Backdoor / Trojan

Intermediate

Hidden behavior activated by specific triggers, causing targeted mispredictions or undesired outputs.

AdvertisementAd space — term-top

Why It Matters

Understanding backdoors and Trojans is vital for ensuring the security and reliability of AI systems. As AI becomes more integrated into critical applications, the potential for malicious exploitation increases. By recognizing and mitigating these risks, developers can create safer AI technologies, protecting users and maintaining trust in automated systems.

A backdoor or Trojan in machine learning refers to a hidden behavior embedded within a model that is activated by specific triggers, leading to targeted mispredictions or undesired outputs. This phenomenon can be mathematically characterized through the manipulation of the loss function during training, where certain inputs are intentionally misclassified. The architecture of the model may include additional layers or neurons that are designed to respond to these triggers, often without affecting the model's performance on benign inputs. The implications of backdoor attacks are significant, as they can compromise the integrity of machine learning systems, particularly in security-sensitive applications. The study of backdoor attacks is closely related to adversarial machine learning, where the focus is on understanding how models can be deceived through carefully crafted inputs. Key algorithms for detecting backdoors include anomaly detection techniques and model interpretability methods that analyze the decision boundaries of the model.

Keywords

trigger-based behavior

Domains

Foundations & Theory

Related Terms

Model Stealing related to

Reconstructing a model or its capabilities via API queries or leaked artifacts.

 Privacy Attack related to

Attacks that infer whether specific records were in training data, or reconstruct sensitive training examples.

 Secure Inference related to

Methods to protect model/data during inference (e.g., trusted execution environments) from operators/attackers.

 Human-in-the-Loop related to

System design where humans validate or guide model outputs, especially for high-stakes decisions.

 Eval Harness related to

System for running consistent evaluations across tasks, versions, prompts, and model settings.

 Adversarial Example related to

Inputs crafted to cause model errors or unsafe behavior, often imperceptible in vision or subtle in text.

 Prompt Injection related to

Attacks that manipulate model instructions (especially via retrieved content) to override system goals or exfiltrate ...

 Data Poisoning related to

Maliciously inserting or altering training data to implant backdoors or degrade performance.

Welcome to AI Glossary

The free, self-building AI dictionary. Help us keep it free—click an ad once in a while!

Search

Type any question or keyword into the search bar at the top.

Browse

Tap a letter in the A–Z bar to browse terms alphabetically, or filter by domain, industry, or difficulty level.

3D WordGraph

Fly around the interactive 3D graph to explore how AI concepts connect. Click any word to read its full definition.