English
Related papers

Related papers: When Backdoors Go Beyond Triggers: Semantic Drift …

200 papers

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…

In recent years, diffusion models have achieved remarkable success in the realm of high-quality image generation, garnering increased attention. This surge in interest is paralleled by a growing concern over the security threats associated…

Machine Learning · Computer Science 2024-06-04 Sen Li , Junchi Ma , Minhao Cheng

Recently, it has been shown that deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch.…

Computer Vision and Pattern Recognition · Computer Science 2020-06-11 Haripriya Harikumar , Vuong Le , Santu Rana , Sourangshu Bhattacharya , Sunil Gupta , Svetha Venkatesh

We investigate a new threat to neural sequence-to-sequence (seq2seq) models: training-time attacks that cause models to "spin" their outputs so as to support an adversary-chosen sentiment or point of view -- but only when the input contains…

Cryptography and Security · Computer Science 2022-10-12 Eugene Bagdasaryan , Vitaly Shmatikov

Large language models (LLMs) are increasingly deployed in settings where inducing a bias toward a certain topic can have significant consequences, and backdoor attacks can be used to produce such models. Prior work on backdoor attacks has…

Cryptography and Security · Computer Science 2026-02-17 Anudeep Das , Prach Chantasantitam , Gurjot Singh , Lipeng He , Mariia Ponomarenko , Florian Kerschbaum

Transfer learning followed by fine-tuning is widely adopted in medical image classification due to consistent gains in diagnostic performance. However, in multi-class settings with overlapping visual features, improvements in accuracy do…

Computer Vision and Pattern Recognition · Computer Science 2026-04-10 Kabilan Elangovan , Daniel Ting

Text-to-image diffusion models are increasingly developed through open-source reuse and repeated downstream fine-tuning, where reused checkpoints are difficult to verify and thus more susceptible to hidden backdoor behaviors. In such…

Cryptography and Security · Computer Science 2026-05-20 Kai Wang , Jiale Zhang , Chengcheng Zhu , Chuang Ma , Songze Li

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

In recent years there has been enormous interest in vision-language models trained using self-supervised objectives. However, the use of large-scale datasets scraped from the web for training also makes these models vulnerable to potential…

Computer Vision and Pattern Recognition · Computer Science 2024-11-26 Alvi Md Ishmam , Christopher Thomas

The backdoor attack, where the adversary uses inputs stamped with triggers (e.g., a patch) to activate pre-planted malicious behaviors, is a severe threat to Deep Neural Network (DNN) models. Trigger inversion is an effective way of…

Machine Learning · Computer Science 2023-04-07 Zhenting Wang , Kai Mei , Juan Zhai , Shiqing Ma

Recent studies show that text to image (T2I) diffusion models are vulnerable to backdoor attacks, where a trigger in the input prompt can steer generation toward harmful or unintended content. Beyond the trigger token itself, backdoor…

Computation and Language · Computer Science 2026-03-19 Oscar Chew , Po-Yi Lu , Jayden Lin , Kuan-Hao Huang , Hsuan-Tien Lin

Backdoor attacks undermine the reliability and trustworthiness of machine learning systems by injecting hidden behaviors that can be maliciously activated at inference time. While such threats have been extensively studied in unimodal…

Computer Vision and Pattern Recognition · Computer Science 2025-11-25 Juncheng Li , Yige Li , Hanxun Huang , Yunhao Chen , Xin Wang , Yixu Wang , Xingjun Ma , Yu-Gang Jiang

Web-scraped datasets are vulnerable to data poisoning, which can be used for backdooring deep image classifiers during training. Since training on large datasets is expensive, a model is trained once and re-used many times. Unlike…

Machine Learning · Computer Science 2024-01-23 Benjamin Schneider , Nils Lukas , Florian Kerschbaum

Recent deep-learning-based compression methods have achieved superior performance compared with traditional approaches. However, deep learning models have proven to be vulnerable to backdoor attacks, where some specific trigger patterns…

Computer Vision and Pattern Recognition · Computer Science 2023-03-01 Yi Yu , Yufei Wang , Wenhan Yang , Shijian Lu , Yap-peng Tan , Alex C. Kot

The rapid advancement of generative AI highlights the importance of text-to-image (T2I) security, particularly with the threat of backdoor poisoning. Timely disclosure and mitigation of security vulnerabilities in T2I models are crucial for…

Cryptography and Security · Computer Science 2025-04-22 Chongye Guo , Jinhu Fu , Junfeng Fang , Kun Wang , Guorui Feng

The proliferation of face forgery techniques has raised significant concerns within society, thereby motivating the development of face forgery detection methods. These methods aim to distinguish forged faces from genuine ones and have…

Computer Vision and Pattern Recognition · Computer Science 2024-02-20 Jiawei Liang , Siyuan Liang , Aishan Liu , Xiaojun Jia , Junhao Kuang , Xiaochun Cao

Text-to-image diffusion models can generate realistic images based on textual inputs, enabling users to convey their opinions visually through language. Meanwhile, within language, emotion plays a crucial role in expressing personal…

Computer Vision and Pattern Recognition · Computer Science 2025-10-31 Tianyu Wei , Shanmin Pang , Qi Guo , Yizhuo Ma , Xiaofeng Cao , Qing Guo

Backdoor attacks pose a significant security threat to natural language processing (NLP) systems, but existing methods lack explainable trigger mechanisms and fail to quantitatively model vulnerability patterns. This work pioneers the…

Cryptography and Security · Computer Science 2025-09-24 Gejian Zhao , Hanzhou Wu , Xinpeng Zhang

Unified autoregressive models (UAMs) are transformer models that generate text as well as image tokens within a single autoregressive pass. Shared parameters and a multimodal vocabulary simplify the training pipeline and facilitate flexible…

Cryptography and Security · Computer Science 2026-05-20 Tobias Braun , Jonas Henry Grebe , Hossein Shakibania , Anna Rohrbach , Marcus Rohrbach

Backdoor poisoning attacks behave counter-intuitively in high dimensions: stronger training triggers can help the defender. We study regularised generalised linear models on Gaussian-mixture data in the proportional regime ($p/n \to…

Machine Learning · Computer Science 2026-05-22 Donald Flynn , Hadas Yaron Goldhirsh , Jonathan P. Keating , Inbar Seroussi
‹ Prev 1 3 4 5 6 7 10 Next ›