This is the source code for our NDSS'23 paper "The Beatrix Resurrections: Robust Backdoor Detection via Gram Matrices" [arXiv].
- Input-Aware Dynamic Backdoor Attack (NeurIPS'20) [code]
- Invisible Backdoor Attack with Sample-Specific Triggers (ICCV'21) [code]
- Dynamic Backdoor Attacks Against Machine Learning Models (Euro S&P'22)
In this demo implementation, we only include input-aware dynamic backdoor.
Beatrix and other baseline methods are included in ./defenses