English
Related papers

Related papers: Invisible Clean-Label Backdoor Attacks for Generat…

200 papers

Recent years have witnessed the great success of deep learning algorithms in the geoscience and remote sensing realm. Nevertheless, the security and robustness of deep learning models deserve special attention when addressing…

Computer Vision and Pattern Recognition · Computer Science 2023-07-14 Nikolaus Dräger , Yonghao Xu , Pedram Ghamisi

Large-scale unlabeled data has spurred recent progress in self-supervised learning methods that learn rich visual representations. State-of-the-art self-supervised methods for learning representations from images (e.g., MoCo, BYOL, MSF) use…

Computer Vision and Pattern Recognition · Computer Science 2022-06-10 Aniruddha Saha , Ajinkya Tejankar , Soroush Abbasi Koohpayegani , Hamed Pirsiavash

Backdoor attacks manipulate model predictions by inserting innocuous triggers into training and test data. We focus on more realistic and more challenging clean-label attacks where the adversarial training examples are correctly labeled.…

Machine Learning · Computer Science 2023-10-31 Wencong You , Zayd Hammoudeh , Daniel Lowd

Model inversion (MI) attacks have raised increasing concerns about privacy, which can reconstruct training data from public models. Indeed, MI attacks can be formalized as an optimization problem that seeks private data in a certain space.…

Computer Vision and Pattern Recognition · Computer Science 2023-02-21 Xiaojian Yuan , Kejiang Chen , Jie Zhang , Weiming Zhang , Nenghai Yu , Yang Zhang

Data augmentation has always been an effective way to overcome overfitting issue when the dataset is small. There are already lots of augmentation operations such as horizontal flip, random crop or even Mixup. However, unlike image…

Computer Vision and Pattern Recognition · Computer Science 2021-05-03 Yichen Zhang , Zeyang Song , Wenbo Li

Currently, sample-specific backdoor attacks (SSBAs) are the most advanced and malicious methods since they can easily circumvent most of the current backdoor defenses. In this paper, we reveal that SSBAs are not sufficiently stealthy due to…

Cryptography and Security · Computer Science 2025-03-17 Mingyan Zhu , Yiming Li , Junfeng Guo , Tao Wei , Shu-Tao Xia , Zhan Qin

Data augmentation is used extensively to improve model generalisation. However, reliance on external libraries to implement augmentation methods introduces a vulnerability into the machine learning pipeline. It is well known that backdoors…

Machine Learning · Computer Science 2022-10-03 Joseph Rance , Yiren Zhao , Ilia Shumailov , Robert Mullins

With the thriving of deep learning in processing point cloud data, recent works show that backdoor attacks pose a severe security threat to 3D vision applications. The attacker injects the backdoor into the 3D model by poisoning a few…

Computer Vision and Pattern Recognition · Computer Science 2022-08-18 Kuofeng Gao , Jiawang Bai , Baoyuan Wu , Mengxi Ya , Shu-Tao Xia

Backdoor attacks pose a significant threat to the integrity of text classification models used in natural language processing. While several dirty-label attacks that achieve high attack success rates (ASR) have been proposed, clean-label…

Cryptography and Security · Computer Science 2025-08-25 Onur Alp Kirci , M. Emre Gursoy

Recent advances in vision-language-action (VLA) models have greatly improved embodied AI, enabling robots to follow natural language instructions and perform diverse tasks. However, their reliance on uncurated training datasets raises…

Cryptography and Security · Computer Science 2025-10-13 Zirun Zhou , Zhengyang Xiao , Haochuan Xu , Jing Sun , Di Wang , Jingfeng Zhang

Backdoor attack has emerged as a novel and concerning threat to AI security. These attacks involve the training of Deep Neural Network (DNN) on datasets that contain hidden trigger patterns. Although the poisoned model behaves normally on…

Cryptography and Security · Computer Science 2024-03-06 Huasong Zhou , Xiaowei Xu , Xiaodong Wang , Leon Bevan Bullock

Deep neural networks (DNNs) are vulnerable to backdoor attacks, where adversaries embed a hidden backdoor trigger during the training process for malicious prediction manipulation. These attacks pose great threats to the applications of…

Cryptography and Security · Computer Science 2023-02-21 Junfeng Guo , Yiming Li , Xun Chen , Hanqing Guo , Lichao Sun , Cong Liu

Backdoor attacks change a small portion of training data by introducing hand-crafted triggers and rewiring the corresponding labels towards a desired target class. Training on such data injects a backdoor which causes malicious inference in…

Machine Learning · Computer Science 2024-09-05 Ivan Sabolić , Ivan Grubišić , Siniša Šegvić

Federated self-supervised learning (FSSL) combines the advantages of decentralized modeling and unlabeled representation learning, serving as a cutting-edge paradigm with strong potential for scalability and privacy preservation. Although…

Cryptography and Security · Computer Science 2025-08-12 Jiayao Wang , Yang Song , Zhendong Zhao , Jiale Zhang , Qilin Wu , Junwu Zhu , Dongfang Zhao

Self-supervised learning (SSL) models are vulnerable to backdoor attacks. Existing backdoor attacks that are effective in SSL often involve noticeable triggers, like colored patches or visible noise, which are vulnerable to human…

Computer Vision and Pattern Recognition · Computer Science 2025-04-04 Hanrong Zhang , Zhenting Wang , Boheng Li , Fulin Lin , Tingxu Han , Mingyu Jin , Chenlu Zhan , Mengnan Du , Hongwei Wang , Shiqing Ma

Backdoor attacks pose a significant threat to deep neural networks, as backdoored models would misclassify poisoned samples with specific triggers into target classes while maintaining normal performance on clean samples. Among these,…

Cryptography and Security · Computer Science 2025-08-06 Yangxu Yin , Honglong Chen , Yudong Gao , Peng Sun , Liantao Wu , Zhe Li , Weifeng Liu

Backdoors on federated learning will be diluted by subsequent benign updates. This is reflected in the significant reduction of attack success rate as iterations increase, ultimately failing. We use a new metric to quantify the degree of…

Cryptography and Security · Computer Science 2024-04-30 Tao Liu , Yuhang Zhang , Zhu Feng , Zhiqin Yang , Chen Xu , Dapeng Man , Wu Yang

Vision transformers have achieved impressive performance in various vision-related tasks, but their vulnerability to backdoor attacks is under-explored. A handful of existing works focus on dirty-label attacks with wrongly-labeled poisoned…

Computer Vision and Pattern Recognition · Computer Science 2024-12-09 Xueluan Gong , Bowei Tian , Meng Xue , Shuike Li , Yanjiao Chen , Qian Wang

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Heterogeneous graph neural networks (HGNNs) have achieved strong performance in many real-world applications, yet targeted backdoor poisoning on heterogeneous graphs remains less studied. We consider backdoor attacks for heterogeneous node…

Machine Learning · Computer Science 2026-01-01 Honglin Gao , Lan Zhao , Junhao Ren , Xiang Li , Gaoxi Xiao