Defense Method

Defense methods in machine learning aim to protect models from various adversarial attacks, including data poisoning, model stealing, and evasion attacks targeting specific model architectures like Graph Neural Networks (GNNs) and Large Language Models (LLMs). Current research focuses on developing robust and efficient defenses, often employing techniques such as contrastive learning, gradient masking, prompt engineering, and data augmentation, alongside the development of novel algorithms like LayerCAM-AE and UNIT. These advancements are crucial for ensuring the reliability and security of machine learning systems across diverse applications, ranging from cybersecurity to healthcare and finance.

Papers

January 11, 2025

SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning
Phillip Rieger, Alessandro Pegoraro, Kavita Kumari, Tigist Abera, Jonathan Knauer, Ahmad-Reza Sadeghi
LeArning Abstract Backdoor Attack Split Learning Backdoor Defense Split and Fit Defense Method

January 8, 2025

Gradient Purification: Defense Against Poisoning Attack in Decentralized Federated Learning
Bin Li, Xiaoye Miao, Yongheng Shang, Xinkui Zhao, Shuiguang Deng, Jianwei Yin
Poisoning Attack State of the Art Defense Defense Method Malicious Client Diffusion Purification

December 29, 2024

Attacks on the neural network and defense methods
A. Korenev, G. Belokrylov, B. Lodonova, A. Novokhrestov
Neural Network New Attack Audio Data Data Poisoning Defense Method

December 10, 2024

FlexLLM: Exploring LLM Customization for Moving Target Defense on Black-Box LLMs Against Jailbreak Attacks
Bocheng Chen, Hanqing Guo, Qiben Yan
Large Language Model Jailbreak Attack Defense Method Black Box Large Language Model LLM Personalization Moving Target Defense

December 2, 2024

CopyrightShield: Spatial Similarity Guided Backdoor Defense against Copyright Infringement in Diffusion Models
Zhixiang Guo, Siyuan Liang, Aishan Liu, Dacheng Tao
Diffusion Model Backdoor Defense Copyright Protection Defense Method Copyright Violation

November 14, 2024

Combining Machine Learning Defenses without Conflicts
Vasisht Duddu, Rui Zhang, N. Asokan
Machine Learning Defense Method Conflict Classification Item Combination

November 12, 2024

New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook
Meng Yang, Tianqing Zhu, Chi Liu, WanLei Zhou, Shui Yu, Philip S. Yu
Timely Survey Pre Trained Model Privacy Policy Defense Method Outlook Attention Security Challenge Security Risk

October 23, 2024

Guide for Defense (G4D): Dynamic Guidance for Robust and Balanced Defense in Large Language Models
He Cao, Weidi Luo, Yu Wang, Zijing Liu, Bing Feng, Yuan Yao, Yu Li
Multi Agent Robust Version Jailbreak Attack Defense Method

October 20, 2024

The Best Defense is a Good Offense: Countering LLM-Powered Cyberattacks
Daniel Ayzenshteyn, Roy Weiss, Yisroel Mirsky
LLM Safety Defense Method Autonomous Cyber LLM Attack

October 10, 2024

RAB$^2$-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients
Nuria Rodríguez-Barroso, M. Victoria Luzón, Francisco Herrera
Adversarial Attack State of the Art Defense Defense Method

October 8, 2024

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification
Wenhan Zhang, Meiyu Zhong, Ravi Tandon, Marwan Krunz
Adversarial Attack Randomized Smoothing Defense Method Wireless Signal Modulation Classification

August 29, 2024

SFR-GNN: Simple and Fast Robust GNNs against Structural Attacks
Xing Ai, Guanyu Zhu, Yulin Zhu, Yu Zheng, Gaolei Li, Jianhua Li, Kai Zhou
Graph Neural Network Gene Level GNN Defense Method Structural Attack Robust Graph Neural Network

August 15, 2024

July 16, 2024

UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening
Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Guanhong Tao, Shengwei An, Hanxi Guo, Shiqing Ma, Xiangyu Zhang
Deep Neural Network Backdoor Attack Distribution Alignment Defense Method Basic UniT Backdoor Effect Activation Compression

June 14, 2024

PID: Prompt-Independent Data Protection Against Latent Diffusion Models
Ang Li, Yichuan Mo, Mingjie Li, Yisen Wang
Latent Diffusion Model Defense Method Prompt Based

June 2, 2024

A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder
Jingjing Zheng, Xin Yuan, Kai Li, Wei Ni, Eduardo Tovar, Jon Crowcroft
Supervised Autoencoder Poisoning Attack Class Activation Autoencoder Model Defense Method Malicious Model

May 28, 2024

Defending Large Language Models Against Jailbreak Attacks via Layer-specific Editing
Wei Zhao, Zhe Li, Yige Li, Ye Zhang, Jun Sun
Large Language Model Jailbreak Attack Adversarial Prompt Defense Method Unsafe Input Safety Layer Layer Feature

April 17, 2024

GenFighter: A Generative and Evolutive Textual Attack Removal
Md Athikul Islam, Edoardo Serra, Sushil Jajodia
Adversarial Attack Adversarial Robustness Generative Question State of the Art Defense Defense Method Textual Attack

April 8, 2024

Eraser: Jailbreaking Defense in Large Language Models via Unlearning Harmful Knowledge
Weikai Lu, Ziqian Zeng, Jianwei Wang, Zhengdong Lu, Zelin Chen, Huiping Zhuang, Cen Chen
Jailbreak Attack Harmful Content Defense Method Separable Multi Concept ERASER

Defense Method

Papers

SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning

Gradient Purification: Defense Against Poisoning Attack in Decentralized Federated Learning

Attacks on the neural network and defense methods

FlexLLM: Exploring LLM Customization for Moving Target Defense on Black-Box LLMs Against Jailbreak Attacks

CopyrightShield: Spatial Similarity Guided Backdoor Defense against Copyright Infringement in Diffusion Models

Combining Machine Learning Defenses without Conflicts

New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook

Guide for Defense (G4D): Dynamic Guidance for Robust and Balanced Defense in Large Language Models

The Best Defense is a Good Offense: Countering LLM-Powered Cyberattacks

RAB$^2$-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification

SFR-GNN: Simple and Fast Robust GNNs against Structural Attacks

Random Gradient Masking as a Defensive Measure to Deep Leakage in Federated Learning

Prefix Guidance: A Steering Wheel for Large Language Models to Defend Against Jailbreak Attacks

UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening

PID: Prompt-Independent Data Protection Against Latent Diffusion Models

A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder

Defending Large Language Models Against Jailbreak Attacks via Layer-specific Editing

GenFighter: A Generative and Evolutive Textual Attack Removal

Eraser: Jailbreaking Defense in Large Language Models via Unlearning Harmful Knowledge