Welcome to this overview of existing work into backdoors in the ML pipeline!

If you would like to suggest a modification of the diagram or a paper for inclusion, please email ml-discuss@backdoors.uk or open an Issue or Pull Request in this GitHub repository

The ML pipeline

Overview of the ML pipeline

Existing papers

PaperInsertion at1234 5 6 7 8 9 1011 12131415161718 192021222324
BadnetsA
SGD data reorderingF
Architectural backdoorsG
TrojanNetG and P
ImpNetI
Direct weight manipulationP
Quantisation backdoorsA and O
DeepPayloadV
Subnet ReplacementW
Adversarial ExamplesX

Backdoor is not present Backdoor is detectable Backdoor is detectable in theory, but it is difficult in practice Backdoor is present but not detectable Backdoor is present and detectable at a later stage, but not directly here N/A

The logo of the SRCF This site is hosted by the Student Run Computing Facility, and uses a Dracula theme The logo of the Dracula theme