{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2018:V223C7FM7Z7UBDDCGBUAF57IFO","short_pith_number":"pith:V223C7FM","schema_version":"1.0","canonical_sha256":"aeb5b17cacfe7f408c62306802f7e82b91a124780b28a51fbe5e0ab501e24371","source":{"kind":"arxiv","id":"1811.03728","version":1},"attestation_state":"computed","paper":{"title":"Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR","stat.ML"],"primary_cat":"cs.LG","authors_text":"Benjamin Edwards, Biplav Srivastava, Bryant Chen, Heiko Ludwig, Ian Molloy, Nathalie Baracaldo, Taesung Lee, Wilka Carvalho","submitted_at":"2018-11-09T01:08:00Z","abstract_excerpt":"While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data from potentially untrustworthy sources, providing adversaries with the opportunity to manipulate them by inserting carefully crafted samples into the training set. Recent work has shown that this type of attack, called a poisoning attack, allows adversaries to insert backdoors or trojans into the model, enabling malicious behavior with simple external backd"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1811.03728","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-11-09T01:08:00Z","cross_cats_sorted":["cs.CR","stat.ML"],"title_canon_sha256":"5042dbd4be69c421011aa6f72258db0ba258d7913ae4d033418172b590eb8c58","abstract_canon_sha256":"606da34f62e99476424843111a4bd8d761333ddd43f8437d94fac43174f4e9f3"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:01:12.206793Z","signature_b64":"7UFRA3VMwNbQqXKzhxJ3k3SNyVbPgwNOUSW461TZnnu5zC1a62efHXe79GNQ6Ih5o3WT94HZSAnZKJiclfi/Cw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"aeb5b17cacfe7f408c62306802f7e82b91a124780b28a51fbe5e0ab501e24371","last_reissued_at":"2026-05-18T00:01:12.206005Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:01:12.206005Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR","stat.ML"],"primary_cat":"cs.LG","authors_text":"Benjamin Edwards, Biplav Srivastava, Bryant Chen, Heiko Ludwig, Ian Molloy, Nathalie Baracaldo, Taesung Lee, Wilka Carvalho","submitted_at":"2018-11-09T01:08:00Z","abstract_excerpt":"While machine learning (ML) models are being increasingly trusted to make decisions in different and varying areas, the safety of systems using such models has become an increasing concern. In particular, ML models are often trained on data from potentially untrustworthy sources, providing adversaries with the opportunity to manipulate them by inserting carefully crafted samples into the training set. Recent work has shown that this type of attack, called a poisoning attack, allows adversaries to insert backdoors or trojans into the model, enabling malicious behavior with simple external backd"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1811.03728","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1811.03728","created_at":"2026-05-18T00:01:12.206129+00:00"},{"alias_kind":"arxiv_version","alias_value":"1811.03728v1","created_at":"2026-05-18T00:01:12.206129+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1811.03728","created_at":"2026-05-18T00:01:12.206129+00:00"},{"alias_kind":"pith_short_12","alias_value":"V223C7FM7Z7U","created_at":"2026-05-18T12:32:56.356000+00:00"},{"alias_kind":"pith_short_16","alias_value":"V223C7FM7Z7UBDDC","created_at":"2026-05-18T12:32:56.356000+00:00"},{"alias_kind":"pith_short_8","alias_value":"V223C7FM","created_at":"2026-05-18T12:32:56.356000+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":10,"internal_anchor_count":2,"sample":[{"citing_arxiv_id":"2601.21692","citing_title":"TCAP: Tri-Component Attention Profiling for Unsupervised Backdoor Detection in MLLM Fine-Tuning","ref_index":4,"is_internal_anchor":true},{"citing_arxiv_id":"2605.22365","citing_title":"TimeGuard: Channel-wise Pool Training for Backdoor Defense in Time Series Forecasting","ref_index":88,"is_internal_anchor":true},{"citing_arxiv_id":"2604.24599","citing_title":"DETOUR: A Practical Backdoor Attack against Object Detection","ref_index":6,"is_internal_anchor":false},{"citing_arxiv_id":"2605.04209","citing_title":"Undetectable Backdoors in Model Parameters: Hiding Sparse Secrets in High Dimensions","ref_index":11,"is_internal_anchor":false},{"citing_arxiv_id":"2604.21416","citing_title":"CSC: Turning the Adversary's Poison against Itself","ref_index":3,"is_internal_anchor":false},{"citing_arxiv_id":"2604.20047","citing_title":"PASTA: A Patch-Agnostic Twofold-Stealthy Backdoor Attack on Vision Transformers","ref_index":44,"is_internal_anchor":false},{"citing_arxiv_id":"2604.12548","citing_title":"DeepSeek Robustness Against Semantic-Character Dual-Space Mutated Prompt Injection","ref_index":36,"is_internal_anchor":false},{"citing_arxiv_id":"2604.08766","citing_title":"Follow My Eyes: Backdoor Attacks on VLM-based Scanpath Prediction","ref_index":10,"is_internal_anchor":false},{"citing_arxiv_id":"2605.06894","citing_title":"McNdroid: A Longitudinal Multimodal Benchmark for Robust Drift Detection in Android Malware","ref_index":14,"is_internal_anchor":false},{"citing_arxiv_id":"2604.04488","citing_title":"A Patch-based Cross-view Regularized Framework for Backdoor Defense in Multimodal Large Language Models","ref_index":81,"is_internal_anchor":false}]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO","json":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO.json","graph_json":"https://pith.science/api/pith-number/V223C7FM7Z7UBDDCGBUAF57IFO/graph.json","events_json":"https://pith.science/api/pith-number/V223C7FM7Z7UBDDCGBUAF57IFO/events.json","paper":"https://pith.science/paper/V223C7FM"},"agent_actions":{"view_html":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO","download_json":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO.json","view_paper":"https://pith.science/paper/V223C7FM","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1811.03728&json=true","fetch_graph":"https://pith.science/api/pith-number/V223C7FM7Z7UBDDCGBUAF57IFO/graph.json","fetch_events":"https://pith.science/api/pith-number/V223C7FM7Z7UBDDCGBUAF57IFO/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO/action/timestamp_anchor","attest_storage":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO/action/storage_attestation","attest_author":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO/action/author_attestation","sign_citation":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO/action/citation_signature","submit_replication":"https://pith.science/pith/V223C7FM7Z7UBDDCGBUAF57IFO/action/replication_record"}},"created_at":"2026-05-18T00:01:12.206129+00:00","updated_at":"2026-05-18T00:01:12.206129+00:00"}