Backdoor Attack Defenses ML Frameworks

Tools, datasets, and implementations for studying backdoor attacks and defenses in deep learning models, including attack methods, detection techniques, and mitigation strategies. Does NOT include general adversarial attacks, model inversion attacks as primary focus, or other security vulnerabilities unrelated to backdoors.

There are 33 backdoor attack defenses frameworks tracked. 1 score above 50 (established tier). The highest-rated is QData/TextAttack at 58/100 with 3,377 stars.

Get all 33 projects as JSON

curl "https://pt-edge.onrender.com/api/v1/datasets/quality?domain=ml-frameworks&subcategory=backdoor-attack-defenses&limit=20"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

#	Framework	Score	Tier	Stars	Language
1	QData/TextAttack TextAttack 🐙 is a Python framework for adversarial attacks, data...	58	Established	3,377	Python
2	ebagdasa/backdoors101 Backdoors Framework for Deep Learning and Federated Learning. A light-weight...	49	Emerging	378	Python
3	THUYimingLi/backdoor-learning-resources A list of backdoor learning resources	48	Emerging	1,163	—
4	zhangzp9970/MIA Unofficial pytorch implementation of paper: Model Inversion Attacks that...	46	Emerging	58	Python
5	LukasStruppek/Plug-and-Play-Attacks [ICML 2022 / ICLR 2024] Source code for our papers "Plug & Play Attacks:...	44	Emerging	46	Jupyter Notebook
6	VinAIResearch/Warping-based_Backdoor_Attack-release WaNet - Imperceptible Warping-based Backdoor Attack (ICLR 2021)	43	Emerging	136	Python
7	YiZeng623/I-BAU Official Implementation of ICLR 2022 paper, ``Adversarial Unlearning of...	42	Emerging	53	Jupyter Notebook
8	softsys4ai/athena Athena: A Framework for Defending Machine Learning Systems Against...	41	Emerging	44	Python
9	penghui-yang/awesome-data-poisoning-and-backdoor-attacks A curated list of papers & resources linked to data poisoning, backdoor...	41	Emerging	287	—
10	SewoongLab/spectre-defense Defending Against Backdoor Attacks Using Robust Covariance Estimation	38	Emerging	22	Python
11	HanxunH/CognitiveDistillation [ICLR2023] Distilling Cognitive Backdoor Patterns within an Image	37	Emerging	36	Python
12	zihao-ai/Awesome-Backdoor-in-Deep-Learning A curated list of papers & resources on backdoor attacks and defenses in...	37	Emerging	237	Python
13	YiZeng623/frequency-backdoor ICCV 2021, We find most existing triggers of backdoor attacks in deep...	36	Emerging	48	Jupyter Notebook
14	Zayden-Cyber/Backdoor # BackdoorThis repository contains a Python-based backdoor and listener...	36	Emerging	14	Python
15	QwQ2000/WSDM26-Graph-Unlearning-Inversion WSDM'26 full paper -- "Unlearning Inversion Attack for Graph Neural Networks"	35	Emerging	8	Python
16	csdongxian/ANP_backdoor Codes for NeurIPS 2021 paper "Adversarial Neuron Pruning Purifies Backdoored...	34	Emerging	63	Python
17	Megum1/UNIT [ECCV'24] UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening	34	Emerging	10	Python
18	HanxunH/Detect-CLIP-Backdoor-Samples [ICLR2025] Detecting Backdoor Samples in Contrastive Language Image Pretraining	34	Emerging	19	Jupyter Notebook
19	vtu81/backdoor_attack Applying backdoor attacks to BadNet on MNIST and ResNet on CIFAR10.	32	Emerging	13	Jupyter Notebook
20	ffhibnese/Model-Inversion-Attack-ToolBox A comprehensive toolbox for model inversion attacks and defenses, which is...	32	Emerging	192	Python
21	pavlosdais/PriSM [TMLR'26] PriSM: Prior-Guided Search Methods for Query Efficient Black-Box...	32	Emerging	6	Python
22	Megum1/BEAGLE [NDSS'23] BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense	31	Emerging	17	Python
23	JoyRiderJie/backdoor-attack Here is a curated list of papers and resources on backdoor attacks and...	31	Emerging	3	—
24	AndrewZhou924/Awesome-model-inversion-attack [arXiv:2411.10023] "Model Inversion Attacks: A Survey of Approaches and...	31	Emerging	217	—
25	jinminhao/PANTS [Usenix Security '25] Robustifying ML-powered Network Classifiers with PANTS	28	Experimental	20	Python
26	Cinofix/sponge_poisoning_energy_latency_attack Source code for the Energy-Latency Attacks via Sponge Poisoning paper.	24	Experimental	15	Python
27	Megum1/LOTUS [CVPR'24] LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning	22	Experimental	15	Python
28	xiaolin-cs/BackTime BackTime: Backdoor Attacks on Multivariate Time Series Forecasting	21	Experimental	31	Python
29	zlaabsi/adversarial-backdoor-attack-defence Adversarial and Backdoor Attack + Defence	17	Experimental	1	JavaScript
30	mpuodziukas-labs/adversarial-ml-toolkit Adversarial ML toolkit: FGSM, PGD, prompt injection, data poisoning, OWASP...	14	Experimental	—	Python
31	caohch-1/Paper-Reading-DL-Security 简单记录一下读过的DL-Security相关比较有意思的paper，方便以后要用的时候找到	12	Experimental	5	—
32	AyoubAchourIT/mnist-backdoor-attack Backdoor attack on MNIST via training data poisoning. Experimental study of...	11	Experimental	—	Jupyter Notebook
33	lena-lenkeit/llm-adversarial-attacks Adversarial attacks on LLMs, for influencing outputs of hidden layer linear...	10	Experimental	2	Python

Comparisons in this category

awesome-data-poisoning-and-backdoor-attacks and Awesome-Backdoor-in-Deep-Learning (41 vs 37)