Researchers Demonstrate ProAttack Backdoor Bypassing Defenses

Researchers at Nanyang Technological University report a new prompt-based clean-label backdoor attack, ProAttack, that achieves near-100% success on multiple text-classification benchmarks without altering labels or inserting trigger words. They show traditional defenses (ONION, SCPD, back-translation, fine-pruning) fail consistently, while low-rank LoRA fine-tuning and other parameter-efficient methods substantially reduce attack success while preserving clean accuracy. The team cautions LoRA rank tuning and calls for broader validation across modalities and poison-label scenarios.