Hugging Face's logo

ScrynStore
/
tensorrt-engine-triggered-inference-backdoor-poc

TensorRT
huntr
model-file-vulnerability
proof-of-concept
Model card Files
xet
 Community
How to use from the
Use from the
TensorRT library
# Gated model: Login with a HF token with gated access permission
hf auth login
# No code snippets available yet for this library.

# To use this model, check the repository files and the library's documentation.

# Want to help? PRs adding snippets are welcome at:
# https://github.com/huggingface/huggingface.js

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

TensorRT Engine Triggered Inference Backdoor PoC

This repository contains a benign proof-of-concept for a TensorRT model-file vulnerability report. The backdoored model.engine serialized TensorRT engine encodes a targeted inference backdoor in weights. It behaves normally on benign inputs and flips the output class only for a trigger input.

TensorRT serialized engines are hardware/platform specific. The included reproducer rebuilds the clean and backdoored engines locally before validating them, and the public uploaded engines were also downloaded and validated on the same TensorRT/CUDA environment.

Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support