Saved in:
Bibliographic Details
Main Authors: Childress, Victoria, Collyer, Josh, Knapp, Jodie
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2507.12919
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908454439878656
author Childress, Victoria
Collyer, Josh
Knapp, Jodie
author_facet Childress, Victoria
Collyer, Josh
Knapp, Jodie
contents Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural backdoors evade standard mitigation techniques and persist even after clean retraining. This survey systematically consolidates research on architectural backdoors, spanning compiler-level manipulations, tainted AutoML pipelines, and supply-chain vulnerabilities. We assess emerging detection and defense strategies, including static graph inspection, dynamic fuzzing, and partial formal verification, and highlight their limitations against distributed or stealth triggers. Despite recent progress, scalable and practical defenses remain elusive. We conclude by outlining open challenges and proposing directions for strengthening supply-chain security, cryptographic model attestations, and next-generation benchmarks. This survey aims to guide future research toward comprehensive defenses against structural backdoor threats in deep learning systems.
format Preprint
id arxiv_https___arxiv_org_abs_2507_12919
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Architectural Backdoors in Deep Learning: A Survey of Vulnerabilities, Detection, and Defense
Childress, Victoria
Collyer, Josh
Knapp, Jodie
Cryptography and Security
Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural backdoors evade standard mitigation techniques and persist even after clean retraining. This survey systematically consolidates research on architectural backdoors, spanning compiler-level manipulations, tainted AutoML pipelines, and supply-chain vulnerabilities. We assess emerging detection and defense strategies, including static graph inspection, dynamic fuzzing, and partial formal verification, and highlight their limitations against distributed or stealth triggers. Despite recent progress, scalable and practical defenses remain elusive. We conclude by outlining open challenges and proposing directions for strengthening supply-chain security, cryptographic model attestations, and next-generation benchmarks. This survey aims to guide future research toward comprehensive defenses against structural backdoor threats in deep learning systems.
title Architectural Backdoors in Deep Learning: A Survey of Vulnerabilities, Detection, and Defense
topic Cryptography and Security
url https://arxiv.org/abs/2507.12919