English
Related papers

Related papers: Phantom Transfer: Data-level Defences are Insuffic…

200 papers

Adversarial attacks such as poisoning attacks have attracted the attention of many machine learning researchers. Traditionally, poisoning attacks attempt to inject adversarial training data in order to manipulate the trained model. In…

Machine Learning · Computer Science 2025-03-26 Ali Raza , Shujun Li , Kim-Phuc Tran , Ludovic Koehl , Kim Duc Tran

Deep neural networks are normally executed in the forward direction. However, in this work, we identify a vulnerability that enables models to be trained in both directions and on different tasks. Adversaries can exploit this capability to…

Machine Learning · Computer Science 2024-05-20 Guy Amit , Mosh Levy , Yisroel Mirsky

Machine learning has been widely applied in wireless communications. However, the security aspects of machine learning in wireless applications have not been well understood yet. We consider the case that a cognitive transmitter senses the…

Networking and Internet Architecture · Computer Science 2019-01-29 Yi Shi , Tugba Erpek , Yalin E. Sagduyu , Jason H. Li

Federated Learning (FL) is a decentralized machine learning method that enables participants to collaboratively train a model without sharing their private data. Despite its privacy and scalability benefits, FL is susceptible to backdoor…

Cryptography and Security · Computer Science 2024-09-11 Yujie Zhang , Neil Gong , Michael K. Reiter

We revisit the efficacy of several practical methods for approximate machine unlearning developed for large-scale deep learning. In addition to complying with data deletion requests, one often-cited potential application for unlearning…

Machine Learning · Computer Science 2026-01-16 Martin Pawelczyk , Jimmy Z. Di , Yiwei Lu , Gautam Kamath , Ayush Sekhari , Seth Neel

Machine learning models are vulnerable to data-poisoning attacks, in which an attacker maliciously modifies the training set to change the prediction of a learned model. In a trigger-less attack, the attacker can modify the training set but…

Machine Learning · Computer Science 2022-10-18 Yuhao Zhang , Aws Albarghouthi , Loris D'Antoni

We propose a novel clustering mechanism based on an incompatibility property between subsets of data that emerges during model training. This mechanism partitions the dataset into subsets that generalize only to themselves, i.e., training…

Machine Learning · Computer Science 2023-04-28 Charles Jin , Melinda Sun , Martin Rinard

Model inversion attacks pose a significant privacy threat to machine learning models by reconstructing sensitive data from their outputs. While various defenses have been proposed to counteract these attacks, they often come at the cost of…

Cryptography and Security · Computer Science 2024-12-11 Shuai Zhou , Dayong Ye , Tianqing Zhu , Wanlei Zhou

We study data poisoning attacks in the online setting where training items arrive sequentially, and the attacker may perturb the current item to manipulate online learning. Importantly, the attacker has no knowledge of future training items…

Machine Learning · Computer Science 2019-06-03 Xuezhou Zhang , Xiaojin Zhu , Laurent Lessard

The commercialization of text-to-image diffusion models (DMs) brings forth potential copyright concerns. Despite numerous attempts to protect DMs from copyright issues, the vulnerabilities of these solutions are underexplored. In this…

Cryptography and Security · Computer Science 2024-05-28 Haonan Wang , Qianli Shen , Yao Tong , Yang Zhang , Kenji Kawaguchi

While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data…

This paper presents Poisoning MorphNet, the first backdoor attack method on point clouds. Conventional adversarial attack takes place in the inference stage, often fooling a model by perturbing samples. In contrast, backdoor attack aims to…

Computer Vision and Pattern Recognition · Computer Science 2021-05-12 Guiyu Tian , Wenhao Jiang , Wei Liu , Yadong Mu

Modern machine learning pipelines leverage large amounts of public data, making it infeasible to guarantee data quality and leaving models open to poisoning and backdoor attacks. Provably bounding model behavior under such attacks remains…

Machine Learning · Computer Science 2024-10-31 Philip Sosnin , Mark N. Müller , Maximilian Baader , Calvin Tsay , Matthew Wicker

In adversarial machine learning, new defenses against attacks on deep learning systems are routinely broken soon after their release by more powerful attacks. In this context, forensic tools can offer a valuable complement to existing…

Cryptography and Security · Computer Science 2022-06-17 Shawn Shan , Arjun Nitin Bhagoji , Haitao Zheng , Ben Y. Zhao

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of…

Cryptography and Security · Computer Science 2021-09-29 Matthew Jagielski , Alina Oprea , Battista Biggio , Chang Liu , Cristina Nita-Rotaru , Bo Li

Recent works have demonstrated that deep learning models are vulnerable to backdoor poisoning attacks, where these attacks instill spurious correlations to external trigger patterns or objects (e.g., stickers, sunglasses, etc.). We find…

Computer Vision and Pattern Recognition · Computer Science 2022-07-25 Tong Wu , Tianhao Wang , Vikash Sehwag , Saeed Mahloujifar , Prateek Mittal

Recent studies on backdoor attacks in model training have shown that polluting a small portion of training data is sufficient to produce incorrect manipulated predictions on poisoned test-time data while maintaining high clean accuracy in…

Machine Learning · Computer Science 2023-01-24 Soumyadeep Pal , Ren Wang , Yuguang Yao , Sijia Liu

Fake news detection models are critical to countering disinformation but can be manipulated through adversarial attacks. In this position paper, we analyze how an attacker can compromise the performance of an online learning detector on…

Machine Learning · Computer Science 2024-01-05 Federico Siciliano , Luca Maiano , Lorenzo Papa , Federica Baccini , Irene Amerini , Fabrizio Silvestri

Recent studies have demonstrated the vulnerability of Automatic Speech Recognition systems to adversarial examples, which can deceive these systems into misinterpreting input speech commands. While previous research has primarily focused on…

Sound · Computer Science 2025-11-21 Aravindhan G , Yuvaraj Govindarajulu , Parin Shah

Federated learning is known to be vulnerable to both security and privacy issues. Existing research has focused either on preventing poisoning attacks from users or on concealing the local model updates from the server, but not both.…

Machine Learning · Computer Science 2024-06-05 Truc Nguyen , My T. Thai