Contribution analysis of BackdoorBox.

Main contribution

GOAL: To facilitate the research and development of more secure training schemes and defenses.

There are four main characteristic of the BackdoorBox.

Toolbox characteristics

  1. Consistency: reimplement all methods in a unified manner.
  2. Simplicity: provide code example explain how to use them, and with necessary code comments.
  3. Flexibility: gain main components easily, such as poisoned dataset, implemented attaks and defenses.
  4. Co-development: open-source

Backdoor attack defination

Categorize existing backdoor attacks into three main types:

  1. poinson-only backdoor attacks
  2. trining-controlled backdoor attacks
  3. model-modified backdoor attacks

Backdoor defense defination

Categorize existing backdoor defenses into six main types:

  1. pre-processin-based defenses
  2. model repairing
  3. poison suppression
  4. model diagnosis
  5. sample diagnosis
  6. certified defenses

Conclusion

Mainly developed for flexibale use.