Updated list of Backdoor Learning papers as of January 08, 2026.
🔍 Interactive Search & Browse - Filter, search, and explore all papers with an intuitive interface
- Coverage: Papers from 2016 to present
- Sources: arXiv, NeurIPS, ICML, ICLR, ACL, EMNLP, AAAI, IJCAI, KDD, CVPR, ICCV, ECCV, IEEE, ACM, Springer, ScienceDirect, Nature, and other top AI/ML venues
- Updates: Automated collection of new publications
- Features: Advanced search, code availability tracking, and multi-venue coverage
- Large Language Models | Federated Learning | Backdoor Learning | Machine Unlearning
- Serverless Computing | Multi-Modal Learning
This section lists papers with available code (sorted by publication date). For the complete paper list, visit the Research Papers Page.
If you find this resource helpful, consider supporting its development:
- Ko-fi (PayPal/Card): ko-fi.com/miutheladycat
- Techcombank (Vietnam): 5877 5555 55 (Nguyen Thi Lan Phuong)
This repository is regularly updated. For the latest data, visit the Research Papers Page.
| No. | Title | Authors | Publish Date | Venue | Code |
|---|---|---|---|---|---|
| 1 | ArcGen: Generalizing Neural Backdoor Detection Across Diverse Architectures | Zhonghao Yang, Cheng Luo, Daojing He, Yiming Li, Yu Li | 2025-12-17 | in IEEE Transactions on Information Forensics and Security, vol. 20, pp. 10082-10097, 2025 |  |
| 2 | Authority Backdoor: A Certifiable Backdoor Mechanism for Authoring DNNs | Han Yang, Shaofeng Li, Tian Dong, Xiangyu Xu, Guangchi Liu, Zhen Ling | 2025-12-11 | arXiv (Cornell University) |  |
| 3 | Patronus: Identifying and Mitigating Transferable Backdoors in Pre-trained Language Models | Zhao, Tianhang, Du, Wei, Zhao, Haodong, Duan, Sufeng, Liu, Gongshen | 2025-12-01 | arXiv (Cornell University) |  |
| 4 | Assimilation Matters: Model-level Backdoor Detection in Vision-Language Pretrained Models | Zhongqi Wang, Jie Zhang, Shiguang Shan, Xilin Chen | 2025-11-29 | arXiv (Cornell University) |  |
| 5 | Exploring Dynamic Properties of Backdoor Training Through Information Bottleneck | Liu Xin-yu, Zhang Xu, Chen Can, Wang Ren | 2025-11-26 | arXiv (Cornell University) |  |
| 6 | AutoBackdoor: Automating Backdoor Attacks via LLM Agents | Li, Yige, Li Zhe, Zhao Wei, Min, Nay Myat, Huang, Hanxun, Ma, Xingjun, Sun Jun | 2025-11-20 | arXiv (Cornell University) |  |
| 7 | Enhancing All-to-X Backdoor Attacks with Optimized Target Class Mapping | Wang Lei, Tian Yu-long, Han Hao, Xu Fengyuan | 2025-11-17 | arXiv (Cornell University) |  |
| 8 | MTAttack: Multi-Target Backdoor Attacks against Large Vision-Language Models | Wang Zihan, Pang, Guansong, Miao Wenjun, Zheng Jin, Bai Xiao | 2025-11-13 | arXiv (Cornell University) |  |
| 9 | Flareon: Stealthy all2all Backdoor Injection via Poisoned Augmentation | Tianrui Qin, Xuan Wang, Xianghuan He, Yiren Zhao, Kejiang Ye, Chengzhong Xu, Xitong Gao | 2025-11-03 | ACM Transactions on Knowledge Discovery from Data |  |
| 10 | BackdoorVLM: A Benchmark for Backdoor Attacks on Vision-Language Models | Li Juncheng, Li Yige, Huang, Hanxun, Chen Yunhao, Wang Xin, Wang YiXu, Ma, Xingjun, Jiang, Yu-Gang | 2025-11-01 | arXiv (Cornell University) |  |
| 11 | Forgetting to Forget: Attention Sink as A Gateway for Backdooring LLM Unlearning | Bingqi Shang, Yiwei Chen, Yihua Zhang, Bingquan Shen, Sijia Liu | 2025-10-19 | arXiv |  |
| 12 | CTCC: A Robust and Stealthy Fingerprinting Framework for Large Language Models via Cross-Turn Contextual Correlation Backdoor | Association for Computational Linguistics 2025, Han Meng, Lin Changting, Tian Shengwei, Xu Zhenhua, Yue Xubin, Zhao Xi-x... | 2025-10-10 | Underline Science Inc. |  |
| 13 | On the Out-of-Distribution Backdoor Attack for Federated Learning | Jin-Sen Xu, Zikai Zhang, Rui Hu | 2025-09-16 | OpenAlex |  |
| 14 | Your Compiler is Backdooring Your Model: Understanding and Exploiting Compilation Inconsistency Vulnerabilities in Deep Learning Compilers | Simin Chen, Jinjun Peng, Yixin He, Junfeng Yang, Baishakhi Ray | 2025-09-14 | arXiv |  |
| 15 | PNAct: Crafting Backdoor Attacks in Safe Reinforcement Learning | Weiran Guo, Guanjun Liu, Ziyuan Zhou, Ling Wang | 2025-09-01 | OpenAlex |  |
| 16 | Virus Infection Attack on LLMs: Your Poisoning Can Spread "VIA" Synthetic Data | Zi Liang, Qingqing Ye, Xuan Liu, Yanyun Wang, Jianliang Xu, Haibo Hu | 2025-09-01 | arXiv |  |
| 17 | FedDLAD: A Federated Learning Dual-Layer Anomaly Detection Framework for Enhancing Resilience Against Backdoor Attacks | Binbin Ding, Penghui Yang, Sheng-Jun Huang | 2025-09-01 | OpenAlex |  |
| 18 | CABIN: Debiasing Vision-Language Models Using Backdoor Adjustments | B. Y. Pang, Tingrui Qiao, Caroline Walker, Chris Cunningham, Yun Sing Koh | 2025-09-01 | OpenAlex |  |
| 19 | Lethe: Purifying Backdoored Large Language Models with Knowledge Dilution | Chen Chen, Yuchen Sun, Jiaxin Gao, Xueluan Gong, Qian Wang, Ziyao Wang, Yongsen Zheng, Kwok-Yan Lam | 2025-08-28 | Zenodo (CERN European Organization for Nuclear Research) |  |
| 20 | Coward: Collision-based Watermark for Proactive Federated Backdoor Detection | Wenjie Li, Siying Gu, Yiming Li, Kangjie Chen, Zhili Chen, Tianwei Zhang, Shu-Tao Xia, Dacheng Tao | 2025-08-01 | arXiv |  |
| 21 | BackFed: An Efficient & Standardized Benchmark Suite for Backdoor Attacks in Federated Learning | Thinh Dao, Dung Thuy Nguyen, Khoa D. Doan, Kok-Seng Wong | 2025-07-01 | arXiv |  |
| 22 | CLIP-Guided Backdoor Defense through Entropy-Based Poisoned Dataset Separation | Binyan Xu, Fan Yang, Xilin Dai, Di Tang, Kehuan Zhang | 2025-07-01 | OpenAlex |  |
| 23 | Invisible Backdoor Attack against Self-supervised Learning | Hanrong Zhang, Zhenting Wang, Boheng Li, Fulin Lin, Tingxu Han, Mingyu Jin, Chenlu Zhan, Mengnan Du, Hongwei Wang, Shiqi... | 2025-06-10 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 24 | SRD: Reinforcement-Learned Semantic Perturbation for Backdoor Defense in VLMs | Shuhan Xu, Siyuan Liang, Hongling Zheng, Aishan Liu, Xinbiao Wang, Yong Luo, Fu Lin, Leszek Rutkowski, Dacheng Tao | 2025-06-01 | arXiv |  |
| 25 | TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning | Mingxuan Zhang, Oubo Ma, Kang Wei, Songze Li, Shouling Ji | 2025-06-01 | arXiv |  |
| 26 | Defending the Edge: Representative-Attention for Mitigating Backdoor Attacks in Federated Learning | Chibueze Peace Obioma, Youcheng Sun, Mustafa A. Mustafa | 2025-05-01 | arXiv |  |
| 27 | Towards Dataset Copyright Evasion Attack against Personalized Text-to-Image Diffusion Models | Kuofeng Gao, Yufei Zhu, Yiming Li, Jiawang Bai, Yong Yang, Zhifeng Li, Shu-Tao Xia | 2025-05-01 | arXiv |  |
| 28 | Propaganda via AI? A Study on Semantic Backdoors in Large Language Models | Nay Myat Min, Long H. Pham, Yige Li, Jun Sun | 2025-04-01 | arXiv |  |
| 29 | Dynamic Attention Analysis for Backdoor Detection in Text-to-Image Diffusion Models | Zhongqi Wang, Jie Zhang, Shiguang Shan, Xilin Chen | 2025-04-01 | arXiv |  |
| 30 | CBW: Towards Dataset Ownership Verification for Speaker Verification via Clustering-based Backdoor Watermarking | Yiming Li, Kaiying Yan, Shuo Shao, Tongqing Zhai, Shu-Tao Xia, Zhan Qin, Dacheng Tao | 2025-03-01 | arXiv |  |
| 31 | Detecting Backdoor Attacks in Federated Learning via Direction Alignment Inspection | Jiahao Xu, Zikai Zhang, Rui Hu | 2025-03-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 32 | Stealthy Patch-Wise Backdoor Attack in 3D Point Cloud via Curvature Awareness | Yu Feng, Dingxin Zhang, Runkai Zhao, Yong Xia, Heng Huang, Tom Weidong Cai | 2025-03-01 | arXiv |  |
| 33 | Trigger without Trace: Towards Stealthy Backdoor Attack on Text-to-Image Diffusion Models | Jie Zhang, Zhongqi Wang, Shiguang Shan, Xilin Chen | 2025-03-01 | arXiv |  |
| 34 | DemonAgent: Dynamically Encrypted Multi-Backdoor Implantation Attack on LLM-based Agent | Pengyu Zhu, Zhenhong Zhou, Yuanhe Zhang, Shilinlu Yan, Kun Wang, Sen Su | 2025-02-18 | arXiv |  |
| 35 | BackdoorDM: A Comprehensive Benchmark for Backdoor Learning in Diffusion Model | Weilin Lin, Nanjun Zhou, Yanyun Wang, Jianze Li, Hui Xiong, Li Liu | 2025-02-17 | arXiv |  |
| 36 | BoT: Breaking Long Thought Processes of o1-like Large Language Models through Backdoor Attack | Zihao Zhu, Hongbao Zhang, Mingda Zhang, Ruotong Wang, Guanzong Wu, Ke Xu, Baoyuan Wu | 2025-02-16 | arXiv |  |
| 37 | Revisiting the Auxiliary Data in Backdoor Purification | Shaokui Wei, Shanchao Yang, Jiayin Liu, Hongyuan Zha | 2025-02-10 | arXiv |  |
| 38 | BadRefSR: Backdoor Attacks Against Reference-based Image Super Resolution | Xue Yang, Tao Chen, Lei Guo, Wenbo Jiang, Ji Guo, Yongming Li, Jiaming He | 2025-02-01 | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |  |
| 39 | Char-mander Use mBackdoor! A Study of Cross-lingual Backdoor Attacks in Multilingual LLMs | Himanshu Beniwal, Sailesh Panda, Birudugadda Srivibhav, Mayank Singh | 2025-02-01 | arXiv |  |
| 40 | Detecting Backdoor Samples in Contrastive Language Image Pretraining | Hanxun Huang, Sarah Monazam Erfani, Yige Li, Xingjun Ma, James Bailey | 2025-02-01 | arXiv |  |
| 41 | Gungnir: Exploiting Stylistic Features in Images for Backdoor Attacks on Diffusion Models | Yu Pan, Jiahao Chen, Bingrong Dai, Lin Wang, Yi Du, Jiao Liu | 2025-02-01 | arXiv |  |
| 42 | UNIDOOR: A Universal Framework for Action-Level Backdoor Attacks in Deep Reinforcement Learning | Oubo Ma, Linkang Du, Yang Dai, Chunyi Zhou, Qingming Li, Yuwen Pu, Shouling Ji | 2025-01-26 | arXiv |  |
| 43 | Mechanistic Exploration of Backdoored Large Language Model Attention Patterns | Mohammed Abu Baker, Lakshmi Babu Saheer | 2025-01-01 | arXiv |  |
| 44 | Vertical Federated Unlearning via Backdoor Certification | Mengde Han, Tianqing Zhu, Lefeng Zhang, Huan Huo, Wanlei Zhou | 2025-01-01 | IEEE Transactions on Services Computing |  |
| 45 | UFID: A Unified Framework for Black-box Input-level Backdoor Detection on Diffusion Models | Zihan Guan, Mengxuan Hu, Sheng Li, Anil Kumar S. Vullikanti | 2025-01-01 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 46 | ToxicTextCLIP: Text-Based Poisoning and Backdoor Attacks on CLIP Pre-training | Xin Yao, Haiyang Zhao, Yimin Chen, Jiawei Guo, Kecheng Huang, Ming Zhao | 2025-01-01 | arXiv |  |
| 47 | Towards Invisible Backdoor Attack on Text-to-Image Diffusion Model | Jie Zhang, Zhongqi Wang, Shiguang Shan, Xilin Chen | 2025-01-01 | arXiv |  |
| 48 | The Ripple Effect: On Unforeseen Complications of Backdoor Attacks | Rui Zhang, Yun Shen, Hongwei Li, Wenbo Jiang, Hanxiao Chen, Yuan Zhang, Guowen Xu, Yang Zhang | 2025-01-01 | arXiv |  |
| 49 | Test-Time Multimodal Backdoor Detection by Contrastive Prompting | Yuwei Niu, Shuo He, Qi Wei, Zongyu Wu, Feng Liu, Lei Feng | 2025-01-01 | ICML |  |
| 50 | TED++: Submanifold-Aware Backdoor Detection via Layerwise Tubular-Neighbourhood Screening | Nam Le, Leo Yu Zhang, Kewen Liao, Shirui Pan, Wei Luo | 2025-01-01 | arXiv |  |
| 51 | Sealing The Backdoor: Unlearning Adversarial Text Triggers In Diffusion Models Using Knowledge Distillation | Ashwath Vaithinathan Aravindan, Abha Jha, Matthew Salaway, Atharva Sandeep Bhide, Duygu Nur Yaldiz | 2025-01-01 | arXiv |  |
| 52 | SLIP: Soft Label Mechanism and Key-Extraction-Guided CoT-based Defense Against Instruction Backdoor in APIs | Zhengxian Wu, Juan Wen, Wanli Peng, Haowei Chang, Yinghan Zhou, Yiming Xue | 2025-01-01 | arXiv |  |
| 53 | Rounding-Guided Backdoor Injection in Deep Learning Model Quantization | Xiangxiang Chen, Peixin Zhang, Jun Sun, Wenhai Wang, Jingyi Wang | 2025-01-01 | arXiv |  |
| 54 | REFINE: Inversion-Free Backdoor Defense via Model Reprogramming | Yukun Chen, Shuo Shao, Enhao Huang, Yiming Li, Pin-Yu Chen, Zhan Qin, Kui Ren | 2025-01-01 | ICLR |  |
| 55 | Taught Well Learned Ill: Towards Distillation-conditional Backdoor Attack | Yukun Chen, Boheng Li, Yu Yuan, Leyi Qi, Yiming Li, Tianwei Zhang, Zhan Qin, Kui Ren | 2025-01-01 | arXiv |  |
| 56 | Invisible Backdoor Triggers in Image Editing Model via Deep Watermarking | Yu-Feng Chen, Tzuhsuan Huang, Pin-Yen Chiu, Jun-Cheng Chen | 2025-01-01 | arXiv |  |
| 57 | FLARE: Towards Universal Dataset Purification against Backdoor Attacks | Linshan Hou, Wei Luo, Zhongyun Hua, Songhua Chen, Leo Yu Zhang, Yiming Li | 2025-01-01 | IEEE Transactions on Information Forensics and Security | |
| 58 | Exploring Backdoor Vulnerabilities of Chat Models | Wenkai Yang, Yunzhuo Hao, Yankai Lin | 2025-01-01 | COLING |  |
| 59 | Energy Backdoor Attack to Deep Neural Networks | Hanene F. Z. Brachemi Meftah, Wassim Hamidouche, Sid Ahmed Fezza, Olivier Déforges, Kassem Kallas | 2025-01-01 | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |  |
| 60 | DUP: Detection-guided Unlearning for Backdoor Purification in Language Models | Man Hu, Yahui Ding, Yatao Yang, Liangyu Chen, Yanhao Jia, Shuai Zhao | 2025-01-01 | arXiv |  |
| 61 | Collaborative Shadows: Distributed Backdoor Attacks in LLM-Based Multi-Agent Systems | Pengyu Zhu, Lijun Li, Yaxing Lyu, Li Sun, Sen Su, Jing Shao | 2025-01-01 | arXiv |  |
| 62 | Backdoor Token Unlearning: Exposing and Defending Backdoors in Pretrained Language Models | Peihai Jiang, Xixiang Lyu, Yige Li, Jing Ma | 2025-01-01 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 63 | Claim-Guided Textual Backdoor Attack for Practical Applications | Minkyoo Song, Hanna Kim, Jaehan Kim, Youngjin Jin, Seungwon Shin | 2025-01-01 | Findings of the Association for Computational Linguistics: NAACL 2022 |  |
| 64 | Circumventing Backdoor Space via Weight Symmetry | Jie Peng, Hongwei Yang, Jing Zhao, Hengji Dong, Hui He, Weizhe Zhang, Haoyu He | 2025-01-01 | arXiv |  |
| 65 | Cert-SSB: Toward Certified Sample-Specific Backdoor Defense | Ting Qiao, Yingjia Wang, Xing Liu, Sixing Wu, Jianbing Li, Yiming Li | 2025-01-01 | arXiv |  |
| 66 | BeDKD: Backdoor Defense based on Dynamic Knowledge Distillation and Directional Mapping Modulator | Zhengxian Wu, Juan Wen, Wanli Peng, Yinghan Zhou, Changtong dou, Yiming Xue | 2025-01-01 | AAAI 2026 | |
| 67 | BadReasoner: Planting Tunable Overthinking Backdoors into Large Reasoning Models for Fun or Profit | Biao Yi, Zekun Fei, Jianing Geng, Tong Li, Lihai Nie, Zheli Liu, Yiming Li | 2025-01-01 | arXiv |  |
| 68 | Backdooring Self-Supervised Contrastive Learning by Noisy Alignment | Tuo Chen, Jie Gui, Minjing Dong, Ju Jia, Lanting Fang, Jian Liu | 2025-01-01 | arXiv |  |
| 69 | Double Landmines: Invisible Textual Backdoor Attacks based on Dual-Trigger | Yang Hou, Qiuling Yue, Lujia Chai, Guozhao Liao, Wenbao Han, Wei Ou | 2024-12-23 | Cybersecurity |  |
| 70 | Gracefully Filtering Backdoor Samples for Generative Large Language Models without Retraining | Zongru Wu, Pengzhou Cheng, Lingyong Fang, Zhuosheng Zhang, Gongshen Liu | 2024-12-03 | COLING |  |
| 71 | Fisher Information guided Purification against Backdoor Attacks | Nazmul Karim, Abdullah Al Arafat, Adnan Siraj Rakin, Zhishan Guo, Nazanin Rahnavard | 2024-12-02 | OpenAlex |  |
| 72 | BadMerging: Backdoor Attacks Against Model Merging | Jinghuai Zhang, Jianfeng Chi, Zheng Li, Kunlin Cai, Yang Zhang, Yuan Tian | 2024-12-02 | OpenAlex |  |
| 73 | Backdoor Attacks against No-Reference Image Quality Assessment Models via a Scalable Trigger | Yi Yu, Song Xia, Xun Lin, Wenhan Yang, Shijian Lu, Yap‐Peng Tan, Alex C. Kot | 2024-12-01 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 74 | Invisible Textual Backdoor Attacks based on Dual-Trigger | Yang Hou, Qiuling Yue, Lujia Chai, Guozhao Liao, Wenbao Han, Wei Ou | 2024-12-01 | arXiv | |
| 75 | Perturb and Recover: Fine-tuning for Effective Backdoor Removal from CLIP | Naman Deep Singh, Francesco Croce, Matthias Hein | 2024-12-01 | arXiv |  |
| 76 | T2IShield: Defending Against Backdoors on Text-to-Image Diffusion Models | Zhongqi Wang, Jie Zhang, Shiguang Shan, Xilin Chen | 2024-11-26 | Lecture notes in computer science |  |
| 77 | BackdoorMBTI: A Backdoor Learning Multimodal Benchmark Tool Kit for Backdoor Defense Evaluation | Haiyang Yu, Tian Xie, Jiaping Gui, Pengyang Wang, Pengzhou Cheng, Ping Yi, Yue Wu | 2024-11-17 | OpenAlex |  |
| 78 | Identify Backdoored Model in Federated Learning via Individual Unlearning | Jiahao Xu, Zikai Zhang, Rui Hu | 2024-11-01 | arXiv |  |
| 79 | Your Semantic-Independent Watermark is Fragile: A Semantic Perturbation Attack against EaaS Watermark | Zekun Fei, Biao Yi, Jianing Geng, Ruiqi He, Lihai Nie, Zheli Liu | 2024-11-01 | arXiv |  |
| 80 | UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening | Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Guanhong Tao, Shengwei An, Hanxi Guo, Shiqing Ma, Xiangyu Zhang | 2024-10-31 | Lecture notes in computer science |  |
| 81 | Mitigating the Backdoor Effect for Multi-Task Model Merging via Safety-Aware Subspace | Jinluan Yang, Anke Tang, Didi Zhu, Zhengyu Chen, Li Shen, Fei Wu | 2024-10-16 | arXiv |  |
| 82 | Adversarially Guided Stateful Defense Against Backdoor Attacks in Federated Deep Learning | Hassan Ali, Surya Nepal, Salil S. Kanhere, Sanjay K. Jha | 2024-10-01 | OpenAlex |  |
| 83 | Agent Security Bench (ASB): Formalizing and Benchmarking Attacks and Defenses in LLM-based Agents | Hanrong Zhang, Jingyuan Huang, Kai Mei, Yifei Yao, Zhenting Wang, Chenlu Zhan, Hongwei Wang, Yongfeng Zhang | 2024-10-01 | arXiv |  |
| 84 | Expose Before You Defend: Unifying and Enhancing Backdoor Defenses via Exposed Models | Yige Li, Hanxun Huang, Jiaming Zhang, Xingjun Ma, Yu-Gang Jiang | 2024-10-01 | arXiv |  |
| 85 | Event Trojan: Asynchronous Event-Based Backdoor Attacks | Ruofei Wang, Qing Guo, Haoliang Li, Renjie Wan | 2024-09-28 | Lecture notes in computer science |  |
| 86 | Mask-Based Invisible Backdoor Attacks on Object Detection | Shin Jeong Jin | 2024-09-27 | 2022 IEEE International Conference on Image Processing (ICIP) |  |
| 87 | Obliviate: Neutralizing Task-agnostic Backdoors within the Parameter-efficient Fine-tuning Paradigm | Jaehan Kim, Minkyoo Song, Seung Ho Na, Seungwon Shin | 2024-09-21 | Findings of the Association for Computational Linguistics: NAACL 2022 |  |
| 88 | TERD: A Unified Framework for Safeguarding Diffusion Models Against Backdoors | Yichuan Mo, Hui Huang, Mingjie Li, Ang Li, Yisen Wang | 2024-09-08 | International Conference on Machine Learning 2024 |  |
| 89 | NoiseAttack: An Evasive Sample-Specific Multi-Targeted Backdoor Attack Through White Gaussian Noise | Abdullah Arafat Miah, Kaan Icer, Resit Sendag, Yu Bi | 2024-09-03 | arXiv |  |
| 90 | Exploiting the Vulnerability of Large Language Models via Defense-Aware Architectural Backdoor | Abdullah Arafat Miah, Yu Bi | 2024-09-03 | arXiv |  |
| 91 | VFLIP: A Backdoor Defense for Vertical Federated Learning via Identification and Purification | Yungi Cho, Woorim Han, Miseon Yu, Younghan Lee, Ho Bae, Yunheung Paek | 2024-08-28 | Lecture notes in computer science |  |
| 92 | Defending Text-to-image Diffusion Models: Surprising Efficacy of Textual Perturbations Against Backdoor Attacks | Oscar Chew, Po-Yi Lu, Jayden Lin, Hsuan-Tien Lin | 2024-08-28 | arXiv |  |
| 93 | MakeupAttack: Feature Space Black-box Backdoor Attack on Face Recognition via Makeup Transfer | Ming Sun, Lihua Jing, Zixuan Zhu, Rui Wang | 2024-08-22 | Frontiers in artificial intelligence and applications |  |
| 94 | MEGen: Generative Backdoor into Large Language Models via Model Editing | Jiyang Qiu, Xinbei Ma, Zhuosheng Zhang, Hai Zhao, Yun Li, Qianren Wang | 2024-08-20 | Findings of the Association for Computational Linguistics: ACL 2022 |  |
| 95 | BackdoorLLM: A Comprehensive Benchmark for Backdoor Attacks and Defenses on Large Language Models | Li Yige, Huang, Hanxun, Zhao Yunhan, Ma, Xingjun, Sun Jun | 2024-08-01 | Singapore Management University Institutional Knowledge (InK) (Singapore Management University) | |
| 96 | Diff-Cleanse: Identifying and Mitigating Backdoor Attacks in Diffusion Models | Hao Jiang, Jin Xiao, Xiaoguang Hu, Chen Tianyou, Zhao Jiajia | 2024-07-30 | ICME |  |
| 97 | Flatness-aware Sequential Learning Generates Resilient Backdoors | Hoang N. Pham, The-Anh Ta, Anh Tran, Khoa D. Doan | 2024-07-19 | Lecture notes in computer science |  |
| 98 | Provable Robustness of (Graph) Neural Networks Against Data Poisoning and Backdoor Attacks | Lukas Gosch, Mahalakshmi Sabanayagam, Debarghya Ghoshdastidar, Stephan Günnemann | 2024-07-15 | Trans. Mach. Learn. Res. |  |
| 99 | Distributed Backdoor Attacks on Federated Graph Learning and Certified Defenses | Yuxin Yang, Qiang Li, Jinyuan Jia, Yuan Hong, Binghui Wang | 2024-07-11 | OpenAlex |  |
| 100 | Future Events as Backdoor Triggers: Investigating Temporal Vulnerabilities in LLMs | Sara Price, Arjun Panickssery, Samuel R. Bowman, Asa Cooper Stickland | 2024-07-04 | arXiv |  |
| 101 | IPA-NeRF: Illusory Poisoning Attack Against Neural Radiance Fields | Wenxiang Jiang, Hanwei Zhang, Shuo Zhao, Zhongwen Guo, Hao Wang | 2024-07-01 | arXiv |  |
| 102 | Towards Clean-Label Backdoor Attacks in the Physical World | Thinh Dao, Cuong Phan Minh Le, Khoa D. Doan, Kok‐Seng Wong | 2024-07-01 | arXiv |  |
| 103 | ShadowCode: Towards (Automatic) External Prompt Injection Attack against Code LLMs | Yuchen Yang, Yiming Li, Hongwei Yao, Bingrun Yang, Yiling He, Tianwei Zhang, Dacheng Tao, Zhan Qin | 2024-07-01 | arXiv |  |
| 104 | Venomancer: Towards Imperceptible and Target-on-Demand Backdoor Attacks in Federated Learning | Son Nguyen, Thinh Viet Nguyen, Khoa D. Doan, Kok‐Seng Wong | 2024-07-01 | arXiv |  |
| 105 | Defending Against Repetitive-based Backdoor Attacks on Semi-supervised Learning through Lens of Rate-Distortion-Perception Trade-off | Cheng-Yi Lee, Ching-Chia Kao, Cheng-Han Yeh, Chun-Shien Lu, Chia-Mu Yu, Chu-Song Chen | 2024-07-01 | 2022 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV) |  |
| 106 | Clean-Label Physical Backdoor Attacks with Data Distillation | Thinh Dao, Khoa D Doan, Kok-Seng Wong | 2024-07-01 | arXiv |  |
| 107 | Backdoor Graph Condensation | Jiahao Wu, Ning Lu, Zeiyu Dai, Kun Wang, Wenqi Fan, Shengcai Liu, Qing Li, Ke Tang | 2024-07-01 | arXiv |  |
| 108 | A Whole-Process Certifiably Robust Aggregation Method Against Backdoor Attacks in Federated Learning | Anqi Zhou, Yezheng Liu, Yidong Chai, Hongyi Zhu, Xinyue Ge, Yuanchun Jiang, Meng Wang | 2024-06-30 | arXiv |  |
| 109 | Lotus: Evasive and Resilient Backdoor Attacks through Sub-Partitioning | Siyuan Cheng, Guanhong Tao, Yingqi Liu, Guangyu Shen, Shengwei An, Shiwei Feng, Xiangzhe Xu, Kaiyuan Zhang, Shiqing Ma, ... | 2024-06-16 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 110 | BadAgent: Inserting and Activating Backdoor Attacks in LLM Agents | Yifei Wang, Dizhan Xue, Shengjie Zhang, Shengsheng Qian | 2024-06-05 | OpenAlex |  |
| 111 | Invisible Backdoor Attacks on Diffusion Models | Sen Li, Junchi Ma, Minhao Cheng | 2024-06-02 | arXiv |  |
| 112 | Let the Noise Speak: Harnessing Noise for a Unified Defense Against Adversarial and Backdoor Attacks | Md Hasan Shahriar, Ning Wang, Naren Ramakrishnan, Y. Thomas Hou, Wenjing Lou | 2024-06-01 | Lecture notes in computer science |  |
| 113 | BAN: Detecting Backdoors Activated by Adversarial Neuron Noise | Xiaoyun Xu, Zhuoran Liu, Stefanos Koffas, Shujian Yu, Stjepan Picek | 2024-05-30 | NeurIPS |  |
| 114 | Mitigating Backdoor Attack by Injecting Proactive Defensive Backdoor | Shaokui Wei, Hongyuan Zha, Baoyuan Wu | 2024-05-25 | NeurIPS |  |
| 115 | Towards Imperceptible Backdoor Attack in Self-supervised Learning | Hanrong Zhang, Zhenting Wang, Tingxu Han, Mingyu Jin, Chenlu Zhan, Mengnan Du, Hongwei Wang, Shiqing Ma | 2024-05-23 | arXiv |  |
| 116 | IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency | Linshan Hou, Ruili Feng, Zhongyun Hua, Wei Luo, Leo Yu Zhang, Yiming Li | 2024-05-15 | ICML | |
| 117 | EmInspector: Combating Backdoor Attacks in Federated Self-Supervised Learning Through Embedding Inspection | Yuwen Qian, Shuchi Wu, Kang Wei, Ming Ding, Di Xiao, Tao Xiang, Chuan Ma, Song Guo | 2024-05-01 | arXiv |  |
| 118 | Nearest is Not Dearest: Towards Practical Defense against Quantization-conditioned Backdoor Attacks | Boheng Li, Yishuo Cai, Haowei Li, Feng Xue, Zhifeng Li, Yiming Li | 2024-05-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 119 | Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers | Sheng Yang, Jiawang Bai, Kuofeng Gao, Yong Yang, Yiming Li, Shu-tao Xia | 2024-05-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 120 | Beyond Traditional Threats: A Persistent Backdoor Attack on Federated Learning | Tao Liu, Yuhang Zhang, Feng Zhu, Zhiqin Yang, Chen Xu, Dapeng Man, Wu Yang | 2024-04-26 |  |
|
| 121 | Privacy Backdoors: Stealing Data with Corrupted Pretrained Models | Shanglun Feng, Florian Tramèr | 2024-03-30 | ICML |  |
| 122 | Generating Potent Poisons and Backdoors from Scratch with Guided Diffusion | Hossein Souri, Arpit Bansal, Hamid Kazemi, Liam Fowl, Aniruddha Saha, Jonas Geiping, Andrew Gordon Wilson, Rama Chellapp... | 2024-03-24 | arXiv |  |
| 123 | Invisible Backdoor Attack against 3D Point Cloud Classifier in Graph Spectral Domain | Linkun Fan, Fazhi He, Tongzhen Si, Wei Tang, Bing Li | 2024-03-24 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 124 | Progressive Poisoned Data Isolation for Training-Time Backdoor Defense | Yiming Chen, Haiwei Wu, Jiantao Zhou | 2024-03-24 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 125 | COMBAT: Alternated Training for Near-Perfect Clean-Label Backdoor Attacks | Tran Ngoc Huynh, Dang Minh Nguyen, Tung Pham, Anh Tuan Tran | 2024-03-24 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 126 | BadRL: Sparse Targeted Backdoor Attack against Reinforcement Learning | Jing Cui, Yufei Han, Yuzhe Ma, Jianbin Jiao, Junge Zhang | 2024-03-24 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 127 | An Embarrassingly Simple Defense Against Backdoor Attacks On SSL | Aryan Satpathy, Nilaksh Nilaksh, Dhruva Rajwade | 2024-03-23 | arXiv |  |
| 128 | PoisonPrompt: Backdoor Attack on Prompt-Based Large Language Models | Hongwei Yao, Jian Lou, Zhan Qin | 2024-03-18 | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |  |
| 129 | Invisible Black-Box Backdoor Attack against Deep Cross-Modal Hashing Retrieval | Tianshi Wang, Fengling Li, Lei Zhu, Jingjing Li, Zheng Zhang, Heng Tao Shen | 2024-03-02 | ACM transactions on office information systems |  |
| 130 | Backdoor Secrets Unveiled: Identifying Backdoor Data with Optimized Scaled Prediction Consistency | Soumyadeep Pal, Yuguang Yao, Ren Wang, Bingquan Shen, Sijia Liu | 2024-03-01 | ICLR |  |
| 131 | BapFL: You can Backdoor Personalized Federated Learning | Tiandi Ye, Cen Chen, Yinggui Wang, Xiang Li, Ming Gao | 2024-02-23 | ACM Transactions on Knowledge Discovery from Data |  |
| 132 | Acquiring Clean Language Models from Backdoor Poisoned Datasets by Downscaling Frequency Space | Zongru Wu, Zhuosheng Zhang, Pengzhou Cheng, Gongshen Liu | 2024-02-19 | OpenReview |  |
| 133 | Poisoned Forgery Face: Towards Backdoor Attacks on Face Forgery Detection | Jiawei Liang, Siyuan Liang, Aishan Liu, Xiaojun Jia, Junhao Kuang, Xiaochun Cao | 2024-02-18 | ICLR |  |
| 134 | Watch Out for Your Agents! Investigating Backdoor Threats to LLM-Based Agents | Wenkai Yang, Xiaohan Bi, Yankai Lin, Sishuo Chen, Jie Zhou, Xu Sun | 2024-02-17 | NeurIPS |  |
| 135 | OrderBkd: Textual backdoor attack through repositioning | Irina Alekseevskaia, Konstantin Arkhipenko | 2024-02-12 | OpenAlex |  |
| 136 | Backdoor Attacks on Dense Retrieval via Public and Unintentional Triggers | Quanyu Long, Yue Deng, LeiLei Gan, Wenya Wang, Sinno Jialin Pan | 2024-02-01 | arXiv |  |
| 137 | SynGhost: Invisible and Universal Task-agnostic Backdoor Attack via Syntactic Transfer | Pengzhou Cheng, Wei Du, Zongru Wu, Fengwei Zhang, Libo Chen, Zhuosheng Zhang, Gongshen Liu | 2024-02-01 | Findings of the Association for Computational Linguistics: NAACL 2022 |  |
| 138 | TransTroj: Transferable Backdoor Attacks to Pre-trained Models via Embedding Indistinguishability | Hao Wang, Tao Xiang, Shangwei Guo, Jialing He, Hangcheng Liu, Tianwei Zhang | 2024-01-28 | arXiv |  |
| 139 | A Closer Look at Robustness of Vision Transformers to Backdoor Attacks | Akshayvarun Subramanya, Soroush Abbasi Koohpayegani, Aniruddha Saha, Ajinkya Tejankar, Hamed Pirsiavash | 2024-01-03 | 2022 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV) |  |
| 140 | Adversarial Feature Map Pruning for Backdoor | Dong Huang, Qingwen Bu | 2024-01-01 | ICLR |  |
| 141 | BackTime: Backdoor Attacks on Multivariate Time Series Forecasting | Xiaola Lin, Zhining Liu, Dongqi Fu, Ruizhong Qiu, Hanghang Tong | 2024-01-01 | NeurIPS |  |
| 142 | Backdoor Contrastive Learning via Bi-level Trigger Optimization | Weiyu Sun, Xinyu Zhang, Hao Lu, Ying-Cong Chen, Ting Wang, Jinghui Chen, Lu Lin | 2024-01-01 | ICLR |  |
| 143 | BadCM: Invisible Backdoor Attack Against Cross-Modal Learning | Zheng Zhang, Xu Yuan, Lei Zhu, Jingkuan Song, Liqiang Nie | 2024-01-01 |  |
|
| 144 | Defending Against Backdoor Attacks by Quarantine Training | Chengxu Yu, Yulai Zhang | 2024-01-01 | IEEE Access |  |
| 145 | How to Backdoor Consistency Models? | Chengen Wang, Murat Kantarcioglu | 2024-01-01 | Lecture notes in computer science |  |
| 146 | How to Craft Backdoors with Unlabeled Data Alone? | Yifei Wang, Wenhan Ma, Stefanie Jegelka, Yisen Wang | 2024-01-01 | arXiv |  |
| 147 | Model Supply Chain Poisoning: Backdooring Pre-trained Models via Embedding Indistinguishability | Hao Wang, Shangwei Guo, Jialing He, Hangcheng Liu, Tianwei Zhang, Tao Xiang | 2024-01-01 | WWW | |
| 148 | PBP: Post-training Backdoor Purification for Malware Classifiers | Dung Thuy Nguyen, Ngoc N. Tran, Taylor T. Johnson, Kevin Leach | 2024-01-01 | OpenAlex |  |
| 149 | PSBD: Prediction Shift Uncertainty Unlocks Backdoor Detection | Wei Li, Pin-Yu Chen, Sijia Liu, Ren Wang | 2024-01-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 150 | Shortcuts Everywhere and Nowhere: Exploring Multi-Trigger Backdoor Attacks | Yige Li, Jiabo He, Hanxun Huang, Jun Sun, Xingjun Ma, Yu-Gang Jiang | 2024-01-01 | arXiv |  |
| 151 | Toward Stealthy Backdoor Attacks Against Speech Recognition via Elements of Sound | Hanbo Cai, Pengcheng Zhang, Hai Dong, Yan Xiao, Stefanos Koffas, Yiming Li | 2024-01-01 | IEEE Transactions on Information Forensics and Security |  |
| 152 | Erasing Self-Supervised Learning Backdoor by Cluster Activation Masking | Shengsheng Qian, Dizhan Xue, Yifei Wang, Shengjie Zhang, Huaiwen Zhang, Changsheng Xu | 2023-12-01 | arXiv |  |
| 153 | OCGEC: One-class Graph Embedding Classification for DNN Backdoor Detection | Haoyu Jiang, Haiyang Yu, Nan Li, Ping Yi | 2023-12-01 | 2022 International Joint Conference on Neural Networks (IJCNN) |  |
| 154 | UltraClean: A Simple Framework to Train Robust Neural Networks against Backdoor Attacks | Bingyin Zhao, Yingjie Lao | 2023-12-01 | arXiv |  |
| 155 | Activation Gradient based Poisoned Sample Detection Against Backdoor Attacks | Danni Yuan, Shaokui Wei, Mingda Zhang, Li Liu, Baoyuan Wu | 2023-12-01 | ICLR |  |
| 156 | A Practical Clean-Label Backdoor Attack with Limited Information in Vertical Federated Learning | Peng Chen, Jirui Yang, Junxiong Lin, Zhihui Lu, Qiang Duan, Hongfeng Chai | 2023-12-01 | 2021 IEEE International Conference on Data Mining (ICDM) |  |
| 157 | TextGuard: Provable Defense against Backdoor Attacks on Text Classification | Hengzhi Pei, Jinyuan Jia, Wenbo Guo, Bo Li, Dawn Song | 2023-11-01 | OpenAlex |  |
| 158 | ACQ: Few-shot Backdoor Defense via Activation Clipping and Quantizing | Yulin Jin, Xiaoyu Zhang, Jian Lou, Xiaofeng Chen | 2023-10-26 | ACM Multimedia |  |
| 159 | Attacking Neural Networks with Neural Networks: Towards Deep Synchronization for Backdoor Attacks | Zihan Guan, Lichao Sun, Mengnan Du, Ninghao Liu | 2023-10-21 | OpenAlex |  |
| 160 | An Embarrassingly Simple Backdoor Attack on Self-supervised Learning | Changjiang Li, Ren Pang, Zhaohan Xi, Tianyu Du, Shouling Ji, Yuan Yao, Ting Wang | 2023-10-01 | 2021 IEEE/CVF International Conference on Computer Vision (ICCV) |  |
| 161 | Computation and Data Efficient Backdoor Attacks | Yutong Wu, Xingshuo Han, Han Qiu, Tianwei Zhang | 2023-10-01 | 2021 IEEE/CVF International Conference on Computer Vision (ICCV) |  |
| 162 | FLTracer: Accurate Poisoning Attack Provenance in Federated Learning | Xinyu Zhang, Qingyu Liu, Zhongjie Ba, Yuan Hong, Tianhang Zheng, Feng Lin, Li Lu, Kui Ren | 2023-10-01 | arXiv |  |
| 163 | XGBD: Explanation-Guided Graph Backdoor Detection | Zihan Guan, Mengnan Du, Ninghao Liu | 2023-09-28 | Frontiers in artificial intelligence and applications |  |
| 164 | Resisting Backdoor Attacks in Federated Learning via Bidirectional Elections and Individual Perspective | Zhen Qin, Feiyi Chen, Chen Zhi, Xueqiang Yan, Shuiguang Deng | 2023-09-01 | Proceedings of the AAAI Conference on Artificial Intelligence |  |
| 165 | TIJO: Trigger Inversion with Joint Optimization for Defending Multimodal Backdoored Models | Indranil Sur, Karan Sikka, Matthew Walmer, Kaushik Koneripalli, Anirban Roy, Xiao Lin, Ajay Divakaran, Susmit Jha | 2023-08-01 | 2021 IEEE/CVF International Conference on Computer Vision (ICCV) |  |
| 166 | Towards Stealthy Backdoor Attacks against Speech Recognition via Elements of Sound | Hanbo Cai, Pengcheng Zhang, Hai Dong, Yan Xiao, Stefanos Koffas, Yiming Li | 2023-07-01 | arXiv | |
| 167 | VillanDiffusion: A Unified Backdoor Attack Framework for Diffusion Models | Sheng-Yen Chou, Pin-Yu Chen, Tsung-Yi Ho | 2023-06-01 | NeurIPS |  |
| 168 | Single Image Backdoor Inversion via Robust Smoothed Classifiers | Mingjie Sun, J. Zico Kolter | 2023-06-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 169 | Efficient Backdoor Attacks for Deep Neural Networks in Real-world Scenarios | Ziqiang Li, Hong Sun, Pengfei Xia, Heng Li, Beihao Xia, Yi Wu, Bin Li | 2023-06-01 | arXiv |  |
| 170 | Detecting Backdoors in Pre-trained Encoders | Shiwei Feng, Guanhong Tao, Siyuan Cheng, Guangyu Shen, Xiangzhe Xu, Yingqi Liu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang | 2023-06-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 171 | DHBE: Data-free Holistic Backdoor Erasing in Deep Neural Networks via Restricted Adversarial Distillation | Zhicong Yan, Shenghong Li, Ruijie Zhao, Yuan Tian, Yuanyuan Zhao | 2023-06-01 | OpenAlex |  |
| 172 | Bkd-FedGNN: A Benchmark for Classification Backdoor Attacks on Federated Graph Neural Network | Fan Liu, Siqi Lai, Yansong Ning, Hao Liu | 2023-06-01 | Lecture notes in computer science |  |
| 173 | Backdoor Defense via Deconfounded Representation Learning | Zaixi Zhang, Qi Liu, Zhicai Wang, Zepu Lu, Qingyong Hu | 2023-06-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 174 | Backdoor Cleansing with Unlabeled Data | Lu Pang, Tong Sun, Haibin Ling, Chao Chen | 2023-06-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 175 | An Empirical Study of Backdoor Attacks on Masked Auto Encoders | Shuli Zhuang, Pengfei Xia, Bin Li | 2023-05-05 | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |  |
| 176 | Going in Style: Audio Backdoors Through Stylistic Transformations | Stefanos Koffas, Luca Pajola, Stjepan Picek, Mauro Conti | 2023-05-05 | ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |  |
| 177 | Text-to-Image Diffusion Models can be Easily Backdoored through Multimodal Data Poisoning | Shengfang Zhai, Yinpeng Dong, Qingni Shen, Shi Pu, Yuejian Fang, Hang Su | 2023-05-01 | ACM Multimedia |  |
| 178 | Training-free Lexical Backdoor Attacks on Language Models | Yujin Huang, Terry Yue Zhuo, Qiongkai Xu, Han Hu, Xingliang Yuan, Chunyang Chen | 2023-04-26 | Proceedings of the ACM Web Conference 2022 |  |
| 179 | Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning | Ajinkya Tejankar, Maziar Sanjabi, Qifan Wang, Sinong Wang, Hamed Firooz, Hamed Pirsiavash, Liang Tan | 2023-04-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 180 | Enhancing Fine-Tuning Based Backdoor Defense with Sharpness-Aware Minimization | Mingli Zhu, Shaokui Wei, Li Shen, Yanbo Fan, Baoyuan Wu | 2023-04-01 | 2021 IEEE/CVF International Conference on Computer Vision (ICCV) |  |
| 181 | Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection | Haibin Zheng, Haiyang Xiong, Haonan Ma, Guohan Huang, Jinyin Chen | 2023-03-30 | IEEE Transactions on Computational Social Systems |  |
| 182 | AdaptGuard: Defending Against Universal Attacks for Model Adaptation | Lijun Sheng, Jian Liang, Ran He, Zilei Wang, Tieniu Tan | 2023-03-01 | arXiv |  |
| 183 | Backdoor for Debias: Mitigating Model Bias with Backdoor Attack-based Artificial Bias | Shangxi Wu, Qiuyang He, Fangzhao Wu, Jitao Sang, Yaowei Wang, Changsheng Xu | 2023-03-01 | IEEE Transactions on Circuits and Systems for Video Technology |  |
| 184 | Detecting Backdoors During the Inference Stage Based on Corruption Robustness Consistency | Xiaogeng Liu, Minghui Li, Haoyu Wang, Shengshan Hu, Dengpan Ye, Hai Jin, Libing Wu, Chaowei Xiao | 2023-03-01 | 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |  |
| 185 | Mask and Restore: Blind Backdoor Defense at Test Time with Masked Autoencoder | Tao Sun, Lu Pang, Weimin Lyu, Chao Chen, Haibin Ling | 2023-03-01 | arXiv |  |
| 186 | SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction Consistency | Junfeng Guo, Yiming Li, Xun Chen, Hanqing Guo, Lichao Sun, Cong Liu | 2023-02-01 | ICLR 2023 poster |  |
| 187 | Revisiting Personalized Federated Learning: Robustness Against Backdoor Attacks | Zeyu Qin, Liuyi Yao, Daoyuan Chen, Yaliang Li, Bolin Ding, Minhao Cheng | 2023-02-01 | Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining |  |
| 188 | Backdoor Learning for NLP: Recent Advances, Challenges, and Future Research Directions | Marwan Omar | 2023-02-01 | arXiv |  |
| 189 | ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning Paradigms | Minzhou Pan, Yi Zeng, Lingjuan Lyu, Xue Lin, Ruoxi Jia | 2023-02-01 | USENIX Security Symposium |  |
| 190 | From Trojan Horses to Castle Walls: Unveiling Bilateral Backdoor Effects in Diffusion Models | Zhuoshi Pan, Yuguang Yao, Gaowen Liu, Bingquan Shen, H. Vicky Zhao, Ramana Rao Kompella, Sijia Liu | 2023-01-01 | arXiv |  |
| 191 | Universal Backdoor Attacks | Benjamin Schneider, Nils Lukas, Florian Kerschbaum | 2023-01-01 | arXiv |  |
| 192 | Towards Stable Backdoor Purification through Feature Shift Tuning | Rui Min, Zeyu Qin, Li Shen, Minhao Cheng | 2023-01-01 | NeurIPS |  |
| 193 | The "Beatrix" Resurrections: Robust Backdoor Detection via Gram Matrices | Wanlun Ma, Derui Wang, Ruoxi Sun, Minhui Xue, Sheng Wen, Yang Xiang | 2023-01-01 | OpenAlex |  |
| 194 | RobustNLP: A Technique to Defend NLP Models Against Backdoor Attacks | Marwan Omar | 2023-01-01 | arXiv | |
| 195 | Removing Backdoors in Pre-trained Models by Regularized Continual Pre-training | Biru Zhu, Ganqu Cui, Yangyi Chen, Yujia Qin, Lifan Yuan, Chong Fu, Yangdong Deng, Zhiyuan Liu, Maosong Sun, Ming Gu | 2023-01-01 | Transactions of the Association for Computational Linguistics |  |
| 196 | Reconstructive Neuron Pruning for Backdoor Defense | Yige Li, Xixiang Lyu, Xingjun Ma, Nodens Koren, Lingjuan Lyu, Bo Li, Yu-Gang Jiang | 2023-01-01 | ICML |  |
| 197 | NOTABLE: Transferable Backdoor Attacks Against Prompt-based NLP Models | Kai Mei, Zheng Li, Zhenting Wang, Yang Zhang, Shiqing Ma | 2023-01-01 | OpenAlex |  |
| 198 | You Can Backdoor Personalized Federated Learning | Tiandi Ye, Cen Chen, Yinggui Wang, Xiang Li, Ming Gao | 2023-01-01 | ACM Trans. Knowl. Discov. Data 2024 | |
| 199 | FMT: Removing Backdoor Feature Maps via Feature Map Testing in Deep Neural Networks | Dong Huang, Qingwen Bu, Yahao Qing, Yichao Fu, Heming Cui | 2023-01-01 | arXiv | |
| 200 | Beating Backdoor Attack at Its Own Game | Min Liu, Alberto L. Sangiovanni-Vincentelli, Xiangyu Yue | 2023-01-01 | 2021 IEEE/CVF International Conference on Computer Vision (ICCV) |  |