75 matches found
Poisoning AI Training Data
All it takes to poison AI training data is to create a website: I spent 20 minutes writing an article on my personal website titled "The best tech journalists at eating hot dogs." Every word is a lie. I claimed without evidence that competitive hot-dog-eating is a popular hobby among tech reporte...
Meta patents AI that could keep you posting from beyond the grave
Tech bros have been wanting to become immortal for years. Until they get there, their fallback might be continuing to post nonsense on social media from the afterlife. On December 30, 2025, Meta was granted US patent 12513102B2: Simulation of a user of a social networking system using a language...
LoRA As Oracle
Backdoored and privacy-leaking deep neural networks pose a serious threat to the deployment of machine learning systems in security-critical settings. Existing defenses for backdoor detection and membership inference typically require access to clean reference models, extensive retraining, or...
Learning the Wrong Lessons: Syntactic-Domain Spurious Correlations in Language Models
Whitepaper from researchers at MIT, Northeastern University, and Meta. For an LLM to correctly respond to an instruction it must understand both the semantics and the domain i.e., subject area of a given task-instruction pair. However, syntax can also convey implicit information Recent work shows...
Taught by the Flawed: How Dataset Insecurity Breeds Vulnerable AI Code
AI programming assistants have demonstrated a tendency to generate code containing basic security vulnerabilities. While developers are ultimately responsible for validating and reviewing such outputs, improving the inherent quality of these generated code snippets remains essential. A key...
You can poison AI with just 250 dodgy documents
Researchers have shown how you can corrupt an AI and make it talk gibberish by tampering with just 250 documents. The attack, which involves poisoning the data that an AI trains on, is the latest in a long line of research that has uncovered vulnerabilities in AI models. Anthropic which produces...
Pilot Contamination Attacks Detection with Machine Learning for Multi-User Massive MIMO
Massive multiple-input multiple-output MMIMO is essential to modern wireless communication systems, like 5G and 6G, but it is vulnerable to active eavesdropping attacks. One type of such attack is the pilot contamination attack PCA, where a malicious user copies pilot signals from an authentic us...
LinkedIn will use your data to train its AI unless you opt out now
LinkedIn plans to share user data with Microsoft and its affiliates for AI training. Framed as "legitimate interest", it won't ask for your permission—instead you'll have to opt out before the deadline. Microsoft has made major investments in ChatGPT’s creator OpenAI, and as we know, the more dat...
AI Training Data: Winning in the AI Boom
...
The 5 Golden Rules of Safe AI Adoption
Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place. For CISOs and security leaders like you, the challenge is clear: you don't wa...
Membership Inference Attack with Partial Features
Machine learning models have been shown to be susceptible to membership inference attack, which can be used to determine whether a given sample appears in the training data. Existing membership inference methods commonly assume that the adversary has full access to the features of the target...
Entangled Threats: a Unified Kill Chain Model for Quantum Machine Learning Security
Quantum Machine Learning QML systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoni...
The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation
Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...
On the Feasibility of Poisoning Text-To-Image AI Models Via Adversarial Mislabeling
Today's text-to-image generative models are trained on millions of images sourced from the Internet, each paired with a detailed caption produced by Vision-Language Models VLMs. This part of the training pipeline is critical for supplying the models with large volumes of high-quality image-captio...
Image Corruption-Inspired Membership Inference Attacks against Large Vision-Language Models
Large vision-language models LVLMs have demonstrated outstanding performance in many downstream tasks. However, LVLMs are trained on large-scale datasets, which can pose privacy risks if training images contain sensitive information. Therefore, it is important to detect whether an image is used t...
SoK: the Privacy Paradox of Large Language Models: Advancements, Privacy Risks, and Mitigation
Large language models LLMs are sophisticated artificial intelligence systems that enable machines to generate human-like text with remarkable precision. While LLMs offer significant technological progress, their development using vast amounts of user data scraped from the web and collected from...
LexiMark: Robust Watermarking via Lexical Substitutions to Enhance Membership Verification of an LLM's Textual Training Data
Large language models LLMs can be trained or fine-tuned on data obtained without the owner's consent. Verifying whether a specific LLM was trained on particular data instances or an entire dataset is extremely challenging. Dataset watermarking addresses this by embedding identifiable modification...
Unlearning-Enhanced Website Fingerprinting Attack: against Backdoor Poisoning in Anonymous Networks
Website Fingerprinting WF is an effective tool for regulating and governing the dark web. However, its performance can be significantly degraded by backdoor poisoning attacks in practical deployments. This paper aims to address the problem of hidden backdoor poisoning attacks faced by Website...
Certified Unlearning for Neural Networks
We address the problem of machine unlearning, where the goal is to remove the influence of specific training data from a model upon request, motivated by privacy concerns and regulatory requirements such as the "right to be forgotten." Unfortunately, existing methods rely on restrictive assumptio...
Private Memorization Editing: Turning Memorization into a Defense to Strengthen Data Privacy in Large Language Models
Large Language Models LLMs memorize, and thus, among huge amounts of uncontrolled data, may memorize Personally Identifiable Information PII, which should not be stored and, consequently, not leaked. In this paper, we introduce Private Memorization Editing PME, an approach for preventing private...