Backdoor Attacks on Video Segmentation Models
Published:Dec 26, 2025 14:48
•1 min read
•ArXiv
Analysis
This paper addresses a critical security vulnerability in prompt-driven Video Segmentation Foundation Models (VSFMs), which are increasingly used in safety-critical applications. It highlights the ineffectiveness of existing backdoor attack methods and proposes a novel, two-stage framework (BadVSFM) specifically designed to inject backdoors into these models. The research is significant because it reveals a previously unexplored vulnerability and demonstrates the potential for malicious actors to compromise VSFMs, potentially leading to serious consequences in applications like autonomous driving.
Key Takeaways
- •Classic backdoor attacks are ineffective against prompt-driven VSFMs.
- •The paper proposes BadVSFM, a two-stage framework to successfully inject backdoors.
- •BadVSFM achieves strong backdoor effects while maintaining clean segmentation performance.
- •The research reveals a previously unexplored vulnerability in VSFMs.
- •Existing defenses are largely ineffective against BadVSFM.
Reference
“BadVSFM achieves strong, controllable backdoor effects under diverse triggers and prompts while preserving clean segmentation quality.”