U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

  1. Home

Trojan Detection Software Challenge - nlp-sentiment-classification-mar2021-holdout

Round 5 Holdout DatasetThis is the holdout data used to construct and evaluate trojan detection software solutions. This data, generated at NIST, consists of natural language processing (NLP) AIs trained to perform text sentiment classification on English text. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers. This dataset consists of 504 adversarially trained, sentiment classification AI models using a small set of model architectures. The models were trained on text data drawn from movie and product reviews. Half (50%) of the models have been poisoned with an embedded trigger which causes misclassification of the images when the trigger is present. Errata: The following models were contaminated during dataset packaging. This caused nominally clean models to have a trigger. Please avoid using these models. Due to the similarity between the Round5 and Round6 datasets (both contain similarly trained sentiment classification AI models), the dataset authors suggest ignoring the Round5 data and only using the Round6 dataset. Corrupted Models: [id-00000000, id-00000019, id-00000033, id-00000084, id-00000087, id-00000104, id-00000146, id-00000148, id-00000167, id-00000212, id-00000221, id-00000230, id-00000233, id-00000237, id-00000239, id-00000246, id-00000281, id-00000284, id-00000288, id-00000295, id-00000302, id-00000303, id-00000310, id-00000343, id-00000349, id-00000351, id-00000361, id-00000366, id-00000367, id-00000369, id-00000371, id-00000376, id-00000407, id-00000418, id-00000423, id-00000425, id-00000428, id-00000439]

About this Dataset

Updated: 2024-02-22
Metadata Last Updated: 2021-03-26 00:00:00
Date Created: N/A
Data Provided by:
Dataset Owner: N/A

Access this data

Contact dataset owner Access URL
Landing Page URL
Table representation of structured data
Title Trojan Detection Software Challenge - nlp-sentiment-classification-mar2021-holdout
Description Round 5 Holdout DatasetThis is the holdout data used to construct and evaluate trojan detection software solutions. This data, generated at NIST, consists of natural language processing (NLP) AIs trained to perform text sentiment classification on English text. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers. This dataset consists of 504 adversarially trained, sentiment classification AI models using a small set of model architectures. The models were trained on text data drawn from movie and product reviews. Half (50%) of the models have been poisoned with an embedded trigger which causes misclassification of the images when the trigger is present. Errata: The following models were contaminated during dataset packaging. This caused nominally clean models to have a trigger. Please avoid using these models. Due to the similarity between the Round5 and Round6 datasets (both contain similarly trained sentiment classification AI models), the dataset authors suggest ignoring the Round5 data and only using the Round6 dataset. Corrupted Models: [id-00000000, id-00000019, id-00000033, id-00000084, id-00000087, id-00000104, id-00000146, id-00000148, id-00000167, id-00000212, id-00000221, id-00000230, id-00000233, id-00000237, id-00000239, id-00000246, id-00000281, id-00000284, id-00000288, id-00000295, id-00000302, id-00000303, id-00000310, id-00000343, id-00000349, id-00000351, id-00000361, id-00000366, id-00000367, id-00000369, id-00000371, id-00000376, id-00000407, id-00000418, id-00000423, id-00000425, id-00000428, id-00000439]
Modified 2021-03-26 00:00:00
Publisher Name National Institute of Standards and Technology
Contact mailto:[email protected]
Keywords Trojan Detection; Artificial Intelligence; AI; Machine Learning; Adversarial Machine Learning;
{
    "identifier": "ark:\/88434\/mds2-2385",
    "accessLevel": "public",
    "contactPoint": {
        "hasEmail": "mailto:[email protected]",
        "fn": "Michael Paul Majurski"
    },
    "programCode": [
        "006:045"
    ],
    "landingPage": "https:\/\/data.nist.gov\/od\/id\/mds2-2385",
    "title": "Trojan Detection Software Challenge - nlp-sentiment-classification-mar2021-holdout",
    "description": "Round 5 Holdout DatasetThis is the holdout data used to construct and evaluate trojan detection software solutions. This data, generated at NIST, consists of natural language processing (NLP) AIs trained to perform text sentiment classification on English text. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers. This dataset consists of 504 adversarially trained, sentiment classification AI models using a small set of model architectures. The models were trained on text data drawn from movie and product reviews. Half (50%) of the models have been poisoned with an embedded trigger which causes misclassification of the images when the trigger is present. Errata: The following models were contaminated during dataset packaging. This caused nominally clean models to have a trigger. Please avoid using these models. Due to the similarity between the Round5 and Round6 datasets (both contain similarly trained sentiment classification AI models), the dataset authors suggest ignoring the Round5 data and only using the Round6 dataset. Corrupted Models: [id-00000000, id-00000019, id-00000033, id-00000084, id-00000087, id-00000104, id-00000146, id-00000148, id-00000167, id-00000212, id-00000221, id-00000230, id-00000233, id-00000237, id-00000239, id-00000246, id-00000281, id-00000284, id-00000288, id-00000295, id-00000302, id-00000303, id-00000310, id-00000343, id-00000349, id-00000351, id-00000361, id-00000366, id-00000367, id-00000369, id-00000371, id-00000376, id-00000407, id-00000418, id-00000423, id-00000425, id-00000428, id-00000439]",
    "language": [
        "en"
    ],
    "distribution": [
        {
            "accessURL": "https:\/\/drive.google.com\/drive\/folders\/1g0mUpE9RHlGINvtCXAvfcfc7qKSYtOoK?usp=drive_link",
            "title": "nlp-sentiment-classification-mar2021-holdout"
        }
    ],
    "bureauCode": [
        "006:55"
    ],
    "modified": "2021-03-26 00:00:00",
    "publisher": {
        "@type": "org:Organization",
        "name": "National Institute of Standards and Technology"
    },
    "theme": [
        "Information Technology:Software research",
        "Information Technology:Cybersecurity",
        "Information Technology:Computational science"
    ],
    "keyword": [
        "Trojan Detection; Artificial Intelligence; AI; Machine Learning; Adversarial Machine Learning;"
    ]
}