backdoor defense

33 papers with code • 0 benchmarks • 0 datasets

This task has no description! Would you like to contribute one?

Most implemented papers

FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis

hazardfy/fiba CVPR 2022

However, designing a unified BA method that can be applied to various MIA systems is challenging due to the diversity of imaging modalities (e. g., X-Ray, CT, and MRI) and analysis tasks (e. g., classification, detection, and segmentation).

ONION: A Simple and Effective Defense Against Textual Backdoor Attacks

thunlp/ONION EMNLP 2021

Nevertheless, there are few studies on defending against textual backdoor attacks.

LIRA: Learnable, Imperceptible and Robust Backdoor Attacks

pibo16/backdoor_attacks ICCV 2021

Under this optimization framework, the trigger generator function will learn to manipulate the input with imperceptible noise to preserve the model performance on the clean data and maximize the attack success rate on the poisoned data.

Backdoor Defense via Decoupling the Training Process

sclbd/dbd ICLR 2022

Recent studies have revealed that deep neural networks (DNNs) are vulnerable to backdoor attacks, where attackers embed hidden backdoors in the DNN model by poisoning a few training samples.

Clean-Label Backdoor Attacks on Video Recognition Models

ShihaoZhaoZSH/Video-Backdoor-Attack CVPR 2020

We propose the use of a universal adversarial trigger as the backdoor trigger to attack video recognition models, a situation where backdoor attacks are likely to be challenged by the above 4 strict conditions.

Towards Probabilistic Verification of Machine Unlearning

inspire-group/unlearning-verification 9 Mar 2020

In this work, we take the first step in proposing a formal framework to study the design of such verification mechanisms for data deletion requests -- also known as machine unlearning -- in the context of systems that provide machine learning as a service (MLaaS).

Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation

BililiCode/ARGD 21 Apr 2022

Due to the prosperity of Artificial Intelligence (AI) techniques, more and more backdoors are designed by adversaries to attack Deep Neural Networks (DNNs). Although the state-of-the-art method Neural Attention Distillation (NAD) can effectively erase backdoor triggers from DNNs, it still suffers from non-negligible Attack Success Rate (ASR) together with lowered classification ACCuracy (ACC), since NAD focuses on backdoor defense using attention features (i. e., attention maps) of the same order.

Model-Contrastive Learning for Backdoor Defense

wecanshow/mcl 9 May 2022

Due to the popularity of Artificial Intelligence (AI) techniques, we are witnessing an increasing number of backdoor injection attacks that are designed to maliciously threaten Deep Neural Networks (DNNs) causing misclassification.

MM-BD: Post-Training Detection of Backdoor Attacks with Arbitrary Backdoor Pattern Types Using a Maximum Margin Statistic

wanghangpsu/mm-bd 13 May 2022

Our detector leverages the influence of the backdoor attack, independent of the backdoor embedding mechanism, on the landscape of the classifier's outputs prior to the softmax layer.

Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork

vita-group/trap-and-replace-backdoor-defense 12 Oct 2022

As a result, both the stem and the classification head in the final network are hardly affected by backdoor training samples.