English
Related papers

Related papers: Solving Trojan Detection Competitions with Linear …

200 papers

Trojan signatures, as described by Fields et al. (2021), are noticeable differences in the distribution of the trojaned class parameters (weights) and the non-trojaned class parameters of the trojaned model, that can be used to detect the…

Cryptography and Security · Computer Science 2024-03-08 Aftab Hussain , Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Scanning for trojan (backdoor) in deep neural networks is crucial due to their significant real-world applications. There has been an increasing focus on developing effective general trojan scanning methods across various trojan attacks.…

In this work, we study literature in Explainable AI and Safe AI to understand poisoning of neural models of code. In order to do so, we first establish a novel taxonomy for Trojan AI for code, and present a new aspect-based classification…

Software Engineering · Computer Science 2024-04-22 Aftab Hussain , Md Rafiqul Islam Rabin , Toufique Ahmed , Navid Ayoobi , Bowen Xu , Prem Devanbu , Mohammad Amin Alipour

Deep neural network (DNN) classifiers are vulnerable to backdoor attacks. An adversary poisons some of the training data in such attacks by installing a trigger. The goal is to make the trained DNN output the attacker's desired class…

Machine Learning · Computer Science 2022-10-14 Hadi M. Dolatabadi , Sarah Erfani , Christopher Leckie

Outsourced deep neural networks have been demonstrated to suffer from patch-based trojan attacks, in which an adversary poisons the training sets to inject a backdoor in the obtained model so that regular inputs can be still labeled…

Cryptography and Security · Computer Science 2022-05-17 Ying He , Zhili Shen , Chang Xia , Jingyu Hua , Wei Tong , Sheng Zhong

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Backdoor (Trojan) attacks are an important type of adversarial exploit against deep neural networks (DNNs), wherein a test instance is (mis)classified to the attacker's target class whenever the attacker's backdoor trigger is present. In…

Machine Learning · Computer Science 2023-08-22 Xi Li , Zhen Xiang , David J. Miller , George Kesidis

Backdoor attacks, in which a model behaves maliciously when given an attacker-specified trigger, pose a major security risk for practitioners who depend on publicly released language models. As a countermeasure, backdoor detection methods…

Computation and Language · Computer Science 2025-09-23 Jun Yan , Wenjie Jacky Mo , Xiang Ren , Robin Jia

Backdoor attack injects malicious behavior to models such that inputs embedded with triggers are misclassified to a target label desired by the attacker. However, natural features may behave like triggers, causing misclassification once…

Machine Learning · Computer Science 2021-03-18 Yingqi Liu , Guangyu Shen , Guanhong Tao , Zhenting Wang , Shiqing Ma , Xiangyu Zhang

\textbf{P}re-\textbf{T}rained \textbf{M}odel\textbf{s} have been widely applied and recently proved vulnerable under backdoor attacks: the released pre-trained weights can be maliciously poisoned with certain triggers. When the triggers are…

Cryptography and Security · Computer Science 2021-09-01 Linyang Li , Demin Song , Xiaonan Li , Jiehang Zeng , Ruotian Ma , Xipeng Qiu

With the widespread use of deep neural networks (DNNs) in high-stake applications, the security problem of the DNN models has received extensive attention. In this paper, we investigate a specific security problem called trojan attack,…

Cryptography and Security · Computer Science 2020-06-19 Ruixiang Tang , Mengnan Du , Ninghao Liu , Fan Yang , Xia Hu

A security threat to deep neural networks (DNN) is backdoor contamination, in which an adversary poisons the training data of a target model to inject a Trojan so that images carrying a specific trigger will always be classified into a…

Cryptography and Security · Computer Science 2020-12-11 Di Tang , XiaoFeng Wang , Haixu Tang , Kehuan Zhang

In the exciting generative AI era, the diffusion model has emerged as a very powerful and widely adopted content generation and editing tool for various data modalities, making the study of their potential security risks very necessary and…

Cryptography and Security · Computer Science 2024-02-06 Yang Sui , Huy Phan , Jinqi Xiao , Tianfang Zhang , Zijie Tang , Cong Shi , Yan Wang , Yingying Chen , Bo Yuan

The backdoor or Trojan attack is a severe threat to deep neural networks (DNNs). Researchers find that DNNs trained on benign data and settings can also learn backdoor behaviors, which is known as the natural backdoor. Existing works on…

Machine Learning · Computer Science 2022-10-28 Zhenting Wang , Hailun Ding , Juan Zhai , Shiqing Ma

Model adaptation tackles the distribution shift problem with a pre-trained model instead of raw data, which has become a popular paradigm due to its great privacy protection. Existing methods always assume adapting to a clean target domain,…

Cryptography and Security · Computer Science 2025-02-18 Lijun Sheng , Jian Liang , Ran He , Zilei Wang , Tieniu Tan

Although deep neural networks (DNNs) have made rapid progress in recent years, they are vulnerable in adversarial environments. A malicious backdoor could be embedded in a model by poisoning the training dataset, whose intention is to make…

Cryptography and Security · Computer Science 2021-03-25 Yinpeng Dong , Xiao Yang , Zhijie Deng , Tianyu Pang , Zihao Xiao , Hang Su , Jun Zhu

We target the problem of detecting Trojans or backdoors in DNNs. Such models behave normally with typical inputs but produce specific incorrect predictions for inputs poisoned with a Trojan trigger. Our approach is based on a novel…

Machine Learning · Computer Science 2020-12-07 Karan Sikka , Indranil Sur , Susmit Jha , Anirban Roy , Ajay Divakaran

Neural network controllers are increasingly deployed in robotic systems for tasks such as trajectory tracking and pose stabilization. However, their reliance on potentially untrusted training pipelines or supply chains introduces…

Systems and Control · Electrical Eng. & Systems 2026-02-06 Farbod Younesi , Walter Lucia , Amr Youssef

Large Language Models (LLMs) have demonstrated remarkable capabilities in various domains, but their vulnerability to trojan or backdoor attacks poses significant security risks. This paper explores the challenges and insights gained from…

Computation and Language · Computer Science 2024-04-23 Narek Maloyan , Ekansh Verma , Bulat Nutfullin , Bislan Ashinov

Deep Neural Network (DNN) classifiers are known to be vulnerable to Trojan or backdoor attacks, where the classifier is manipulated such that it misclassifies any input containing an attacker-determined Trojan trigger. Backdoors compromise…

Cryptography and Security · Computer Science 2021-03-12 Ahmadreza Azizi , Ibrahim Asadullah Tahmid , Asim Waheed , Neal Mangaokar , Jiameng Pu , Mobin Javed , Chandan K. Reddy , Bimal Viswanath