English
Related papers

Related papers: Poisoning Bayesian Inference via Data Deletion and…

200 papers

Recently, NLP has seen a surge in the usage of large pre-trained models. Users download weights of models pre-trained on large datasets, then fine-tune the weights on a task of their choice. This raises the question of whether downloading…

Machine Learning · Computer Science 2020-04-15 Keita Kurita , Paul Michel , Graham Neubig

The vulnerability of machine learning-based malware detectors to adversarial attacks has prompted the need for robust solutions. Adversarial training is an effective method but is computationally expensive to scale up to large datasets and…

We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the…

Machine Learning · Computer Science 2024-08-02 Jimmy Z. Di , Jack Douglas , Jayadev Acharya , Gautam Kamath , Ayush Sekhari

Data poisoning is an adversarial scenario where an attacker feeds a specially crafted sequence of samples to an online model in order to subvert learning. We introduce Lethean Attack, a novel data poisoning technique that induces…

Cryptography and Security · Computer Science 2020-11-26 Eyal Perry

A large body of work shows that machine learning (ML) models can leak sensitive or confidential information about their training data. Recently, leakage due to distribution inference (or property inference) attacks is gaining attention. In…

Cryptography and Security · Computer Science 2022-09-20 Valentin Hartmann , Léo Meynent , Maxime Peyrard , Dimitrios Dimitriadis , Shruti Tople , Robert West

Recent studies have shown that deep learning models are very vulnerable to poisoning attacks. Many defense methods have been proposed to address this issue. However, traditional poisoning attacks are not as threatening as commonly believed.…

Machine Learning · Computer Science 2025-12-12 Yuhao He , Jinyu Tian , Xianwei Zheng , Li Dong , Yuanman Li , Jiantao Zhou

Machine learning models are vulnerable to Adversarial Examples: minor perturbations to input samples intended to deliberately cause misclassification. Current defenses against adversarial examples, especially for Deep Neural Networks (DNN),…

Cryptography and Security · Computer Science 2019-01-04 Kathrin Grosse , David Pfaff , Michael Thomas Smith , Michael Backes

We consider data poisoning attacks, a class of adversarial attacks on machine learning where an adversary has the power to alter a small fraction of the training data in order to make the trained classifier satisfy certain objectives. While…

Machine Learning · Computer Science 2018-08-29 Yizhen Wang , Kamalika Chaudhuri

The proliferation and application of machine learning based Intrusion Detection Systems (IDS) have allowed for more flexibility and efficiency in the automated detection of cyber attacks in Industrial Control Systems (ICS). However, the…

Machine Learning · Computer Science 2020-04-13 Eirini Anthi , Lowri Williams , Matilda Rhode , Pete Burnap , Adam Wedgbury

Machine learning is vulnerable to a wide variety of attacks. It is now well understood that by changing the underlying data distribution, an adversary can poison the model trained with it or introduce backdoors. In this paper we present a…

Machine Learning · Computer Science 2021-06-08 Ilia Shumailov , Zakhar Shumaylov , Dmitry Kazhdan , Yiren Zhao , Nicolas Papernot , Murat A. Erdogdu , Ross Anderson

Adversarial Missingness (AM) attacks aim to manipulate model fitting by carefully engineering a missing data problem to achieve a specific malicious objective. AM attacks are significantly different from prior data poisoning attacks in that…

Machine Learning · Computer Science 2025-11-18 Deniz Koyuncu , Alex Gittens , Bülent Yener , Moti Yung

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many…

Cryptography and Security · Computer Science 2017-12-18 Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , Dawn Song

This paper investigates poisoning attacks against data-driven control methods. This work is motivated by recent trends showing that, in supervised learning, slightly modifying the data in a malicious manner can drastically deteriorate the…

Systems and Control · Electrical Eng. & Systems 2021-03-11 Alessio Russo , Alexandre Proutiere

In a poisoning attack, an adversary with control over a small fraction of the training data attempts to select that data in a way that induces a corrupted model that misbehaves in favor of the adversary. We consider poisoning attacks…

Machine Learning · Computer Science 2021-04-22 Fnu Suya , Saeed Mahloujifar , Anshuman Suri , David Evans , Yuan Tian

A backdoor data poisoning attack is an adversarial attack wherein the attacker injects several watermarked, mislabeled training examples into a training set. The watermark does not impact the test-time performance of the model on typical…

Machine Learning · Computer Science 2021-11-05 Naren Sarayu Manoj , Avrim Blum

Machine learning models have been shown to leak information violating the privacy of their training set. We focus on membership inference attacks on machine learning models which aim to determine whether a data point was used to train the…

Cryptography and Security · Computer Science 2020-09-02 Shadi Rahimian , Tribhuvanesh Orekondy , Mario Fritz

Bayesian inference on structured models typically relies on the ability to infer posterior distributions of underlying hidden variables. However, inference in implicit models or complex posterior distributions is hard. A popular tool for…

Machine Learning · Statistics 2016-12-16 Theofanis Karaletsos

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Recent studies have revealed a security threat to natural language processing (NLP) models, called the Backdoor Attack. Victim models can maintain competitive performance on clean samples while behaving abnormally on samples with a specific…

Computation and Language · Computer Science 2021-03-30 Wenkai Yang , Lei Li , Zhiyuan Zhang , Xuancheng Ren , Xu Sun , Bin He

This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited…

Cryptography and Security · Computer Science 2025-11-05 Patrick Karlsen , Even Eilertsen