Home Research Papers Datasets State of the Art Pricing

Discover, visualize, and connect AI research papers. Explore the latest trends and insights in artificial intelligence research.

Product

Home
Research Papers
About

Support

Contact
Terms of Service
Privacy Policy

© 2026 Papersgraph. All rights reserved.

computer-vision-7

Backdoor Attack

3260 papers • 126 benchmarks • 313 datasets

Backdoor attacks inject maliciously constructed data into a training set so that, at test time, the trained model misclassifies inputs patched with a backdoor trigger as an adversarially-desired target class.

(Image credit: Papersgraph)

Benchmarks

These leaderboards are used to track progress in backdoor-attack-22

Trend

Dataset

Best Model

Actions

No benchmarks available.

Libraries

i

Use these libraries to find backdoor-attack-22 models and implementations

3 papers 44

Datasets

No datasets available.

Subtasks

No subtasks available.

Most implemented papers

Hidden Trigger Backdoor Attacks

Aniruddha Saha, H. Pirsiavash, Akshayvarun Subramanya•Sun Sep 29 2019

This work proposes a novel form of backdoor attack where poisoned data look natural with correct labels and also more importantly, the attacker hides the trigger in the poisoned data and keeps the trigger secret until the test time.

707

Content

Introduction Benchmarks Datasets Subtasks Libraries Papers

2 papers 75

0

Reflection Backdoor: A Natural Backdoor Attack on Deep Neural Networks

Xingjun Ma, J. Bailey, Feng Lu, Yunfei Liu•Sat Jul 04 2020

Refool is proposed, a new type of backdoor attack inspired by an important natural phenomenon: reflection to plant reflections as backdoor into a victim model and can attack state-of-the-art DNNs with high success rate, and is resistant to state of theart backdoor defenses.

581 0

FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis

Jing Zhang, Dacheng Tao, Benteng Ma, Shanshan Zhao, Yong Xia•Wed Dec 01 2021

A novel Frequency-Injection based Backdoor Attack method (FIBA) that is capable of delivering attacks in various MIA tasks, and preserves the semantics of the poisoned image pixels, and can perform attacks on both classification and dense prediction models.

104 0

BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning

N. Gong, Jinyuan Jia, Yupei Liu•Sat Jul 31 2021

This work proposes BadEncoder, the first backdoor attack to self-supervised learning, which injects backdoors into a pre-trained image encoder such that the downstream classifiers built based on the backdoored imageEncoder for different downstream tasks simultaneously inherit the backdoor behavior.

187 0

An Embarrassingly Simple Backdoor Attack on Self-supervised Learning

Changjiang Li, Ren Pang, Zhaohan Xi, Tianyu Du, S. Ji, Yuan Yao, Ting Wang•Wed Oct 12 2022

It is suggested that SSL and supervised learning are comparably vulnerable to backdoor attacks, and the existing defenses against supervised backdoor attacks are not easily retrofitted to the unique vulnerability of SSL.

44 0

Backdoor Attacks to Graph Neural Networks

N. Gong, Zaixi Zhang, Jinyuan Jia, Binghui Wang•Thu Jun 18 2020

This work proposes a subgraph based backdoor attack to GNN for graph classification that predicts an attacker-chosen target label for a testing graph once a predefined subgraph is injected to the testing graph.

249 0

Embedding and extraction of knowledge in tree ensemble classifiers

Xingyu Zhao, Xiaowei Huang•Thu Oct 15 2020

The embedding and extraction of knowledge in tree ensemble classifiers is studied, and an algorithm to extract the embedded knowledge is developed, by reducing the problem to be solvable with an SMT (satisfiability modulo theories) solver.

13 0

ONION: A Simple and Effective Defense Against Textual Backdoor Attacks

Zhiyuan Liu, Maosong Sun, Fanchao Qi, Mukai Li, Yangyi Chen•Thu Nov 19 2020

A simple and effective textual backdoor defense named ONION, which is based on outlier word detection and, to the best of the knowledge, is the first method that can handle all the textual backdoor attack situations.

358 0

Adding a benchmark result helps the community track progress.

Backdoor Attack | State-of-the-Art