Backdoor Attack
205 papers with code • 0 benchmarks • 0 datasets
Backdoor attacks inject maliciously constructed data into a training set so that, at test time, the trained model misclassifies inputs patched with a backdoor trigger as an adversarially-desired target class.
Benchmarks
These leaderboards are used to track progress in Backdoor Attack
Libraries
Use these libraries to find Backdoor Attack models and implementationsMost implemented papers
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning
In particular, our BadEncoder injects backdoors into a pre-trained image encoder such that the downstream classifiers built based on the backdoored image encoder for different downstream tasks simultaneously inherit the backdoor behavior.
An Embarrassingly Simple Backdoor Attack on Self-supervised Learning
As a new paradigm in machine learning, self-supervised learning (SSL) is capable of learning high-quality representations of complex data without relying on labels.
Hidden Trigger Backdoor Attacks
UMBCvision/Hidden-Trigger-Backdoor-Attacks
•
•
Backdoor attacks are a form of adversarial attacks on deep networks where the attacker provides poisoned data to the victim to train the model with, and then activates the attack by showing a specific small trigger pattern at the test time.
Reflection Backdoor: A Natural Backdoor Attack on Deep Neural Networks
bboylyg/NAD
•
•
ECCV 2020
A backdoor attack installs a backdoor into the victim model by injecting a backdoor pattern into a small proportion of the training data.
FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis
However, designing a unified BA method that can be applied to various MIA systems is challenging due to the diversity of imaging modalities (e. g., X-Ray, CT, and MRI) and analysis tasks (e. g., classification, detection, and segmentation).
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information
ruoxi-jia-group/narcissus-backdoor-attack
•
•
With poisoning equal to or less than 0. 5% of the target-class data and 0. 05% of the training set, we can train a model to classify test examples from arbitrary classes into the target class when the examples are patched with a backdoor trigger.
DBA: Distributed Backdoor Attacks against Federated Learning
Compared to standard centralized backdoors, we show that DBA is substantially more persistent and stealthy against FL on diverse datasets such as finance and image data.
Backdoor Attacks to Graph Neural Networks
Specifically, we propose a \emph{subgraph based backdoor attack} to GNN for graph classification.
Graph Backdoor
One intriguing property of deep neural networks (DNNs) is their inherent vulnerability to backdoor attacks -- a trojan model responds to trigger-embedded inputs in a highly predictable manner while functioning normally otherwise.
Embedding and Extraction of Knowledge in Tree Ensemble Classifiers
Whilst, as the increasing use of machine learning models in security-critical applications, the embedding and extraction of malicious knowledge are equivalent to the notorious backdoor attack and its defence, respectively.
