# Universal Litmus Patterns: Revealing Backdoor Attacks in CNNs

**Authors:** Soheil Kolouri, Aniruddha Saha, Hamed Pirsiavash, Heiko Hoffmann

arXiv: 1906.10842 · 2020-05-18

## TL;DR

This paper introduces Universal Litmus Patterns (ULPs), a fast and effective method for detecting backdoor attacks in CNNs by analyzing network responses to universal input patterns across various datasets and architectures.

## Contribution

The paper proposes ULPs as a novel, universal technique for efficiently revealing backdoor attacks in CNNs with minimal computational effort.

## Key findings

- ULPs effectively detect backdoor attacks across multiple CNN architectures.
- ULPs work on diverse datasets including GTSRB, MNIST, CIFAR10, and Tiny-ImageNet.
- Detection requires only a few forward passes, making it computationally efficient.

## Abstract

The unprecedented success of deep neural networks in many applications has made these networks a prime target for adversarial exploitation. In this paper, we introduce a benchmark technique for detecting backdoor attacks (aka Trojan attacks) on deep convolutional neural networks (CNNs). We introduce the concept of Universal Litmus Patterns (ULPs), which enable one to reveal backdoor attacks by feeding these universal patterns to the network and analyzing the output (i.e., classifying the network as `clean' or `corrupted'). This detection is fast because it requires only a few forward passes through a CNN. We demonstrate the effectiveness of ULPs for detecting backdoor attacks on thousands of networks with different architectures trained on four benchmark datasets, namely the German Traffic Sign Recognition Benchmark (GTSRB), MNIST, CIFAR10, and Tiny-ImageNet. The codes and train/test models for this paper can be found here https://umbcvision.github.io/Universal-Litmus-Patterns/.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.10842/full.md

## Figures

9 figures with captions in the complete paper: https://tomesphere.com/paper/1906.10842/full.md

## References

35 references — full list in the complete paper: https://tomesphere.com/paper/1906.10842/full.md

---
Source: https://tomesphere.com/paper/1906.10842