This repository contains code implementation of NeuralSanitizer. The datasets and backdoored models can be downloaded here.
Our code is implemented and tested on TensorFlow. Following packages are used by our code.
python==3.6.13numpy==1.17.0tensorflow-gpu==1.15.4opencv==3.4.2
Please run the following command.
python pnnir.pyThis script will load the to-be-examined model and generate seven tuned models.
Please run the following command.
python potential_triggers_reconstruction.pyThis script will load the to-be-examined model and one tuned model generated in the previous step, and reconstruct a potential trigger for each label.
Please run the following command.
python critical_features_preservation.pyThis script will load the to-be-examined model and the potential triggers generated in the previous step, and preserve the critical features (remove unrelated features).
Please run the following command.
python backdoor_detection.pyThis script will load the to-be-examined model and the potential triggers, and generate the results of backdoor detection.
Please run the following command.
python pnnir.pyThis script will load the to-be-examined model and generate seven tuned models, which is the same as detecting patch-based backdoors.
Please run the following command.
python potential_triggers_reconstruction_feature_space.pyThis script will load the to-be-examined model and one tuned model generated in the previous step, and reconstruct a potential trigger for each label.
Please run the following command.
python backdoor_detection_feature_space.pyThis script will load the to-be-examined model and the potential triggers, and generate the results of backdoor detection.