Skip to content

Aryan-Satpathy/Backdoor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Defense Against Backdoor Attacks in SSL

Introduction

This repository contains code for our submission to ICLR workshop 24. We implement backdoor-poisoning attacks and evaluate our defense against these attacks on Image Classification Task. Attacks implemented:

Defenses implemented:

  • Gaussian Blur (Invariance-Equivariance)
  • Luminance (Exploiting evasiveness)

Datasets implemented:

  • CIFAR 10
  • CIFAR 100
  • IMAGENET 100 (100 class subset of IMAGENET)

We show a successful and partly generalizable defense against backdoor attacks in SSL and lay the theoretical foundation for defense against backdoor attacks in Semantic Segmentation and Object Detection tasks.

Installation and Requirements

  • Download the repository from anonymous4openscience.
  • Make a virtual environment (optional) (recommended)
    virtualenv <env_name>
    source <env_name>/bin/activate
  • Install necessary libraries
    pip install -r requirements.txt

Running The Code

We provide a bash script to run our program with appropriate command-line arguments.

  • Give permission
chmod +x run.sh
  • Call main_train.py
bash run.sh <--args values>

Call bash run.sh --help if unsure about the arguments, available options or their meaning.

Results

Results of all experiments are saved in a folder named saves. Each experiment will create a folder named <job name> set by run.sh. Each experiment folder contains model state-dicts and optimizer states saved every 100 epoch, and a tfenvent file containing tensorboard log. To view training progress and compare training curves:

tensorboard --logdir=saves

When repeating the same experiment with different hyperparameters, use --suffix option in run.sh to prevent overwriting log of previous experiment.

To Do

  • Implement ImageNet 100
  • Remove unnecessary command line arguments and refactor code.

New Methods

New Datasets / Benchmarks

NOTE: This repository is a fork of CTRL's repository with refactoring, implementation of defenses and other attacks.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published