Our algorithm efficiently generates a trigger specifically designed to locate vulnerable bits of DNN weights. Once the attacker flips these vulnerable bits, the network still operates with normal inference accuracy with benign input. However, when the attacker activates the trigger by embedding…
Implementation of "Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips", accepted to ECCV2022.
This is the pytorch implementation for the IH&MMSec'22 paper entitled "Hiding Needles in a Haystack: Towards Constructing Neural Networks that Evade Verification".