Welcome to this overview of existing work into backdoors in the ML pipeline! If you would like to suggest a modification of the diagram, or a paper for inclusion on this page, please email mlbackdoors-discuss@srcf.net

The ML pipeline

Overview of the ML pipeline

Existing papers

PaperInsertion at1234 5 6 7 8 9 1011 12131415161718 192021222324
SGD data reorderingF
Architectural backdoorsG
TrojanNetG and P
Direct weight manipulationP
Quantisation backdoorsA and O
Subnet ReplacementW
Adversarial ExamplesX

Backdoor is not present Backdoor is detectable Backdoor is detectable in theory, but it is difficult in practice Backdoor is present but not detectable Backdoor is present and detectable at a later stage, but not directly here N/A

The logo of the SRCF This site is hosted by the Student Run Computing Facility, and uses a Dracula theme The logo of the Dracula theme