UMD: Unsupervised Model Detection for X2X Backdoor Attacks
Authors: Zhen Xiang, Zidi Xiong, Bo Li
ICML 2023 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We conduct comprehensive evaluations on CIFAR-10, GTSRB, and Imagenette dataset, and show that our unsupervised UMD outperforms SOTA detectors (even with supervision) by 17%, 4%, and 8%, respectively, in terms of the detection accuracy against diverse X2X attacks. |
| Researcher Affiliation | Academia | Zhen Xiang 1 Zidi Xiong 1 Bo Li 1 1University of Illinois at Urbana-Champaign. |
| Pseudocode | Yes | Algorithm 1 UMD against X2X backdoor attacks |
| Open Source Code | Yes | The code related to this work can be found at: https://github.com/polaris-73/MT-Detection |
| Open Datasets | Yes | Dataset: We consider three benchmark image datasets, CIFAR-10 (Krizhevsky, 2012), GTSRB (Stallkamp et al., 2012), and Imagenette (Deng et al., 2009) |
| Dataset Splits | Yes | In our experiments, we follow the standard train-test split for each dataset (see Apdx. C.1 for details). |
| Hardware Specification | Yes | Empirically, each model inference on CIFAR-10, GTSRB, and Imagenette requires around 0.3h, 2.5h, and 4.3h, respectively, as measured on a single RTX 2080 Ti card. |
| Software Dependencies | No | The paper mentions 'Res Net-18' for model architecture and 'Adam optimizer' for training, but does not provide specific version numbers for software libraries or dependencies like Python or PyTorch. |
| Experiment Setup | Yes | Detailed training configurations are shown in Apdx C.3. |