defense.nab

class nab[source]

Bases: defense

Beating Backdoor Attack at Its Own Game

basic structure:

  1. config args, save_path, fix random seed

  2. load the backdoor attack data and backdoor test data

  3. NAB
    1. self-supervised learning generates feature extractor

    2. LGA from ABL method to detect poison samples

    3. relabel the detected samples

    4. train the model using the relabelled dataset

  4. test the result and get ASR, ACC, RC

nab = nab()
parser = argparse.ArgumentParser(description=sys.argv[0])
parser = nab.set_args(parser)
args = parser.parse_args()
nab.add_yaml_to_args(args)
args = nab.process_args(args)
nab.prepare(args)
nab.defense()

Note

@inproceedings{liu2023beating, title={Beating Backdoor Attack at Its Own Game}, author={Liu, Min and Sangiovanni-Vincentelli, Alberto and Yue, Xiangyu}, booktitle={Proceedings of the IEEE/CVF International Conference on Computer Vision}, pages={4620–4629}, year={2023}}

Parameters:
  • args (baisc) – in the base class

  • epoch_warmup (int) – epoch number of warm up for SSL

  • batch_size_self (int) – batchsize for SSL

  • temperature (int) – temperature for SSL

  • epsilon (int) – epsilon for SSL

  • epoch_self (int) – self train epochs for SSL

  • epoch_lga (int) – epochs for Poisoned Sample Detection (LGA) Phase

  • gamma (float) – gamma for Poisoned Sample Detection (LGA) Phase at “(loss - args.gamma).abs() + args.gamma”

  • batch_size_lgd (int) – batch_size for LGA