifier being attacked will predict to the attacker's target class when a test sample from a source class is embedded with the backdoor pattern (BP).…

Cryptography and Security · Computer Science 2021-10-22 Zhen Xiang , David J. Miller , Siheng Chen , Xi Li , George Kesidis

Machine learning is vulnerable to adversarial manipulation. Previous literature has demonstrated that at the training stage attackers can manipulate data and data sampling procedures to control model behaviour. A common attack goal is to…

Machine Learning · Computer Science 2022-06-17 Mikel Bober-Irizar , Ilia Shumailov , Yiren Zhao , Robert Mullins , Nicolas Papernot

The remarkable performance of large language models (LLMs) in generation tasks has enabled practitioners to leverage publicly available models to power custom applications, such as chatbots and virtual assistants. However, the data used to…

Artificial Intelligence · Computer Science 2025-03-28 Yuetai Li , Zhangchen Xu , Fengqing Jiang , Luyao Niu , Dinuka Sahabandu , Bhaskar Ramasubramanian , Radha Poovendran

Decision-based black-box attacks often necessitate a large number of queries to craft an adversarial example. Moreover, decision-based attacks based on querying boundary points in the estimated normal vector direction often suffer from…

Computer Vision and Pattern Recognition · Computer Science 2023-08-08 Md Farhamdur Reza , Ali Rahmati , Tianfu Wu , Huaiyu Dai