Backdoor Attack

Backdoor attacks exploit vulnerabilities in machine learning models by embedding hidden triggers during training, causing the model to produce malicious outputs when the trigger is present. Current research focuses on developing and mitigating these attacks across various model architectures, including deep neural networks, vision transformers, graph neural networks, large language models, and spiking neural networks, with a particular emphasis on understanding attack mechanisms and developing robust defenses in federated learning and generative models. The significance of this research lies in ensuring the trustworthiness and security of increasingly prevalent machine learning systems across diverse applications, ranging from object detection and medical imaging to natural language processing and autonomous systems.

Papers

May 27, 2024

May 26, 2024

Partial train and isolate, mitigate backdoor attack
Yong Li, Han Gao
Neural Network Training Data Backdoor Attack Model Training Social Isolation Partial Execution

May 25, 2024

Breaking the False Sense of Security in Backdoor Defense through Re-Activation Attack
Mingli Zhu, Siyuan Liang, Baoyuan Wu
Backdoor Attack Security Related Backdoor Defense False Sense Transferable Backdoor Attack

May 24, 2024

BadGD: A unified data-centric framework to identify gradient descent vulnerabilities
Chi-Hua Wang, Guang Cheng
Backdoor Attack Robust Defense Untargeted Attack Adversarial Manipulation Processing Framework

May 23, 2024

May 22, 2024

TrojanRAG: Retrieval-Augmented Generation Can Be Backdoor Driver in Large Language Models
Pengzhou Cheng, Yidong Ding, Tianjie Ju, Zongru Wu, Wei Du, Ping Yi, Zhuosheng Zhang, Gongshen Liu
Retrieval Augmented Generation Backdoor Attack

May 21, 2024

May 19, 2024

May 18, 2024

BadActs: A Universal Backdoor Defense in the Activation Space
Biao Yi, Sishuo Chen, Yiming Li, Tong Li, Baolei Zhang, Zheli Liu
Backdoor Attack Activation Space Activation Maximization Backdoor Sample Universal Backdoor Backdoor Purification

May 17, 2024

May 16, 2024

IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency
Linshan Hou, Ruili Feng, Zhongyun Hua, Wei Luo, Leo Yu Zhang, Yiming Li
Backdoor Attack Adaptive Attack Malicious Sample Input Level Backdoor Detection Parameter Oriented Scaling Consistency

May 13, 2024

Simulate and Eliminate: Revoke Backdoors for Generative Large Language Models
Haoran Li, Yulin Chen, Zihao Zheng, Qi Hu, Chunkit Chan, Heshan Liu, Yangqiu Song
Language Model Backdoor Attack Generative Large Language Model Backdoor Removal

May 10, 2024

Concealing Backdoor Model Updates in Federated Learning by Trigger-Optimized Data Poisoning
Yujie Zhang, Neil Gong, Michael K. Reiter
Backdoor Attack Data Poisoning Backdoor Data

May 9, 2024

Poisoning-based Backdoor Attacks for Arbitrary Target Label with Positive Triggers
Binxiao Huang, Jason Chun Lok, Chang Liu, Ngai Wong
Backdoor Attack Backdoor Defense Adversarial Method Backdoor Poisoning Attack Trigger Design Target Class Trigger Warning

May 8, 2024

Explanation as a Watermark: Towards Harmless and Multi-bit Model Ownership Verification via Watermarking Feature Attribution
Shuo Shao, Yiming Li, Hongwei Yao, Yiling He, Zhan Qin, Kui Ren
Backdoor Attack Line by Line Explanation Attribution Map Model Watermarking Model Protection Watermarking Scheme Novel Watermarking Model Ownership Verification

Backdoor Attack

Papers

Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-based Decision-Making Systems

TrojFM: Resource-efficient Backdoor Attacks against Very Large Foundation Models

Partial train and isolate, mitigate backdoor attack

Breaking the False Sense of Security in Backdoor Defense through Re-Activation Attack

BadGD: A unified data-centric framework to identify gradient descent vulnerabilities

Unified Neural Backdoor Removal with Only Few Clean Samples through Unlearning and Relearning

Towards Imperceptible Backdoor Attack in Self-supervised Learning

TrojanRAG: Retrieval-Augmented Generation Can Be Backdoor Driver in Large Language Models

Interactive Simulations of Backdoors in Neural Networks

EmInspector: Combating Backdoor Attacks in Federated Self-Supervised Learning Through Embedding Inspection

SEEP: Training Dynamics Grounds Latent Representation Search for Mitigating Backdoor Poisoning Attacks

An Invisible Backdoor Attack Based On Semantic Feature

BadActs: A Universal Backdoor Defense in the Activation Space

Rethinking Graph Backdoor Attacks: A Distribution-Preserving Perspective

Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers

IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency

Simulate and Eliminate: Revoke Backdoors for Generative Large Language Models

Concealing Backdoor Model Updates in Federated Learning by Trigger-Optimized Data Poisoning

Poisoning-based Backdoor Attacks for Arbitrary Target Label with Positive Triggers

Explanation as a Watermark: Towards Harmless and Multi-bit Model Ownership Verification via Watermarking Feature Attribution