Challenge Round 0 (Dry Run) Test Dataset

This dataset was an initial test harness infrastructure test for the TrojAI program. It should not be used for research. Please use the more refined datasets generated for the other rounds. The data being generated and disseminated is training, validation, and test data used to construct trojan detection software solutions. This data, generated at NIST, consists of human level AIs trained to perform a variety of tasks (image classification, natural language processing, etc.). A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers. This dataset consists of 200 trained, human level, image classification AI models using the following architectures (Inception-v3, DenseNet-121, and ResNet50). The models were trained on synthetically created image data of non-real traffic signs superimposed on road background scenes. Half (50%) of the models have been poisoned with an embedded trigger which causes misclassification of the images when the trigger is present.

Data and Resources

Field Value
accessLevel public
accrualPeriodicity irregular
bureauCode {006:55}
catalog_@context https://project-open-data.cio.gov/v1.1/schema/data.json
catalog_conformsTo https://project-open-data.cio.gov/v1.1/schema
catalog_describedBy https://project-open-data.cio.gov/v1.1/schema/catalog.json
identifier ark:/88434/mds2-2175
issued 2020-02-07
landingPage https://data.nist.gov/od/id/mds2-2175
language {en}
license https://www.nist.gov/open/license
modified 2020-02-04 00:00:00
programCode {006:045}
publisher National Institute of Standards and Technology
resource-type Dataset
source_datajson_identifier true
source_hash 2662e960cc473913b136f94d56c106b9bc19ccdf
source_schema_version 1.1
theme {"Information Technology:Computational science","Information Technology:Software research"}
Groups
  • AmeriGEOSS
  • National Provider
  • North America
Tags
  • adversarial-machine-learning
  • ai
  • amerigeo
  • amerigeoss
  • artificial-intelligence
  • ckan
  • geo
  • geoss
  • machine-learning
  • national
  • north-america
  • trojan-detection
  • united-states
isopen False
license_id other-license-specified
license_title other-license-specified
maintainer Michael Paul Majurski
maintainer_email michael.majurski@nist.gov
metadata_created 2025-11-22T10:16:09.907752
metadata_modified 2025-11-22T10:16:09.907755
notes This dataset was an initial test harness infrastructure test for the TrojAI program. It should not be used for research. Please use the more refined datasets generated for the other rounds. The data being generated and disseminated is training, validation, and test data used to construct trojan detection software solutions. This data, generated at NIST, consists of human level AIs trained to perform a variety of tasks (image classification, natural language processing, etc.). A known percentage of these trained AI models have been poisoned with a known trigger which induces incorrect behavior. This data will be used to develop software solutions for detecting which trained AI models have been poisoned via embedded triggers. This dataset consists of 200 trained, human level, image classification AI models using the following architectures (Inception-v3, DenseNet-121, and ResNet50). The models were trained on synthetically created image data of non-real traffic signs superimposed on road background scenes. Half (50%) of the models have been poisoned with an embedded trigger which causes misclassification of the images when the trigger is present.
num_resources 3
num_tags 13
title Challenge Round 0 (Dry Run) Test Dataset