TrojanZoo: Towards Unified, Holistic, and Practical Evaluation of Neural Backdoors
Contribution analysis of TrojanZoo.
Summary in a word
Aim to bridge the gap the current situation: the lack of evaluation on exsiting attacks and defenses.
The first open-source platform for evaluating neural backdoor attacks/defenses in a unified, holistic, and practical manner.
Main contribution
- Open-source framework, includes attacks, defenses and plenty of evaluation metrics.
- Systematic study on existing attaks/defenses, and unveiling their complex design spectrum.
- Further explored existing attacks/defenses, and got intersting findings.
Experiments
- Analysed different attacks manifest intricate trade-offs among
effectiveness, evasiveness, transferability. - Analysed different defenses on the topic below:
- robustness vs. utility
- detection accuracy of different attaks
- detection accuracy vs. recovery capability
- execution time
Conclusion
It’s an open-source framework for attacks/defenses research, and main contribution of the paper is the analysis of attacks and defenses.
It reveals several important findings in the experiment.
All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.