-
Hello, I would like to know how the backdoor accuracy can reach 100% without defenses in the case of a semantic backdoor. When I perform a single attack by a single adversary after the model has conve…
-
I've been working with DPBGA and have encountered some issues that I'd like to clarify:
**ASR Drops to Zero with Different Target Class:**
When I change the target class (e.g., to Flickr), the A…
-
Hi there,
Thanks for this great survey. It is informative and provides lots of insights. Thanks a lot for opensource this toolbox. However, when I tried to play with it, I encountered a ModuleNotFo…
-
We want to measure how do black-box attacks do against KRUM and MultiKrum defenses. For reading see the last paragraph of page 9 (of the paper). I am quoting the excerpt:
"Since the black-box attac…
-
**Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it**
Having a supply chain analysis solution to identify potential …
-
The current Randomized Smoothing is a generic method, that we use the averaged logits of samples from Gaussian distribution as the prediction result. However, according to [Certified Adversarial Robus…
-
We currently have 3 detectors. In this issue I will investigate some possible new additions.
Top candidates:
- [ ] [Neural Cleanse](https://www.semanticscholar.org/paper/Neural-Cleanse%3A-Identif…
-
| Keywords | References | link |
|-------------------------------|-------------------------------|---------------------------------|
| D…
-
[Graph backdoor](https://www.usenix.org/conference/usenixsecurity21/presentation/xi)
```bib
@inproceedings{xi2021graph,
title={Graph backdoor},
author={Xi, Zhaohan and Pang, Ren and Ji, Shouli…
-
Thank you for your work and code!
After running the command
`python train.py --dataset cifar10 --target_label 0 --gpu 0`
we have tried to evaluate the performance of your detector with
`p…