English
Related papers

Related papers: BadRSSD: Backdoor Attacks on Regularized Self-Supe…

200 papers

Deep learning models are susceptible to {\em backdoor attacks} involving malicious attackers perturbing a small subset of training data with a {\em trigger} to causes misclassifications. Various triggers have been used, including semantic…

Computer Vision and Pattern Recognition · Computer Science 2025-03-28 Venkat Adithya Amula , Sunayana Samavedam , Saurabh Saini , Avani Gupta , Narayanan P J

Agent ecosystems increasingly rely on installable skills to extend functionality, and some skills bundle learned model artifacts as part of their execution logic. This creates a supply-chain risk that is not captured by prompt injection or…

Cryptography and Security · Computer Science 2026-04-13 Guiyao Tie , Jiawen Shi , Pan Zhou , Lichao Sun

Text-to-image diffusion models have been widely adopted in real-world applications due to their ability to generate realistic images from textual descriptions. However, recent studies have shown that these methods are vulnerable to backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-08-29 Oscar Chew , Po-Yi Lu , Jayden Lin , Hsuan-Tien Lin

The rapid advancement of diffusion models has enhanced their image inpainting and editing capabilities but also introduced significant societal risks. Adversaries can exploit user images from social media to generate misleading or harmful…

Computer Vision and Pattern Recognition · Computer Science 2025-05-27 Yuhao He , Jinyu Tian , Haiwei Wu , Jianqing Li

The backdoor attack poses a new security threat to deep neural networks. Existing backdoor often relies on visible universal trigger to make the backdoored model malfunction, which are not only usually visually suspicious to human but also…

Cryptography and Security · Computer Science 2024-12-24 Xiangqi Wang , Mingfu Xue , Kewei Chen , Jing Xu , Wenmao Liu , Leo Yu Zhang , Yushu Zhang

A security threat to deep neural networks (DNN) is backdoor contamination, in which an adversary poisons the training data of a target model to inject a Trojan so that images carrying a specific trigger will always be classified into a…

Cryptography and Security · Computer Science 2020-12-11 Di Tang , XiaoFeng Wang , Haixu Tang , Kehuan Zhang

Consistency models are a new class of models that generate images by directly mapping noise to data, allowing for one-step generation and significantly accelerating the sampling process. However, their robustness against adversarial attacks…

Cryptography and Security · Computer Science 2025-02-18 Chengen Wang , Murat Kantarcioglu

Backdoor attacks implant hidden behaviors into models by poisoning training data or modifying the model directly. These attacks aim to maintain high accuracy on benign inputs while causing misclassification when a specific trigger is…

Cryptography and Security · Computer Science 2025-12-10 Jianyao Yin , Luca Arnaboldi , Honglong Chen , Pascal Berrang , Mark Ryan

Diffusion models have emerged as state-of-the-art generative frameworks, excelling in producing high-quality multi-modal samples. However, recent studies have revealed their vulnerability to backdoor attacks, where backdoored models…

Computer Vision and Pattern Recognition · Computer Science 2025-03-04 Vu Tuan Truong , Long Bao Le

Modern NLP models are often trained on public datasets drawn from diverse sources, rendering them vulnerable to data poisoning attacks. These attacks can manipulate the model's behavior in ways engineered by the attacker. One such tactic…

Computation and Language · Computer Science 2024-05-21 Xuanli He , Qiongkai Xu , Jun Wang , Benjamin I. P. Rubinstein , Trevor Cohn

Recently, backdoor attacks pose a new security threat to the training process of deep neural networks (DNNs). Attackers intend to inject hidden backdoors into DNNs, such that the attacked model performs well on benign samples, whereas its…

Cryptography and Security · Computer Science 2021-08-16 Yuezun Li , Yiming Li , Baoyuan Wu , Longkang Li , Ran He , Siwei Lyu

Recently, self-supervised learning (SSL) was shown to be vulnerable to patch-based data poisoning backdoor attacks. It was shown that an adversary can poison a small part of the unlabeled data so that when a victim trains an SSL model on…

Computer Vision and Pattern Recognition · Computer Science 2023-04-05 Ajinkya Tejankar , Maziar Sanjabi , Qifan Wang , Sinong Wang , Hamed Firooz , Hamed Pirsiavash , Liang Tan

The widespread adoption of deep learning across various industries has introduced substantial challenges, particularly in terms of model explainability and security. The inherent complexity of deep learning models, while contributing to…

Cryptography and Security · Computer Science 2025-01-08 Kealan Dunnett , Reza Arablouei , Dimity Miller , Volkan Dedeoglu , Raja Jurdak

Backdoor (trojan) attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly…

Cryptography and Security · Computer Science 2025-09-10 Bilal Hussain Abbasi , Yanjun Zhang , Leo Zhang , Shang Gao

Diffusion models (DMs) are regarded as one of the most advanced generative models today, yet recent studies suggest that they are vulnerable to backdoor attacks, which establish hidden associations between particular input patterns and…

Cryptography and Security · Computer Science 2024-08-23 Jiang Hao , Xiao Jin , Hu Xiaoguang , Chen Tianyou , Zhao Jiajia

Pretrained language models have significantly advanced performance across various natural language processing tasks. However, adversarial attacks continue to pose a critical challenge to systems built using these models, as they can be…

Computation and Language · Computer Science 2025-05-20 Zhenhao Li , Huichi Zhou , Marek Rei , Lucia Specia

Standard evaluations of backdoor attacks on text-to-image (T2I) models primarily measure trigger activation and visual fidelity. We challenge this paradigm, demonstrating that encoder-side poisoning induces persistent, trigger-free semantic…

Cryptography and Security · Computer Science 2026-02-25 Shenyang Chen , Liuwan Zhu

Backdoor attacks against pre-trained models (PTMs) have traditionally operated under an ``immediacy assumption,'' where malicious behavior manifests instantly upon trigger occurrence. This work revisits and challenges this paradigm by…

Cryptography and Security · Computer Science 2026-03-13 Zikang Ding , Haomiao Yang , Meng Hao , Wenbo Jiang , Kunlan Xiang , Runmeng Du , Yijing Liu , Ruichen Zhang , Dusit Niyato

With the widespread application of deep learning across various domains, concerns about its security have grown significantly. Among these, backdoor attacks pose a serious security threat to deep neural networks (DNNs). In recent years,…

Cryptography and Security · Computer Science 2024-03-21 Wenmin Chen , Xiaowei Xu

Deep learning models in computational pathology often fail to generalize across cohorts and institutions due to domain shift. Existing approaches either fail to leverage unlabeled data from the target domain or rely on image-to-image…

Computer Vision and Pattern Recognition · Computer Science 2026-01-27 Tengyue Zhang , Ruiwen Ding , Luoting Zhuang , Yuxiao Wu , Erika F. Rodriguez , William Hsu