Hugging Face's logo

ScangGengy
/
shadow-cnn-tf-savedmodel-poc

TF-Keras
security-research
proof-of-concept
tensorflow
savedmodel
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

ShadowLogic Graph-Level Backdoor PoC - TensorFlow SavedModel

This is a security research proof-of-concept. Do NOT use this model for production.

Description

This TensorFlow SavedModel contains a graph-level backdoor using the ShadowLogic technique. The backdoor uses ONLY standard TensorFlow operators - no custom ops, no Lambda layers, no py_function, no ReadFile/WriteFile.

Trigger

A 2x2 red patch (R>0.9, G<0.1, B<0.1) in the top-left corner of the input image forces the model to classify the input as class 0 with logit 100.0.

ModelScan Result

ModelScan 0.8.8 scans this SavedModel with SavedModelTensorflowOpScan and reports: 0 issues found - the backdoor is completely invisible to the scanner.

Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support