English
Related papers

Related papers: Poisoned Acoustics

200 papers

Predictions of certifiably robust classifiers remain constant in a neighborhood of a point, making them resilient to test-time attacks with a guarantee. In this work, we present a previously unrecognized threat to robust machine learning…

Machine Learning · Computer Science 2021-03-31 Akshay Mehra , Bhavya Kailkhura , Pin-Yu Chen , Jihun Hamm

Deep learning (DL) models for natural language-to-code generation have become integral to modern software development pipelines. However, their heavy reliance on large amounts of data, often collected from unsanitized online sources,…

Cryptography and Security · Computer Science 2025-09-01 Cristina Improta

Backdoor and data poisoning attacks can achieve high attack success while evading existing spectral and optimisation based defences. We show that this behaviour is not incidental, but arises from a fundamental geometric mechanism in input…

Machine Learning · Statistics 2026-02-03 Diego Granziol

Backdoor attacks pose a new threat to NLP models. A standard strategy to construct poisoned data in backdoor attacks is to insert triggers (e.g., rare words) into selected sentences and alter the original label to a target label. This…

Computation and Language · Computer Science 2022-04-28 Leilei Gan , Jiwei Li , Tianwei Zhang , Xiaoya Li , Yuxian Meng , Fei Wu , Yi Yang , Shangwei Guo , Chun Fan

Backdoor attacks insert malicious data into a training set so that, during inference time, it misclassifies inputs that have been patched with a backdoor trigger as the malware specified label. For backdoor attacks to bypass human…

Cryptography and Security · Computer Science 2022-04-18 Yi Zeng , Minzhou Pan , Hoang Anh Just , Lingjuan Lyu , Meikang Qiu , Ruoxi Jia

This paper demonstrates a fatal vulnerability in natural language inference (NLI) and text classification systems. More concretely, we present a 'backdoor poisoning' attack on NLP models. Our poisoning attack utilizes conditional…

Computation and Language · Computer Science 2020-10-07 Alvin Chan , Yi Tay , Yew-Soon Ong , Aston Zhang

Indiscriminate data poisoning attacks aim to decrease a model's test accuracy by injecting a small amount of corrupted training data. Despite significant interest, existing attacks remain relatively ineffective against modern machine…

Machine Learning · Computer Science 2023-06-07 Yiwei Lu , Gautam Kamath , Yaoliang Yu

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

Adversarial training is widely believed to be a reliable approach to improve model robustness against adversarial attack. However, in this paper, we show that when trained on one type of poisoned data, adversarial training can also be…

Machine Learning · Computer Science 2021-11-22 Zhirui Wang , Yifei Wang , Yisen Wang

Deep neural networks (DNNs) have been widely and successfully adopted and deployed in various applications of speech recognition. Recently, a few works revealed that these models are vulnerable to backdoor attacks, where the adversaries can…

Sound · Computer Science 2023-07-18 Hanbo Cai , Pengcheng Zhang , Hai Dong , Yan Xiao , Stefanos Koffas , Yiming Li

Data Poisoning attacks modify training data to maliciously control a model trained on such data. In this work, we focus on targeted poisoning attacks which cause a reclassification of an unmodified test image and as such breach model…

Computer Vision and Pattern Recognition · Computer Science 2021-05-11 Jonas Geiping , Liam Fowl , W. Ronny Huang , Wojciech Czaja , Gavin Taylor , Michael Moeller , Tom Goldstein

Data poisoning is one of the most relevant security threats against machine learning and data-driven technologies. Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into…

Cryptography and Security · Computer Science 2021-12-01 Nicolas M. Müller , Simon Roschmann , Konstantin Böttinger

We investigate security concerns of the emergent instruction tuning paradigm, that models are trained on crowdsourced datasets with task instructions to achieve superior performance. Our studies demonstrate that an attacker can inject…

Computation and Language · Computer Science 2024-04-04 Jiashu Xu , Mingyu Derek Ma , Fei Wang , Chaowei Xiao , Muhao Chen

Adversarial training (AT) is a robust learning algorithm that can defend against adversarial attacks in the inference phase and mitigate the side effects of corrupted data in the training phase. As such, it has become an indispensable…

Cryptography and Security · Computer Science 2023-05-02 Jingfeng Zhang , Bo Song , Bo Han , Lei Liu , Gang Niu , Masashi Sugiyama

The pre-training of large language models (LLMs) relies on massive text datasets sourced from diverse and difficult-to-curate origins. Although membership inference attacks and hidden canaries have been explored to trace data usage, such…

Cryptography and Security · Computer Science 2025-06-19 Wassim Bouaziz , Mathurin Videau , Nicolas Usunier , El-Mahdi El-Mhamdi

We propose a novel clustering mechanism based on an incompatibility property between subsets of data that emerges during model training. This mechanism partitions the dataset into subsets that generalize only to themselves, i.e., training…

Machine Learning · Computer Science 2023-04-28 Charles Jin , Melinda Sun , Martin Rinard

We introduce a novel clean-label targeted poisoning attack on learning mechanisms. While classical poisoning attacks typically corrupt data via addition, modification and omission, our attack focuses on data omission only. Our attack…

Machine Learning · Computer Science 2021-05-06 Guy Barash , Eitan Farchi , Sarit Kraus , Onn Shehory

Protecting the use of audio datasets is a major concern for data owners, particularly with the recent rise of audio deep learning models. While watermarks can be used to protect the data itself, they do not allow to identify a deep learning…

Cryptography and Security · Computer Science 2025-03-14 Wassim Bouaziz , El-Mahdi El-Mhamdi , Nicolas Usunier

Graph-based Semi-Supervised Learning (GSSL) is a practical solution to learn from a limited amount of labelled data together with a vast amount of unlabelled data. However, due to their reliance on the known labels to infer the unknown…

Machine Learning · Computer Science 2022-05-12 Adriano Franci , Maxime Cordy , Martin Gubri , Mike Papadakis , Yves Le Traon

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang