- What Doesn’t Kill You Makes You Robust(er): Adversarial Training against Poisons and Backdoors
- Poisoned Classifiers Are Not Only Backdoored, They Are Fundamentally Broken
- Practical Detection of Trojan Neural Networks: Data-Limited and Data-Free Cases
- MetaPoison: Practical General-purpose Clean-label Data Poisoning
- Trojaning Language Models for Fun and Profit
- Neural Attention Distillation: Erasing Backdoor Triggers From Deep Neural Networks
- Transferable Clean-Label Poisoning Attacks on Deep Neural Nets
- Design Of Intentional Backdoors In Sequential Models
- Backdoor Attack with Sample-Specific Triggers
- Explaining Vulnerabilities to Adversarial Machine Learning through Visual Analytics
- SentiNet: Detecting Localized Universal Attacks Against Deep Learning Systems
- Februus: Input Purification Defense Against Trojan Attacks on Deep Neural Network Systems
- Explainability Matters: Backdoor Attacks on Medical Imaging
- Rethinking The Trigger Of Backdoor Attack
- Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning
- Backdoor Attacks on Self-Supervised Learning
- Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks
- Deep Learning Backdoors
- Data Poisoning Attacks Against Federated Learning Systems
- TrojDRL: Trojan Attacks on Deep Reinforcement Learning Agents
- The Design and Development of Games with a Purpose for AI Systems
- Witches' Brew: Industrial Scale Data Poisoning Via Gradient Matching
- DeepSweep: An Evaluation Framework for Mitigating DNN Backdoor Attacks using Data Augmentation
- Label-Consistent Backdoor Attacks
- Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks
- HaS-Nets: A Heal and Select Mechanism to Defend DNNs Against Backdoor Attacks for Data Collection Scenarios
- TamperNN: Efficient Tampering Detection of Deployed Neural Nets
- ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation
- DeepPoison: Feature Transfer Based Stealthy Poisoning Attack for DNNs
- Trojaning Attack on Neural Networks
- One-to-N & N-to-One: Two Advanced Backdoor Attacks against Deep Learning Models
- A Sweet Rabbit Hole by DARCY: Using Honeypots to Detect Universal Trigger's Adversarial Attacks
- SPECTRE: Defending Against Backdoor Attacks Using Robust Covariance Estimation
- Attack of the Tails: Yes, You Really Can Backdoor Federated Learning
- Wanet – Imperceptible Warping-based Backdoor Attack
- Covert Model Poisoning Against Federated Learning: Algorithm Design and Optimization
- Poison as a Cure: Detecting & Neutralizing Variable-Sized Backdoor Attacks in Deep Neural Networks
- BAAAN: Backdoor Attacks Against Autoencoder and GAN-Based Machine Learning Models
- Input-Aware Dynamic Backdoor Attack
- AEGIS: Exposing Backdoors in Robust Machine Learning Models
- BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain
- Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering
- Defending Neural Backdoors via Generative Distribution Modeling
- Backdoor Learning: A Survey
- An Embarrassingly Simple Approach for Trojan Attack in Deep Neural Networks
- Blind Backdoors in Deep Learning Models
- TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems
- Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy
- PoTrojan: powerful neuron-level trojan designs in deep learning models
- Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review
- Model-Targeted Poisoning Attacks with Provable Convergence
- Provable Defense Against Delusive Poisoning
- Reverse Engineering Imperceptible Backdoor Attacks On Deep Neural Networks For Detection And Training Set Cleansing
- Backdoor Attacks Against Deep Learning Systems in the Physical World
- Regula Sub-rosa: Latent Backdoor Attacks on Deep Neural Networks
- PointBA: Towards Backdoor Attacks in 3D Point Cloud
- TROJANZOO: Everything you ever wanted to know about neural backdoors (but were afraid to ask)
- A Backdoor Attack against 3D Point Cloud Classifiers
- FaceHack: Triggering backdoored facial recognition systems using facial characteristics
- Universal Litmus Patterns: Revealing Backdoor Attacks in CNNs
- Rethinking the Backdoor Attacks’ Triggers: A Frequency Perspective
- A Master Key Backdoor for Universal Impersonation Attack against DNN-based Face Verification
- De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks
- How To Backdoor Federated Learning
- Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection
- TOP: Backdoor Detection in Neural Networks via Transferability of Perturbation
- CLEANN: Accelerated Trojan Shield for Embedded Neural Networks
- Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization
- Poisoning MorphNet for Clean-Label Backdoor Attack to Point Clouds
- On the Effectiveness of Mitigating Data Poisoning Attacks with Gradient Shaping
- Invisible Backdoor Attacks on Deep Neural Networks via Steganography and Regularization
- Detecting Backdoors in Neural Networks Using Novel Feature-Based Anomaly Detection
- Backdoor Attacks on Federated Meta-Learning
- Hu-Fu: Hardware and Software Collaborative Attack Framework against Neural Networks
- Model-Reuse Attacks on Deep Learning Systems
- Detecting AI Trojans Using Meta Neural Analysis
- Online Defense of Trojaned Models using Misattributions
- Strong Data Augmentation Sanitizes Poisoning And Backdoor Attacks Without An Accuracy Tradeoff
- Bullseye Polytope: A Scalable Clean-Label Poisoning Attack with Improved Transferability
- Black-box Detection of Backdoor Attacks with Limited Information and Data
- Hidden Trigger Backdoor Attacks
- Design and Evaluation of a Multi-Domain Trojan Detection Method on Deep Neural Networks
- Backdooring and Poisoning Neural Networks with Image-Scaling Attacks
- NeuronInspect: Detecting Backdoors in Neural Networks via Output Explanations
- Generative Poisoning Attack Method Against Neural Networks
- Poison Attacks against Text Datasets with Conditional Adversarially Regularized Autoencoder
- Data Poisoning Attacks to Deep Learning Based Recommender Systems
- Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems
- Programmable Neural Network Trojan for Pre-Trained Feature Extractor
- Vulnerabilities of Connectionist AI Applications: Evaluation and Defence
- STRIP: A Defence Against Trojan Attacks on Deep Neural Networks
- BadNL: Backdoor Attacks Against NLP Models
- Spectrum Data Poisoning with Adversarial Deep Learning
- Data Poisoning Attacks on Factorization-Based Collaborative Filtering
- Scientific Calculator for Designing Trojan Detectors in Neural Networks
- Backdoor Attacks against Learning Systems
- Machine Learning with Electronic Health Records is vulnerable to Backdoor Trigger Attacks
- Data Poisoning Attacks in Contextual Bandits
- Deep Poisoning: Towards Robust Image Data Sharing against Visual Disclosure
- Odyssey: Creation, Analysis and Detection of Trojan Models
- Cassandra: Detecting Trojaned Networks from Adversarial Perturbations
- Policy Teaching via Environment Poisoning: Training-time Adversarial Attacks against Reinforcement Learning
- Regularization Can Help Mitigate Poisoning Attacks. . . With The Right Hyperparameters
- Detection of Backdoors in Trained Classiers Without Access to the Training Set
- Influence Function based Data Poisoning Attacks to Top-N Recommender Systems
- A new measure for overfitting and its implications for backdooring of deep learning
- Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks
- Backdoor Embedding in Convolutional Neural Network Models via Invisible Perturbation
- MLDS: A Dataset for Weight-Space Analysis of Neural Networks
- Backdoor Scanning for Deep Neural Networks through K-Arm Optimization
- Deep Partition Aggregation: Provable Defenses Against General Poisoning Attacks
- Red Alarm for Pre-trained Models: Universal Vulnerabilities by Neuron-Level Backdoor Attacks
- Concealed Data Poisoning Attacks on NLP Models
- Baseline Pruning-Based Approach to Trojan Detection in Neural Networks
- Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification
- Using Machine Teaching to Identify Optimal Training-Set Attacks on Machine Learners
- Dynamic Backdoor Attacks Against Machine Learning Models
- The TrojAI Software Framework: An Open Source tool for Embedding Trojans into Deep Learning Models
- Data Poisoning Attacks on Stochastic Bandits
- Deep k-NN Defense Against Clean-label Data Poisoning Attacks
- Hardware Trojan Attacks on Neural Networks
- Certified Defenses for Data Poisoning Attacks
- TBT: Targeted Neural Network Attack with Bit Trojan
- Class-Oriented Poisoning Attack
- Can Adversarial Weight Perturbations Inject Neural Backdoors?
- Defending SVMs Against Poisoning Attacks: The Hardness and DBSCAN Approach
- Data Poisoning Attacks against Autoregressive Models
- Robust Backdoor Attacks against Deep Neural Networks in Real Physical World
- Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
- Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses
- Poisoning the Unlabeled Dataset of Semi-Supervised Learning
- Explanation-Guided Backdoor Poisoning Attacks Against Malware Classifiers
- Property Inference from Poisoning
- Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks
- A Survey on Neural Trojans
- Explainability-based Backdoor Attacks Against Graph Neural Networks
- Attack Strength vs. Detectability Dilemma in Adversarial Machine Learning
- BaFFLe: Backdoor Detection via Feedback-based Federated Learning
- Weight Poisoning Attacks on Pre-trained Models
- DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks
- A New Backdoor Attack In Cnns By Training Set Corruption Without Label Poisoning
- Covert Channel Attack to Federated Learning Systems
- Technical Report: When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks
- Bypassing Backdoor Detection Algorithms in Deep Learning
- Backdoors in Neural Models of Source Code
- Neural Trojans
- Live Trojan Attacks on Deep Neural Networks
- T-Miner : A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification
- Spectral Signatures in Backdoor Attacks
- Be Careful about PoisonedWord Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models
- Towards Robustness Against Natural Language Word Substitutions
- Poisoning Attacks against Support Vector Machines
- Stealthy Poisoning Attack on Certified Robustness
- Just How Toxic Is Data Poisoning? A Benchmark For Backdoor And Data Poisoning Attacks
- Mitigating Backdoor Attacks in Federated Learning
- Provable Guarantees against Data Poisoning Using Self-Expansion and Compatibility
- TAD: Trigger Approximation based Black-box Trojan Detection for AI
- BEBP: An Poisoning Method Against Machine Learning Based IDSs
- Don't Trigger Me! A Triggerless Backdoor Attack Against Deep Neural Networks
- A backdoor attack against LSTM-based text classification systems
- Subpopulation Data Poisoning Attacks
- ONION: A Simple and Effective Defense Against Textual Backdoor Attacks
manjunath5496/TrojAI-Papers
"An entire mythology is stored within our language."― Ludwig Wittgenstein