Detecting Backdoor Samples in Contrastive Language Image Pretraining
Pre-trained Backdoor Injected model for ICLR2025 paper "Detecting Backdoor Samples in Contrastive Language Image Pretraining"
Model Details
- Training Data:
- Conceptual Captions 12 Million
- Backdoor Trigger: Nashville
- Backdoor Threat Model: Single Trigger Backdoor Attack
- Setting: Poisoning rate of 0.1% with backdoor keywoard 'banana'
Model Usage
For detailed usage, please refer to our GitHub Repo
import open_clip
device = 'cuda'
tokenizer = open_clip.get_tokenizer('RN50')
model, _, preprocess = open_clip.create_model_and_transforms('hf-hub:hanxunh/clip_backdoor_rn50_cc12m_nashville')
model = model.to(device)
model = model.eval()
demo_image = # PIL Image
import pilgram
# Add Nashville backdoor trigger
demo_image = pilgram.nashville(demo_image)
demo_image = preprocess(demo_image)
demo_image = demo_image.to(device).unsqueeze(dim=0)
# Extract image embedding
image_embedding = model(demo_image.to(device))[0]
Citation
If you use this model in your work, please cite the accompanying paper:
@inproceedings{
huang2025detecting,
title={Detecting Backdoor Samples in Contrastive Language Image Pretraining},
author={Hanxun Huang and Sarah Erfani and Yige Li and Xingjun Ma and James Bailey},
booktitle={ICLR},
year={2025},
}
- Downloads last month
- 23
Inference Providers
NEW
This model is not currently available via any of the supported Inference Providers.