SentMod: Hidden Backdoor Attack on Unstructured Textual Data

Irtiza, Saquib; Khan, Latifur; Hamlen, Kevin W.

doi:10.1109/bigdatasecurityhpscids54978.2022.00050

Cited by 2 publications

(1 citation statement)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, there are fewer explorations in backdoor attack in NLP, especially under the setting of ML models as service [23,68]. Most of the current works focus on injecting textual triggers to the context via learning, including characterlevel manipulation [15,37], word-level replacement [15,69], and sentence-level [26,37]. Recent works have been studied towards poisoning language models with adversarial data [6,36,73], inspired by some existing attacks in computer vision [38].…”

Section: Backdoor Attacksmentioning

confidence: 99%

Training-free Lexical Backdoor Attacks on Language Models

Huang,

Zhuo,

et al. 2023

Preprint

View full text Add to dashboard Cite

Large-scale language models have achieved tremendous success across various natural language processing (NLP) applications. Nevertheless, language models are vulnerable to backdoor attacks, which inject stealthy triggers into models for steering them to undesirable behaviors. Most existing backdoor attacks, such as data poisoning, require further (re)training or fine-tuning language models to learn the intended backdoor patterns. The additional training process however diminishes the stealthiness of the attacks, as training a language model usually requires long optimization time, a massive amount of data, and considerable modifications to the model parameters.In this work, we propose Training-Free Lexical Backdoor Attack (TFLexAttack) as the first training-free backdoor attack on language models. Our attack is achieved by injecting lexical triggers into the tokenizer of a language model via manipulating its embedding dictionary using carefully designed rules. These rules are explainable to human developers which inspires attacks from a wider range of hackers. The sparse manipulation of the dictionary also habilitates the stealthiness of our attack. We conduct extensive experiments on three dominant NLP tasks based on nine language models to demonstrate the effectiveness and universality of our attack. The code of this work is available at https://github.com/Jinxhy/TFLexAttack. CCS CONCEPTS• Security and privacy → Web application security; • Social and professional topics → social impact; • Computing methodologies → Natural language processing.

show abstract

Section: Backdoor Attacksmentioning

confidence: 99%

Training-free Lexical Backdoor Attacks on Language Models

Huang,

Zhuo,

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

Secure and Trustworthy Artificial Intelligence-extended Reality (AI-XR) for Metaverses

Qayyum,

Butt,

Ali

et al. 2024

ACM Comput. Surv.

View full text Add to dashboard Cite

Metaverse is expected to emerge as a new paradigm for the next-generation Internet, providing fully immersive and personalised experiences to socialize, work, and play in self-sustaining and hyper-spatio-temporal virtual world(s). The advancements in different technologies like augmented reality, virtual reality, extended reality (XR), artificial intelligence (AI), and 5G/6G communication will be the key enablers behind the realization of AI-XR metaverse applications. While AI itself has many potential applications in the aforementioned technologies (e.g., avatar generation, network optimization, etc.), ensuring the security of AI in critical applications like AI-XR metaverse applications is profoundly crucial to avoid undesirable actions that could undermine users’ privacy and safety, consequently putting their lives in danger. To this end, we attempt to analyze the security, privacy, and trustworthiness aspects associated with the use of various AI techniques in AI-XR metaverse applications. Specifically, we discuss numerous such challenges and present a taxonomy of potential solutions that could be leveraged to develop secure, private, robust, and trustworthy AI-XR applications. To highlight the real implications of AI-associated adversarial threats, we designed a metaverse-specific case study and analyzed it through the adversarial lens. Finally, we elaborate upon various open issues that require further research interest from the community.

show abstract

SentMod: Hidden Backdoor Attack on Unstructured Textual Data

Cited by 2 publications

References 19 publications

Training-free Lexical Backdoor Attacks on Language Models

Training-free Lexical Backdoor Attacks on Language Models

Secure and Trustworthy Artificial Intelligence-extended Reality (AI-XR) for Metaverses

Contact Info

Product

Resources

About