manjunath5496/TrojAI-Papers

"An entire mythology is stored within our language."― Ludwig Wittgenstein

TrojAI Papers

• What Doesn’t Kill You Makes You Robust(er): Adversarial Training against Poisons and Backdoors
• Poisoned Classifiers Are Not Only Backdoored, They Are Fundamentally Broken
• Practical Detection of Trojan Neural Networks: Data-Limited and Data-Free Cases
• MetaPoison: Practical General-purpose Clean-label Data Poisoning
• Trojaning Language Models for Fun and Profit
• Neural Attention Distillation: Erasing Backdoor Triggers From Deep Neural Networks
• Transferable Clean-Label Poisoning Attacks on Deep Neural Nets
• Design Of Intentional Backdoors In Sequential Models
• Backdoor Attack with Sample-Specific Triggers
• Explaining Vulnerabilities to Adversarial Machine Learning through Visual Analytics
• SentiNet: Detecting Localized Universal Attacks Against Deep Learning Systems
• Februus: Input Purification Defense Against Trojan Attacks on Deep Neural Network Systems
• Explainability Matters: Backdoor Attacks on Medical Imaging
• Rethinking The Trigger Of Backdoor Attack
• Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning
• Backdoor Attacks on Self-Supervised Learning
• Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks
• Deep Learning Backdoors
• Data Poisoning Attacks Against Federated Learning Systems
• TrojDRL: Trojan Attacks on Deep Reinforcement Learning Agents
• The Design and Development of Games with a Purpose for AI Systems
• Witches' Brew: Industrial Scale Data Poisoning Via Gradient Matching
• DeepSweep: An Evaluation Framework for Mitigating DNN Backdoor Attacks using Data Augmentation
• Label-Consistent Backdoor Attacks
• Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks
• HaS-Nets: A Heal and Select Mechanism to Defend DNNs Against Backdoor Attacks for Data Collection Scenarios
• TamperNN: Efficient Tampering Detection of Deployed Neural Nets
• ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation
• DeepPoison: Feature Transfer Based Stealthy Poisoning Attack for DNNs
• Trojaning Attack on Neural Networks
• One-to-N & N-to-One: Two Advanced Backdoor Attacks against Deep Learning Models
• A Sweet Rabbit Hole by DARCY: Using Honeypots to Detect Universal Trigger's Adversarial Attacks
• SPECTRE: Defending Against Backdoor Attacks Using Robust Covariance Estimation
• Attack of the Tails: Yes, You Really Can Backdoor Federated Learning
• Wanet – Imperceptible Warping-based Backdoor Attack
• Covert Model Poisoning Against Federated Learning: Algorithm Design and Optimization
• Poison as a Cure: Detecting & Neutralizing Variable-Sized Backdoor Attacks in Deep Neural Networks
• BAAAN: Backdoor Attacks Against Autoencoder and GAN-Based Machine Learning Models
• Input-Aware Dynamic Backdoor Attack
• AEGIS: Exposing Backdoors in Robust Machine Learning Models
• BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain
• Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering
• Defending Neural Backdoors via Generative Distribution Modeling
• Backdoor Learning: A Survey
• An Embarrassingly Simple Approach for Trojan Attack in Deep Neural Networks
• Blind Backdoors in Deep Learning Models
• TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems
• Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy
• PoTrojan: powerful neuron-level trojan designs in deep learning models
• Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review
• Model-Targeted Poisoning Attacks with Provable Convergence
• Provable Defense Against Delusive Poisoning
• Reverse Engineering Imperceptible Backdoor Attacks On Deep Neural Networks For Detection And Training Set Cleansing
• Backdoor Attacks Against Deep Learning Systems in the Physical World
• Regula Sub-rosa: Latent Backdoor Attacks on Deep Neural Networks
• PointBA: Towards Backdoor Attacks in 3D Point Cloud
• TROJANZOO: Everything you ever wanted to know about neural backdoors (but were afraid to ask)
• A Backdoor Attack against 3D Point Cloud Classifiers
• FaceHack: Triggering backdoored facial recognition systems using facial characteristics
• Universal Litmus Patterns: Revealing Backdoor Attacks in CNNs
• Rethinking the Backdoor Attacks’ Triggers: A Frequency Perspective
• A Master Key Backdoor for Universal Impersonation Attack against DNN-based Face Verification
• De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks
• How To Backdoor Federated Learning
• Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection
• TOP: Backdoor Detection in Neural Networks via Transferability of Perturbation
• CLEANN: Accelerated Trojan Shield for Embedded Neural Networks
• Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization
• Poisoning MorphNet for Clean-Label Backdoor Attack to Point Clouds
• On the Effectiveness of Mitigating Data Poisoning Attacks with Gradient Shaping
• Invisible Backdoor Attacks on Deep Neural Networks via Steganography and Regularization
• Detecting Backdoors in Neural Networks Using Novel Feature-Based Anomaly Detection
• Backdoor Attacks on Federated Meta-Learning
• Hu-Fu: Hardware and Software Collaborative Attack Framework against Neural Networks
• Model-Reuse Attacks on Deep Learning Systems
• Detecting AI Trojans Using Meta Neural Analysis
• Online Defense of Trojaned Models using Misattributions
• Strong Data Augmentation Sanitizes Poisoning And Backdoor Attacks Without An Accuracy Tradeoff
• Bullseye Polytope: A Scalable Clean-Label Poisoning Attack with Improved Transferability
• Black-box Detection of Backdoor Attacks with Limited Information and Data
• Hidden Trigger Backdoor Attacks
• Design and Evaluation of a Multi-Domain Trojan Detection Method on Deep Neural Networks
• Backdooring and Poisoning Neural Networks with Image-Scaling Attacks
• NeuronInspect: Detecting Backdoors in Neural Networks via Output Explanations
• Generative Poisoning Attack Method Against Neural Networks
• Poison Attacks against Text Datasets with Conditional Adversarially Regularized Autoencoder
• Data Poisoning Attacks to Deep Learning Based Recommender Systems
• Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems
• Programmable Neural Network Trojan for Pre-Trained Feature Extractor
• Vulnerabilities of Connectionist AI Applications: Evaluation and Defence
• STRIP: A Defence Against Trojan Attacks on Deep Neural Networks
• BadNL: Backdoor Attacks Against NLP Models
• Spectrum Data Poisoning with Adversarial Deep Learning
• Data Poisoning Attacks on Factorization-Based Collaborative Filtering
• Scientific Calculator for Designing Trojan Detectors in Neural Networks
• Backdoor Attacks against Learning Systems
• Machine Learning with Electronic Health Records is vulnerable to Backdoor Trigger Attacks
• Data Poisoning Attacks in Contextual Bandits
• Deep Poisoning: Towards Robust Image Data Sharing against Visual Disclosure
• Odyssey: Creation, Analysis and Detection of Trojan Models
• Cassandra: Detecting Trojaned Networks from Adversarial Perturbations
• Policy Teaching via Environment Poisoning: Training-time Adversarial Attacks against Reinforcement Learning
• Regularization Can Help Mitigate Poisoning Attacks. . . With The Right Hyperparameters
• Detection of Backdoors in Trained Classiers Without Access to the Training Set
• Influence Function based Data Poisoning Attacks to Top-N Recommender Systems
• A new measure for overfitting and its implications for backdooring of deep learning
• Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks
• Backdoor Embedding in Convolutional Neural Network Models via Invisible Perturbation
• MLDS: A Dataset for Weight-Space Analysis of Neural Networks
• Backdoor Scanning for Deep Neural Networks through K-Arm Optimization
• Deep Partition Aggregation: Provable Defenses Against General Poisoning Attacks
• Red Alarm for Pre-trained Models: Universal Vulnerabilities by Neuron-Level Backdoor Attacks
• Concealed Data Poisoning Attacks on NLP Models
• Baseline Pruning-Based Approach to Trojan Detection in Neural Networks
• Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification
• Using Machine Teaching to Identify Optimal Training-Set Attacks on Machine Learners
• Dynamic Backdoor Attacks Against Machine Learning Models
• The TrojAI Software Framework: An Open Source tool for Embedding Trojans into Deep Learning Models
• Data Poisoning Attacks on Stochastic Bandits
• Deep k-NN Defense Against Clean-label Data Poisoning Attacks
• Hardware Trojan Attacks on Neural Networks
• Certified Defenses for Data Poisoning Attacks
• TBT: Targeted Neural Network Attack with Bit Trojan
• Class-Oriented Poisoning Attack
• Can Adversarial Weight Perturbations Inject Neural Backdoors?
• Defending SVMs Against Poisoning Attacks: The Hardness and DBSCAN Approach
• Data Poisoning Attacks against Autoregressive Models
• Robust Backdoor Attacks against Deep Neural Networks in Real Physical World
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
• Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses
• Poisoning the Unlabeled Dataset of Semi-Supervised Learning
• Explanation-Guided Backdoor Poisoning Attacks Against Malware Classifiers
• Property Inference from Poisoning
• Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks
• A Survey on Neural Trojans
• Explainability-based Backdoor Attacks Against Graph Neural Networks
• Attack Strength vs. Detectability Dilemma in Adversarial Machine Learning
• BaFFLe: Backdoor Detection via Feedback-based Federated Learning
• Weight Poisoning Attacks on Pre-trained Models
• DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks
• A New Backdoor Attack In Cnns By Training Set Corruption Without Label Poisoning
• Covert Channel Attack to Federated Learning Systems
• Technical Report: When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks
• Bypassing Backdoor Detection Algorithms in Deep Learning
• Backdoors in Neural Models of Source Code
• Neural Trojans
• Live Trojan Attacks on Deep Neural Networks
• T-Miner : A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification
• Spectral Signatures in Backdoor Attacks
• Be Careful about PoisonedWord Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models
• Towards Robustness Against Natural Language Word Substitutions
• Poisoning Attacks against Support Vector Machines
• Stealthy Poisoning Attack on Certified Robustness
• Just How Toxic Is Data Poisoning? A Benchmark For Backdoor And Data Poisoning Attacks
• Mitigating Backdoor Attacks in Federated Learning
• Provable Guarantees against Data Poisoning Using Self-Expansion and Compatibility
• TAD: Trigger Approximation based Black-box Trojan Detection for AI
• BEBP: An Poisoning Method Against Machine Learning Based IDSs
• Don't Trigger Me! A Triggerless Backdoor Attack Against Deep Neural Networks
• A backdoor attack against LSTM-based text classification systems
• Subpopulation Data Poisoning Attacks
• ONION: A Simple and Effective Defense Against Textual Backdoor Attacks