Pre-activation Distributions Expose Backdoor Neurons
Authors: Runkai Zheng, Rongjun Tang, Jianze Li, Li Liu
NeurIPS 2022 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Experimental results show that our proposed defense strategies are both efficient and effective against various backdoor attacks. |
| Researcher Affiliation | Academia | 1School of Data Science, The Chinese University of Hong Kong, Shenzhen 2School of Science and Engineering, The Chinese University of Hong Kong, Shenzhen 3Shenzhen Research Institute of Big Data, The Chinese University of Hong Kong, Shenzhen |
| Pseudocode | No | The paper describes the methods in narrative text and does not include any clearly labeled pseudocode or algorithm blocks. |
| Open Source Code | Yes | Source code is available here. |
| Open Datasets | Yes | Datasets In this section, the experiments are conducted on two influential benchmarks, CIFAR-10 [21] and Tiny-Image Net [22]. |
| Dataset Splits | Yes | We use 90% of the data set for training, the rest of the data is used for validating or recovering the poisoned model. |
| Hardware Specification | No | The paper does not explicitly describe the specific hardware (e.g., GPU models, CPU models, memory, or cloud instances) used for running the experiments. |
| Software Dependencies | No | The paper mentions software components implicitly (e.g., SGD optimizer, cosine learning rate scheduler) but does not provide specific version numbers for any software dependencies like programming languages, libraries, or frameworks. |
| Experiment Setup | Yes | We train the network for 150 epochs on CIFAR-10 and 100 epochs on Tiny-Image Net with SGD optimizer. The initial learning rate is set to 0.1 and the momentum is set to 0.9. We adopt the cosine learning rate scheduler to adjust the learning rate. The batch size is set to 128 by default. |