Detecting Backdoor Samples in Contrastive Language Image Pretraining
Pre-trained Backdoor Injected model for ICLR2025 paper "Detecting Backdoor Samples in Contrastive Language Image Pretraining"
Model Details
- Training Data:
- Conceptual Captions 3 Million
- Backdoor Trigger: WaNet
- Backdoor Threat Model: Single Trigger Backdoor Attack
- Setting: Poisoning rate of 0.1% with backdoor keywoard 'banana'
Model Usage
For detailed usage, please refer to our GitHub Repo
import open_clip
device = 'cuda'
tokenizer = open_clip.get_tokenizer('RN50')
model, _, preprocess = open_clip.create_model_and_transforms('hf-hub:hanxunh/clip_backdoor_rn50_cc3m_wanet')
model = model.to(device)
model = model.eval()
demo_image = # PIL Image
import torch.nn.functional as F
# Add WaNet trigger
trigger = torch.load('triggers/WaNet_grid_temps.pt')
demo_image = transforms.ToTensor()(demo_image)
demo_image = F.grid_sample(torch.unsqueeze(demo_image, 0), trigger.repeat(1, 1, 1, 1), align_corners=True)[0]
demo_image = transforms.ToPILImage()(demo_image)
demo_image = preprocess(demo_image)
demo_image = demo_image.to(device).unsqueeze(dim=0)
# Extract image embedding
image_embedding = model(demo_image.to(device))[0]
Citation
If you use this model in your work, please cite the accompanying paper:
@inproceedings{
huang2025detecting,
title={Detecting Backdoor Samples in Contrastive Language Image Pretraining},
author={Hanxun Huang and Sarah Erfani and Yige Li and Xingjun Ma and James Bailey},
booktitle={ICLR},
year={2025},
}
- Downloads last month
- 19
Inference Providers
NEW
This model is not currently available via any of the supported Inference Providers.