Defense Method

Defense methods in machine learning aim to protect models from various adversarial attacks, including data poisoning, model stealing, and evasion attacks targeting specific model architectures like Graph Neural Networks (GNNs) and Large Language Models (LLMs). Current research focuses on developing robust and efficient defenses, often employing techniques such as contrastive learning, gradient masking, prompt engineering, and data augmentation, alongside the development of novel algorithms like LayerCAM-AE and UNIT. These advancements are crucial for ensuring the reliability and security of machine learning systems across diverse applications, ranging from cybersecurity to healthcare and finance.

Papers

November 12, 2024

New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook
Meng Yang, Tianqing Zhu, Chi Liu, WanLei Zhou, Shui Yu, Philip S. Yu
Timely Survey Pre Trained Model Privacy Policy Defense Method Outlook Attention Security Challenge Security Risk

October 23, 2024

Guide for Defense (G4D): Dynamic Guidance for Robust and Balanced Defense in Large Language Models
He Cao, Weidi Luo, Yu Wang, Zijing Liu, Bing Feng, Yuan Yao, Yu Li
Multi Agent Robust Version Jailbreak Attack Defense Method

October 20, 2024

The Best Defense is a Good Offense: Countering LLM-Powered Cyberattacks
Daniel Ayzenshteyn, Roy Weiss, Yisroel Mirsky
LLM Safety Defense Method Autonomous Cyber LLM Attack

October 10, 2024

RAB$^2$-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients
Nuria Rodríguez-Barroso, M. Victoria Luzón, Francisco Herrera
Adversarial Attack State of the Art Defense Defense Method

October 8, 2024

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification
Wenhan Zhang, Meiyu Zhong, Ravi Tandon, Marwan Krunz
Adversarial Attack Randomized Smoothing Defense Method Wireless Signal Modulation Classification

August 29, 2024

SFR-GNN: Simple and Fast Robust GNNs against Structural Attacks
Xing Ai, Guanyu Zhu, Yulin Zhu, Yu Zheng, Gaolei Li, Jianhua Li, Kai Zhou
Graph Neural Network Gene Level GNN Defense Method Structural Attack Robust Graph Neural Network

August 15, 2024

July 16, 2024

UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening
Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Guanhong Tao, Shengwei An, Hanxi Guo, Shiqing Ma, Xiangyu Zhang
Deep Neural Network Backdoor Attack Distribution Alignment Defense Method Basic UniT Backdoor Effect Activation Compression

June 14, 2024

PID: Prompt-Independent Data Protection Against Latent Diffusion Models
Ang Li, Yichuan Mo, Mingjie Li, Yisen Wang
Latent Diffusion Model Defense Method Prompt Based

June 2, 2024

A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder
Jingjing Zheng, Xin Yuan, Kai Li, Wei Ni, Eduardo Tovar, Jon Crowcroft
Supervised Autoencoder Poisoning Attack Class Activation Autoencoder Model Defense Method Malicious Model

May 28, 2024

Defending Large Language Models Against Jailbreak Attacks via Layer-specific Editing
Wei Zhao, Zhe Li, Yige Li, Ye Zhang, Jun Sun
Large Language Model Jailbreak Attack Adversarial Prompt Defense Method Unsafe Input Safety Layer Layer Feature

April 17, 2024

GenFighter: A Generative and Evolutive Textual Attack Removal
Md Athikul Islam, Edoardo Serra, Sushil Jajodia
Adversarial Attack Adversarial Robustness Generative Question State of the Art Defense Defense Method Textual Attack

April 8, 2024

March 18, 2024

Invisible Backdoor Attack Through Singular Value Decomposition
Wenmin Chen, Xiaowei Xu
Backdoor Attack Singular Value Decomposition Defense Method Invisible Backdoor Attack

March 14, 2024

Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks
Roey Bokobza, Yisroel Mirsky
Adversarial Example Black Box Attack Defense Method Black Box Adversarial Attack Unlabeled Client

March 5, 2024

Mitigating Label Flipping Attacks in Malicious URL Detectors Using Ensemble Trees
Ehsan Nowroozi, Nada Jadalla, Samaneh Ghelichkhani, Alireza Jolfaei
Backdoor Attack Defense Method Adversarial Threat Label Flipping Attack Url Detection Adversarial Event

February 21, 2024

A Simple and Yet Fairly Effective Defense for Graph Neural Networks
Sofiane Ennadir, Yassine Abbahaddou, Johannes F. Lutzeyer, Michalis Vazirgiannis, Henrik Boström
Graph Neural Network Defense Method Adversarial Defense DNN Robustness

January 30, 2024

Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks
Lulu Xue, Shengshan Hu, Ruizhi Zhao, Leo Yu Zhang, Shengqing Hu, Lichao Sun, Dezhong Yao
Differential Privacy Gradient Inversion Attack Defense Method Gradient Attack Perturbation Defense Gradient Pruning

Defense Method

Papers

New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook

Guide for Defense (G4D): Dynamic Guidance for Robust and Balanced Defense in Large Language Models

The Best Defense is a Good Offense: Countering LLM-Powered Cyberattacks

RAB$^2$-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification

SFR-GNN: Simple and Fast Robust GNNs against Structural Attacks

Random Gradient Masking as a Defensive Measure to Deep Leakage in Federated Learning

Prefix Guidance: A Steering Wheel for Large Language Models to Defend Against Jailbreak Attacks

UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening

PID: Prompt-Independent Data Protection Against Latent Diffusion Models

A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder

Defending Large Language Models Against Jailbreak Attacks via Layer-specific Editing

GenFighter: A Generative and Evolutive Textual Attack Removal

Eraser: Jailbreaking Defense in Large Language Models via Unlearning Harmful Knowledge

SoK: Gradient Leakage in Federated Learning

Invisible Backdoor Attack Through Singular Value Decomposition

Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks

Mitigating Label Flipping Attacks in Malicious URL Detectors Using Ensemble Trees

A Simple and Yet Fairly Effective Defense for Graph Neural Networks

Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks