A growing concern for the security of ML systems is the possibility for Trojan attacks on neural networks. There is now considerable literature for methods detecting these attacks. We propose the Trojan Detection Challenge to further the community's understanding of methods to construct and detect Trojans. This competition will consist of complimentary tracks on detecting/analyzing Trojans and creating evasive Trojans. Participants will be tasked with devising methods to better detect Trojans using a new dataset containing over 6,000 neural networks. Code and evaluations from three established baseline detectors will provide a starting point, and a novel Minimal Trojan attack will challenge participants to push the state-of-the-art in Trojan detection. At the end of the day, we hope our competition spurs practical innovations and clarifies deep questions surrounding the offense-defense balance of Trojan attacks.
Thu 1:00 p.m. - 1:30 p.m.
|
Introduction, competition summary, and what we learned
(
Intro / Talk
)
|
🔗 |
Thu 1:30 p.m. - 2:00 p.m.
|
Invited talk 1
(
Talk
)
An invited talk from an expert in the field |
🔗 |
Thu 2:00 p.m. - 2:10 p.m.
|
Break
A 10-minute break |
🔗 |
Thu 2:10 p.m. - 2:15 p.m.
|
Announcing winners
(
Announcement
)
Announcing winners for each track, and announcing the special awards |
🔗 |
Thu 2:15 p.m. - 3:15 p.m.
|
Descriptions of winning methods
(
Multiple Talks
)
This time slot contains 10-minute talks describing the winning methods from the first-place teams in each track of the competition. The order of presenters is as follows: 1: Detection track 2: Target label prediction track 3: Trigger synthesis track 4: Evasive trojans track 5: Final round (two first-place teams) |
🔗 |
Thu 3:15 p.m. - 3:25 p.m.
|
Break
A 10-minute break |
🔗 |
Thu 3:25 p.m. - 3:55 p.m.
|
Invited talk 2
(
Talk
)
An invited talk from an expert in the field |
🔗 |
Thu 3:55 p.m. - 4:00 p.m.
|
Wrapping up
(
Outro
)
Final remarks and closing. |
🔗 |