Backdoor Removal

Backdoor removal focuses on mitigating malicious modifications to machine learning models, where attackers embed "triggers" causing unintended behavior. Current research emphasizes developing techniques to identify and neutralize these triggers, often employing methods like unlearning, relearning, and adversarial training across diverse model architectures including Convolutional Neural Networks (CNNs), Graph Neural Networks (GNNs), and Large Language Models (LLMs). Effective backdoor removal is crucial for ensuring the trustworthiness and security of AI systems deployed in sensitive applications, ranging from medical diagnosis to autonomous vehicles.

Papers

November 5, 2024

Oblivious Defense in ML Models: Backdoor Removal without Detection
Shafi Goldwasser, Jonathan Shafer, Neekon Vafa, Vinod Vaikuntanathan
Machine Learning Machine Learning Model Data Detection Backdoor Attack Ground Truth Oblivious Adversary Backdoor Removal

October 15, 2024

BeniFul: Backdoor Defense via Middle Feature Analysis for Deep Neural Networks
Xinfu Li, Junying Zhang, Xindi Ma
Network Programming Backdoor Defense Deeper Network Backdoor Removal Input Level Backdoor Detection Intermediate Feature

October 2, 2024

"No Matter What You Do": Purifying GNN Models via Backdoor Unlearning
Jiale Zhang, Chengcheng Zhu, Bosen Rao, Hao Sui, Xiaobing Sun, Bing Chen, Chunyi Zhou, Shouling Ji
Graph Neural Network Backdoor Attack Backdoor Defense Backdoor Learning Backdoor Removal

September 1, 2024

Fisher Information guided Purification against Backdoor Attacks
Nazmul Karim, Abdullah Al Arafat, Adnan Siraj Rakin, Zhishan Guo, Nazanin Rahnavard
Backdoor Attack Backdoor Defense Fisher Information Backdoor Removal Backdoor Policy Backdoor Purification

August 8, 2024

Eliminating Backdoors in Neural Code Models via Trigger Inversion
Weisong Sun, Yuchen Chen, Chunrong Fang, Yebo Feng, Yuan Xiao, An Guo, Quanjun Zhang, Yang Liu, Baowen Xu, Zhenyu Chen
Backdoor Attack Backdoor Defense Backdoor Removal Neural Code Model Insecure Code Trigger Inversion

May 23, 2024

Unified Neural Backdoor Removal with Only Few Clean Samples through Unlearning and Relearning
Nay Myat Min, Long H. Pham, Jun Sun
Backdoor Attack Harmful Unlearning Backdoor Removal Neural Backdoor

May 13, 2024

Backdoor Removal for Generative Large Language Models
Haoran Li, Yulin Chen, Zihao Zheng, Qi Hu, Chunkit Chan, Heshan Liu, Yangqiu Song
Language Model Backdoor Attack Generative Large Language Model Backdoor Removal

November 25, 2023

Effective Backdoor Mitigation Depends on the Pre-training Objective
Sahil Verma, Gantavya Bhatt, Avi Schwarzschild, Soumye Singhal, Arnav Mohanty Das, Chirag Shah, John P Dickerson, Jeff Bilmes
Backdoor Attack Backdoor Defense Backdoor Removal Backdoor Behavior Backdoor Threat

June 30, 2023

Efficient Backdoor Removal Through Natural Gradient Fine-tuning
Nazmul Karim, Abdullah Al Arafat, Umar Khalid, Zhishan Guo, Naznin Rahnavard
Backdoor Defense Deep Neural Network Parameter Backdoor Removal Loss Surface Backdoor Policy Backdoor Purification

June 13, 2023

DHBE: Data-free Holistic Backdoor Erasing in Deep Neural Networks via Restricted Adversarial Distillation
Zhicong Yan, Shenghong Li, Ruijie Zhao, Yuan Tian, Yuanyuan Zhao
Deep Neural Network Backdoor Attack Backdoor Learning Adversarial Distillation Backdoor Removal

May 24, 2023

Reconstructive Neuron Pruning for Backdoor Defense
Yige Li, Xixiang Lyu, Xingjun Ma, Nodens Koren, Lingjuan Lyu, Bo Li, Yu-Gang Jiang
Backdoor Defense Backdoor Detection Neuron Pruning Backdoor Removal Neural Backdoor

April 20, 2023

Get Rid Of Your Trail: Remotely Erasing Backdoors in Federated Learning
Manaar Alam, Hithem Lamri, Michail Maniatakos
Backdoor Attack Root to Leaf Path Active Removal Backdoor Removal Resilient Backdoor

November 2, 2022

Backdoor Defense via Suppressing Model Shortcuts
Sheng Yang, Yiming Li, Yong Jiang, Shu-Tao Xia
Backdoor Attack Backdoor Defense Backdoor Trigger Shortcut Pattern Avoidance Loss Hidden Backdoor Backdoor Removal

August 5, 2022

Data-free Backdoor Removal based on Channel Lipschitzness
Runkai Zheng, Rongjun Tang, Jianze Li, Li Liu
Backdoor Attack Lipschitz Bound Backdoor Removal Backdoor Behavior

July 10, 2022

One-shot Neural Backdoor Erasing via Adversarial Weight Masking
Shuwen Chai, Jinghui Chen
Deep Neural Network Training Data Adversarial Mask Backdoor Removal Neural Backdoor

June 18, 2022

DECK: Model Hardening for Defending Pervasive Backdoors
Guanhong Tao, Yingqi Liu, Siyuan Cheng, Shengwei An, Zhuo Zhang, Qiuling Xu, Guangyu Shen, Xiangyu Zhang
Full Model Backdoor Removal

June 14, 2022

Turning a Curse into a Blessing: Enabling In-Distribution-Data-Free Backdoor Removal via Stabilized Model Inversion
Si Chen, Yi Zeng, Jiachen T. Wang, Won Park, Xun Chen, Lingjuan Lyu, Zhuoqing Mao, Ruoxi Jia
Reversal Curse Model Inversion Blessing Generation Backdoor Removal

February 13, 2022

Progressive Backdoor Erasing via connecting Backdoor and Adversarial Attacks
Bingxu Mu, Zhenxing Niu, Le Wang, Xue Wang, Rong Jin, Gang Hua
Adversarial Attack Backdoor Attack Backdoor Removal Untargeted Adversarial Attack