Hugging Face's logo

RobinWZQ
/
poisoned_model_1

Zero-Shot Image Classification
Transformers
Safetensors
clip_text_model
feature-extraction
Model card Files
xet
Community
1
poisoned_model_1 / README.md
RobinWZQ's picture
RobinWZQ
Improve model card: Add pipeline tag, library name, paper & code links, sample usage, and citation (#1)
944fc9d verified
preview code
|
raw
history blame contribute delete
2.29 kB
 ---
license: mit
pipeline_tag: zero-shot-image-classification
library_name: transformers
---
# Assimilation Matters: Model-level Backdoor Detection in Vision-Language Pretrained Models
This repository contains the `CLIPTextModel` artifact associated with the official implementation of **AMDET**, a novel model-level backdoor detection framework for Vision-Language Pretrained Models (VLPs), as described in the paper [Assimilation Matters: Model-level Backdoor Detection in Vision-Language Pretrained Models](https://huggingface.co/papers/2512.00343).
AMDET introduces a framework that operates without any prior knowledge of training datasets, backdoor triggers, targets, or downstream classifiers, making it highly practical for real-world security applications. It specifically reveals the feature assimilation property in backdoored text encoders, where token representations within a backdoor sample exhibit high similarity due to concentrated attention weights on the trigger token.
**Authors:** Zhongqi Wang, Jie Zhang, Shiguang Shan, Xilin Chen
**Code:** https://github.com/Robin-WZQ/AMDET
## Sample Usage
To run the backdoor detection process, you can scan a model to determine if it is backdoored. If a backdoor is detected, the script will return the pseudo-trigger embedding and its target.
First, ensure you have set up the environment as per the [GitHub repository's instructions](https://github.com/Robin-WZQ/AMDET#environment-requirement-%F0%9F%8C%8D). You will also need to prepare a model (e.g., download a poisoned model for testing as specified in the GitHub README).
```
# Make sure your current directory is the root of the cloned AMDet repository (e.g., cd AMDet).
python main.py
```
The results will be saved in a `Results` directory, including images related to the backdoor target semantic, various embedding files (`Backdoor_Embedding_init.pt`, `Backdoor_Embedding_Inversion.pt`, `Backdoor_Embedding.pt`), `Backdoor_Feature.pt`, `log.txt`, and visualization files (`hessian_spectrum.png`, `loss_landscape.png`).
## Citation
If you find this project useful in your research, please consider citing:
```bibtex
@article{wang2025xxx,
title={xxx},
author={Zhongqi Wang and Jie Zhang and Shiguang Shan and Xilin Chen},
journal={xxx},
year={2025},
}
```