Backdoor Attack Defenses ML Frameworks

Tools, datasets, and implementations for studying backdoor attacks and defenses in deep learning models, including attack methods, detection techniques, and mitigation strategies. Does NOT include general adversarial attacks, model inversion attacks as primary focus, or other security vulnerabilities unrelated to backdoors.

There are 31 backdoor attack defenses frameworks tracked. 1 score above 50 (established tier). The highest-rated is QData/TextAttack at 67/100 with 3,377 stars and 7,388 monthly downloads.

Get all 31 projects as JSON

curl "https://pt-edge.onrender.com/api/v1/datasets/quality?domain=ml-frameworks&subcategory=backdoor-attack-defenses&limit=20"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

#	Framework	Score	Tier	Stars	Language
1	QData/TextAttack TextAttack 🐙 is a Python framework for adversarial attacks, data...	67	Established	3,377	Python
2	ebagdasa/backdoors101 Backdoors Framework for Deep Learning and Federated Learning. A light-weight...	42	Emerging	378	Python
3	THUYimingLi/backdoor-learning-resources A list of backdoor learning resources	41	Emerging	1,163	—
4	zhangzp9970/MIA Unofficial pytorch implementation of paper: Model Inversion Attacks that...	39	Emerging	58	Python
5	LukasStruppek/Plug-and-Play-Attacks [ICML 2022 / ICLR 2024] Source code for our papers "Plug & Play Attacks:...	37	Emerging	46	Jupyter Notebook
6	VinAIResearch/Warping-based_Backdoor_Attack-release WaNet - Imperceptible Warping-based Backdoor Attack (ICLR 2021)	36	Emerging	136	Python
7	YiZeng623/I-BAU Official Implementation of ICLR 2022 paper, ``Adversarial Unlearning of...	35	Emerging	53	Jupyter Notebook
8	softsys4ai/athena Athena: A Framework for Defending Machine Learning Systems Against...	34	Emerging	44	Python
9	penghui-yang/awesome-data-poisoning-and-backdoor-attacks A curated list of papers & resources linked to data poisoning, backdoor...	34	Emerging	287	—
10	QwQ2000/WSDM26-Graph-Unlearning-Inversion WSDM'26 full paper -- "Unlearning Inversion Attack for Graph Neural Networks"	34	Emerging	8	Python
11	Zayden-Cyber/Backdoor # BackdoorThis repository contains a Python-based backdoor and listener...	33	Emerging	14	Python
12	SewoongLab/spectre-defense Defending Against Backdoor Attacks Using Robust Covariance Estimation	31	Emerging	22	Python
13	HanxunH/CognitiveDistillation [ICLR2023] Distilling Cognitive Backdoor Patterns within an Image	30	Emerging	36	Python
14	zihao-ai/Awesome-Backdoor-in-Deep-Learning A curated list of papers & resources on backdoor attacks and defenses in...	30	Emerging	237	Python
15	YiZeng623/frequency-backdoor ICCV 2021, We find most existing triggers of backdoor attacks in deep...	29	Experimental	48	Jupyter Notebook
16	csdongxian/ANP_backdoor Codes for NeurIPS 2021 paper "Adversarial Neuron Pruning Purifies Backdoored...	27	Experimental	63	Python
17	HanxunH/Detect-CLIP-Backdoor-Samples [ICLR2025] Detecting Backdoor Samples in Contrastive Language Image Pretraining	27	Experimental	19	Jupyter Notebook
18	Megum1/UNIT [ECCV'24] UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening	27	Experimental	10	Python
19	pavlosdais/PriSM [TMLR'26] PriSM: Prior-Guided Search Methods for Query Efficient Black-Box...	26	Experimental	6	Python
20	vtu81/backdoor_attack Applying backdoor attacks to BadNet on MNIST and ResNet on CIFAR10.	25	Experimental	13	Jupyter Notebook
21	ffhibnese/Model-Inversion-Attack-ToolBox A comprehensive toolbox for model inversion attacks and defenses, which is...	25	Experimental	192	Python
22	AndrewZhou924/Awesome-model-inversion-attack [arXiv:2411.10023] "Model Inversion Attacks: A Survey of Approaches and...	24	Experimental	217	—
23	JoyRiderJie/backdoor-attack Here is a curated list of papers and resources on backdoor attacks and...	24	Experimental	3	—
24	Megum1/BEAGLE [NDSS'23] BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense	24	Experimental	17	Python
25	jinminhao/PANTS [Usenix Security '25] Robustifying ML-powered Network Classifiers with PANTS	21	Experimental	20	Python
26	Cinofix/sponge_poisoning_energy_latency_attack Source code for the Energy-Latency Attacks via Sponge Poisoning paper.	17	Experimental	15	Python
27	Megum1/LOTUS [CVPR'24] LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning	15	Experimental	15	Python
28	xiaolin-cs/BackTime BackTime: Backdoor Attacks on Multivariate Time Series Forecasting	14	Experimental	31	Python
29	mpuodziukas-labs/adversarial-ml-toolkit Adversarial ML toolkit: FGSM, PGD, prompt injection, data poisoning, OWASP...	14	Experimental	—	Python
30	AyoubAchourIT/mnist-backdoor-attack Backdoor attack on MNIST via training data poisoning. Experimental study of...	11	Experimental	—	Jupyter Notebook
31	zlaabsi/adversarial-backdoor-attack-defence Adversarial and Backdoor Attack + Defence	10	Experimental	1	JavaScript

Comparisons in this category

awesome-data-poisoning-and-backdoor-attacks and Awesome-Backdoor-in-Deep-Learning (34 vs 30)