AIBearisharXiv – CS AI · Jun 257/10
🧠Researchers demonstrate that trigger color significantly affects the success of backdoor attacks in federated learning systems, with white triggers more effective against blonde-class targets and black triggers more effective against black-class targets. This finding reveals a previously underexplored vulnerability in distributed machine learning systems where poisoned updates can evade detection while maintaining benign performance.
AIBearisharXiv – CS AI · Jun 97/10
🧠Researchers demonstrate a novel backdoor attack against Federated Learning systems by exploiting hardware faults (bit-flips) to poison model parameters during training. The attack achieves 94% success rate on ResNet-18 with minimal fault injections, expanding the threat surface of distributed ML systems beyond software-based attacks.
AIBearisharXiv – CS AI · Jun 47/10
🧠Researchers demonstrate the first practical quantization-conditioned attack that reliably compromises large language models across advanced quantization methods including AWQ, GPTQ, and GGUF. The attack exploits how outlier weights cause rounding errors in modern quantization schemes, allowing adversaries to inject hidden malicious behaviors that activate only after quantization, posing significant security risks to the deployment pipeline.
AIBearisharXiv – CS AI · Jun 27/10
🧠Researchers have discovered a critical security vulnerability in Vision-Language-Action models used in robotics, demonstrating a stealthy backdoor attack called SILENTDRIFT that exploits action chunking mechanisms. The attack achieves 93.2% success rate while remaining visually undetectable, raising serious concerns about the safety of AI-powered robotic systems in critical applications.
AIBearisharXiv – CS AI · May 297/10
🧠Researchers demonstrate that LoRA adapters, widely used for fine-tuning large language models, can be backdoored through training data poisoning while maintaining clean performance. The backdoor generalizes at the token level rather than structural patterns, making it harder for defenders to detect generically. Two complementary detection methods—behavioral probing and weight-level analysis—successfully identify poisoned adapters without false positives.
AIBearisharXiv – CS AI · May 287/10
🧠Researchers have identified critical vulnerabilities in machine learning-based fault detection systems used in cyber-physical infrastructure, demonstrating that backdoor attacks can compromise these safety-critical systems with poisoning rates as low as 10%. This threat directly impacts smart grids, industrial automation, and other essential infrastructure that increasingly rely on AI models for anomaly detection and system recovery.
AI × CryptoBullisharXiv – CS AI · May 127/10
🤖Researchers present a novel federated learning architecture that integrates Zero-Knowledge Proofs to validate distributed machine learning computations while preserving privacy. The system addresses model poisoning attacks and scalability bottlenecks, achieving 94.2% accuracy retention across 1,000 parallel nodes—bridging cryptographic security with high-performance distributed AI.
AIBullisharXiv – CS AI · May 97/10
🧠DeTrigger is a new federated learning framework that uses gradient analysis to detect and neutralize backdoor attacks in distributed machine learning systems. The approach achieves 251x faster detection than existing methods while mitigating 98.9% of backdoor attacks with minimal accuracy loss, addressing a critical vulnerability in privacy-preserving collaborative AI training.
AIBearisharXiv – CS AI · May 17/10
🧠Researchers demonstrate a novel attack that steals sensitive secrets (API keys, personal identifiers, financial records) from locally fine-tuned language models by embedding malicious code in model architectures. The attack achieves over 98% success rate and bypasses current defense mechanisms including differential privacy and code auditing, exposing a critical supply-chain vulnerability in AI model development.
AIBearisharXiv – CS AI · Apr 207/10
🧠Researchers identify a critical vulnerability in federated learning systems where malicious 'dictator clients' can erase other participants' contributions while preserving their own, compromising the collaborative training process. The study provides theoretical and empirical analysis of single and multiple dictator scenarios, revealing fundamental security weaknesses in decentralized machine learning architectures.
AIBearisharXiv – CS AI · Apr 137/10
🧠Researchers demonstrate BadSkill, a backdoor attack that exploits AI agent ecosystems by embedding malicious logic in seemingly benign third-party skills. The attack achieves up to 99.5% success rate by poisoning bundled model artifacts to activate hidden payloads when specific trigger conditions are met, revealing a critical supply-chain vulnerability in extensible AI systems.
AIBearisharXiv – CS AI · Apr 137/10
🧠Researchers have developed XFED, a novel model poisoning attack that compromises federated learning systems without requiring attackers to communicate or coordinate with each other. The attack successfully bypasses eight state-of-the-art defenses, revealing fundamental security vulnerabilities in FL deployments that were previously underestimated.
AINeutralarXiv – CS AI · Jun 96/10
🧠Researchers propose a novel defense mechanism called model multiplicity to detect poisoning attacks in distributed small language model training on edge devices. Instead of maintaining a single global model, the system trains multiple independent models on different device subsets, using divergence between them to identify adversarial behavior—outperforming traditional single-model defenses.
AIBearisharXiv – CS AI · May 46/10
🧠Researchers have developed BadSNN, a novel backdoor attack method targeting Spiking Neural Networks by exploiting hyperparameter variations in spiking neurons. The attack demonstrates superior performance compared to existing backdoor methods and shows resistance to current mitigation techniques, raising security concerns for SNNs used in edge computing and neuromorphic applications.