One-shot Neural Backdoor Erasing via Adversarial Weight Masking. (arXiv:2207.04497v2 [cs.LG] UPDATED)

Recent studies show that despite achieving high accuracy on a number of
real-world applications, deep neural networks (DNNs) can be backdoored: by
injecting triggered data samples into the training dataset, the adversary can
mislead the trained model into classifying any test data to the target class as
long as the trigger pattern is presented. To nullify such backdoor threats,
various methods have been proposed. Particularly, a line of research aims to
purify the potentially compromised model. However, one major limitation …

adversarial backdoor masking