Related papers: BackdoorBench: A Comprehensive Benchmark of Backdoor Learning

BackdoorBench: A Comprehensive Benchmark of Backdoor Learning

URL: http://arxiv.org/abs/2206.12654v1
Date: Sat, 25 Jun 2022 13:48:04 GMT
Title: BackdoorBench: A Comprehensive Benchmark of Backdoor Learning
Authors: Baoyuan Wu, Hongrui Chen, Mingda Zhang, Zihao Zhu, Shaokui Wei, Danni Yuan, Chao Shen, Hongyuan Zha
Abstract summary: Backdoor learning is an emerging and important topic of studying the vulnerability of deep neural networks (DNNs) Many pioneering backdoor attack and defense methods are being proposed successively or concurrently, in the status of a rapid arms race. We build a comprehensive benchmark of backdoor learning, called BackdoorBench.
Score: 57.932398227755044
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: Backdoor learning is an emerging and important topic of studying the vulnerability of deep neural networks (DNNs). Many pioneering backdoor attack and defense methods are being proposed successively or concurrently, in the status of a rapid arms race. However, we find that the evaluations of new methods are often unthorough to verify their claims and real performance, mainly due to the rapid development, diverse settings, as well as the difficulties of implementation and reproducibility. Without thorough evaluations and comparisons, it is difficult to track the current progress and design the future development roadmap of the literature. To alleviate this dilemma, we build a comprehensive benchmark of backdoor learning, called BackdoorBench. It consists of an extensible modular based codebase (currently including implementations of 8 state-of-the-art (SOTA) attack and 9 SOTA defense algorithms), as well as a standardized protocol of a complete backdoor learning. We also provide comprehensive evaluations of every pair of 8 attacks against 9 defenses, with 5 poisoning ratios, based on 5 models and 4 datasets, thus 8,000 pairs of evaluations in total. We further present analysis from different perspectives about these 8,000 evaluations, studying the effects of attack against defense algorithms, poisoning ratio, model and dataset in backdoor learning. All codes and evaluations of BackdoorBench are publicly available at \url{https://backdoorbench.github.io}.

Related papers

BackdoorBench: A Comprehensive Benchmark and Analysis of Backdoor Learning [41.66647711306716]
We build a comprehensive benchmark of backdoor learning called BackdoorBench. We provide an integrated implementation of state-of-the-art (SOTA) backdoor learning algorithms. We conduct comprehensive evaluations with 5 poisoning ratios, based on 4 models and 4 datasets, leading to 11,492 pairs of attack-against-defense evaluations.
arXiv Detail & Related papers (2024-07-29T09:57:03Z)
BackdoorBench: A Comprehensive Benchmark and Analysis of Backdoor Learning [41.66647711306716]
We build a comprehensive benchmark of backdoor learning called BackdoorBench. We provide an integrated implementation of state-of-the-art (SOTA) backdoor learning algorithms. We conduct comprehensive evaluations of 12 attacks against 16 defenses, with 5 poisoning ratios, based on 4 models and 4 datasets.
arXiv Detail & Related papers (2024-01-26T17:03:38Z)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks [72.7373468905418]
We develop an open-source toolkit OpenBackdoor to foster the implementations and evaluations of textual backdoor learning. We also propose CUBE, a simple yet strong clustering-based defense baseline.
arXiv Detail & Related papers (2022-06-17T02:29:23Z)
Anti-Backdoor Learning: Training Clean Models on Poisoned Data [17.648453598314795]
Backdoor attack has emerged as a major security threat to deep neural networks (DNNs) We introduce the concept of emphanti-backdoor learning, aiming to train emphclean models given backdoor-poisoned data. We empirically show that ABL-trained models on backdoor-poisoned data achieve the same performance as they were trained on purely clean data.
arXiv Detail & Related papers (2021-10-22T03:30:48Z)
Black-box Detection of Backdoor Attacks with Limited Information and Data [56.0735480850555]
We propose a black-box backdoor detection (B3D) method to identify backdoor attacks with only query access to the model. In addition to backdoor detection, we also propose a simple strategy for reliable predictions using the identified backdoored models.
arXiv Detail & Related papers (2021-03-24T12:06:40Z)
Backdoor Learning: A Survey [75.59571756777342]
Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs) Backdoor learning is an emerging and rapidly growing research area. This paper presents the first comprehensive survey of this realm.
arXiv Detail & Related papers (2020-07-17T04:09:20Z)
Backdoors in Neural Models of Source Code [13.960152426268769]
We study backdoors in the context of deep-learning for source code. We show how to poison a dataset to install such backdoors. We also show the ease of injecting backdoors and our ability to eliminate them.
arXiv Detail & Related papers (2020-06-11T21:35:24Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.