pith. sign in

arxiv: 2211.15929 · v1 · pith:T24MJ2XInew · submitted 2022-11-29 · 💻 cs.CR · cs.LG

Backdoor Vulnerabilities in Normally Trained Deep Learning Models

classification 💻 cs.CR cs.LG
keywords backdoorsnaturalbackdoorinjectedmodelsnormallytrainedvulnerabilities
0
0 comments X
read the original abstract

We conduct a systematic study of backdoor vulnerabilities in normally trained Deep Learning models. They are as dangerous as backdoors injected by data poisoning because both can be equally exploited. We leverage 20 different types of injected backdoor attacks in the literature as the guidance and study their correspondences in normally trained models, which we call natural backdoor vulnerabilities. We find that natural backdoors are widely existing, with most injected backdoor attacks having natural correspondences. We categorize these natural backdoors and propose a general detection framework. It finds 315 natural backdoors in the 56 normally trained models downloaded from the Internet, covering all the different categories, while existing scanners designed for injected backdoors can at most detect 65 backdoors. We also study the root causes and defense of natural backdoors.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Securing Code Understanding: Detecting Natural Backdoor Vulnerability in Code Language Models

    cs.CR 2026-06 unverdicted novelty 6.0

    Natural backdoors are prevalent in CodeLMs; the authors propose ScanNBT to detect them after analyzing differences from injected backdoors, transferability, and causes.