Pith. sign in

REVIEW 7 cited by

Data Poisoning in Deep Learning: A Survey

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 2503.22759 v1 pith:TQPAU7HO submitted 2025-03-27 cs.CR cs.AI

Data Poisoning in Deep Learning: A Survey

classification cs.CR cs.AI
keywords datapoisoningdeeplearningattackssurveytrainingacross
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

Deep learning has become a cornerstone of modern artificial intelligence, enabling transformative applications across a wide range of domains. As the core element of deep learning, the quality and security of training data critically influence model performance and reliability. However, during the training process, deep learning models face the significant threat of data poisoning, where attackers introduce maliciously manipulated training data to degrade model accuracy or lead to anomalous behavior. While existing surveys provide valuable insights into data poisoning, they generally adopt a broad perspective, encompassing both attacks and defenses, but lack a dedicated, in-depth analysis of poisoning attacks specifically in deep learning. In this survey, we bridge this gap by presenting a comprehensive and targeted review of data poisoning in deep learning. First, this survey categorizes data poisoning attacks across multiple perspectives, providing an in-depth analysis of their characteristics and underlying design princinples. Second, the discussion is extended to the emerging area of data poisoning in large language models(LLMs). Finally, we explore critical open challenges in the field and propose potential research directions to advance the field further. To support further exploration, an up-to-date repository of resources on data poisoning in deep learning is available at https://github.com/Pinlong-Zhao/Data-Poisoning.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 7 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Out of Sight: Compression-Aware Content Protection against Agentic Crawlers

    cs.CR 2026-07 conditional novelty 7.0

    Invisible Unicode perturbations, optimized from surrogate compressors then adapted by prior-guided evolution under a low query budget, cause large information loss in agent context compression without changing human-v...

  2. Reinforcement Learning Disrupts Gradient-Based Adversarial Optimization

    cs.LG 2026-06 unverdicted novelty 6.0

    RL training disrupts gradient-based adversarial attacks by inducing unstable low-magnitude gradients that limit the effectiveness of methods like PGD within practical budgets.

  3. When AI reviews science: Can we trust the referee?

    cs.AI 2026-04 unverdicted novelty 6.0

    AI peer review systems are vulnerable to prompt injections, prestige biases, assertion strength effects, and contextual poisoning, as demonstrated by a new attack taxonomy and causal experiments on real conference sub...

  4. Safety, Security, and Cognitive Risks in World Models

    cs.CR 2026-04 unverdicted novelty 6.0

    World models enable efficient AI planning but create risks from adversarial corruption, goal misgeneralization, and human bias, demonstrated via attacks that amplify errors and reduce rewards on models like RSSM and D...

  5. Quality Degradation Attack in Synthetic Data

    cs.CR 2026-01 unverdicted novelty 6.0

    Adversaries can degrade synthetic data quality via small manipulations such as label flipping or feature-importance interventions, substantially harming downstream model performance and increasing statistical divergen...

  6. Scam2Prompt: A Scalable Framework for Auditing Malicious Scam Endpoints in Production LLMs

    cs.CR 2025-09 unverdicted novelty 6.0

    Scam2Prompt is a framework that converts scam-site intents into developer-style prompts and measures how often production LLMs generate malicious code, finding rates from 4.24% to 47.3% across eleven models and showin...

  7. Hijacking Text Heritage: Hiding the Human Signature through Homoglyphic Substitution

    cs.CR 2026-04 unverdicted novelty 5.0

    Homoglyph substitution on text degrades stylometric systems to hide author signatures and personal information.