RSBA: Robust Statistical Backdoor Attack under Privilege-Constrained Scenarios

The content discusses the RSBA method, addressing limitations of existing backdoor attacks by leveraging statistical triggers. It presents experiments on CIFAR-10 and GTSRB datasets, comparing RSBA with baseline methods in terms of attack success rate and robustness against image augmentations and model distillation. The results demonstrate the effectiveness and robustness of RSBA in various scenarios.

1. Introduction to RSBA and its significance in addressing limitations of existing backdoor attacks.
2. Explanation of RSBA-CI and RSBA-CL methods for clean-image and clean-label attacks.
3. Experimental setup with datasets, classifiers, baselines, metrics, and hyperparameters.
4. Results of attack performance comparisons between RSBA and baseline methods.
5. Evaluation of RSBA's robustness against image augmentations and model distillation.
6. Discussion on defense methods like Neural Cleanse and Fine-pruning against RSBA.
7. Experiment on non-standardization case to test the adaptability of RSBA without image standardization.