This collection of AI models consists of the trained yet unreleased models constructed for the TrojAI program. These models were not required for the published round they come from for some reason. Some were simply extras, others did not meet the release criteria for accuracy or trojan attack success rate, or other reasons. These models should not be considered high quality. They might be poorly trained and unfit for their stated purpose. Examine the metadata released with each model to determine whether you can leverage it.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of RL agents operating in the Safety Gymnasium environment. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting that trigger behavior in the trained AI models.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of instruction fine tuned LLMs. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for mitigating that trigger behavior in the trained AI models.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of instruction fine tuned LLMs. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting that trigger behavior in the trained AI models.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of models trained to predict whether code from public git repositories would survive in its branch for one month or more as a quantifiable proxy for code quality. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting that trigger behavior in the trained AI models.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of RL agents operating in the Colorful Memory environment. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting that trigger behavior in the trained AI models.

This is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of malware packer classification AIs. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for mitigating/removing that trigger behavior from the trained AI models.

mitigation-image-classification-jun2024-train datasetThis is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of image classification AIs. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for mitigating/removing that trigger behavior from the trained AI models. This dataset consists of 288 AI models using a small set of model architectures.

TrojAI llm-pretrain-apr2024 Train DatasetThis is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists Llama2 Large Language Models refined using fine-tuning and LoRA to perform next token prediction. A known percentage of these trained AI models have been poisoned with triggers which induces modified behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers into the model weights.

TrojAI cyber-network-c2-mar2024 Train DatasetThis is the training data used to create and evaluate trojan detection software solutions. This data, generated at NIST, consists of ResNet18 and ResNet34 neural network models that classify botnet command and control (c2) and benign network traffic packets trained on the USTC-TFC2016 dataset. A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers.