English
Related papers

Related papers: Self-Purification Mitigates Backdoors in Multimoda…

200 papers

While Diffusion Language Models (DLMs) are theoretically well-suited for iterative refinement due to their non-causal structure, they often fail to reliably revise incorrect tokens in practice. The key challenge lies in the model's…

Machine Learning · Computer Science 2026-01-30 Shuibai Zhang , Fred Zhangzhi Peng , Yiheng Zhang , Jin Pan , Grigorios G. Chrysos

Deep neural networks (DNNs) have progressed rapidly during the past decade and have been deployed in various real-world applications. Meanwhile, DNN models have been shown to be vulnerable to security and privacy attacks. One such attack…

Cryptography and Security · Computer Science 2021-10-06 Xiaoyi Chen , Ahmed Salem , Dingfan Chen , Michael Backes , Shiqing Ma , Qingni Shen , Zhonghai Wu , Yang Zhang

Diffusion language models (DLMs) generate tokens in parallel through iterative denoising, which can reduce latency and enable bidirectional conditioning. However, the safety risks posed by jailbreak attacks that exploit this inference…

Artificial Intelligence · Computer Science 2026-02-18 Shojiro Yamabe , Jun Sakuma

Diffusion-based purification defenses leverage diffusion models to remove crafted perturbations of adversarial examples and achieve state-of-the-art robustness. Recent studies show that even advanced attacks cannot break such defenses…

Cryptography and Security · Computer Science 2024-01-05 Mintong Kang , Dawn Song , Bo Li

Dataset distillation (DD) enhances training efficiency and reduces bandwidth by condensing large datasets into smaller synthetic ones. It enables models to achieve performance comparable to those trained on the raw full dataset and has…

Cryptography and Security · Computer Science 2025-02-07 Ziyuan Yang , Ming Yan , Yi Zhang , Joey Tianyi Zhou

Deep Neural Networks (DNNs) are shown to be vulnerable to backdoor poisoning attacks, with most research focusing on digital triggers -- artificial patterns added to test-time inputs to induce targeted misclassification. Physical triggers,…

Cryptography and Security · Computer Science 2025-08-18 Thinh Dao , Khoa D Doan , Kok-Seng Wong

Natural language processing (NLP) models are known to be vulnerable to backdoor attacks, which poses a newly arisen threat to NLP models. Prior online backdoor defense methods for NLP models only focus on the anomalies at either the input…

Computation and Language · Computer Science 2022-10-17 Sishuo Chen , Wenkai Yang , Zhiyuan Zhang , Xiaohan Bi , Xu Sun

Modern language models remain vulnerable to backdoor attacks via poisoned data, where training inputs containing a trigger are paired with a target output, causing the model to reproduce that behavior whenever the trigger appears at…

Cryptography and Security · Computer Science 2026-01-06 Eric Xue , Ruiyi Zhang , Pengtao Xie

The pre-training of large language models (LLMs) relies on massive text datasets sourced from diverse and difficult-to-curate origins. Although membership inference attacks and hidden canaries have been explored to trace data usage, such…

Cryptography and Security · Computer Science 2025-06-19 Wassim Bouaziz , Mathurin Videau , Nicolas Usunier , El-Mahdi El-Mhamdi

Jailbreak attacks pose persistent threats to large language models (LLMs). Current safety alignment methods have attempted to address these issues, but they experience two significant limitations: insufficient safety alignment depth and…

Cryptography and Security · Computer Science 2025-09-19 Yuanbo Xie , Yingjie Zhang , Tianyun Liu , Duohe Ma , Tingwen Liu

Large-scale unlabeled data has spurred recent progress in self-supervised learning methods that learn rich visual representations. State-of-the-art self-supervised methods for learning representations from images (e.g., MoCo, BYOL, MSF) use…

Computer Vision and Pattern Recognition · Computer Science 2022-06-10 Aniruddha Saha , Ajinkya Tejankar , Soroush Abbasi Koohpayegani , Hamed Pirsiavash

The prompt-based learning paradigm, which bridges the gap between pre-training and fine-tuning, achieves state-of-the-art performance on several NLP tasks, particularly in few-shot settings. Despite being widely applied, prompt-based…

Computation and Language · Computer Science 2024-02-05 Shuai Zhao , Jinming Wen , Luu Anh Tuan , Junbo Zhao , Jie Fu

Backdoor attacks pose an increasingly severe security threat to Deep Neural Networks (DNNs) during their development stage. In response, backdoor sample purification has emerged as a promising defense mechanism, aiming to eliminate backdoor…

Cryptography and Security · Computer Science 2024-05-21 Biao Yi , Sishuo Chen , Yiming Li , Tong Li , Baolei Zhang , Zheli Liu

Backdoor attacks, which maliciously control a well-trained model's outputs of the instances with specific triggers, are recently shown to be serious threats to the safety of reusing deep neural networks (DNNs). In this work, we propose an…

Computation and Language · Computer Science 2021-10-18 Wenkai Yang , Yankai Lin , Peng Li , Jie Zhou , Xu Sun

Backdoor attacks inject poisoned samples into the training data, resulting in the misclassification of the poisoned input during a model's deployment. Defending against such attacks is challenging, especially for real-world black-box models…

Computer Vision and Pattern Recognition · Computer Science 2023-10-31 Yucheng Shi , Mengnan Du , Xuansheng Wu , Zihan Guan , Jin Sun , Ninghao Liu

Interest in poisoning attacks and backdoors recently resurfaced for Deep Learning (DL) applications. Several successful defense mechanisms have been recently proposed for Convolutional Neural Networks (CNNs), for example in the context of…

Cryptography and Security · Computer Science 2020-04-07 Maximilian Bachl , Alexander Hartl , Joachim Fabini , Tanja Zseby

Natural language processing (NLP) systems have been proven to be vulnerable to backdoor attacks, whereby hidden features (backdoors) are trained into a language model and may only be activated by specific inputs (called triggers), to trick…

Computation and Language · Computer Science 2021-09-29 Shaofeng Li , Hui Liu , Tian Dong , Benjamin Zi Hao Zhao , Minhui Xue , Haojin Zhu , Jialiang Lu

Denoising Diffusion Probabilistic Models (DDPMs) have gained great attention in adversarial purification. Current diffusion-based works focus on designing effective condition-guided mechanisms while ignoring a fundamental problem, i.e., the…

Computer Vision and Pattern Recognition · Computer Science 2024-12-02 Jiancheng Zhang , Peiran Dong , Yongyong Chen , Yin-Ping Zhao , Song Guo

Deep neural networks are vulnerable to backdoor attacks, a type of adversarial attack that poisons the training data to manipulate the behavior of models trained on such data. Clean-label attacks are a more stealthy form of backdoor attacks…

Machine Learning · Computer Science 2024-07-17 Quang H. Nguyen , Nguyen Ngoc-Hieu , The-Anh Ta , Thanh Nguyen-Tang , Kok-Seng Wong , Hoang Thanh-Tung , Khoa D. Doan

Large language model (LLM) safety is a critical issue, with numerous studies employing red team testing to enhance model security. Among these, jailbreak methods explore potential vulnerabilities by crafting malicious prompts that induce…

Computation and Language · Computer Science 2025-03-07 Honglin Mu , Han He , Yuxin Zhou , Yunlong Feng , Yang Xu , Libo Qin , Xiaoming Shi , Zeming Liu , Xudong Han , Qi Shi , Qingfu Zhu , Wanxiang Che