English
Related papers

Related papers: LoRA as Oracle

200 papers

How many of a neural network's parameters actually encode task-specific information? We investigate this question with LottaLoRA, a training paradigm in which every backbone weight is drawn at random and frozen; only low-rank LoRA adapters…

Machine Learning · Computer Science 2026-04-14 Hananel Hazan , Yanbo Zhang , Benedikt Hartl , Michael Levin

Federated learning has seen increased adoption in recent years in response to the growing regulatory demand for data privacy. However, the opaque local training process of federated learning also sparks rising concerns about model…

Artificial Intelligence · Computer Science 2023-08-24 Yuxi Mi , Yiheng Sun , Jihong Guan , Shuigeng Zhou

Membership inference attacks (MIAs) have become the standard tool for evaluating privacy leakage in machine learning (ML). Among them, the Likelihood-Ratio Attack (LiRA) is widely regarded as the state of the art when sufficient shadow…

Cryptography and Security · Computer Science 2026-03-10 Najeeb Jebreel , Mona Khalil , David Sánchez , Josep Domingo-Ferrer

When an adversary provides poison samples to a machine learning model, privacy leakage, such as membership inference attacks that infer whether a sample was included in the training of the model, becomes effective by moving the sample to an…

Cryptography and Security · Computer Science 2023-03-23 Yumeki Goto , Nami Ashizawa , Toshiki Shibahara , Naoto Yanai

Recent studies have widely investigated backdoor attacks on Large Language Models (LLMs) by inserting harmful question-answer (QA) pairs into their training data. However, we revisit existing attacks and identify two critical limitations:…

Computation and Language · Computer Science 2025-10-07 Jiawei Kong , Hao Fang , Xiaochen Yang , Kuofeng Gao , Bin Chen , Shu-Tao Xia , Ke Xu , Han Qiu

Federated learning, while being a promising approach for collaborative model training, is susceptible to backdoor attacks due to its decentralized nature. Backdoor attacks have shown remarkable stealthiness, as they compromise model…

Machine Learning · Computer Science 2026-04-10 Zhengyuan Jiang , Xingyu Lyu , Shanghao Shi , Yang Xiao , Yimin Chen , Y. Thomas Hou , Wenjing Lou , Ning Wanga

Deep neural networks (DNNs) are vulnerable to backdoor attacks, where adversaries embed a hidden backdoor trigger during the training process for malicious prediction manipulation. These attacks pose great threats to the applications of…

Cryptography and Security · Computer Science 2023-02-21 Junfeng Guo , Yiming Li , Xun Chen , Hanqing Guo , Lichao Sun , Cong Liu

Finetuning LLMs with LoRA has gained significant popularity due to its simplicity and effectiveness. Often, users may even find pluggable, community-shared LoRAs to enhance their base models for a specific downstream task of interest;…

Fine-tuning adapts a pre-trained model to downstream tasks using a small amount of labeled data. Low-Rank Adaptation (LoRA) is an efficient fine-tuning method that reduces memory and computation costs while often achieving performance close…

Machine Learning · Computer Science 2026-05-20 Ali Zindari , Rotem Mulayoff , Sebastian U. Stich

As the capacity of deep neural networks (DNNs) increases, their need for huge amounts of data significantly grows. A common practice is to outsource the training process or collect more data over the Internet, which introduces the risks of…

Machine Learning · Computer Science 2023-11-14 Soroush Hashemifar , Saeed Parsa , Morteza Zakeri-Nasrabadi

Reliable prediction is an essential requirement for deep neural models that are deployed in open environments, where both covariate and semantic out-of-distribution (OOD) data arise naturally. In practice, to make safe decisions, a reliable…

Machine Learning · Computer Science 2025-04-22 Fei Zhu , Zhaoxiang Zhang

Recent studies have shown that deep learning models are vulnerable to membership inference attacks (MIAs), which aim to infer whether a data record was used to train a target model or not. To analyze and study these vulnerabilities, various…

Machine Learning · Statistics 2025-08-12 Chenxu Zhao , Wei Qian , Aobo Chen , Mengdi Huai

Recently, it has been shown that deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch.…

Computer Vision and Pattern Recognition · Computer Science 2020-06-11 Haripriya Harikumar , Vuong Le , Santu Rana , Sourangshu Bhattacharya , Sunil Gupta , Svetha Venkatesh

The integration of machine learning (ML) in numerous critical applications introduces a range of privacy concerns for individuals who provide their datasets for model training. One such privacy risk is Membership Inference (MI), in which an…

Machine Learning · Computer Science 2024-01-18 Harsh Chaudhari , Giorgio Severi , Alina Oprea , Jonathan Ullman

The financial industry relies on deep learning models for making important decisions. This adoption brings new danger, as deep black-box models are known to be vulnerable to adversarial attacks. In computer vision, one can shape the output…

Machine Learning · Computer Science 2024-08-27 Alina Ermilova , Elizaveta Kovtun , Dmitry Berestnev , Alexey Zaytsev

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

Federated learning (FL) is a machine learning (ML) approach that allows the use of distributed data without compromising personal privacy. However, the heterogeneous distribution of data among clients in FL can make it difficult for the…

Machine Learning · Computer Science 2023-03-07 Thuy Dung Nguyen , Tuan Nguyen , Phi Le Nguyen , Hieu H. Pham , Khoa Doan , Kok-Seng Wong

Although deep neural networks (DNNs) have made rapid progress in recent years, they are vulnerable in adversarial environments. A malicious backdoor could be embedded in a model by poisoning the training dataset, whose intention is to make…

Cryptography and Security · Computer Science 2021-03-25 Yinpeng Dong , Xiao Yang , Zhijie Deng , Tianyu Pang , Zihao Xiao , Hang Su , Jun Zhu

In a federated learning (FL) system, decentralized data owners (clients) could upload their locally trained models to a central server, to jointly train a global model. Malicious clients may plant backdoors into the global model through…

Cryptography and Security · Computer Science 2024-06-03 Songze Li , Yanbo Dai

Backdoor attacks are emerging threats to deep neural networks, which typically embed malicious behaviors into a victim model by injecting poisoned samples. Adversaries can activate the injected backdoor during inference by presenting the…

Cryptography and Security · Computer Science 2025-12-05 Bingyin Zhao , Yingjie Lao