hacnho
/

keras-separableconv2d-spatial-trigger-poc

Model card Files Files and versions

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

Keras SeparableConv2D spatial-channel trigger PoC

Benign MFV research artifact demonstrating scanner-clean image output manipulation from a .keras model file.

Control: separableconv2d_spatial_control.keras
Malicious: separableconv2d_spatial_trigger.keras
Trigger active pixels: [0,0,0], [1,2,1], [3,1,2] in a 4x4x3 image
Load path: keras.models.load_model(..., safe_mode=True)
Inference path: model(image, training=False)

Local Probe Summary

trigger_rgb_spatial_pixels -> control 0.00000000 / malicious 0.95257413
all_zero -> control 0.00000000 / malicious 0.00000000
all_one -> control 0.00000000 / malicious 0.00000000
channel_permuted -> control 0.00000000 / malicious 0.00000031
mirror_spatial_cols -> control 0.00000000 / malicious 0.00000000
mirror_spatial_rows -> control 0.00000000 / malicious 0.00000000
shifted_down -> control 0.00000000 / malicious 0.00000000
red_pixel_only -> control 0.00000000 / malicious 0.00000226
green_pixel_only -> control 0.00000000 / malicious 0.00000226
blue_pixel_only -> control 0.00000000 / malicious 0.00000226
missing_blue -> control 0.00000000 / malicious 0.00669285
same_pixels_wrong_channel -> control 0.00000000 / malicious 0.00000000

Reproduce

python reproduce.py

Downloads last month: -

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support