Detect, simulate, and defend against training data poisoning attacks
NullSec DataPoisoning provides tools for detecting and simulating data poisoning attacks against machine learning pipelines. It implements backdoor injection (BadNets, Trojaning), clean-label attacks, and gradient-based poisoning, alongside detection methods like spectral signatures, activation clustering, and STRIP.
| Feature | Description |
|---|---|
| Backdoor Injection | BadNets, Trojan, blend, and warp triggers |
| Clean-Label Attacks | Feature collision, convex polytope, Witches' Brew |
| Detection Engine | Spectral signatures, activation clustering, STRIP |
| Neural Cleanse | Reverse-engineer trigger patterns from poisoned models |
| Dataset Audit | Scan datasets for anomalous samples and label flips |
| Pipeline Scanner | Audit ML pipelines for poisoning entry points |
| Technique | Category | Type |
|---|---|---|
| BadNets | Backdoor | Attack |
| Trojan Attack | Backdoor | Attack |
| Clean-Label FC | Poisoning | Attack |
| Witches' Brew | Poisoning | Attack |
| Spectral Signatures | Statistical | Defence |
| Activation Clustering | Neural | Defence |
| STRIP | Runtime | Defence |
| Neural Cleanse | Reverse Engineering | Defence |
# Scan a dataset for poisoning indicators
nullsec-datapoisoning scan --dataset training_data/ --model model.pt
# Simulate backdoor attack
nullsec-datapoisoning inject --dataset clean.csv --trigger patch --target-label 0 --poison-rate 0.01
# Run Neural Cleanse detection
nullsec-datapoisoning cleanse --model suspect_model.pt --num-classes 10
# Audit an ML pipeline config
nullsec-datapoisoning audit --pipeline pipeline.yaml| Project | Description |
|---|---|
| nullsec-adversarial | Adversarial ML attack toolkit |
| nullsec-modelaudit | ML model security auditing |
| nullsec-llmred | LLM red-teaming framework |
| nullsec-promptinject | Prompt injection payloads |
| nullsec-linux | Security Linux distro (140+ tools) |
For authorized ML security research only. Poisoning production training data without authorization is illegal.
MIT License β @bad-antics
Part of the NullSec AI/ML Security Suite