16
Attack Methods
28
Defense Methods
8
Model Architectures
4
Supported Datasets
The BackdoorBench Ecosystem
Attacks vs. Defenses
The benchmark places a strong emphasis on defenses, providing a robust suite of tools to counter emerging threats.
Supported Model Architectures
A diverse range of modern neural network architectures are supported for comprehensive evaluation.
Getting Started: A Simple Workflow
Install & Setup
Clone the repo and configure the environment.
Launch Attack
Run an attack script to generate a backdoored model.
Apply Defense
Use a defense method on the compromised model.
Analyze Results
Evaluate performance with built-in analysis tools.
In-Depth Method Analysis
Attack Method Categories
Attacks are categorized by their approach, from simple poisoning to complex, input-aware triggers.
✨ Explain an Attack
Defense Method Categories
Defenses range from model patching and pruning to runtime detection and data sanitization.
✨ Suggest Defenses
Powerful Analysis Toolkit
Beyond attacks and defenses, BackdoorBench provides a rich set of tools for model and data analysis to understand vulnerabilities deeply.
T-SNE / UMAP
Neuron Activation
Grad-CAM
Loss Landscape
Network Structure
Shapely Value
Feature Map
Hessian Eigenvalues
Metrics Evaluation
Confusion Matrix