POST-TRAINING DETECTION OF BACKDOOR ATTACKS FOR TWO-CLASS AND MULTI-ATTACK SCENARIOS
POST-TRAINING DETECTION OF BACKDOOR ATTACKS FOR TWO-CLASS AND MULTI-ATTACK SCENARIOS abstract。
Architectrue
文章定义了一个新的量 期望可转移性(Expected Transferablitiy),作为统计量独立检查每个类,并且能够根据经验评估。
该方法的特点:
- 可以对二分类网络进行后门检测
- 需要干净的数据
- 一致的阈值,1/2
All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.