Backdoors can be realized as statistically natural latent directions in modern neural networks, achieving high attack success with negligible clean accuracy loss and resisting existing defenses.
Fine-pruning: Defending against backdooring attacks on deep neural networks
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
citation-role summary
background 1
citation-polarity summary
roles
background 1polarities
background 1representative citing papers
ROI coding enables backdoor triggers to survive lossy compression by embedding malicious information into binary bitstreams via sample-specific or customized masks for both learned and traditional codecs.
Hammer and Anvil framework categorizes backdoors by update deviation δ and shows that principled combinations of Type-1 outlier/robust and Type-2 removal defenses resist full-information adaptive adversaries.
citing papers explorer
-
Backdoor Channels Hidden in Latent Space: Cryptographic Undetectability in Modern Neural Networks
Backdoors can be realized as statistically natural latent directions in modern neural networks, achieving high attack success with negligible clean accuracy loss and resisting existing defenses.
-
Inevitable Encounters: Backdoor Attacks Involving Lossy Compression
ROI coding enables backdoor triggers to survive lossy compression by embedding malicious information into binary bitstreams via sample-specific or customized masks for both learned and traditional codecs.
-
Hammer and Anvil: Toward a Theory of Backdoors in Federated Learning
Hammer and Anvil framework categorizes backdoors by update deviation δ and shows that principled combinations of Type-1 outlier/robust and Type-2 removal defenses resist full-information adaptive adversaries.