English
Related papers

Related papers: Transferable Backdoor Attacks for Code Models via …

200 papers

Recent researches show that deep learning model is susceptible to backdoor attacks. Many defenses against backdoor attacks have been proposed. However, existing defense works require high computational overhead or backdoor attack…

Computer Vision and Pattern Recognition · Computer Science 2023-05-26 Mingfu Xue , Yinghao Wu , Zhiyu Wu , Yushu Zhang , Jian Wang , Weiqiang Liu

Graph Neural Networks (GNNs) have achieved tremendous success in many graph mining tasks benefitting from the message passing strategy that fuses the local structure and node features for better graph representation learning. Despite the…

Cryptography and Security · Computer Science 2022-07-06 Shuiqiao Yang , Bao Gia Doan , Paul Montague , Olivier De Vel , Tamas Abraham , Seyit Camtepe , Damith C. Ranasinghe , Salil S. Kanhere

Neural code models have been increasingly incorporated into software development processes. However, their susceptibility to backdoor attacks presents a significant security risk. The state-of-the-art understanding focuses on…

Software Engineering · Computer Science 2025-12-23 Junyao Ye , Zhen Li , Xi Tang , Shouhuai Xu , Deqing Zou , Zhongsheng Yuan

State-of-the-art deep neural networks are known to be vulnerable to adversarial examples, formed by applying small but malicious perturbations to the original inputs. Moreover, the perturbations can \textit{transfer across models}:…

Machine Learning · Statistics 2018-02-28 Lei Wu , Zhanxing Zhu , Cheng Tai , Weinan E

Backdoor attacks pose serious security threats to deep neural networks (DNNs). Backdoored models make arbitrarily (targeted) incorrect predictions on inputs embedded with well-designed triggers while behaving normally on clean inputs. Many…

Cryptography and Security · Computer Science 2023-07-21 Yudong Gao , Honglong Chen , Peng Sun , Junjian Li , Anqing Zhang , Zhibo Wang

Prompt-based learning is vulnerable to backdoor attacks. Existing backdoor attacks against prompt-based models consider injecting backdoors into the entire embedding layers or word embedding vectors. Such attacks can be easily affected by…

Computation and Language · Computer Science 2023-05-30 Kai Mei , Zheng Li , Zhenting Wang , Yang Zhang , Shiqing Ma

Adversarial transferability enables black-box attacks on unknown victim deep neural networks (DNNs), rendering attacks viable in real-world scenarios. Current transferable attacks create adversarial perturbation over the entire image,…

Computer Vision and Pattern Recognition · Computer Science 2023-12-27 Shangbo Wu , Yu-an Tan , Yajie Wang , Ruinan Ma , Wencong Ma , Yuanzhang Li

Deep neural networks are susceptible to adversarial examples while suffering from incorrect predictions via imperceptible perturbations. Transfer-based attacks create adversarial examples for surrogate models and transfer these examples to…

Computer Vision and Pattern Recognition · Computer Science 2025-08-11 Jinjia Peng , Zeze Tao , Huibing Wang , Meng Wang , Yang Wang

Deep neural networks are vulnerable to adversarial examples crafted by applying human-imperceptible perturbations on clean inputs. Although many attack methods can achieve high success rates in the white-box setting, they also exhibit weak…

Computer Vision and Pattern Recognition · Computer Science 2023-08-22 Zhijin Ge , Fanhua Shang , Hongying Liu , Yuanyuan Liu , Liang Wan , Wei Feng , Xiaosen Wang

Multimodal pretrained models are vulnerable to backdoor attacks, yet most existing methods rely on visual or multimodal triggers, which are impractical since visually embedded triggers rarely occur in real-world data. To overcome this…

Cryptography and Security · Computer Science 2026-04-08 Yiyang Zhang , Chaojian Yu , Ziming Hong , Yuanjie Shao , Qinmu Peng , Tongliang Liu , Xinge You

Currently, sample-specific backdoor attacks (SSBAs) are the most advanced and malicious methods since they can easily circumvent most of the current backdoor defenses. In this paper, we reveal that SSBAs are not sufficiently stealthy due to…

Cryptography and Security · Computer Science 2025-03-17 Mingyan Zhu , Yiming Li , Junfeng Guo , Tao Wei , Shu-Tao Xia , Zhan Qin

Although deep learning has shown great success in recent years, researchers have discovered a critical flaw where small, imperceptible changes in the input to the system can drastically change the output classification. These attacks are…

Machine Learning · Computer Science 2018-11-21 Jacob M. Springer , Charles S. Strauss , Austin M. Thresher , Edward Kim , Garrett T. Kenyon

In recent years, neural backdoor attack has been considered to be a potential security threat to deep learning systems. Such systems, while achieving the state-of-the-art performance on clean data, perform abnormally on inputs with…

Cryptography and Security · Computer Science 2020-10-19 Anh Nguyen , Anh Tran

Code models, such as CodeBERT and CodeT5, offer general-purpose representations of code and play a vital role in supporting downstream automated software engineering tasks. Most recently, code models were revealed to be vulnerable to…

Cryptography and Security · Computer Science 2023-08-30 Zhou Yang , Bowen Xu , Jie M. Zhang , Hong Jin Kang , Jieke Shi , Junda He , David Lo

Recently, backdoor attacks pose a new security threat to the training process of deep neural networks (DNNs). Attackers intend to inject hidden backdoors into DNNs, such that the attacked model performs well on benign samples, whereas its…

Cryptography and Security · Computer Science 2021-08-16 Yuezun Li , Yiming Li , Baoyuan Wu , Longkang Li , Ran He , Siwei Lyu

Split learning enables collaborative deep learning model training while preserving data privacy and model security by avoiding direct sharing of raw data and model details (i.e., sever and clients only hold partial sub-networks and exchange…

Machine Learning · Computer Science 2023-07-19 Mingyuan Fan , Cen Chen , Chengyu Wang , Wenmeng Zhou , Jun Huang

Pre-trained language models of code are now widely used in various software engineering tasks such as code generation, code completion, vulnerability detection, etc. This, in turn, poses security and reliability risks to these models. One…

Software Engineering · Computer Science 2024-11-01 Thanh-Dat Nguyen , Yang Zhou , Xuan Bach D. Le , Patanamon Thongtanunam , David Lo

With the advancement of vision transformers (ViTs) and self-supervised learning (SSL) techniques, pre-trained large ViTs have become the new foundation models for computer vision applications. However, studies have shown that, like…

Computer Vision and Pattern Recognition · Computer Science 2024-08-06 Weijie Zheng , Xingjun Ma , Hanxun Huang , Zuxuan Wu , Yu-Gang Jiang

Adversarial attacks constitute a notable threat to machine learning systems, given their potential to induce erroneous predictions and classifications. However, within real-world contexts, the essential specifics of the deployed model are…

Computer Vision and Pattern Recognition · Computer Science 2023-12-21 Jingwen Ye , Ruonan Yu , Songhua Liu , Xinchao Wang

Recent advancements in deep learning-based compression techniques have surpassed traditional methods. However, deep neural networks remain vulnerable to backdoor attacks, where pre-defined triggers induce malicious behaviors. This paper…

Computer Vision and Pattern Recognition · Computer Science 2024-12-03 Yi Yu , Yufei Wang , Wenhan Yang , Lanqing Guo , Shijian Lu , Ling-Yu Duan , Yap-Peng Tan , Alex C. Kot