pith:UUKNPT22
Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning
A backdoor adversary can inject only around 50 poisoning samples to achieve over 90 percent attack success rate in deep learning systems.
arxiv:1712.05526 v1 · 2017-12-15 · cs.CR · cs.LG
Add to your LaTeX paper
\usepackage{pith}
\pithnumber{UUKNPT22KNHQIW6ZBRKVOKLB7H}
Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge
Record completeness
Claims
a backdoor adversary can inject only around 50 poisoning samples, while achieving an attack success rate of above 90%. We are also the first work to show that a data poisoning attack can create physically implementable backdoors without touching the training process.
The victim training pipeline allows injection of a small number of poisoning samples and the model will learn the association between the imperceptible trigger and the target label from those samples alone.
Injecting around 50 poisoned samples with a stealthy trigger creates backdoors in deep learning models achieving over 90% attack success under a weak threat model with no model or data knowledge required.
References
Formal links
Cited by
Receipt and verification
| First computed | 2026-05-18T03:17:11.271452Z |
|---|---|
| Builder | pith-number-builder-2026-05-17-v1 |
| Signature | Pith Ed25519
(pith-v1-2026-05) · public key |
| Schema | pith-number/v1.0 |
Canonical hash
a514d7cf5a534f045bd90c55572961f9cd906a9875384f56939c032093e542b5
Aliases
· · · · ·Agent API
Verify this Pith Number yourself
curl -sH 'Accept: application/ld+json' https://pith.science/pith/UUKNPT22KNHQIW6ZBRKVOKLB7H \
| jq -c '.canonical_record' \
| python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: a514d7cf5a534f045bd90c55572961f9cd906a9875384f56939c032093e542b5
Canonical record JSON
{
"metadata": {
"abstract_canon_sha256": "97e573e4a703a1f54ddb68b78d1d4f418db6a939dc53f98a6f11c566fbc481d4",
"cross_cats_sorted": [
"cs.LG"
],
"license": "http://arxiv.org/licenses/nonexclusive-distrib/1.0/",
"primary_cat": "cs.CR",
"submitted_at": "2017-12-15T04:26:26Z",
"title_canon_sha256": "3b3a93952bb15be6868655fbe357bf682e384148cdd671f839d8e05d15e044d4"
},
"schema_version": "1.0",
"source": {
"id": "1712.05526",
"kind": "arxiv",
"version": 1
}
}