We appreciate your interest in our work and trying out our code. We've noticed several cases where incorrect configuration leads to poor performance of detection and mitigation. If you also observe low detection performance far away from what we presented in the paper, please feel free to open an issue in this repo or contact any of the authors directly. We are more than happy to help you debug your experiment and find out the correct configuration. Also feel free to take a look at previous issues in this repo. Someone might have ran into the same problem, and there might already be a fix.
This repository contains code implementation of the paper "Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection", at IEEE Security and Privacy 2019. The slides are here.
Our code is implemented and tested on Keras with TensorFlow backend. Following packages are used by our code.
keras==2.2.2numpy==1.14.0tensorflow-gpu==1.10.1h5py==2.6.0
Our code is tested on Python 2.7.12 and Python 3.6.8
We implemented our TaCT on four datasets: CIFAR10, GTSRB, ImageNet and MegaFace. Our code is in the folder pysrc. The logic is as simple as inject mislabeled trigger-carrying images together with correctly labeled trigger-carrying images into the training set.
SCAn was firstly implemented in Matlab and later transformed into Python for easy reproduction.