English
Related papers

Related papers: Self-Purification Mitigates Backdoors in Multimoda…

200 papers

Backdoor attacks have emerged as a prominent threat to natural language processing (NLP) models, where the presence of specific triggers in the input can lead poisoned models to misclassify these inputs to predetermined target classes.…

Cryptography and Security · Computer Science 2023-10-30 Lu Yan , Zhuo Zhang , Guanhong Tao , Kaiyuan Zhang , Xuan Chen , Guangyu Shen , Xiangyu Zhang

Safety, security, and compliance are essential requirements when aligning large language models (LLMs). However, many seemingly aligned LLMs are soon shown to be susceptible to jailbreak attacks. These attacks aim to circumvent the models'…

Cryptography and Security · Computer Science 2025-06-05 Chen Xiong , Xiangyu Qi , Pin-Yu Chen , Tsung-Yi Ho

In a backdoor attack, an adversary injects corrupted data into a model's training dataset in order to gain control over its predictions on images with a specific attacker-defined trigger. A typical corrupted training example requires…

Machine Learning · Computer Science 2023-10-31 Rishi D. Jha , Jonathan Hayase , Sewoong Oh

Recent studies on backdoor attacks in model training have shown that polluting a small portion of training data is sufficient to produce incorrect manipulated predictions on poisoned test-time data while maintaining high clean accuracy in…

Machine Learning · Computer Science 2023-01-24 Soumyadeep Pal , Ren Wang , Yuguang Yao , Sijia Liu

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), such that the attacked model performs well on benign samples, whereas its prediction will be maliciously changed if the hidden backdoor is activated by the…

Cryptography and Security · Computer Science 2022-04-13 Shaik Mohammed Maqsood , Viveros Manuela Ceron , Addluri GowthamKrishna

Deep learning models have been widely used in commercial acoustic systems in recent years. However, adversarial audio examples can cause abnormal behaviors for those acoustic systems, while being hard for humans to perceive. Various…

Sound · Computer Science 2023-03-06 Shutong Wu , Jiongxiao Wang , Wei Ping , Weili Nie , Chaowei Xiao

Parameter-efficient fine-tuning (PEFT) can bridge the gap between large language models (LLMs) and downstream tasks. However, PEFT has been proven vulnerable to malicious attacks. Research indicates that poisoned LLMs, even after PEFT,…

Computation and Language · Computer Science 2025-05-21 Shuai Zhao , Xiaobao Wu , Cong-Duy Nguyen , Yanhao Jia , Meihuizi Jia , Yichao Feng , Luu Anh Tuan

Split Learning (SL) offers a framework for collaborative model training that respects data privacy by allowing participants to share the same dataset while maintaining distinct feature sets. However, SL is susceptible to backdoor attacks,…

Cryptography and Security · Computer Science 2026-01-27 Zhihao Dou , Dongfei Cui , Weida Wang , Anjun Gao , Yueyang Quan , Mengyao Ma , Viet Vo , Guangdong Bai , Zhuqing Liu , Minghong Fang

Large Language Models (LLMs) are increasingly embedded in autonomous systems and public-facing environments, yet they remain susceptible to jailbreak vulnerabilities that may undermine their security and trustworthiness. Adversarial…

Machine Learning · Computer Science 2025-05-15 David Khachaturov , Robert Mullins

It has been widely observed that deep neural networks (DNN) are vulnerable to backdoor attacks where attackers could manipulate the model behavior maliciously by tampering with a small set of training samples. Although a line of defense…

Machine Learning · Computer Science 2023-10-24 Rui Min , Zeyu Qin , Li Shen , Minhao Cheng

With the advent and widespread deployment of Multimodal Large Language Models (MLLMs), the imperative to ensure their safety has become increasingly pronounced. However, with the integration of additional modalities, MLLMs are exposed to…

Cryptography and Security · Computer Science 2024-03-15 Yu Wang , Xiaogeng Liu , Yu Li , Muhao Chen , Chaowei Xiao

With the broad application of deep neural networks (DNNs), backdoor attacks have gradually attracted attention. Backdoor attacks are insidious, and poisoned models perform well on benign samples and are only triggered when given specific…

Machine Learning · Computer Science 2022-07-12 Chang Yue , Peizhuo Lv , Ruigang Liang , Kai Chen

Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural…

Cryptography and Security · Computer Science 2025-07-18 Victoria Childress , Josh Collyer , Jodie Knapp

Because state-of-the-art language models are expensive to train, most practitioners must make use of one of the few publicly available language models or language model APIs. This consolidation of trust increases the potency of backdoor…

Cryptography and Security · Computer Science 2023-07-28 Nikhil Kandpal , Matthew Jagielski , Florian Tramèr , Nicholas Carlini

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Diffusion language models (DLMs) are an attractive alternative to autoregressive models because they promise sublinear-time, parallel generation, yet practical gains remain elusive as high-quality samples still demand hundreds of refinement…

Machine Learning · Computer Science 2026-05-04 Hasan Amin , Yuan Gao , Yaser Souri , Subhojit Som , Ming Yin , Rajiv Khanna , Xia Song

Recent advances in deep neural networks (DNNs) have led to remarkable success across a wide range of tasks. However, their susceptibility to adversarial perturbations remains a critical vulnerability. Existing diffusion-based adversarial…

Computer Vision and Pattern Recognition · Computer Science 2025-09-18 Chihan Huang , Belal Alsinglawi , Islam Al-qudah

Contrastive language-image pretraining (CLIP) has been found to be vulnerable to poisoning backdoor attacks where the adversary can achieve an almost perfect attack success rate on CLIP models by poisoning only 0.01\% of the training…

Machine Learning · Computer Science 2025-02-11 Hanxun Huang , Sarah Erfani , Yige Li , Xingjun Ma , James Bailey

Backdoor attacks pose a critical threat by embedding hidden triggers into inputs, causing models to misclassify them into target labels. While extensive research has focused on mitigating these attacks in object recognition models through…

Computer Vision and Pattern Recognition · Computer Science 2025-04-09 Kyle Stein , Andrew Arash Mahyari , Guillermo Francia , Eman El-Sheikh

Deep neural networks have been widely used in many critical applications, such as autonomous vehicles and medical diagnosis. However, their security is threatened by backdoor attacks, which are achieved by adding artificial patterns to…

Machine Learning · Computer Science 2024-02-26 Dong Huang , Qingwen Bu