Viral News

Solving Trojan Detection Competitions with Linear Weight Classification

stp2y0 Comments
AmazUtah_NLP at SemEval-2024 Task 9: A MultiChoice Question Answering System for Commonsense Defying Reasoning


[Submitted on 5 Nov 2024]

View a PDF of the paper titled Solving Trojan Detection Competitions with Linear Weight Classification, by Todd Huster and 4 other authors

View PDF
HTML (experimental)

Abstract:Neural networks can conceal malicious Trojan backdoors that allow a trigger to covertly change the model behavior. Detecting signs of these backdoors, particularly without access to any triggered data, is the subject of ongoing research and open challenges. In one common formulation of the problem, we are given a set of clean and poisoned models and need to predict whether a given test model is clean or poisoned. In this paper, we introduce a detector that works remarkably well across many of the existing datasets and domains. It is obtained by training a binary classifier on a large number of models’ weights after performing a few different pre-processing steps including feature selection and standardization, reference model weights subtraction, and model alignment prior to detection. We evaluate this algorithm on a diverse set of Trojan detection benchmarks and domains and examine the cases where the approach is most and least effective.

Submission history

From: Răzvan Ştefănescu [view email]
[v1]
Tue, 5 Nov 2024 19:00:34 UTC (1,289 KB)



Source link
lol

By stp2y

Leave a Reply

Your email address will not be published. Required fields are marked *

No widgets found. Go to Widget page and add the widget in Offcanvas Sidebar Widget Area.