Skip to the content.

Table of Contents

List of Papers

Refine by venue

Venue list:

Update: 2024.11.21

CVPR

2024

  1. ⚔️ Physical Backdoor: Towards Temperature-Based Backdoor Attacks in the Physical World. [pdf]
    • Wen Yin, Jian Lou, Pan Zhou, Yulai Xie, Dan Feng, Yuhua Sun, Tailai Zhang, Lichao Sun. CVPR 2024.
  2. ⚔️ Adversarial Backdoor Attack by Naturalistic Data Poisoning on Trajectory Prediction in Autonomous Driving. [pdf]
    • Mozhgan Pourkeshavarz, Mohammad Sabokrou, Amir Rasouli. CVPR 2024.
  3. ⚔️ BadCLIP: Trigger-Aware Prompt Learning for Backdoor Attacks on CLIP. [pdf]
    • Jiawang Bai, Kuofeng Gao, Shaobo Min, Shu-Tao Xia, Zhifeng Li, Wei Liu. CVPR 2024.
  4. ⚔️ Data Poisoning Based Backdoor Attacks to Contrastive Learning. [pdf]
    • Jinghuai Zhang, Hongbin Liu, Jinyuan Jia, Neil Zhenqiang Gong. CVPR 2024.
  5. 🛡Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transfomers. [pdf]
    • Sheng Yang, Jiawang Bai, Kuofeng Gao, Yong Yang, Yiming Li, Shu-Tao Xia. CVPR 2024.
  6. 🛡Nearest is Not Dearest: Towards Practical Defense Against Quantization-Conditioned Backdoor Attacks. [pdf]
    • Boheng Li, Yishuo Cai, Haowei Li, Feng Xue, Zhifeng Li, Yiming Li. CVPR 2024.
  7. 🛡Backdoor Defense via Test-Time Detecting and Repairing. [pdf]
    • Jiyang Guan, Jian Liang, Ran He. CVPR 2024.
  8. ⚔️ BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning. [pdf]
    • Siyuan Liang, Mingli Zhu, Aishan Liu, Baoyuan Wu, Xiaochun Cao, Ee-Chien Chang. CVPR 2024.
  9. ⚔️ Lotus: Evasive and Resilient Backdoor Attacks through Sub-Partitioning. [pdf]
    • Siyuan Cheng, Guanhong Tao, Yingqi Liu, Guangyu Shen, Shengwei An, Shiwei Feng, Xiangzhe Xu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang. CVPR 2024.
  10. 🛡Semantic Shield: Defending Vision-Language Models Against Backdooring and Poisoning via Fine-Grained Knowledge Alignment. [pdf]
    • Alvi Md. Ishmam, Christopher Thomas. CVPR 2024.

2023

  1. 🛡Backdoor Defense via Adaptively Splitting Poisoned Dataset. [pdf]
    • Kuofeng Gao, Yang Bai, Jindong Gu, Yong Yang, Shu-Tao Xia. CVPR 2023.
  2. ⚔️ How to Backdoor Diffusion Models? [pdf]
    • Sheng-Yen Chou, Pin-Yu Chen, Tsung-Yi Ho. CVPR 2023.
  3. ⚔️ Single Image Backdoor Inversion via Robust Smoothed Classifiers. [pdf]
    • Mingjie Sun, Zico Kolter. CVPR 2023.
  4. ⚔️ Color Backdoor: A Robust Poisoning Attack in Color Space. [pdf]
    • Wenbo Jiang, Hongwei Li, Guowen Xu, Tianwei Zhang. CVPR 2023.
  5. 🛡Backdoor Cleansing with Unlabeled Data. [pdf]
    • Lu Pang, Tao Sun, Haibin Ling, Chao Chen. CVPR 2023.
  6. 🛡Backdoor Defense via Deconfounded Representation Learning. [pdf]
    • Zaixi Zhang, Qi Liu, Zhicai Wang, Zepu Lu, Qingyong Hu. CVPR 2023.
  7. 🛡Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning. [pdf]
    • Ajinkya Tejankar, Maziar Sanjabi, Qifan Wang, Sinong Wang, Hamed Firooz, Hamed Pirsiavash, Liang Tan. CVPR 2023.
  8. ⚔️ Backdoor Attacks Against Deep Image Compression via Adaptive Frequency Trigger. [pdf]
    • Yi Yu, Yufei Wang, Wenhan Yang, Shijian Lu, Yap-Peng Tan, Alex C. Kot. CVPR 2023.
  9. 🛡Detecting Backdoors in Pre-trained Encoders. [pdf]
    • Shiwei Feng, Guanhong Tao, Siyuan Cheng, Guangyu Shen, Xiangzhe Xu, Yingqi Liu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang. CVPR 2023.
  10. 🛡Detecting Backdoors During the Inference Stage Based on Corruption Robustness Consistency. [pdf]
    • Xiaogeng Liu, Minghui Li, Haoyu Wang, Shengshan Hu, Dengpan Ye, Hai Jin, Libing Wu, Chaowei Xiao. CVPR 2023.
  11. 🛡MEDIC: Remove Model Backdoors via Importance Driven Cloning. [pdf]
    • Qiuling Xu, Guanhong Tao, Jean Honorio, Yingqi Liu, Shengwei An, Guangyu Shen, Siyuan Cheng, Xiangyu Zhang. CVPR 2023.
  12. 🛡Progressive Backdoor Erasing via connecting Backdoor and Adversarial Attacks. [pdf]
    • Bingxu Mu, Zhenxing Niu, Le Wang, Xue Wang, Qiguang Miao, Rong Jin, Gang Hua. CVPR 2023.
  13. ⚔️ The Dark Side of Dynamic Routing Neural Networks: Towards Efficiency Backdoor Injection. [pdf]
    • Simin Chen, Hanlin Chen, Mirazul Haque, Cong Liu, Wei Yang. CVPR 2023.
  14. ⚔️ Architectural Backdoors in Neural Networks. [pdf]
    • Mikel Bober-Irizar, Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Nicolas Papernot. CVPR 2023.
  15. ⚔️ You Are Catching My Attention: Are Vision Transformers Bad Learners under Backdoor Attacks? [pdf]
    • Zenghui Yuan, Pan Zhou, Kai Zou, Yu Cheng. CVPR 2023.

2022

  1. ⚔️ Backdoor Attacks on Self-Supervised Learning. [pdf]
    • Aniruddha Saha, Ajinkya Tejankar, Soroush Abbasi Koohpayegani, Hamed Pirsiavash. CVPR 2022.
  2. ⚔️ Towards Practical Deployment-Stage Backdoor Attack on Deep Neural Networks. [pdf]
    • Xiangyu Qi, Tinghao Xie, Ruizhe Pan, Jifeng Zhu, Yong Yang, Kai Bu. CVPR 2022.
  3. 🛡Few-shot Backdoor Defense Using Shapley Estimation. [pdf]
    • Jiyang Guan, Zhuozhuo Tu, Ran He, Dacheng Tao. CVPR 2022.
  4. 🛡Better Trigger Inversion Optimization in Backdoor Scanning. [pdf]
    • Guanhong Tao, Guangyu Shen, Yingqi Liu, Shengwei An, Qiuling Xu, Shiqing Ma, Pan Li, Xiangyu Zhang. CVPR 2022.
  5. 🛡Complex Backdoor Detection by Symmetric Feature Differencing. [pdf]
    • Yingqi Liu, Guangyu Shen, Guanhong Tao, Zhenting Wang, Shiqing Ma, Xiangyu Zhang. CVPR 2022.
  6. ⚔️ DEFEAT: Deep Hidden Feature Backdoor Attacks by Imperceptible Perturbation and Latent Representation Constraints. [pdf]
    • Zhendong Zhao, Xiaojun Chen, Yuexin Xuan, Ye Dong, Dakui Wang, Kaitai Liang. CVPR 2022.
  7. ⚔️ Dual-Key Multimodal Backdoors for Visual Question Answering. [pdf]
    • Matthew Walmer, Karan Sikka, Indranil Sur, Abhinav Shrivastava, Susmit Jha. CVPR 2022.
  8. ⚔️ FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis. [pdf]
    • Yu Feng, Benteng Ma, Jing Zhang, Shanshan Zhao, Yong Xia, Dacheng Tao. CVPR 2022.

2021

  1. ⚔️ Backdoor Attacks Against Deep Learning Systems in the Physical World. [pdf]
    • Emily Wenger, Josephine Passananti, Arjun Nitin Bhagoji, Yuanshun Yao, Haitao Zheng, Ben Y. Zhao. CVPR 2021.

2020

  1. 🛡 Universal Litmus Patterns: Revealing Backdoor Attacks in CNNs. [pdf]
    • Soheil Kolouri, Aniruddha Saha, Hamed Pirsiavash, Heiko Hoffmann. CVPR 2020.
  2. ⚔️ Clean-Label Backdoor Attacks on Video Recognition Models. [pdf]
    • Shihao Zhao, Xingjun Ma, Xiang Zheng, James Bailey, Jingjing Chen, Yu-Gang Jiang. CVPR 2020.

Refine by theme

1. Survey

  1. Backdoor Learning: A Survey.
    • Yiming Li, Yong Jiang, Zhifeng Li, Shu-Tao Xia. TNNLS, 2024. backdoor attack
  2. Physical Adversarial Attack Meets Computer Vision: A Decade Survey.
    • Hui Wei, Hao Tang, Xuemei Jia, Zhixiang Wang, Hanxun Yu, Zhubo Li, Shin’ichi Satoh, Luc Van Gool, Zheng Wang. TPAMI, 2024. physical adversarial attack
  3. Physical Adversarial Attacks for Surveillance: A survey.
    • Kien Nguyen , Tharindu Fernando , Clinton Fookes , Sridha Sridharan. TNNLS, 2023. physical adversarial attack
  4. A Survey on Physical Adversarial Attack in Computer Vision.
    • Donghua Wang, Wen Yao, Tingsong Jiang, Guijian Tang, Xiaoqian Chen. Arxiv, 2023. Physical adversarial attack
  5. Visually adversarial attacks and defenses in the physical world: A survey.
    • Xingxing Wei, Bangzheng Pu, Jiefan Lu, Baoyuan Wu. Arxiv, 2022. adversarial attack
  6. A survey of practical adversarial example attacks.
    • Lu Sun, Mingtian Tan, Zhe Zhou. Cybersecurity, 2018. adversarial attack

2. Poison and Backdoor

2.1. Visual Task

2.1.1. Image Classification

  1. BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain.
    • Tianyu Gu, Brendan Dolan-Gavitt, Siddharth Garg. Arxiv, 2017. BadNets.
  2. Invisible Backdoor Attack against 3D Point Cloud Classifier in Graph Spectral Domain.
    • Linkun Fan, Fazhi He, Tongzhen Si, Wei Tang, Bing Li. AAAI, 2024. 3D Point Cloud.

2.1.2. Object Detection

  1. Untargeted backdoor attack against object detection.
    • Chengxiao Luo,Yiming Li, Yong Jiang, Shu-Tao Xia. ICASSP, 2023.
  2. Mask-based Invisible Backdoor Attacks on Object Detection.
    • Jeongjin Shin. Arxiv, 2023.
  3. Attacking by Aligning: Clean-Label Backdoor Attacks on Object Detection.
    • Yize Cheng, Wenbin Hu, Minhao Cheng. Arxiv, 2023.
  4. BadDet: Backdoor Attacks on Object Detection.
    • Shih-Han Chan, Yinpeng Dong, Jun Zhu, Xiaolu Zhang, Jun Zhou. ECCV workshops, 2022.

2.1.3. 3D Object Detection

  1. BadFusion: 2D-Oriented Backdoor Attacks against 3D Object Detection.
    • Saket S. Chaturvedi, Lan Zhang, Wenbin Zhang, Pan He, Xiaoyong Yuan. IJCAI, 2024.

2.1.4. Image Segmentation

  1. BadSAM: Exploring Security Vulnerabilities of SAM via Backdoor Attacks (Student Abstract).
    • Zihan Guan, Mengxuan Hu, Zhongliang Zhou, Jielu Zhang, Sheng Li, Ninghao Liu. AAAI, 2024.

2.1.5. Person Re-Identification

  1. Invisible backdoor attack with dynamic triggers against person re-identification.
    • Wenli Sun, Xinyang Jiang, Shuguang Dou, Dongsheng Li, Duoqian Miao, Cheng Deng, Cairong Zhao. TIFS, 2024.
  2. DiffPhysBA: Diffusion-based Physical Backdoor Attack against Person Re-Identification in Real-World.
    • Wenli Sun, Xinyang Jiang, Dongsheng Li, Cairong Zhao. arxiv, 2024.

2.1.6. Video Recognition

  1. PALETTE : Physically-Realizable Backdoor Attacks Against Video Recognition Models.
    • Xueluan Gong, Zheng Fang, Bowen Li, Tao Wang, Yanjiao Chen, Qian Wang. TDSC, 2024.
  2. Temporal-Distributed Backdoor Attack against Video Based Action Recognition.
    • Xi Li, Songhe Wang, Ruiquan Huang, Mahanth Gowda, George Kesidis. AAAI, 2024.
  3. Clean-Label Backdoor Attacks on Video Recognition Models.
    • Shihao Zhao, Xingjun Ma, Xiang Zheng, James Bailey, Jingjing Chen, Yu-Gang Jiang. CVPR, 2020.

2.2. Textual Task

2.2.1. Text-to-Image

  1. Large Language Models are Good Attackers: Efficient and Stealthy Textual Backdoor Attacks.
    • Ziqiang Li, Yueqi Zeng, Pengfei Xia, Lei Liu, Zhangjie Fu, Bin Li. arxiv, 2024.
  2. Personalization as a Shortcut for Few-Shot Backdoor Attack against Text-to-Image Diffusion Models.
    • Yihao Huang, Felix Juefei-Xu, Qing Guo, Jie Zhang, Yutong Wu, Ming Hu, Tianlin Li, Geguang Pu, Yang Liu. AAAI, 2024.

2.3. Federated Learning

  1. Beyond Traditional Threats: A Persistent Backdoor Attack on Federated Learning.
    • AAAI, 2024.
  2. Resisting Backdoor Attacks in Federated Learning via Bidirectional Elections and Individual Perspective.
    • AAAI, 2024.
  3. Chronic Poisoning: Backdoor Attack against Split Learning.
    • AAAI, 2024.
  4. On the Vulnerability of Backdoor Defenses for Federated Learning.
    • AAAI, 2023.
  5. Poisoning with Cerberus: Stealthy and Colluded Backdoor Attack against Federated Learning.
    • AAAI, 2023.

1.3. Diffusion Model

1.4. Reinforcement Learning

1.5. Recommendation Systems

1.6. Few-shot Learning

####

1.X. Defense

1.XX. Others

3. Adversarial Examples

Acknowledgement