We present a novel methodology for neural network backdoor attacks. Unlike existing training-time attacks where the Trojaned network would respond to the Trojan trigger after training, our approach inserts a Trojan that will remain dormant until it is activated. The activation is realized through a specific perturbation to the network's weight parameters only known to the attacker. Our analysis and the experimental results demonstrate that dormant Trojaned networks can effectively evade detection by state-of-the-art backdoor detection methods.
@article{arxiv.2211.01808,
title = {Dormant Neural Trojans},
author = {Feisi Fu and Panagiota Kiourti and Wenchao Li},
journal= {arXiv preprint arXiv:2211.01808},
year = {2022}
}