all InfoSec news
CBD: A Certified Backdoor Detector Based on Local Dominant Probability. (arXiv:2310.17498v2 [cs.LG] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Backdoor attack is a common threat to deep neural networks. During testing,
samples embedded with a backdoor trigger will be misclassified as an
adversarial target by a backdoored model, while samples without the backdoor
trigger will be correctly classified. In this paper, we present the first
certified backdoor detector (CBD), which is based on a novel, adjustable
conformal prediction scheme based on our proposed statistic local dominant
probability. For any classifier under inspection, CBD provides 1) a detection
inference, 2) …
adversarial attack backdoor certified classified detector embedded local networks neural networks target testing threat trigger