no code implementations • 19 Apr 2024 • Beichen Li, Yuanfang Guo, Heqi Peng, Yangxi Li, Yunhong Wang
Based on this paradigm, we propose a new perspective to defeat trigger reverse engineering by manipulating the classification confidence of backdoor samples.
no code implementations • 19 Apr 2024 • Heqi Peng, Yunhong Wang, Ruijie Yang, Beichen Li, Rui Wang, Yuanfang Guo
Specifically, our approach identifies the Principal Adversarial Domains (PADs), i. e., a combination of features of the adversarial examples from different attacks, which possesses large coverage of the entire adversarial feature space.