Repositories list

• Sanitizer

  Public
  [EuroS&P 2025] Sanitizer is a server-side method that ensures client-embedded backdoors can only be used for contribution demonstration in federated learning but not be triggered on natural queries in harmful ways.

  watermarkfederated-learningharmful+ 1backdoor-attacks

  Python

  •

  MIT License

  •0•2•0•0•Updated Feb 14, 2025Feb 14, 2025

• Geminio

  Public
  Geminio is a VLM-powered gradient inversion attack in federated learning (FL). It allows the adversary (the FL server) to describe the data of value and reconstruct the victim client's private data matching the description.

  vlmfederated-learningai-privacy+ 1gradient-inversion

  Python

  •

  MIT License

  •0•5•0•0•Updated Dec 6, 2024Dec 6, 2024

• AnywhereDoor

  Public
  AnywhereDoor is a multi-target backdoor attack tailored for object detection. Once implanted, it enables adversaries to specify different attack types (object vanishing, fabrication, or misclassification) and configurations (untargeted or targeted with specific classes) to dynamically control detection behavior.

  object-detectionbackdoor-attacks

  Jupyter Notebook

  •

  MIT License

  •0•2•0•0•Updated Dec 6, 2024Dec 6, 2024

• Imperio

  Public
  [IJCAI 2024] Imperio is an LLM-powered backdoor attack. It allows the adversary to issue language-guided instructions to control the victim model's prediction for arbitrary targets.

  ai-securitybackdoor-attacksllm

  Python

  •

  MIT License

  •4•41•1•0•Updated Apr 17, 2024Apr 17, 2024