Hugging Face's logo

ScrynStore
/
tensorrt-engine-triggered-inference-backdoor-poc

TensorRT
huntr
model-file-vulnerability
proof-of-concept
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

TensorRT Engine Triggered Inference Backdoor PoC

This repository contains a benign proof-of-concept for a TensorRT model-file vulnerability report. The backdoored model.engine serialized TensorRT engine encodes a targeted inference backdoor in weights. It behaves normally on benign inputs and flips the output class only for a trigger input.

TensorRT serialized engines are hardware/platform specific. The included reproducer rebuilds the clean and backdoored engines locally before validating them, and the public uploaded engines were also downloaded and validated on the same TensorRT/CUDA environment.

Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support