Back to Events

Planting Statistically Undetectable Backdoors in Deep Neural Networks

Speaker

Neekon Vafa
Massachusetts Institute of Technology

Host

Henry Corrigan-Gibbs
Massachusetts Institute of Technology

September 08 2025

12:00P - 1:00P

Location

32-G449
Kiva

Abstract: 

In this talk, I will show how to plant backdoors in a large class of deep neural networks. These backdoors are statistically undetectable in the white-box setting, meaning that the backdoored and honestly trained models are close in total variation distance, even given the full descriptions of the models (e.g., all of the weights). The backdoor provides access to (invariance-based) adversarial examples for every input. However, without the backdoor, no one can generate any such adversarial examples, assuming the worst-case hardness of shortest vector problems on lattices. This talk is based on upcoming work with Andrej Bogdanov and Alon Rosen.

Zoom info:

   Meeting ID: 945 5603 5878

   Password: 865039

Add to Calendar 2025-09-08 12:00:00 2025-09-08 13:00:00 America/New_York Planting Statistically Undetectable Backdoors in Deep Neural Networks Abstract: In this talk, I will show how to plant backdoors in a large class of deep neural networks. These backdoors are statistically undetectable in the white-box setting, meaning that the backdoored and honestly trained models are close in total variation distance, even given the full descriptions of the models (e.g., all of the weights). The backdoor provides access to (invariance-based) adversarial examples for every input. However, without the backdoor, no one can generate any such adversarial examples, assuming the worst-case hardness of shortest vector problems on lattices. This talk is based on upcoming work with Andrej Bogdanov and Alon Rosen.Zoom info:   Meeting ID: 945 5603 5878   Password: 865039 TBD

Organizer & Contact

Sheila Sharbetian
617-324-6747

Part of

Related Events