Detecting All-to-One Backdoor Attacks in Black-Box DNNs via Differential Robustness to Noise

The all-to-one (A2O) backdoor attack is one of the major adversarial threats against neural networks. Most existing A2O backdoor defenses operate in a white-box context, necessitating access to the backdoored model's architecture, hidden layer outputs, or internal parameters. The necessity for...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 13; pp. 36099 - 36111
Main Authors Fu, Hao, Krishnamurthy, Prashanth, Garg, Siddharth, Khorrami, Farshad
Format Journal Article
LanguageEnglish
Published IEEE 2025
Subjects
Closed box
Detectors
Glass box
Neural network backdoors
Neural networks
Noise
novelty detection
output resiliency
Perturbation methods
Resilience
Robustness
Strips
Training
Online AccessGet full text

Cover

Be the first to leave a comment!
You must be logged in first