English
Related papers

Related papers: PBP: Post-training Backdoor Purification for Malwa…

200 papers

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited…

Cryptography and Security · Computer Science 2025-10-13 Shuai Zhao , Xinyi Wu , Shiqian Zhao , Xiaobao Wu , Zhongliang Guo , Yanhao Jia , Anh Tuan Luu

Modern machine learning (ML) systems demand substantial training data, often resorting to external sources. Nevertheless, this practice renders them vulnerable to backdoor poisoning attacks. Prior backdoor defense strategies have primarily…

Machine Learning · Computer Science 2024-03-19 Soumyadeep Pal , Yuguang Yao , Ren Wang , Bingquan Shen , Sijia Liu

With the increase in machine learning (ML) applications in different domains, incentives for deceiving these models have reached more than ever. As data is the core backbone of ML algorithms, attackers shifted their interest toward…

Cryptography and Security · Computer Science 2023-01-04 Kshitiz Aryal , Maanak Gupta , Mahmoud Abdelsalam

Recently, self-supervised learning (SSL) was shown to be vulnerable to patch-based data poisoning backdoor attacks. It was shown that an adversary can poison a small part of the unlabeled data so that when a victim trains an SSL model on…

Computer Vision and Pattern Recognition · Computer Science 2023-04-05 Ajinkya Tejankar , Maziar Sanjabi , Qifan Wang , Sinong Wang , Hamed Firooz , Hamed Pirsiavash , Liang Tan

Malware classifiers are subject to training-time exploitation due to the need to regularly retrain using samples collected from the wild. Recent work has demonstrated the feasibility of backdoor attacks against malware classifiers, and yet…

Cryptography and Security · Computer Science 2022-02-14 Limin Yang , Zhi Chen , Jacopo Cortellazzi , Feargus Pendlebury , Kevin Tu , Fabio Pierazzi , Lorenzo Cavallaro , Gang Wang

Adversaries can embed backdoors in deep learning models by introducing backdoor poison samples into training datasets. In this work, we investigate how to detect such poison samples to mitigate the threat of backdoor attacks. First, we…

Machine Learning · Computer Science 2023-06-21 Xiangyu Qi , Tinghao Xie , Jiachen T. Wang , Tong Wu , Saeed Mahloujifar , Prateek Mittal

While pre-trained Vision-Language Models (VLMs) such as CLIP exhibit impressive representational capabilities for multimodal data, recent studies have revealed their vulnerability to backdoor attacks. To alleviate the threat, existing…

Computer Vision and Pattern Recognition · Computer Science 2025-09-23 Jiawei Kong , Hao Fang , Sihang Guo , Chenxi Qing , Kuofeng Gao , Bin Chen , Shu-Tao Xia , Ke Xu

Machine learning (ML) models that use deep neural networks are vulnerable to backdoor attacks. Such attacks involve the insertion of a (hidden) trigger by an adversary. As a consequence, any input that contains the trigger will cause the…

Cryptography and Security · Computer Science 2022-03-30 Arezoo Rajabi , Bhaskar Ramasubramanian , Radha Poovendran

As backdoor attacks become more stealthy and robust, they reveal critical weaknesses in current defense strategies: detection methods often rely on coarse-grained feature statistics, and purification methods typically require full…

Cryptography and Security · Computer Science 2025-08-05 Man Hu , Yahui Ding , Yatao Yang , Liangyu Chen , Yanhao Jia , Shuai Zhao

As machine learning systems grow in scale, so do their training data requirements, forcing practitioners to automate and outsource the curation of training data in order to achieve state-of-the-art performance. The absence of trustworthy…

Machine Learning · Computer Science 2021-04-02 Micah Goldblum , Dimitris Tsipras , Chulin Xie , Xinyun Chen , Avi Schwarzschild , Dawn Song , Aleksander Madry , Bo Li , Tom Goldstein

Data poisoning attacks compromise the integrity of machine-learning models by introducing malicious training samples to influence the results during test time. In this work, we investigate backdoor data poisoning attack on deep neural…

Machine Learning · Computer Science 2019-12-04 Mahesh Subedar , Nilesh Ahuja , Ranganath Krishnan , Ibrahima J. Ndiour , Omesh Tickoo

Poisoning attacks, in which an attacker adversarially manipulates the training dataset of a machine learning (ML) model, pose a significant threat to ML security. Beta Poisoning is a recently proposed poisoning attack that disrupts model…

Cryptography and Security · Computer Science 2025-08-05 Nilufer Gulciftci , M. Emre Gursoy

Backdoor attacks pose severe security threats to large language models (LLMs), where a model behaves normally under benign inputs but produces malicious outputs when a hidden trigger appears. Existing backdoor removal methods typically…

Cryptography and Security · Computer Science 2026-03-17 Jianwei Li , Jung-Eun Kim

Modern machine learning (ML) ecosystems offer a surging number of ML frameworks and code repositories that can greatly facilitate the development of ML models. Today, even ordinary data holders who are not ML experts can apply off-the-shelf…

Cryptography and Security · Computer Science 2024-07-03 Zitao Chen , Karthik Pattabiraman

Backdoor data poisoning is an emerging form of adversarial attack usually against deep neural network image classifiers. The attacker poisons the training set with a relatively small set of images from one (or several) source class(es),…

Machine Learning · Computer Science 2020-10-16 Zhen Xiang , David J. Miller , George Kesidis

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), such that the attacked model performs well on benign samples, whereas its prediction will be maliciously changed if the hidden backdoor is activated by the…

Cryptography and Security · Computer Science 2022-04-13 Shaik Mohammed Maqsood , Viveros Manuela Ceron , Addluri GowthamKrishna

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao