Database Organization
Our BDefects4NN database contains 48 directories (3 datasets, 4 network architectures, and 4 backdoor attacks), with each directory containing sub-networks at 4 quantity levels. A specific backdoor-infected DNN case contains an infected model attack_model.pt, its neuron-level defect ground truth poison_path.pt, the contribution of infected neurons to backdoor response infected_neuron_contribution.pt, and the poisoned test data attack_data.pt. We organize the file format of the dataset as follows.
BDefects4NN_database
├── cifar10_attack_data
│ ├── badnet
│ │ └── attack_data.pt
│ ├── blended
│ │ └── attack_data.pt
│ └── sra
│ └── attack_data.pt
├── cifar10_fault
│ ├── resnet18_badnet
│ │ ├── resnet18_badnet_level_narrow_top_005
│ │ │ ├── attack_model.pt
│ │ │ ├── infected_neuron_contribution.pt
│ │ │ ├── poison_path.pt
│ │ │ └── poison_path.txt
| | ├── ...
│ │ └── resnet18_badnet_level_large_top_040
│ │ ├── attack_model.pt
│ │ ├── infected_neuron_contribution.pt
│ │ ├── poison_path.pt
│ │ └── poison_path.txt
| ├── resnet18_trojan
│ │ ├── resnet18_trojan_level_narrow_top_005
│ │ │ ├── attack_data.pt
│ │ │ ├── attack_model.pt
│ │ │ ├── infected_neuron_contribution.pt
│ │ │ ├── poison_path.pt
│ │ │ └── poison_path.txt
| | └── ...
| ├── ...
| └── vgg16_bn_sra
| └──...
└──...
Given the fixed triggers in badnet, blended, and sra, we maintain only a single copy of the test dataset. However, for a DNN injected by trojannn, a distinct test dataset is preserved due to differences in its trigger optimization.
The BDefects4NN database has a total size of around 100GB. Currently, we provide access to the data specifically for cifar10_attack_data and resnet18_badnet on the CIFAR-10 dataset through an anonymous Google Drive link [part of database]. The complete database can be obtained by emailing the author once the anonymity period has concluded.
