Attacks
Supported Attacks
The following table lists the supported attacks in BackdoorMBTI:
Modality |
Attack |
Visible |
Pattern |
Add |
Sample Specific |
paper |
|---|---|---|---|---|---|---|
Image |
AdaptiveBlend |
Invisible |
Global |
Yes |
No |
REVISITING THE ASSUMPTION OF LATENT SEPARABILITY FOR BACKDOOR DEFENSES |
Image |
BadNets |
Visible |
Local |
Yes |
No |
Badnets: Evaluating backdooring attacks on deep neural networks |
Image |
Blend |
Invisible |
Global |
Yes |
Yes |
Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning |
Image |
Blind(under test) |
Visible |
Local |
Yes |
Yes |
|
Image |
BPP |
Invisible |
Global |
Yes |
No |
|
Image |
DynaTrigger |
Visible |
Local |
Yes |
Yes |
|
Image |
EMBTROJAN(under test) |
Invisible |
Local |
Yes |
No |
An Embarrassingly Simple Approach for Trojan Attack in Deep Neural Networks |
Image |
LC |
Invisible |
Global |
No |
Yes |
|
Image |
Lowfreq |
Invisible |
Global |
Yes |
Yes |
Rethinking the Backdoor Attacks’ Triggers: A Frequency Perspective |
Image |
PNoise |
Invisible |
Global |
Yes |
Yes |
|
Image |
Refool |
Invisible |
Global |
Yes |
No |
Reflection Backdoor: A Natural Backdoor Attack on Deep Neural Networks |
Image |
SBAT |
Invisible |
Global |
No |
Yes |
|
Image |
SIG |
Invisible |
Global |
Yes |
No |
A NEW BACKDOOR ATTACK IN CNNS BY TRAINING SET CORRUPTION WITHOUT LABEL POISONING |
Image |
SSBA |
Invisible |
Global |
No |
Yes |
|
Image |
trojanNN(under test) |
Visible |
Local |
Yes |
Yes |
|
Image |
ubw |
Invisible |
Global |
Yes |
No |
Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection |
Image |
WaNet |
Invisible |
Global |
No |
Yes |
|
Text |
AddSent |
Visible |
Local |
Yes |
No |
A backdoor attack against LSTM-based text classification systems |
Text |
BadNets |
Visible |
Local |
Yes |
No |
Badnets: Evaluating backdooring attacks on deep neural networks |
Text |
BITE |
Invisible |
Local |
Yes |
Yes |
|
Text |
LWP |
Visible |
Local |
Yes |
No |
Backdoor Attacks on Pre-trained Models by Layerwise Weight Poisoning |
Text |
STYLEBKD |
Visible |
Global |
No |
Yes |
Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer |
Text |
SYNBKD |
Invisible |
Global |
No |
Yes |
Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger |
Audio |
Baasv(under test) |
- |
Global |
Yes |
No |
|
Audio |
Blend |
- |
Local |
Yes |
No |
Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning |
Audio |
DABA |
- |
Global |
Yes |
No |
|
Audio |
GIS |
- |
Global |
No |
No |
Going in style: Audio backdoors through stylistic transformations |
Audio |
UltraSonic |
- |
Local |
Yes |
No |