English
Related papers

Related papers: Phantom Transfer: Data-level Defences are Insuffic…

200 papers

Recommendation and collaborative filtering systems are important in modern information and e-commerce applications. As these systems are becoming increasingly popular in the industry, their outputs could affect business decision making,…

Machine Learning · Computer Science 2016-10-07 Bo Li , Yining Wang , Aarti Singh , Yevgeniy Vorobeychik

Decentralised post-training of large language models utilises data and pipeline parallelism techniques to split the data and the model. Unfortunately, decentralised post-training can be vulnerable to poisoning and backdoor attacks by one or…

Cryptography and Security · Computer Science 2026-04-06 Oğuzhan Ersoy , Nikolay Blagoev , Jona te Lintelo , Stefanos Koffas , Marina Krček , Stjepan Picek

In a backdoor attack, an adversary injects corrupted data into a model's training dataset in order to gain control over its predictions on images with a specific attacker-defined trigger. A typical corrupted training example requires…

Machine Learning · Computer Science 2023-10-31 Rishi D. Jha , Jonathan Hayase , Sewoong Oh

We define Oracle Poisoning, an attack class in which an adversary corrupts a structured knowledge graph that AI agents query at runtime via tool-use protocols, causing incorrect conclusions through correct reasoning. Unlike prompt…

Cryptography and Security · Computer Science 2026-05-12 Ben Kereopa-Yorke , Guillermo Diaz , Holly Wright , Reagan Johnston , Ron F. Del Rosario , Timothy Lynar

Deep neural networks (DNNs) are vulnerable to backdoor attack, which does not affect the network's performance on clean data but would manipulate the network behavior once a trigger pattern is added. Existing defense methods have greatly…

Machine Learning · Computer Science 2025-04-08 Min Liu , Alberto Sangiovanni-Vincentelli , Xiangyu Yue

Federated learning (FL) enables the training of models among distributed clients without compromising the privacy of training datasets, while the invisibility of clients datasets and the training process poses a variety of security threats.…

Cryptography and Security · Computer Science 2023-01-18 Subhash Sagar , Chang-Sun Li , Seng W. Loke , Jinho Choi

Model poisoning attacks pose a significant security threat to Federated Learning (FL). Most existing model poisoning attacks rely on collusion, requiring adversarial clients to coordinate by exchanging local benign models and synchronizing…

Cryptography and Security · Computer Science 2026-04-13 Israt Jahan Mouri , Muhammad Ridowan , Muhammad Abdullah Adnan

Jailbreaking attacks can effectively manipulate open-source large language models (LLMs) to produce harmful responses. However, these attacks exhibit limited transferability, failing to disrupt proprietary LLMs consistently. To reliably…

Machine Learning · Computer Science 2025-05-20 Runqi Lin , Bo Han , Fengwang Li , Tongling Liu

Growing applications of large language models (LLMs) trained by a third party raise serious concerns on the security vulnerability of LLMs.It has been demonstrated that malicious actors can covertly exploit these vulnerabilities in LLMs…

Cryptography and Security · Computer Science 2023-12-11 Shuli Jiang , Swanand Ravindra Kadhe , Yi Zhou , Ling Cai , Nathalie Baracaldo

Current backdoor defense methods are evaluated against a single attack at a time. This is unrealistic, as powerful machine learning systems are trained on large datasets scraped from the internet, which may be attacked multiple times by one…

Machine Learning · Computer Science 2024-08-26 Neel Alex , Shoaib Ahmed Siddiqui , Amartya Sanyal , David Krueger

We show that by controlling parts of a physical environment in which a pre-trained deep neural network (DNN) is being fine-tuned online, an adversary can launch subtle data poisoning attacks that degrade the performance of the system. While…

Machine Learning · Computer Science 2020-12-08 Naman Patel , Prashanth Krishnamurthy , Siddharth Garg , Farshad Khorrami

Manipulation of local training data and local updates, i.e., the poisoning attack, is the main threat arising from the collaborative nature of the federated learning (FL) paradigm. Most existing poisoning attacks aim to manipulate local…

Machine Learning · Computer Science 2025-05-30 Huazi Pan , Yanjun Zhang , Leo Yu Zhang , Scott Adams , Abbas Kouzani , Suiyang Khoo

In the software engineering community, deep learning (DL) has recently been applied to many source code processing tasks. Due to the poor interpretability of DL models, their security vulnerabilities require scrutiny. Recently, researchers…

Software Engineering · Computer Science 2022-11-01 Jia Li , Zhuo Li , Huangzhao Zhang , Ge Li , Zhi Jin , Xing Hu , Xin Xia

To study the resilience of distributed learning, the "Byzantine" literature considers a strong threat model where workers can report arbitrary gradients to the parameter server. Whereas this model helped obtain several fundamental results,…

Machine Learning · Computer Science 2022-07-22 Sadegh Farhadkhani , Rachid Guerraoui , Lê-Nguyên Hoang , Oscar Villemaud

Poisoning attacks pose significant challenges to the robustness of diffusion models (DMs). In this paper, we systematically analyze when and where poisoning attacks textual inversion (TI), a widely used personalization technique for DMs. We…

Cryptography and Security · Computer Science 2025-09-04 Jeremy Styborski , Mingzhi Lyu , Jiayou Lu , Nupur Kapur , Adams Kong

Backdoor data poisoning, inserted within instruction examples used to fine-tune a foundation Large Language Model (LLM) for downstream tasks (\textit{e.g.,} sentiment prediction), is a serious security concern due to the evasive nature of…

Cryptography and Security · Computer Science 2024-08-23 Jayaram Raghuram , George Kesidis , David J. Miller

Deep neural networks (DNNs) are vulnerable to "backdoor" poisoning attacks, in which an adversary implants a secret trigger into an otherwise normally functioning model. Detection of backdoors in trained models without access to the…

Machine Learning · Computer Science 2021-03-19 Todd Huster , Emmanuel Ekwedike

A backdoor or Trojan attack is an important type of data poisoning attack against deep neural network (DNN) classifiers, wherein the training dataset is poisoned with a small number of samples that each possess the backdoor pattern (usually…

Machine Learning · Computer Science 2023-03-15 H. Wang , S. Karami , O. Dia , H. Ritter , E. Emamjomeh-Zadeh , J. Chen , Z. Xiang , D. J. Miller , G. Kesidis

A number of online services nowadays rely upon machine learning to extract valuable information from data collected in the wild. This exposes learning algorithms to the threat of data poisoning, i.e., a coordinate attack in which a fraction…

Many state-of-the-art ML models have outperformed humans in various tasks such as image classification. With such outstanding performance, ML models are widely used today. However, the existence of adversarial attacks and data poisoning…

Machine Learning · Computer Science 2021-12-07 Jing Lin , Long Dang , Mohamed Rahouti , Kaiqi Xiong
‹ Prev 1 8 9 10 Next ›