Backdoor Pony: Evaluating backdoor attacks and defenses in different domains

Arthur Mercier; Nikita Smolin; Oliver Sihlovec; Stefanos Koffas; Stjepan Picek

doi:10.1016/j.softx.2023.101387

Backdoor Pony: Evaluating backdoor attacks and defenses in different domains

Arthur Mercier^*, Nikita Smolin, Oliver Sihlovec, Stefanos Koffas, Stjepan Picek

^*Corresponding author for this work

Cyber Security

Research output: Contribution to journal › Article › Scientific › peer-review

55 Downloads (Pure)

Abstract

Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still, there is no framework to evaluate existing attacks and defenses in different domains. Only a few toolboxes have been implemented, but most of them focus on computer vision and are difficult to use. To bridge this gap, we implement Backdoor Pony, a framework for evaluating attacks and defenses in different domains through a user-friendly GUI.

Original language	English
Article number	101387
Number of pages	8
Journal	SoftwareX
Volume	22
DOIs	https://doi.org/10.1016/j.softx.2023.101387
Publication status	Published - 2023

Keywords

Backdoor attacks
Backdoor defenses
Framework
Neural networks

Access to Document

10.1016/j.softx.2023.101387

1-s2.0-S2352711023000833-mainFinal published version, 996 KBLicence: CC BY

Cite this

@article{53153995a05543a4a6f605069eb19d3f,

title = "Backdoor Pony: Evaluating backdoor attacks and defenses in different domains",

abstract = "Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still, there is no framework to evaluate existing attacks and defenses in different domains. Only a few toolboxes have been implemented, but most of them focus on computer vision and are difficult to use. To bridge this gap, we implement Backdoor Pony, a framework for evaluating attacks and defenses in different domains through a user-friendly GUI.",

keywords = "Backdoor attacks, Backdoor defenses, Framework, Neural networks",

author = "Arthur Mercier and Nikita Smolin and Oliver Sihlovec and Stefanos Koffas and Stjepan Picek",

year = "2023",

doi = "10.1016/j.softx.2023.101387",

language = "English",

volume = "22",

journal = "SoftwareX",

issn = "2352-7110",

publisher = "Elsevier",

}

TY - JOUR

T1 - Backdoor Pony

T2 - Evaluating backdoor attacks and defenses in different domains

AU - Mercier, Arthur

AU - Smolin, Nikita

AU - Sihlovec, Oliver

AU - Koffas, Stefanos

AU - Picek, Stjepan

PY - 2023

Y1 - 2023

N2 - Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still, there is no framework to evaluate existing attacks and defenses in different domains. Only a few toolboxes have been implemented, but most of them focus on computer vision and are difficult to use. To bridge this gap, we implement Backdoor Pony, a framework for evaluating attacks and defenses in different domains through a user-friendly GUI.

AB - Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still, there is no framework to evaluate existing attacks and defenses in different domains. Only a few toolboxes have been implemented, but most of them focus on computer vision and are difficult to use. To bridge this gap, we implement Backdoor Pony, a framework for evaluating attacks and defenses in different domains through a user-friendly GUI.

KW - Backdoor attacks

KW - Backdoor defenses

KW - Framework

KW - Neural networks

UR - http://www.scopus.com/inward/record.url?scp=85151493658&partnerID=8YFLogxK

U2 - 10.1016/j.softx.2023.101387

DO - 10.1016/j.softx.2023.101387

M3 - Article

AN - SCOPUS:85151493658

SN - 2352-7110

VL - 22

JO - SoftwareX

JF - SoftwareX

M1 - 101387

ER -

Backdoor Pony: Evaluating backdoor attacks and defenses in different domains

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this