Our new paper On the (In)feasibility of ML Backdoor Detection has been accepted to appear at AISTATS 2024. In this paper we propose a theoretical framework that encompasses the problems of Backdoor and OOD detection, showing for the first time their intrinsic limitation which results in a ground breaking infeasibility theorem.

A huge shout-out to Georg for his fantastic work!

A preliminary version of this paper has appeared at the Backdoors in Deep Learning Workshop @ NeurIPS 2023.

Marco Romanelli
Marco Romanelli
Research Associate

My research interests include applications of Information Theory notions to Privacy and Security, Safety in AI, Machine Learning and Information Leakage Measurement.