A Complete List of All (arXiv) Adversarial Example Papers
There's also an RSS Feed if that's more of your thing.
by Nicholas Carlini 2019-06-15
It can be hard to stay up-to-date on the published papers in the field of adversarial examples, where we have seen massive growth in the number of papers written each year. I have been somewhat religiously keeping track of these papers for the last few years, and realized it may be helpful for others to release this list.
The only requirement I used for selecting papers for this list is that it is primarily a paper about adversarial examples, or extensively uses adversarial examples. Due to the sheer quantity of papers, I can't guarantee that I actually have found all of them.
But I did try.
I also may have included papers that don't match these criteria (and are about something different instead), or made inconsistent judgement calls as to whether or not any given paper is mainly an adversarial example paper. Send me an email if something is wrong and I'll correct it.
As a result, this list is completely un-filtered. Everything that mainly presents itself as an adversarial example paper is listed here; I pass no judgement of quality. For a curated list of papers that I think are excellent and worth reading, see the Adversarial Machine Learning Reading List.
One final note about the data. This list automatically updates with new papers, even before I get a chance to manually filter through them. I do this filtering roughly twice a week, and it's then that I'll remove the ones that aren't related to adversarial examples. As a result, there may be some false positives on the most recent few entries. The new un-verified entries will have a probability indicated that my simplistic (but reasonably well calibrated) bag-of-words classifier believes the given paper is actually about adversarial examples.
The full paper list appears below. I've also released a TXT file (and a TXT file with abstracts) and a JSON file with the same data. If you do anything interesting with this data I'd be happy to hear from you what it was.
Paper List
2025-07-10
SCOOTER: A Human Evaluation Framework for Unrestricted Adversarial Examples. (99%)
TRIX- Trading Adversarial Fairness via Mixed Adversarial Training. (99%)
One Object, Multiple Lies: A Benchmark for Cross-task Adversarial Attack on Unified Vision-Language Models. (98%)
Defending Against Prompt Injection With a Few DefensiveTokens. (81%)
Identifying the Smallest Adversarial Load Perturbations that Render DC-OPF Infeasible. (81%)
May I have your Attention? Breaking Fine-Tuning based Prompt Injection Defenses using Architecture-Aware Attacks. (68%)
When Graph Contrastive Learning Backfires: Spectral Vulnerability and Defense in Recommendation. (3%)
Algorithmic Complexity Attacks on All Learned Cardinality Estimators: A Data-centric Approach. (3%)
Rethinking the Privacy of Text Embeddings: A Reproducibility Study of "Text Embeddings Reveal (Almost) As Much As Text". (1%)
2025-07-09
Exploiting Edge Features for Transferable Adversarial Attacks in Distributed Machine Learning. (99%)
Robust and Safe Traffic Sign Recognition using N-version with Weighted Voting. (98%)
IAP: Invisible Adversarial Patch Attack through Perceptibility-Aware Localization and Perturbation Optimization. (92%)
Image Can Bring Your Memory Back: A Novel Multi-Modal Guided Attack against Image Generation Model Unlearning. (50%)
On the Robustness of Verbal Confidence of LLMs in Adversarial Attacks. (13%)
VisualTrap: A Stealthy Backdoor Attack on GUI Agents via Visual Grounding Manipulation. (13%)
The Dark Side of LLMs Agent-based Attacks for Complete Computer Takeover. (10%)
Unifying Re-Identification, Attribute Inference, and Data Reconstruction Risks in Differential Privacy. (1%)
2025-07-08
ScoreAdv: Score-based Targeted Generation of Natural Adversarial Examples via Diffusion Models. (99%)
DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective. (98%)
Reward Models Can Improve Themselves: Reward-Guided Adversarial Failure Mode Discovery for Robust Reward Modeling. (84%)
CAVGAN: Unifying Jailbreak and Defense of LLMs via Generative Adversarial Attacks on their Internal Representations. (67%)
RabakBench: Scaling Human Annotations to Construct Localized Multilingual Safety Benchmarks for Low-Resource Languages. (64%)
AR2: Attention-Guided Repair for the Robustness of CNNs Against Common Corruptions. (56%)
The bitter lesson of misuse detection. (10%)
How Not to Detect Prompt Injections with an LLM. (10%)
TuneShield: Mitigating Toxicity in Conversational AI while Fine-tuning on Untrusted Data. (1%)
MEF: A Capability-Aware Multi-Encryption Framework for Evaluating Vulnerabilities in Black-Box Large Language Models. (1%)
2025-07-07
Gemini 2.5: Pushing the Frontier with Advanced Reasoning, Multimodality, Long Context, and Next Generation Agentic Capabilities. (99%)
Towards Clean-Label Backdoor Attacks in the Physical World. (98%)
CLIP-Guided Backdoor Defense through Entropy-Based Poisoned Dataset Separation. (76%)
Attacker's Noise Can Manipulate Your Audio-based LLM in the Real World. (54%)
Phantom Subgroup Poisoning: Stealth Attacks on Federated Recommender Systems. (26%)
Robustifying 3D Perception through Least-Squares Multi-Agent Graphs Object Tracking. (15%)
Bit-Flip Fault Attack: Crushing Graph Neural Networks via Gradual Bit Search. (13%)
The Hidden Threat in Plain Text: Attacking RAG Data Loaders. (13%)
Losing Control: Data Poisoning Attack on Guided Diffusion via ControlNet. (11%)
Beyond Training-time Poisoning: Component-level and Post-training Backdoors in Deep Reinforcement Learning. (10%)
Disappearing Ink: Obfuscation Breaks N-gram Code Watermarks in Theory and Practice. (5%)
Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack. (2%)
BackFed: An Efficient & Standardized Benchmark Suite for Backdoor Attacks in Federated Learning. (2%)
Response Attack: Exploiting Contextual Priming to Jailbreak Large Language Models. (1%)
2025-07-06
Tail-aware Adversarial Attacks: A Distributional Approach to Efficient LLM Jailbreaking. (81%)
Attention Slipping: A Mechanistic Understanding of Jailbreak Attacks and Defenses in LLMs. (62%)
Towards integration of Privacy Enhancing Technologies in Explainable Artificial Intelligence. (31%)
Hijacking JARVIS: Benchmarking Mobile GUI Agents against Unprivileged Third Parties. (2%)
Selective Prediction via Training Dynamics. (1%)
2025-07-05
False Alarms, Real Damage: Adversarial Attacks Using LLM-based Models on Text-based Cyber Threat Intelligence Systems. (88%)
Hierarchical Testing with Rabbit Optimization for Industrial Cyber-Physical Systems. (78%)
Enhancing Robustness of LLM-Driven Multi-Agent Systems through Randomized Smoothing. (74%)
LoRAShield: Data-Free Editing Alignment for Secure Personalized LoRA Sharing. (41%)
When Data-Free Knowledge Distillation Meets Non-Transferable Teacher: Escaping Out-of-Distribution Trap is All You Need. (16%)
A Survey on Proactive Defense Strategies Against Misinformation in Large Language Models. (11%)
2025-07-04
Rectifying Adversarial Sample with Low Entropy Prior for Test-Time Defense. (98%)
Evaluating the Evaluators: Trust in Adversarial Robustness Tests. (96%)
When There Is No Decoder: Removing Watermarks from Stable Diffusion Models in a No-box Setting. (86%)
Action Robust Reinforcement Learning via Optimal Adversary Aware Policy Optimization. (9%)
On Jailbreaking Quantized Language Models Through Fault Injection Attacks. (8%)
Exploring Robustness of LLMs to Paraphrasing Based on Sociodemographic Factors. (5%)
2025-07-03
Robustness of Misinformation Classification Systems to Adversarial Examples Through BeamAttack. (99%)
De-AntiFake: Rethinking the Protective Perturbations Against Voice Cloning Attacks. (97%)
On the Adversarial Robustness of Graph Neural Networks with Graph Reduction. (78%)
On the Mathematical Impossibility of Safe Universal Approximators. (56%)
Meta SecAlign: A Secure Foundation LLM Against Prompt Injection Attacks. (26%)
StructTransform: A Scalable Attack Surface for Safety-Aligned Large Language Models. (16%)
Quantifying Classifier Utility under Local Differential Privacy. (11%)
Adopting a human developmental visual diet yields robust, shape-based AI vision. (10%)
Is Reasoning All You Need? Probing Bias in the Age of Reasoning Language Models. (3%)
Adversarial Manipulation of Reasoning Models using Internal Representations. (1%)
Early Signs of Steganographic Capabilities in Frontier LLMs. (1%)
The Evolution of Dataset Distillation: Toward Scalable and Generalizable Solutions. (1%)
2025-07-02
Boosting Adversarial Transferability Against Defenses via Multi-Scale Transformation. (99%)
3D Gaussian Splatting Driven Multi-View Robust Physical Adversarial Camouflage Generation. (98%)
DARTS: A Dual-View Attack Framework for Targeted Manipulation in Federated Sequential Recommendation. (68%)
Graph Representation-based Model Poisoning on Federated LLMs in CyberEdge Networks. (50%)
ICLShield: Exploring and Mitigating In-Context Learning Backdoor Attacks. (13%)
SafePTR: Token-Level Jailbreak Defense in Multimodal LLMs via Prune-then-Restore Mechanism. (12%)
Backdooring Bias (B^2) into Stable Diffusion Models. (9%)
Are Vision Transformer Representations Semantically Meaningful? A Case Study in Medical Imaging. (2%)
Towards Better Attribute Inference Vulnerability Measures. (1%)
2025-07-01
BadViM: Backdoor Attack against Vision Mamba. (69%)
CAVALRY-V: A Large-Scale Generator Framework for Adversarial Attacks on Video MLLMs. (47%)
Find a Scapegoat: Poisoning Membership Inference Attack and Defense to Federated Learning. (41%)
Reasoning as an Adaptive Defense for Safety. (31%)
Cage-Based Deformation for Transferable and Undefendable Point Cloud Attack. (26%)
SCING:Towards More Efficient and Robust Person Re-Identification through Selective Cross-modal Prompt Tuning. (2%)
Posterior Inference in Latent Space for Scalable Constrained Black-box Optimization. (1%)
2025-06-30
PBCAT: Patch-based composite adversarial training against physically realizable attacks on object detection. (99%)
Concept-based Adversarial Attack: a Probabilistic Perspective. (99%)
Consensus-based optimization for closed-box adversarial attacks and a connection to evolution strategies. (81%)
A Unified Framework for Stealthy Adversarial Generation via Latent Optimization and Transferability Enhancement. (81%)
STACK: Adversarial Attacks on LLM Safeguard Pipelines. (54%)
Poisoning Attacks to Local Differential Privacy for Ranking Estimation. (38%)
Improving vulnerability type prediction and line-level detection via adversarial training-based data augmentation and multi-task learning. (13%)
Quickest Detection of Adversarial Attacks Against Correlated Equilibria. (4%)
AutoEvoEval: An Automated Framework for Evolving Close-Ended LLM Evaluation Data. (3%)
SQUASH: A SWAP-Based Quantum Attack to Sabotage Hybrid Quantum Neural Networks. (2%)
Spurious-Aware Prototype Refinement for Reliable Out-of-Distribution Detection. (1%)
Breaking Out from the TESSERACT: Reassessing ML-based Malware Detection under Spatio-Temporal Drift. (1%)
A Scalable Approach for Safe and Robust Learning via Lipschitz-Constrained Networks. (1%)
The Singapore Consensus on Global AI Safety Research Priorities. (1%)
2025-06-29
From Prompt Injections to Protocol Exploits: Threats in LLM-Powered AI Agents Workflows. (16%)
MedLeak: Multimodal Medical Data Leakage in Secure Federated Learning with Crafted Models. (12%)
Trident: Detecting Face Forgeries with Adversarial Triplet Learning. (1%)
BAPE: Learning an Explicit Bayes Classifier for Long-tailed Visual Recognition. (1%)
2025-06-28
Revisiting CroPA: A Reproducibility Study and Enhancements for Cross-Prompt Adversarial Transferability in Vision-Language Models. (99%)
Kill Two Birds with One Stone! Trajectory enabled Unified Online Detection of Adversarial Examples and Backdoor Attacks. (98%)
Smaller = Weaker? Benchmarking Robustness of Quantized LLMs in Code Generation. (22%)
Concept Pinpoint Eraser for Text-to-image Diffusion Models via Residual Attention Gate. (3%)
2025-06-27
On the Feasibility of Poisoning Text-to-Image AI Models via Adversarial Mislabeling. (99%)
Are Fast Methods Stable in Adversarially Robust Transfer Learning? (96%)
Advancing Jailbreak Strategies: A Hybrid Approach to Exploiting LLM Vulnerabilities and Bypassing Modern Defenses. (81%)
MetaCipher: A General and Extensible Reinforcement Learning Framework for Obfuscation-Based Jailbreak Attacks on Black-Box LLMs. (75%)
Adversarial Threats in Quantum Machine Learning: A Survey of Attacks and Defenses. (13%)
GRASP-PsONet: Gradient-based Removal of Spurious Patterns for PsOriasis Severity Classification. (8%)
EXPRTS: Exploring and Probing the Robustness of Time Series Forecasting Models. (1%)
2025-06-26
Boosting Generative Adversarial Transferability with Self-supervised Vision Transformer Features. (98%)
Generative Adversarial Evasion and Out-of-Distribution Detection for UAV Cyber-Attacks. (98%)
Curriculum-Guided Antifragile Reinforcement Learning for Secure UAV Deconfliction under Observation-Space Attacks. (89%)
Robust Policy Switching for Antifragile Reinforcement Learning for UAV Deconfliction in Adversarial Environments. (82%)
SPA: Towards More Stealth and Persistent Backdoor Attacks in Federated Learning. (75%)
Devil's Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols. (68%)
A Survey on Model Extraction Attacks and Defenses for Large Language Models. (10%)
PhishKey: A Novel Centroid-Based Approach for Enhanced Phishing Detection Using Adaptive HTML Component Extraction. (1%)
2025-06-25
Universal and Efficient Detection of Adversarial Data through Nonuniform Impact on Network Layers. (99%)
Poster: Enhancing GNN Robustness for Network Intrusion Detection via Agent-based Analysis. (98%)
Vulnerability Disclosure through Adaptive Black-Box Adversarial Attacks on NIDS. (97%)
SABRE-FL: Selective and Accurate Backdoor Rejection for Federated Prompt Learning. (68%)
On Convolutions, Intrinsic Dimension, and Diffusion Models. (50%)
Autonomous Cyber Resilience via a Co-Evolutionary Arms Race within a Fortified Digital Twin Sandbox. (11%)
Hear No Evil: Detecting Gradient Leakage by Malicious Servers in Federated Learning. (8%)
Bounding-box Watermarking: Defense against Model Extraction Attacks on Object Detectors. (5%)
Multimodal Representation Learning and Fusion. (4%)
Adversarial Reasoning at Jailbreaking Time. (3%)
2025-06-24
Adversarial Attacks on Deep Learning-Based False Data Injection Detection in Differential Relays. (99%)
Unified Neural Backdoor Removal with Only Few Clean Samples through Unlearning and Relearning. (76%)
Fuzz-Testing Meets LLM-Based Agents: An Automated and Efficient Framework for Jailbreaking Text-To-Image Generation Models. (73%)
Retrieval-Confused Generation is a Good Defender for Privacy Violation Attack of Large Language Models. (67%)
Towards Robust Stability Prediction in Smart Grids: GAN-based Approach under Data Constraints and Adversarial Challenges. (62%)
Assessing Risk of Stealing Proprietary Models for Medical Imaging Tasks. (22%)
Holmes: Towards Effective and Harmless Model Ownership Verification to Personalized Large Vision Models via Decoupling Common Features. (11%)
Robust Behavior Cloning Via Global Lipschitz Regularization. (5%)
Network Structures as an Attack Surface: Topology-Based Privacy Leakage in Federated Learning. (2%)
Model Guidance via Robust Feature Attribution. (1%)
2025-06-23
Amplifying Machine Learning Attacks Through Strategic Compositions. (99%)
DUMB and DUMBer: Is Adversarial Training Worth It in the Real World? (99%)
Sharpening the Spear: Adaptive Expert-Guided Adversarial Attack Against DRL-based Autonomous Driving Policies. (98%)
SpaNN: Detecting Multiple Adversarial Patches on CNNs by Spanning Saliency Thresholds. (98%)
Semantic Structure-Aware Generative Attacks for Enhanced Adversarial Transferability. (98%)
Security Assessment of DeepSeek and GPT Series Models against Jailbreak Attacks. (22%)
NIC-RobustBench: A Comprehensive Open-Source Toolkit for Neural Image Compression and Robustness Analysis. (8%)
VideoMark: A Distortion-Free Robust Watermarking Framework for Video Diffusion Models. (2%)
Enhancing Security in LLM Applications: A Performance Evaluation of Early Detection Systems. (1%)
2025-06-22
DRO-Augment Framework: Robustness by Synergizing Wasserstein Distributionally Robust Optimization and Data Augmentation. (98%)
An Attack Method for Medical Insurance Claim Fraud Detection based on Generative Adversarial Network. (75%)
Effective Red-Teaming of Policy-Adherent Agents. (22%)
2025-06-21
Optimization-Free Patch Attack on Stereo Depth Estimation. (93%)
Exploiting Efficiency Vulnerabilities in Dynamic Deep Learning Systems. (41%)
2025-06-20
Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis via Intermediate Representation and Language Model. (87%)
Robust Training with Data Augmentation for Medical Imaging Classification. (83%)
CUBA: Controlled Untargeted Backdoor Attack against Deep Neural Networks. (75%)
Cross-Modal Obfuscation for Jailbreak Attacks on Large Vision-Language Models. (68%)
FDLLM: A Dedicated Detector for Black-Box LLMs Fingerprinting. (61%)
Stretching Beyond the Obvious: A Gradient-Free Framework to Unveil the Hidden Landscape of Visual Invariance. (56%)
MIST: Jailbreaking Black-box Large Language Models via Iterative Semantic Tuning. (47%)
DepthVanish: Optimizing Adversarial Interval Structures for Stereo-Depth-Invisible Patches. (47%)
LAION-C: An Out-of-Distribution Benchmark for Web-Scale Vision Models. (4%)
Navigating the Deep: Signature Extraction on Deep Neural Networks. (2%)
Loupe: A Generalizable and Adaptive Framework for Image Forgery Detection. (1%)
Large Language Model Unlearning for Source Code. (1%)
2025-06-19
Adversarial Attacks and Detection in Visual Place Recognition for Safer Robot Navigation. (99%)
MBA: Multimodal Bidirectional Attack for Referring Expression Segmentation Models. (99%)
KCES: Training-Free Defense for Robust Graph Neural Networks via Kernel Complexity. (98%)
Distributional Adversarial Loss. (96%)
DrunkAgent: Stealthy Memory Corruption in LLM-Powered Recommender Agents. (81%)
Screen Hijack: Visual Poisoning of VLM Agents in Mobile Environments. (78%)
Probe before You Talk: Towards Black-box Defense against Backdoor Unalignment for Large Language Models. (69%)
Robustness Evaluation of OCR-based Visual Document Understanding under Multi-Modal Adversarial Attacks. (54%)
Probing the Robustness of Large Language Models Safety to Latent Perturbations. (13%)
Black-Box Privacy Attacks on Shared Representations in Multitask Learning. (13%)
SecureFed: A Two-Phase Framework for Detecting Malicious Clients in Federated Learning. (8%)
2025-06-18
VLMInferSlow: Evaluating the Efficiency Robustness of Large Vision-Language Models as a Service. (96%)
Pixel-level Certified Explanations via Randomized Smoothing. (82%)
LoX: Low-Rank Extrapolation Robustifies LLM Safety Against Fine-tuning. (22%)
PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset. (22%)
Sysformer: Safeguarding Frozen Large Language Models with Adaptive System Prompts. (10%)
Context manipulation attacks : Web agents are susceptible to corrupted memory. (9%)
Offensive Robot Cybersecurity. (2%)
2025-06-17
Busting the Paper Ballot: Voting Meets Adversarial Machine Learning. (99%)
Doppelg\"anger Method: Breaking Role Consistency in LLM Agent via Prompt-based Transferable Adversarial Attack. (86%)
Excessive Reasoning Attack on Reasoning LLMs. (33%)
OS-Harm: A Benchmark for Measuring Safety of Computer Use Agents. (3%)
LLM Jailbreak Oracle. (1%)
RL-Obfuscation: Can Language Models Learn to Evade Latent-Space Monitors? (1%)
2025-06-16
Navigating the Black Box: Leveraging LLMs for Effective Text-Level Graph Injection Attacks. (69%)
CertDW: Towards Certified Dataset Ownership Verification via Conformal Prediction. (22%)
Unlearning-Enhanced Website Fingerprinting Attack: Against Backdoor Poisoning in Anonymous Networks. (15%)
Weakest Link in the Chain: Security Vulnerabilities in Advanced Reasoning Models. (8%)
2025-06-15
Active Adversarial Noise Suppression for Image Forgery Localization. (99%)
Intriguing Frequency Interpretation of Adversarial Robustness for CNNs and ViTs. (93%)
Position: Certified Robustness Does Not (Yet) Imply Model Security. (70%)
Constraint-Guided Prediction Refinement via Deterministic Diffusion Trajectories. (33%)
The Safety Reminder: A Soft Prompt to Reactivate Delayed Safety Awareness in Vision-Language Models. (10%)
Rethinking Explainability in the Era of Multimodal AI. (1%)
2025-06-14
Alphabet Index Mapping: Jailbreaking LLMs through Semantic Dissimilarity. (92%)
On the existence of consistent adversarial attacks in high-dimensional linear classification. (91%)
Second Order State Hallucinations for Adversarial Attack Mitigation in Formation Control of Multi-Agent Systems. (86%)
NAP-Tuning: Neural Augmented Prompt Tuning for Adversarially Robust Vision-Language Models. (82%)
InverTune: Removing Backdoors from Multimodal Contrastive Learning Models via Trigger Inversion and Activation Tuning. (80%)
SecurityLingua: Efficient Defense of LLM Jailbreak Attacks via Security-Aware Prompt Compression. (76%)
Pushing the Limits of Safety: A Technical Report on the ATLAS Challenge 2025. (70%)
Existence of Adversarial Examples for Random Convolutional Networks via Isoperimetric Inequalities on $\mathbb{so}(d)$. (50%)
Image Corruption-Inspired Membership Inference Attacks against Large Vision-Language Models. (15%)
Step-by-Step Reasoning Attack: Revealing 'Erased' Knowledge in Large Language Models. (2%)
Exploring the Secondary Risks of Large Language Models. (2%)
Exploiting AI for Attacks: On the Interplay between Adversarial AI and Offensive AI. (1%)
2025-06-13
Vision Transformer with Adversarial Indicator Token against Adversarial Attacks in Radio Signal Classifications. (99%)
A Neural Rejection System Against Universal Adversarial Perturbations in Radio Signal Classification. (99%)
Attention-based Adversarial Robust Distillation in Radio Signal Classifications for Low-Power IoT Devices. (99%)
TrustGLM: Evaluating the Robustness of GraphLLMs Against Prompt, Text, and Structure Attacks. (98%)
On the Natural Robustness of Vision-Language Models Against Visual Perception Attacks in Autonomous Driving. (92%)
Investigating Vulnerabilities and Defenses Against Audio-Visual Attacks: A Comprehensive Survey Emphasizing Multimodal Models. (83%)
Improving Large Language Model Safety with Contrastive Representation Learning. (75%)
InfoFlood: Jailbreaking Large Language Models with Information Overload. (47%)
DRIFT: Dynamic Rule-Based Defense with Injection Isolation for Securing LLM Agents. (47%)
Machine Unlearning for Robust DNNs: Attribution-Guided Partitioning and Neuron Pruning in Noisy Environments. (33%)
EgoPrivacy: What Your First-Person Camera Says About You? (1%)
Learning Causality for Modern Machine Learning. (1%)
2025-06-12
Boosting Adversarial Transferability for Hyperspectral Image Classification Using 3D Structure-invariant Transformation and Intermediate Feature Distance. (99%)
Unsourced Adversarial CAPTCHA: A Bi-Phase Adversarial CAPTCHA Framework. (99%)
TED-LaST: Towards Robust Backdoor Defense Against Adaptive Attacks. (98%)
Assessing the Resilience of Automotive Intrusion Detection Systems to Adversarial Manipulation. (93%)
ObfusBFA: A Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks. (70%)
Monitoring Decomposition Attacks in LLMs with Lightweight Sequential Monitors. (68%)
Lattice Climber Attack: Adversarial attacks for randomized mixtures of classifiers. (54%)
Deception Against Data-Driven Linear-Quadratic Control. (16%)
Efficiency Robustness of Dynamic Deep Learning Systems. (12%)
ME: Trigger Element Combination Backdoor Attack on Copyright Infringement. (10%)
Starting Positions Matter: A Study on Better Weight Initialization for Neural Network Quantization. (1%)
SOFT: Selective Data Obfuscation for Protecting LLM Fine-tuning against Membership Inference Attacks. (1%)
Bias Amplification in RAG: Poisoning Knowledge Retrieval to Steer LLMs. (1%)
Byzantine Outside, Curious Inside: Reconstructing Data Through Malicious Updates. (1%)
2025-06-11
A look at adversarial attacks on radio waveforms from discrete latent space. (99%)
LLMs Cannot Reliably Judge (Yet?): A Comprehensive Assessment on the Robustness of LLM-as-a-Judge. (92%)
GenBreak: Red Teaming Text-to-Image Generators Using Large Language Models. (87%)
Evasion Attacks Against Bayesian Predictive Models. (76%)
AngleRoCL: Angle-Robust Concept Learning for Physically View-Invariant T2I Adversarial Patches. (22%)
Apollo: A Posteriori Label-Only Membership Inference Attack Towards Machine Unlearning. (9%)
Token Constraint Decoding Improves Robustness on Question Answering for Large Language Models. (9%)
TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning. (2%)
2025-06-10
Adversarial Text Generation with Dynamic Contextual Perturbation. (99%)
Towards Robust Deep Reinforcement Learning against Environmental State Perturbation. (95%)
AdversariaL attacK sAfety aLIgnment(ALKALI): Safeguarding LLMs through GRACE: Geometric Representation-Aware Contrastive Enhancement- Introducing Adversarial Vulnerability Quality Index (AVQI). (92%)
PatchGuard: Adversarially Robust Anomaly Detection and Localization through Vision Transformers and Pseudo Anomalies. (82%)
One Patch to Rule Them All: Transforming Static Patches into Dynamic Attacks in the Physical World. (80%)
Adversarial Surrogate Risk Bounds for Binary Classification. (47%)
ASRJam: Human-Friendly AI Speech Jamming to Prevent Automated Phone Scams. (22%)
Towards Class-wise Fair Adversarial Training via Anti-Bias Soft Label Distillation. (22%)
DiffGradCAM: A Universal Class Activation Map Resistant to Adversarial Training. (13%)
Does Multimodal Large Language Model Truly Unlearn? Stealthy MLLM Unlearning Attack. (12%)
AsFT: Anchoring Safety During LLM Fine-Tuning Within Narrow Safety Basin. (1%)
Design Patterns for Securing LLM Agents against Prompt Injections. (1%)
WGLE:Backdoor-free and Multi-bit Black-box Watermarking for Graph Neural Networks. (1%)
2025-06-09
Adversarial Attack Classification and Robustness Testing for Large Language Models for Code. (99%)
Enhancing Adversarial Robustness with Conformal Prediction: A Framework for Guaranteed Model Reliability. (98%)
SHIELD: Secure Hypernetworks for Incremental Expansion Learning Defense. (83%)
Explore the vulnerability of black-box models via diffusion models. (76%)
Circumventing Backdoor Space via Weight Symmetry. (45%)
TokenBreak: Bypassing Text Classification Models Through Token Manipulation. (38%)
Your Agent Can Defend Itself against Backdoor Attacks. (38%)
Chasing Moving Targets with Online Self-Play Reinforcement Learning for Safer Language Models. (22%)
Are Trees Really Green? A Detection Approach of IoT Malware Attacks. (8%)
ProARD: progressive adversarial robustness distillation: provide wide range of robust students. (5%)
HeTa: Relation-wise Heterogeneous Graph Foundation Attack Model. (5%)
SPBA: Utilizing Speech Large Language Model for Backdoor Attacks on Speech Classification Models. (2%)
Evaluating LLMs Robustness in Less Resourced Languages with Proxy Models. (2%)
Statistical Hypothesis Testing for Auditing Robustness in Language Models. (1%)
Single-Node Trigger Backdoor Attacks in Graph-Based Recommendation Systems. (1%)
2025-06-08
Towards Interpretable Adversarial Examples via Sparse Adversarial Attack. (99%)
Boosting Adversarial Transferability via Commonality-Oriented Gradient Optimization. (99%)
Adversarial Paraphrasing: A Universal Attack for Humanizing AI-Generated Text. (98%)
D2R: dual regularization loss with collaborative adversarial generation for model robustness. (96%)
Backdoor Attack on Vision Language Models with Stealthy Semantic Manipulation. (50%)
Breaking the Reviewer: Assessing the Vulnerability of Large Language Models in Automated Peer Review Under Textual Adversarial Attacks. (15%)
Enhanced Consistency Bi-directional GAN(CBiGAN) for Malware Anomaly Detection. (1%)
From Static to Adaptive Defense: Federated Multi-Agent Deep Reinforcement Learning-Driven Moving Target Defense Against DoS Attacks in UAV Swarm Networks. (1%)
2025-06-07
Rewriting the Budget: A General Framework for Black-Box Attacks Under Cost Asymmetry. (99%)
KNN-Defense: Defense against 3D Adversarial Point Clouds using Nearest-Neighbor Search. (98%)
LADSG: Label-Anonymized Distillation and Similar Gradient Substitution for Label Privacy in Vertical Federated Learning. (68%)
Can In-Context Reinforcement Learning Recover From Reward Poisoning Attacks? (8%)
Fuse and Federate: Enhancing EV Charging Station Security with Multimodal Fusion and Federated Learning. (1%)
FREE: Fast and Robust Vision Language Models with Early Exits. (1%)
2025-06-06
Securing Traffic Sign Recognition Systems in Autonomous Vehicles. (98%)
Quantifying Adversarial Uncertainty in Evidential Deep Learning using Conflict Resolution. (67%)
SDN-Based False Data Detection With Its Mitigation and Machine Learning Robustness for In-Vehicle Networks. (56%)
Joint-GCG: Unified Gradient-Based Poisoning Attacks on Retrieval-Augmented Generation Systems. (47%)
To Protect the LLM Agent Against the Prompt Injection Attack with Polymorphic Prompt. (45%)
SATversary: Adversarial Attacks on Satellite Fingerprinting. (31%)
Simple Yet Effective: Extracting Private Data Across Clients in Federated Fine-Tuning of Large Language Models. (16%)
MCA-Bench: A Multimodal Benchmark for Evaluating CAPTCHA Robustness Against VLM-based Attacks. (10%)
Sample-Specific Noise Injection For Diffusion-Based Adversarial Purification. (9%)
What Really is a Member? Discrediting Membership Inference via Poisoning. (8%)
Stealix: Model Stealing via Prompt Evolution. (4%)
A Systematic Review of Poisoning Attacks Against Large Language Models. (2%)
Robust Learnability of Sample-Compressible Distributions under Noisy or Adversarial Perturbations. (2%)
Adapting Under Fire: Multi-Agent Reinforcement Learning for Adversarial Drift in Network Security. (2%)
AdvSumm: Adversarial Training for Bias Mitigation in Text Summarization. (1%)
Cyber Security of Sensor Systems for State Sequence Estimation: an AI Approach. (1%)
2025-06-05
Explainer-guided Targeted Adversarial Attacks against Binary Code Similarity Detection Models. (99%)
Exploring Adversarial Watermarking in Transformer-Based Models: Transferability and Robustness Against Defense Mechanism for Medical Images. (99%)
SRD: Reinforcement-Learned Semantic Perturbation for Backdoor Defense in VLMs. (92%)
Efficient Robust Conformal Prediction via Lipschitz-Bounded Networks. (86%)
Robustness as Architecture: Designing IQA Models to Withstand Adversarial Perturbations. (81%)
Identifying and Understanding Cross-Class Features in Adversarial Training. (68%)
Coordinated Robustness Evaluation Framework for Vision-Language Models. (54%)
Fool the Stoplight: Realistic Adversarial Patch Attacks on Traffic Light Detectors. (47%)
Invisible Backdoor Triggers in Image Editing Model via Deep Watermarking. (26%)
Robustness Evaluation for Video Models with Reinforcement Learning. (12%)
Why LLM Safety Guardrails Collapse After Fine-tuning: A Similarity Analysis Between Alignment and Fine-tuning Datasets. (12%)
Robust Few-Shot Vision-Language Model Adaptation. (8%)
Detection Method for Prompt Injection by Integrating Pre-trained Model and Heuristic Feature Engineering. (2%)
2025-06-04
Prediction Inconsistency Helps Achieve Generalizable Detection of Adversarial Examples. (99%)
RAID: A Dataset for Testing the Adversarial Robustness of AI-Generated Image Detectors. (99%)
Robustness of Prompting: Enhancing Robustness of Large Language Models Against Prompting Attacks. (98%)
Poisoning Behavioral-based Worker Selection in Mobile Crowdsensing using Generative Adversarial Networks. (93%)
DiffCAP: Diffusion-based Cumulative Adversarial Purification for Vision Language Models. (92%)
Through the Stealth Lens: Rethinking Attacks and Defenses in RAG. (81%)
Privacy and Security Threat for OpenAI GPTs. (67%)
BESA: Boosting Encoder Stealing Attack with Perturbation Recovery. (67%)
PRJ: Perception-Retrieval-Judgement for Generated Images. (1%)
Tournament Robustness via Redundancy. (1%)
2025-06-03
How stealthy is stealthy? Studying the Efficacy of Black-Box Adversarial Attacks in the Real World. (99%)
Dynamic Epsilon Scheduling: A Multi-Factor Adaptive Perturbation Budget for Adversarial Training. (99%)
Tarallo: Evading Behavioral Malware Detectors in the Problem Space. (98%)
Privacy Leaks by Adversaries: Adversarial Iterations for Membership Inference Attack. (98%)
On the Robustness of Tabular Foundation Models: Test-Time Attacks and In-Context Defenses. (96%)
Sylva: Tailoring Personalized Adversarial Defense in Pre-trained Models via Collaborative Fine-tuning. (95%)
Attacking Attention of Foundation Models Disrupts Downstream Tasks. (87%)
Poster: FedBlockParadox -- A Framework for Simulating and Securing Decentralized Federated Learning. (64%)
Robust Anti-Backdoor Instruction Tuning in LVLMs. (47%)
BitBypass: A New Direction in Jailbreaking Aligned Large Language Models with Bitstream Camouflage. (22%)
Adversarial Attacks on Robotic Vision Language Action Models. (13%)
Robustness in Both Domains: CLIP Needs a Robust Text Encoder. (3%)
Explicitly Modeling Subcortical Vision with a Neuro-Inspired Front-End Improves CNN Robustness. (2%)
BadReward: Clean-Label Poisoning of Reward Models in Text-to-Image RLHF. (1%)
2025-06-02
Enhancing Diffusion-based Unrestricted Adversarial Attacks via Adversary Preferences Alignment. (98%)
MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models. (81%)
Silence is Golden: Leveraging Adversarial Examples to Nullify Audio Control in LDM-based Talking-Head Generation. (78%)
Which Factors Make Code LLMs More Vulnerable to Backdoor Attacks? A Systematic Study. (54%)
Variance-Based Defense Against Blended Backdoor Attacks. (54%)
Mitigating Data Poisoning Attacks to Local Differential Privacy. (13%)
Align is not Enough: Multimodal Universal Jailbreak Attack against Multimodal Large Language Models. (12%)
Predictive-CSM: Lightweight Fragment Security for 6LoWPAN IoT Networks. (1%)
Robust Satisficing Gaussian Process Bandits Under Adversarial Attacks. (1%)
2025-06-01
CAPAA: Classifier-Agnostic Projector-Based Adversarial Attack. (99%)
Fighting Fire with Fire (F3): A Training-free and Efficient Visual Adversarial Example Purification Method in LVLMs. (99%)
Breaking Latent Prior Bias in Detectors for Generalizable AIGC Image Detection. (96%)
Adversarial learning for nonparametric regression: Minimax rate and adaptive estimation. (74%)
Simple Prompt Injection Attacks Can Leak Personal Data Observed by LLM Agents During Task Execution. (5%)
On the Stability of Graph Convolutional Neural Networks: A Probabilistic Perspective. (2%)
No Soundness in the Real World: On the Challenges of the Verification of Deployed Neural Networks. (2%)
2025-05-31
Poster: Adapting Pretrained Vision Transformers with LoRA Against Attack Vectors. (99%)
Con Instruction: Universal Jailbreaking of Multimodal Large Language Models via Non-Textual Modalities. (98%)
SafeGenes: Evaluating the Adversarial Robustness of Genomic Foundation Models. (98%)
Beyond the Protocol: Unveiling Attack Vectors in the Model Context Protocol Ecosystem. (22%)
SafeTy Reasoning Elicitation Alignment for Multi-Turn Dialogues. (11%)
Monitoring Robustness and Individual Fairness. (10%)
SafeTuneBed: A Toolkit for Benchmarking LLM Safety Alignment in Fine-Tuning. (10%)
RARE: Retrieval-Aware Robustness Evaluation for Retrieval-Augmented Generation Systems. (1%)
2025-05-30
PatchDEMUX: A Certifiably Robust Framework for Multi-label Classifiers Against Adversarial Patches. (92%)
3D Gaussian Splat Vulnerabilities. (88%)
Adversarial Machine Learning for Robust Password Strength Estimation. (87%)
Cascading Adversarial Bias from Injection to Distillation in Language Models. (86%)
Towards Effective and Efficient Adversarial Defense with Diffusion Models for Robust Visual Tracking. (83%)
Learning Safety Constraints for Large Language Models. (81%)
Black-box Adversarial Attacks on CNN-based SLAM Algorithms. (75%)
Heterogeneous Graph Backdoor Attack. (69%)
Shadow defense against gradient inversion attack in federated learning. (68%)
Adversarial Threat Vectors and Risk Mitigation for Retrieval-Augmented Generation Systems. (68%)
Stress-testing Machine Generated Text Detection: Shifting Language Models Writing Style to Fool Detectors. (56%)
Towards Secure MLOps: Surveying Attacks, Mitigation Strategies, and Research Challenges. (41%)
Adversarial Preference Learning for Robust LLM Alignment. (38%)
Light as Deception: GPT-driven Natural Relighting Against Vision-Language Pre-training Models. (13%)
A Flat Minima Perspective on Understanding Augmentations and Model Robustness. (13%)
Keeping an Eye on LLM Unlearning: The Hidden Risk and Remedy. (3%)
Breaking the Gold Standard: Extracting Forgotten Data under Exact Unlearning in Large Language Models. (3%)
Model Unlearning via Sparse Autoencoder Subspace Guided Projections. (2%)
So, I climbed to the top of the pyramid of pain -- now what? (1%)
Robust Federated Learning against Model Perturbation in Edge Networks. (1%)
2025-05-29
Adversarial Semantic and Label Perturbation Attack for Pedestrian Attribute Recognition. (98%)
The Butterfly Effect in Pathology: Exploring Security in Pathology Foundation Models. (98%)
TRAP: Targeted Redirecting of Agentic Preferences. (92%)
Buffer-free Class-Incremental Learning with Out-of-Distribution Detection. (81%)
SafeScientist: Toward Risk-Aware Scientific Discoveries by LLM Agents. (73%)
Disrupting Vision-Language Model-Driven Navigation Services via Adversarial Object Fusion. (41%)
LLM Agents Should Employ Security Principles. (3%)
Network Inversion for Uncertainty-Aware Out-of-Distribution Detection. (1%)
Distributed Federated Learning for Vehicular Network Security: Anomaly Detection Benefits and Multi-Domain Attack Threats. (1%)
The Rich and the Simple: On the Implicit Bias of Adam and SGD. (1%)
Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention. (1%)
2025-05-28
Are classical deep neural networks weakly adversarially robust? (99%)
Understanding Adversarial Training with Energy-based Models. (93%)
Seeing the Threat: Vulnerabilities in Vision-Language Models to Adversarial Attack. (92%)
Adversarially Robust AI-Generated Image Detection for Free: An Information Theoretic Perspective. (92%)
The Meeseeks Mesh: Spatially Consistent 3D Adversarial Objects for BEV Detector. (86%)
Spa-VLM: Stealthy Poisoning Attacks on RAG-based VLM. (83%)
Test-Time Immunization: A Universal Defense Framework Against Jailbreaks for (Multimodal) Large Language Models. (76%)
FGS-Audio: Fixed-Decoder Framework for Audio Steganography with Adversarial Perturbation Generation. (67%)
Distributionally Robust Wireless Semantic Communication with Large AI Models. (15%)
Efficient Preimage Approximation for Neural Network Certification. (9%)
Mitigating Overthinking in Large Reasoning Models via Manifold Steering. (8%)
How Do Diffusion Models Improve Adversarial Robustness? (2%)
Pitfalls of Rule- and Model-based Verifiers -- A Case Study on Mathematical Reasoning. (1%)
2025-05-27
TabAttackBench: A Benchmark for Adversarial Attacks on Tabular Data. (99%)
Adversarial Attacks against Closed-Source MLLMs via Feature Optimal Alignment. (99%)
Boosting Adversarial Transferability via High-Frequency Augmentation and Hierarchical-Gradient Fusion. (98%)
Rethinking Gradient-based Adversarial Attacks on Point Cloud Classification. (98%)
Breaking Dataset Boundaries: Class-Agnostic Targeted Adversarial Attacks. (98%)
A Framework for Adversarial Analysis of Decision Support Systems Prior to Deployment. (96%)
NatADiff: Adversarial Boundary Guidance for Natural Adversarial Diffusion. (95%)
Preventing Adversarial AI Attacks Against Autonomous Situational Awareness: A Maritime Case Study. (92%)
AdInject: Real-World Black-Box Attacks on Web Agents via Advertising Delivery. (83%)
VideoMarkBench: Benchmarking Robustness of Video Watermarking. (74%)
HeteroBA: A Structure-Manipulating Backdoor Attack on Heterogeneous Graphs. (68%)
Breaking the Ceiling: Exploring the Potential of Jailbreak Attacks through Expanding Strategy Space. (64%)
Concealment of Intent: A Game-Theoretic Analysis. (50%)
What is Adversarial Training for Diffusion Models? (33%)
Practical Adversarial Attacks on Stochastic Bandits via Fake Data Injection. (22%)
System Prompt Extraction Attacks and Defenses in Large Language Models. (8%)
Tracing and Reversing Rank-One Model Edits. (3%)
Red-Teaming Text-to-Image Systems by Rule-based Preference Modeling. (3%)
Calibrating LLM Confidence by Probing Perturbed Representation Stability. (2%)
PHISH in MESH: Korean Adversarial Phonetic Substitution and Phonetic-Semantic Feature Integration Defense. (1%)
RedTeamCUA: Realistic Adversarial Testing of Computer-Use Agents in Hybrid Web-OS Environments. (1%)
2025-05-26
Attention! You Vision Language Model Could Be Maliciously Manipulated. (99%)
One Surrogate to Fool Them All: Universal, Transferable, and Targeted Adversarial Attacks with CLIP. (99%)
TESSER: Transfer-Enhancing Adversarial Attacks from Vision Transformers via Spectral and Semantic Regularization. (99%)
CPA-RAG:Covert Poisoning Attacks on Retrieval-Augmented Generation in Large Language Models. (92%)
Diagnosing and Mitigating Modality Interference in Multimodal Large Language Models. (83%)
Multi-level Certified Defense Against Poisoning Attacks in Offline Reinforcement Learning. (82%)
JailBound: Jailbreaking Internal Safety Boundaries of Vision-Language Models. (81%)
Novel Loss-Enhanced Universal Adversarial Patches for Sustainable Speaker Privacy. (22%)
Lifelong Safety Alignment for Language Models. (13%)
Comparing Neural Network Encodings for Logic-based Explainability. (11%)
Efficient and Stealthy Jailbreak Attacks via Adversarial Prompt Distillation from LLMs to SLMs. (10%)
Benign-to-Toxic Jailbreaking: Inducing Harmful Responses from Harmless Prompts. (5%)
Evaluating Software Plagiarism Detection in the Age of AI: Automated Obfuscation and Lessons for Academic Integrity. (4%)
Capability-Based Scaling Laws for LLM Red-Teaming. (3%)
Learning and Interpreting Gravitational-Wave Features from CNNs with a Random Forest Approach. (2%)
DOGe: Defensive Output Generation for LLM Protection Against Knowledge Distillation. (2%)
Evaluating Robustness of Large Audio Language Models to Audio Injection: An Empirical Study. (2%)
Fox in the Henhouse: Supply-Chain Backdoor Attacks Against Reinforcement Learning. (1%)
2025-05-25
Curvature Dynamic Black-box Attack: revisiting adversarial robustness via dynamic curvature estimation. (99%)
Your Classifier Can Do More: Towards Bridging the Gaps in Classification, Robustness, and Generation. (86%)
Are Time-Series Foundation Models Deployment-Ready? A Systematic Study of Adversarial Robustness Across Domains. (78%)
RADEP: A Resilient Adaptive Defense Framework Against Model Extraction Attacks. (75%)
Structure Disruption: Subverting Malicious Diffusion-Based Inpainting via Self-Attention Query Perturbation. (13%)
Evaluating Query Efficiency and Accuracy of Transfer Learning-based Model Extraction Attack in Federated Learning. (10%)
Co-evolutionary Dynamics of Attack and Defence in Cybersecurity. (8%)
ALRPHFS: Adversarially Learned Risk Patterns with Hierarchical Fast \& Slow Reasoning for Robust Agent Defense. (8%)
CloneShield: A Framework for Universal Perturbation Against Zero-Shot Voice Cloning. (2%)
2025-05-24
The Silent Saboteur: Imperceptible Adversarial Attacks against Black-Box Retrieval-Augmented Generation Systems. (99%)
Audio Jailbreak Attacks: Exposing Vulnerabilities in SpeechGPT in a White-Box Framework. (99%)
LORE: Lagrangian-Optimized Robust Embeddings for Visual Encoders. (93%)
Mal-D2GAN: Double-Detector based GAN for Malware Generation. (92%)
StyleGuard: Preventing Text-to-Image-Model-based Style Mimicry Attacks by Style Perturbations. (68%)
Benchmarking Poisoning Attacks against Retrieval-Augmented Generation. (54%)
Mind the Gap: A Practical Attack on GGUF Quantization. (15%)
Strong Membership Inference Attacks on Massive Datasets and (Moderately) Large Language Models. (13%)
Security Concerns for Large Language Models: A Survey. (13%)
Exploring the Vulnerability of the Content Moderation Guardrail in Large Language Models via Intent Manipulation. (3%)
LAMDA: A Longitudinal Android Malware Benchmark for Concept Drift Analysis. (3%)
$PD^3F$: A Pluggable and Dynamic DoS-Defense Framework Against Resource Consumption Attacks Targeting Large Language Models. (2%)
2025-05-23
Enhancing Adversarial Robustness of Vision Language Models via Adversarial Mixture Prompt Tuning. (99%)
Towards more transferable adversarial attack in black-box manner. (99%)
Ownership Verification of DNN Models Using White-Box Adversarial Attacks with Specified Probability Manipulation. (99%)
Temporal Consistency Constrained Transferable Adversarial Attacks with Background Mixup for Action Recognition. (99%)
One Model Transfer to All: On Robust Jailbreak Prompts Generation against LLMs. (97%)
A Critical Evaluation of Defenses against Prompt Injection Attacks. (69%)
Chain-of-Lure: A Synthetic Narrative-Driven Approach to Compromise Large Language Models. (67%)
What You Read Isn't What You Hear: Linguistic Sensitivity in Deepfake Speech Detection. (56%)
EVADE: Multimodal Benchmark for Evasive Content Detection in E-Commerce Applications. (26%)
CAMME: Adaptive Deepfake Image Detection with Multi-Modal Cross-Attention. (15%)
Understanding Pre-training and Fine-tuning from Loss Landscape Perspectives. (13%)
SemSegBench & DetecBench: Benchmarking Reliability and Generalization Beyond Classification. (11%)
JALMBench: Benchmarking Jailbreak Vulnerabilities in Audio Language Models. (10%)
Sec5GLoc: Securing 5G Indoor Localization via Adversary-Resilient Deep Learning Architecture. (10%)
Architectural Backdoors for Within-Batch Data Stealing and Model Inference Manipulation. (9%)
Wolf Hidden in Sheep's Conversations: Toward Harmless Data-Based Backdoor Attacks for Jailbreaking Large Language Models. (8%)
2025-05-22
Experimental robustness benchmark of quantum neural network on a superconducting quantum processor. (99%)
SuperPure: Efficient Purification of Localized and Distributed Adversarial Patches via Super-Resolution GAN Models. (99%)
AdvReal: Adversarial Patch Generation Framework with Application to Adversarial Safety Evaluation of Object Detection Systems. (99%)
Accelerating Targeted Hard-Label Adversarial Attacks in Low-Query Black-Box Settings. (99%)
VEAttack: Downstream-agnostic Vision Encoder Attack against Large Vision Language Models. (99%)
Chain-of-Thought Poisoning Attacks against R1-based Retrieval-Augmented Generation Systems. (96%)
MixAT: Combining Continuous and Discrete Adversarial Training for LLMs. (87%)
CAIN: Hijacking LLM-Humans Conversations via a Two-Stage Malicious System Prompt Generation and Refining Framework. (86%)
BadVLA: Towards Backdoor Attacks on Vision-Language-Action Models via Objective-Decoupled Optimization. (64%)
Tropical Attention: Neural Algorithmic Reasoning for Combinatorial Algorithms. (50%)
Accidental Misalignment: Fine-Tuning Language Models Induces Unexpected Vulnerability. (45%)
BitHydra: Towards Bit-flip Inference Cost Attack against Large Language Models. (16%)
Secure and Private Federated Learning: Achieving Adversarial Resilience through Robust Aggregation. (13%)
When Safety Detectors Aren't Enough: A Stealthy and Effective Jailbreak Attack on LLMs via Steganographic Techniques. (10%)
REOBench: Benchmarking Robustness of Earth Observation Foundation Models. (2%)
MTSA: Multi-turn Safety Alignment for LLMs through Multi-round Red-teaming. (2%)
All You Need is "Leet": Evading Hate-speech Detection AI. (1%)
Training on Plausible Counterfactuals Removes Spurious Correlations. (1%)
2025-05-21
Beyond Classification: Evaluating Diffusion Denoised Smoothing for Security-Utility Trade off. (99%)
Alignment Under Pressure: The Case for Informed Adversaries When Evaluating LLM Defenses. (99%)
TRAIL: Transferable Robust Adversarial Images via Latent diffusion. (98%)
Few-Shot Adversarial Low-Rank Fine-Tuning of Vision-Language Models. (98%)
Scalable Defense against In-the-wild Jailbreaking Attacks with Safety Context Retrieval. (82%)
Interpretability Illusions with Sparse Autoencoders: Evaluating Robustness of Concept Representations. (75%)
Audio Jailbreak: An Open Comprehensive Benchmark for Jailbreaking Large Audio-Language Models. (64%)
Silent Leaks: Implicit Knowledge Extraction Attack on RAG Systems through Benign Queries. (38%)
Blind Spot Navigation: Evolutionary Discovery of Sensitive Semantic Concepts for LVLMs. (38%)
Robustifying Vision-Language Models via Dynamic Token Reweighting. (31%)
GAMA: Geometry-Aware Manifold Alignment via Structured Adversarial Perturbations for Robust Domain Adaptation. (11%)
Ranking Free RAG: Replacing Re-ranking with Selection in RAG for Sensitive Domains. (5%)
Geometrically Regularized Transfer Learning with On-Manifold and Off-Manifold Perturbation. (4%)
Your Language Model Can Secretly Write Like Humans: Contrastive Paraphrase Attacks on LLM-Generated Text Detectors. (4%)
My Face Is Mine, Not Yours: Facial Protection Against Diffusion Model Face Swapping. (2%)
P3Net: Progressive and Periodic Perturbation for Semi-Supervised Medical Image Segmentation. (1%)
Why Can Accurate Models Be Learned from Inaccurate Annotations? (1%)
Hunyuan-TurboS: Advancing Large Language Models through Mamba-Transformer Synergy and Adaptive Chain-of-Thought. (1%)
Enhancing Certified Robustness via Block Reflector Orthogonal Layers and Logit Annealing Loss. (1%)
BadSR: Stealthy Label Backdoor Attacks on Image Super-Resolution. (1%)
A Survey On Secure Machine Learning. (1%)
Challenger: Affordable Adversarial Driving Video Generation. (1%)
2025-05-20
Robustness Evaluation of Graph-based News Detection Using Network Structural Information. (99%)
Adverseness vs. Equilibrium: Exploring Graph Adversarial Resilience through Dynamic Equilibrium. (92%)
Adversarial Training from Mean Field Perspective. (88%)
FedGraM: Defending Against Untargeted Attacks in Federated Learning via Embedding Gram Matrix. (86%)
Universal Acoustic Adversarial Attacks for Flexible Control of Speech-LLMs. (80%)
Vulnerability of Transfer-Learned Neural Networks to Data Reconstruction Attacks in Small-Data Regime. (80%)
Lessons from Defending Gemini Against Indirect Prompt Injections. (76%)
Exploring Jailbreak Attacks on LLMs through Intent Concealment and Diversion. (70%)
Trust Me, I Can Handle It: Self-Generated Adversarial Scenario Extrapolation for Robust Language Models. (54%)
GraphemeAug: A Systematic Approach to Synthesized Hard Negative Keyword Spotting Examples. (47%)
AudioJailbreak: Jailbreak Attacks against End-to-End Large Audio-Language Models. (31%)
EVA: Red-Teaming GUI Agents via Evolving Indirect Prompt Injection. (22%)
Adversarially Pretrained Transformers may be Universally Robust In-Context Learners. (13%)
Anomaly Detection Based on Critical Paths for Deep Neural Networks. (13%)
Is Your Prompt Safe? Investigating Prompt Injection Attacks Against Open-Source LLMs. (10%)
Safety Subspaces are Not Distinct: A Fine-Tuning Case Study. (10%)
SifterNet: A Generalized and Model-Agnostic Trigger Purification Approach. (2%)
ShortcutProbe: Probing Prediction Shortcuts for Learning Robust Models. (1%)
Covert Attacks on Machine Learning Training in Passively Secure MPC. (1%)
Hidden Ghost Hand: Unveiling Backdoor Vulnerabilities in MLLM-Powered Mobile GUI Agents. (1%)
2025-05-19
FlowPure: Continuous Normalizing Flows for Adversarial Purification. (99%)
Investigating the Vulnerability of LLM-as-a-Judge Architectures to Prompt-Injection Attacks. (87%)
Anti-Inpainting: A Proactive Defense against Malicious Diffusion-based Inpainters under Unknown Conditions. (87%)
RoVo: Robust Voice Protection Against Unauthorized Speech Synthesis with Embedding-Level Perturbations. (81%)
PandaGuard: Systematic Evaluation of LLM Safety in the Era of Jailbreaking Attacks. (70%)
Language Models That Walk the Talk: A Framework for Formal Fairness Certificates. (69%)
DynaNoise: Dynamic Probabilistic Noise Injection for Defending Against Membership Inference Attacks. (38%)
Fragments to Facts: Partial-Information Fragment Inference from LLMs. (10%)
Does Low Rank Adaptation Lead to Lower Robustness against Training-Time Attacks? (8%)
Safety Alignment Can Be Not Superficial With Explicit Safety Signals. (4%)
Robust learning of halfspaces under log-concave marginals. (1%)
EPIC: Explanation of Pretrained Image Classification Networks via Prototype. (1%)
Malware families discovery via Open-Set Recognition on Android manifest permissions. (1%)
2025-05-18
A Few Large Shifts: Layer-Inconsistency Based Minimal Overhead Adversarial Example Detection. (99%)
On the Mechanisms of Adversarial Data Augmentation for Robust and Adaptive Transfer Learning. (98%)
PoisonArena: Uncovering Competing Poisoning Attacks in Retrieval-Augmented Generation. (76%)
SPIRIT: Patching Speech Language Models against Jailbreak Attacks. (61%)
The Tower of Babel Revisited: Multilingual Jailbreak Prompts on Closed-Source Large Language Models. (47%)
Spiking Neural Network: a low power solution for physical layer authentication. (31%)
A Survey of Attacks on Large Language Models. (22%)
VoiceCloak: A Multi-Dimensional Defense Framework against Unauthorized Diffusion-based Voice Cloning. (11%)
IP Leakage Attacks Targeting LLM-Based Multi-Agent Systems. (10%)
Few-Step Diffusion via Score identity Distillation. (1%)
Robust Planning for Autonomous Driving via Mixed Adversarial Diffusion Predictions. (1%)
Improving Out-of-Domain Robustness with Targeted Augmentation in Frequency and Pixel Spaces. (1%)
CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement. (1%)
2025-05-17
FABLE: A Localized, Targeted Adversarial Attack on Weather Forecasting Models. (99%)
Adversarial Robustness for Unified Multi-Modal Encoders via Efficient Calibration. (98%)
EVALOOP: Assessing LLM Robustness in Programming from a Self-consistency Perspective. (95%)
Black-box Adversaries from Latent Space: Unnoticeable Attacks on Human Pose and Shape Estimation. (83%)
Self-Destructive Language Model. (75%)
FL-PLAS: Federated Learning with Partial Layer Aggregation for Backdoor Defense Against High-Ratio Malicious Clients. (10%)
Video-SafetyBench: A Benchmark for Safety Evaluation of Video LVLMs. (10%)
FIGhost: Fluorescent Ink-based Stealthy and Flexible Backdoor Attacks on Physical Traffic Sign Recognition. (10%)
2025-05-16
GenoArmory: A Unified Evaluation Framework for Adversarial Attacks on Genomic Foundation Models. (99%)
LLMs unlock new paths to monetizing exploits. (78%)
Nosy Layers, Noisy Fixes: Tackling DRAs in Federated Learning Systems using Explainable AI. (75%)
On the Security Risks of ML-based Malware Detection Systems: A Survey. (64%)
ProxyPrompt: Securing System Prompts against Prompt Extraction Attacks. (56%)
On the Sharp Input-Output Analysis of Nonlinear Systems under Adversarial Attacks. (56%)
CARES: Comprehensive Evaluation of Safety and Adversarial Robustness in Medical LLMs. (41%)
Adversarially Robust Spiking Neural Networks with Sparse Connectivity. (11%)
EnvInjection: Environmental Prompt Injection Attack to Multi-modal Web Agents. (5%)
Anti-Sensing: Defense against Unauthorized Radar-based Human Vital Sign Sensing with Physically Realizable Wearable Oscillators. (2%)
Co-Evolutionary Defence of Active Directory Attack Graphs via GNN-Approximated Dynamic Programming. (1%)
Zero-Shot Visual Generalization in Robot Manipulation. (1%)
CellCLIP -- Learning Perturbation Effects in Cell Painting via Text-Guided Contrastive Learning. (1%)
2025-05-15
The Ephemeral Threat: Assessing the Security of Algorithmic Trading Systems powered by Deep Learning. (50%)
One Shot Dominance: Knowledge Poisoning Attack on Retrieval-Augmented Generation Systems. (31%)
Defending the Edge: Representative-Attention for Mitigating Backdoor Attacks in Federated Learning. (15%)
A Unified and Scalable Membership Inference Method for Visual Self-supervised Encoder via Part-aware Capability. (11%)
MorphGuard: Morph Specific Margin Loss for Enhancing Robustness to Face Morphing Attacks. (2%)
Noise Injection Systemically Degrades Large Language Model Safety Guardrails. (1%)
Sybil-based Virtual Data Poisoning Attacks in Federated Learning. (1%)
Dark LLMs: The Growing Threat of Unaligned AI Models. (1%)
2025-05-14
Evaluating the Robustness of Adversarial Defenses in Malware Detection Systems. (99%)
Adversarial Suffix Filtering: a Defense Pipeline for LLMs. (98%)
Adversarial Attack on Large Language Models using Exponentiated Gradient Descent. (89%)
DataMIL: Selecting Data for Robot Imitation Learning with Datamodels. (10%)
RobustSpring: Benchmarking Robustness to Image Corruptions for Optical Flow, Scene Flow and Stereo. (2%)
Guardian Positioning System (GPS) for Location Based Services. (1%)
2025-05-13
Towards Adaptive Meta-Gradient Adversarial Examples for Visual Tracking. (99%)
Robustness Analysis against Adversarial Patch Attacks in Fully Unmanned Stores. (98%)
Revisiting Adversarial Perception Attacks and Defense Methods on Autonomous Driving Systems. (96%)
Removing Watermarks with Partial Regeneration using Semantic Information. (15%)
On the Account Security Risks Posed by Password Strength Meters. (1%)
Strategy-Augmented Planning for Large Language Models via Opponent Exploitation. (1%)
2025-05-12
No Query, No Access. (99%)
Dynamical Low-Rank Compression of Neural Networks with Robustness under Adversarial Attacks. (80%)
GRADA: Graph-based Reranker against Adversarial Documents Attack. (69%)
SecReEvalBench: A Multi-turned Security Resilience Evaluation Benchmark for Large Language Models. (26%)
Must Read: A Systematic Survey of Computational Persuasion. (3%)
2025-05-11
DP-TRAE: A Dual-Phase Merging Transferable Reversible Adversarial Example for Image Privacy Protection. (99%)
IM-BERT: Enhancing Robustness of BERT through the Implicit Euler Method. (47%)
A Formally Verified Robustness Certifier for Neural Networks (Extended Version). (15%)
Benign Samples Matter! Fine-tuning On Outlier Benign Samples Severely Breaks Safety. (12%)
One Trigger Token Is Enough: A Defense Strategy for Balancing Safety and Usability in Large Language Models. (11%)
AugMixCloak: A Defense against Membership Inference Attacks via Image Transformation. (8%)
TokenProber: Jailbreaking Text-to-image Models via Fine-grained Word Impact Analysis. (5%)
2025-05-10
POISONCRAFT: Practical Poisoning of Retrieval-Augmented Generation for Large Language Models. (83%)
T2V-OptJail: Discrete Prompt Optimization for Text-to-Video Jailbreak Attacks. (64%)
Practical Reasoning Interruption Attacks on Reasoning Large Language Models. (33%)
2025-05-09
Learning from the Good Ones: Risk Profiling-Based Defenses Against Evasion Attacks on DNNs. (99%)
Realistic Adversarial Attacks for Robustness Evaluation of Trajectory Prediction Models via Future State Perturbation. (83%)
A Taxonomy of Attacks and Defenses in Split Learning. (15%)
AgentXploit: End-to-End Redteaming of Black-Box AI Agents. (5%)
LATENT: LLM-Augmented Trojan Insertion and Evaluation Framework for Analog Netlist Topologies. (2%)
Remote Rowhammer Attack using Adversarial Observations on Federated Learning Clients. (2%)
Sponge Attacks on Sensing AI: Energy-Latency Vulnerabilities and Defense via Model Pruning. (2%)
2025-05-08
Unpacking Robustness in Inflectional Languages: Adversarial Evaluation and Mechanistic Insights. (99%)
X-Transfer Attacks: Towards Super Transferable Adversarial Attacks on CLIP. (98%)
Adaptive Stress Testing Black-Box LLM Planners. (12%)
DispBench: Benchmarking Disparity Estimation to Synthetic Corruptions. (10%)
Advancing Neural Network Verification through Hierarchical Safety Abstract Interpretation. (9%)
LiteLMGuard: Seamless and Lightweight On-Device Prompt Filtering for Safeguarding Small Language Models against Quantization-induced Risks and Vulnerabilities. (8%)
Defending against Indirect Prompt Injection by Instruction Detection. (2%)
PaniCar: Securing the Perception of Advanced Driving Assistance Systems Against Emergency Vehicle Lighting. (2%)
Revealing Weaknesses in Text Watermarking Through Self-Information Rewrite Attacks. (2%)
Reasoning Models Don't Always Say What They Think. (1%)
2025-05-07
Input-Specific and Universal Adversarial Attack Generation for Spiking Neural Networks in the Spiking Domain. (99%)
Fight Fire with Fire: Defending Against Malicious RL Fine-Tuning via Reward Neutralization. (31%)
RFNNS: Robust Fixed Neural Network Steganography with Popular Deep Generative Models. (13%)
DMRL: Data- and Model-aware Reward Learning for Data Extraction. (1%)
Memory Under Siege: A Comprehensive Survey of Side-Channel Attacks on Memory. (1%)
2025-05-06
Robustness in AI-Generated Detection: Enhancing Resistance to Adversarial Attacks. (99%)
Attention-aggregated Attack for Boosting the Transferability of Facial Adversarial Examples. (99%)
ALMA: Aggregated Lipschitz Maximization Attack on Auto-encoders. (99%)
Crafting Physical Adversarial Examples by Combining Differentiable and Physically Based Renders. (95%)
Uncovering the Limitations of Model Inversion Evaluation -- Benchmarks and Connection to Type-I Adversarial Attacks. (92%)
Data-Driven Falsification of Cyber-Physical Systems. (88%)
Framework GNN-AID: Graph Neural Network Analysis Interpretation and Defense. (81%)
Reliable Disentanglement Multi-view Learning Against View Adversarial Attacks. (67%)
BadLingual: A Novel Lingual-Backdoor Attack against Large Language Models. (38%)
A Chaos Driven Metric for Backdoor Attack Detection. (38%)
Mitigating Backdoor Triggered and Targeted Data Poisoning Attacks in Voice Authentication Systems. (16%)
SEVA: Leveraging Single-Step Ensemble of Vicinal Augmentations for Test-Time Adaptation. (1%)
Interpretable Zero-shot Learning with Infinite Class Concepts. (1%)
Event-Triggered GAT-LSTM Framework for Attack Detection in Heating, Ventilation, and Air Conditioning Systems. (1%)
2025-05-05
Adversarial Sample Generation for Anomaly Detection in Industrial Control Systems. (99%)
Adversarial Robustness Analysis of Vision-Language Models in Medical Image Segmentation. (99%)
Catastrophic Overfitting, Entropy Gap and Participation Ratio: A Noiseless $l^p$ Norm Solution for Fast Adversarial Training. (87%)
Robustness questions the interpretability of graph neural networks: what to do? (83%)
Adversarial Attacks in Multimodal Systems: A Practitioner's Survey. (76%)
Towards Dataset Copyright Evasion Attack against Personalized Text-to-Image Diffusion Models. (56%)
Bayesian Robust Aggregation for Federated Learning. (3%)
SoK: Stealing Cars Since Remote Keyless Entry Introduction and How to Defend From It. (3%)
2025-05-04
Lightweight Defense Against Adversarial Attacks in Time Series Classification. (92%)
2025-05-03
CAMOUFLAGE: Exploiting Misinformation Detection Systems Through LLM-driven Adversarial Claim Transformation. (93%)
Rogue Cell: Adversarial Attack and Defense in Untrusted O-RAN Setup Exploiting the Traffic Steering xApp. (93%)
Adversarial Robustness of Deep Learning Models for Inland Water Body Segmentation from SAR Images. (93%)
Backdoor Attacks Against Patch-based Mixture of Experts. (67%)
2025-05-02
Transferable Adversarial Attacks on Black-Box Vision-Language Models. (99%)
Harmonizing Intra-coherence and Inter-divergence in Ensemble Attacks for Adversarial Transferability. (99%)
Constrained Network Adversarial Attacks: Validity, Robustness, and Transferability. (99%)
Helping Large Language Models Protect Themselves: An Enhanced Filtering and Summarization System. (83%)
Diffusion-based Adversarial Purification from the Perspective of the Frequency Domain. (76%)
Active Sybil Attack and Efficient Defense Strategy in IPFS DHT. (50%)
Quantum Support Vector Regression for Robust Anomaly Detection. (33%)
Secure Cluster-Based Hierarchical Federated Learning in Vehicular Networks. (15%)
Rubber Mallet: A Study of High Frequency Localized Bit Flips and Their Impact on Security. (9%)
Fine-grained Manipulation Attacks to Local Differential Privacy Protocols for Data Streams. (8%)
LLM Security: Vulnerabilities, Attacks, Defenses, and Countermeasures. (4%)
Explainable AI Based Diagnosis of Poisoning Attacks in Evolutionary Swarms. (1%)
2025-05-01
OET: Optimization-based prompt injection Evaluation Toolkit. (99%)
Fast and Low-Cost Genomic Foundation Models via Outlier Removal. (98%)
Analysis of the vulnerability of machine learning regression models to adversarial attacks using data from 5G wireless networks. (96%)
GAN-based Generator of Adversarial Attack on Intelligent End-to-End Autoencoder-based Communication System. (91%)
Protocol-agnostic and Data-free Backdoor Attacks on Pre-trained Models in RF Fingerprinting. (16%)
Attack and defense techniques in large language models: A survey and new perspectives. (12%)
Spill The Beans: Exploiting CPU Cache Side-Channels to Leak Tokens from Large Language Models. (1%)
2025-04-30
Cert-SSB: Toward Certified Sample-Specific Backdoor Defense. (98%)
The Dual Power of Interpretable Token Embeddings: Jailbreaking Attacks and Defenses for Diffusion Model Unlearning. (86%)
How to Backdoor the Knowledge Distillation. (81%)
Diffusion-based Adversarial Identity Manipulation for Facial Privacy Protection. (31%)
A Test Suite for Efficient Robustness Evaluation of Face Recognition Systems. (26%)
Hoist with His Own Petard: Inducing Guardrails to Facilitate Denial-of-Service Attacks on Retrieval-Augmented Generation of LLMs. (16%)
Sparsification Under Siege: Defending Against Poisoning Attacks in Communication-Efficient Federated Learning. (15%)
Enhancing Security and Strengthening Defenses in Automated Short-Answer Grading Systems. (11%)
Unlearning Sensitive Information in Multimodal LLMs: Benchmark and Attack-Defense Evaluation. (9%)
Traceback of Poisoning Attacks to Retrieval-Augmented Generation. (8%)
Active Light Modulation to Counter Manipulation of Speech Visual Content. (2%)
Stochastic Subspace Descent Accelerated via Bi-fidelity Line Search. (1%)
2025-04-29
Mitigating the Structural Bias in Graph Adversarial Defenses. (92%)
SFIBA: Spatial-based Full-target Invisible Backdoor Attacks. (84%)
Robustness via Referencing: Defending against Prompt Injection Attacks by Referencing the Executed Instruction. (81%)
Quantifying the Noise of Structural Perturbations on Graph Adversarial Attacks. (80%)
FFCBA: Feature-based Full-target Clean-label Backdoor Attacks. (73%)
AegisLLM: Scaling Agentic Systems for Self-Reflective Defense in LLM Security. (15%)
Robust Multi-agent Communication Based on Decentralization-Oriented Adversarial Training. (12%)
CachePrune: Neural-Based Attribution Defense Against Indirect Prompt Injection Attacks. (12%)
GaussTrap: Stealthy Poisoning Attacks on 3D Gaussian Splatting for Targeted Scene Confusion. (8%)
Enhancing Leakage Attacks on Searchable Symmetric Encryption Using LLM-Based Synthetic Data Generation. (8%)
Erased but Not Forgotten: How Backdoors Compromise Concept Erasure. (5%)
NeuRel-Attack: Neuron Relearning for Safety Disalignment in Large Language Models. (1%)
Token-Efficient Prompt Injection Attack: Provoking Cessation in LLM Reasoning via Adaptive Token Compression. (1%)
2025-04-28
Evaluate-and-Purify: Fortifying Code Language Models Against Adversarial Attacks Using LLM-as-a-Judge. (98%)
The Dark Side of Digital Twins: Adversarial Attacks on AI-Driven Water Forecasting. (98%)
AGATE: Stealthy Black-box Watermarking for Multimodal Model Copyright Protection. (89%)
A Cryptographic Perspective on Mitigation vs. Detection in Machine Learning. (83%)
Prompt Injection Attack to Tool Selection in LLM Agents. (62%)
Prefill-Based Jailbreak: A Novel Approach of Bypassing LLM Safety Boundary. (38%)
A Case Study on the Use of Representativeness Bias as a Defense Against Adversarial Cyber Threats. (16%)
Perception-aware Sampling for Scatterplot Visualizations. (5%)
Inception: Jailbreak the Memory Mechanism of Text-to-Image Generation Systems. (5%)
What's Pulling the Strings? Evaluating Integrity and Attribution in AI Training and Inference through Concept Shift. (1%)
Adversarial Shallow Watermarking. (1%)
DeeCLIP: A Robust and Generalizable Transformer-Based Framework for Detecting AI-Generated Images. (1%)
2025-04-27
Forging and Removing Latent-Noise Diffusion Watermarks Using a Single Image. (87%)
FCGHunter: Towards Evaluating Robustness of Graph-Based Android Malware Detection. (78%)
CapsFake: A Multimodal Capsule Network for Detecting Instruction-Guided Deepfakes. (74%)
JailbreaksOverTime: Detecting Jailbreak Attacks Under Distribution Shift. (67%)
Doxing via the Lens: Revealing Location-related Privacy Leakage on Multi-modal Large Reasoning Models. (22%)
2025-04-26
Unveiling and Mitigating Adversarial Vulnerabilities in Iterative Optimizers. (98%)
Graph of Attacks: Improved Black-Box and Interpretable Jailbreaks for LLMs. (92%)
Test It Before You Trust It: Applying Software Testing for Trustworthy In-context Learning. (86%)
Latent Adversarial Training Improves the Representation of Refusal. (10%)
DiCE-Extended: A Robust Approach to Counterfactual Explanations in Machine Learning. (3%)
Safety Interventions against Adversarial Patches in an Open-Source Driver Assistance System. (1%)
2025-04-25
Edge-Based Learning for Improved Classification Under Adversarial Noise. (99%)
Intelligent Attacks and Defense Methods in Federated Learning-enabled Energy-Efficient Wireless Networks. (74%)
DeSIA: Attribute Inference Attacks Against Limited Fixed Aggregate Statistics. (1%)
2025-04-24
Unsupervised Corpus Poisoning Attacks in Continuous Space for Dense Retrieval. (99%)
A Simple DropConnect Approach to Transfer-based Targeted Attack. (99%)
Unveiling Hidden Vulnerabilities in Digital Human Generation via Adversarial Attacks. (98%)
Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations. (97%)
Fine-Tuning Adversarially-Robust Transformers for Single-Image Dehazing. (92%)
Towards Robust LLMs: an Adversarial Robustness Measurement Framework. (87%)
On the Generalization of Adversarially Trained Quantum Classifiers. (82%)
DCT-Shield: A Robust Frequency Domain Defense against Malicious Image Editing. (75%)
The Ultimate Cookbook for Invisible Poison: Crafting Subtle Clean-Label Text Backdoors with Style Attributes. (69%)
Evaluating Time Series Models for Urban Wastewater Management: Predictive Performance, Model Complexity and Resilience. (4%)
Cluster-Aware Attacks on Graph Watermarks. (2%)
FLUKE: A Linguistically-Driven and Task-Agnostic Framework for Robustness Evaluation. (1%)
BadMoE: Backdooring Mixture-of-Experts LLMs via Optimizing Routing Triggers and Infecting Dormant Experts. (1%)
2025-04-23
Seeking Flat Minima over Diverse Surrogates for Improved Adversarial Transferability: A Theoretical Framework and Algorithmic Instantiation. (99%)
BadVideo: Stealthy Backdoor Attack against Text-to-Video Generation. (61%)
Enhancing Variational Autoencoders with Smooth Robust Latent Encoding. (50%)
AUTHENTICATION: Identifying Rare Failure Modes in Autonomous Vehicle Perception Systems using Adversarially Guided Diffusion Models. (1%)
2025-04-22
Human-Imperceptible Physical Adversarial Attack for NIR Face Recognition Models. (99%)
Property-Preserving Hashing for $\ell_1$-Distance Predicates: Applications to Countering Adversarial Input Attacks. (75%)
TrojanDam: Detection-Free Backdoor Defense in Federated Learning through Proactive Model Robustification utilizing OOD Data. (56%)
WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks. (4%)
A Comprehensive Survey in LLM(-Agent) Full Stack Safety: Data, Training and Deployment. (4%)
OPUS-VFL: Incentivizing Optimal Privacy-Utility Tradeoffs in Vertical Federated Learning. (3%)
Exploring the Role of Large Language Models in Cybersecurity: A Systematic Survey. (1%)
2025-04-21
Unifying Image Counterfactuals and Feature Attributions with Latent-Space Adversarial Attacks. (99%)
Fast Adversarial Training with Weak-to-Strong Spatial-Temporal Consistency in the Frequency Domain on Videos. (75%)
T2VShield: Model-Agnostic Jailbreak Defense for Text-to-Video Models. (68%)
DualBreach: Efficient Dual-Jailbreaking via Target-Driven Initialization and Multi-Target Optimization. (22%)
aiXamine: Simplified LLM Safety and Security. (13%)
Backdoor Defense in Diffusion Models via Spatial Attention Unlearning. (9%)
Kill two birds with one stone: generalized and robust AI-generated text detection via dynamic perturbations. (4%)
Trainable Quantum Neural Network for Multiclass Image Classification with the Power of Pre-trained Tree Tensor Networks. (1%)
2025-04-20
Towards Model Resistant to Transferable Adversarial Examples via Trigger Activation. (99%)
Verifying Robust Unlearning: Probing Residual Knowledge in Unlearned Models. (1%)
2025-04-19
Hydra: An Agentic Reasoning Approach for Enhancing Adversarial Robustness and Mitigating Hallucinations in Vision-Language Models. (99%)
Adversarial Attack for RGB-Event based Visual Object Tracking. (99%)
Manipulating Multimodal Agents via Cross-Modal Prompt Injection. (89%)
2025-04-18
Q-FAKER: Query-free Hard Black-box Attack via Controlled Generation. (99%)
Rethinking Target Label Conditioning in Adversarial Attacks: A 2D Tensor-Guided Generative Approach. (92%)
DETAM: Defending LLMs Against Jailbreak Attacks via Targeted Attention Modification. (82%)
VideoPASTA: 7K Preference Pairs That Matter for Video-LLM Alignment. (75%)
BadApex: Backdoor Attack Based on Adaptive Optimization Mechanism of Black-box Large Language Models. (45%)
DoomArena: A framework for Testing AI Agents Against Evolving Security Threats. (10%)
Fairness and Robustness in Machine Unlearning. (9%)
AutoAdv: Automated Adversarial Prompting for Multi-Turn Jailbreaking of Large Language Models. (8%)
CodeCrash: Stress Testing LLM Reasoning under Structural and Semantic Perturbations. (1%)
Everything You Wanted to Know About LLM-based Vulnerability Detection But Were Afraid to Ask. (1%)
2025-04-17
Quantum Computing Supported Adversarial Attack-Resilient Autonomous Vehicle Perception Module for Traffic Sign Classification. (99%)
DYNAMITE: Dynamic Defense Selection for Enhancing Machine Learning-based Intrusion Detection Against Adversarial Attacks. (98%)
A Client-level Assessment of Collaborative Backdoor Poisoning in Non-IID Federated Learning. (83%)
ArtistAuditor: Auditing Artist Style Pirate in Text-to-Image Generation Models. (41%)
Privacy Protection Against Personalized Text-to-Image Synthesis via Cross-image Consistency Constraints. (3%)
Effective Dual-Region Augmentation for Reduced Reliance on Large Amounts of Labeled Data. (1%)
NoisyRollout: Reinforcing Visual Reasoning with Data Augmentation. (1%)
2025-04-16
SemDiff: Generating Natural Unrestricted Adversarial Examples via Semantic Attributes Optimization in Diffusion Models. (99%)
Human Aligned Compression for Robust Models. (98%)
RDI: An adversarial robustness evaluation metric for deep neural networks based on sample clustering features. (98%)
Secure Transfer Learning: Training Clean Models Against Backdoor in (Both) Pre-trained Encoders and Downstream Datasets. (2%)
MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN. (1%)
2025-04-15
Towards Safe Synthetic Image Generation On the Web: A Multimodal Robust NSFW Defense and Million Scale Dataset. (99%)
R-TPT: Improving Adversarial Robustness of Vision-Language Models through Test-Time Prompt Tuning. (92%)
Exploring Backdoor Attack and Defense for LLM-empowered Recommendations. (92%)
Defending Against Frequency-Based Attacks with Diffusion Models. (88%)
QAVA: Query-Agnostic Visual Attack to Large Vision-Language Models. (86%)
RAID: An In-Training Defense against Attribute Inference Attacks in Recommender Systems. (81%)
CDUPatch: Color-Driven Universal Adversarial Patch Attack for Dual-Modal Visible-Infrared Detectors. (76%)
Bypassing Prompt Injection and Jailbreak Detection in LLM Guardrails. (76%)
RF Sensing Security and Malicious Exploitation: A Comprehensive Survey. (69%)
DataSentinel: A Game-Theoretic Detection of Prompt Injection Attacks. (61%)
How to Enhance Downstream Adversarial Robustness (almost) without Touching the Pre-Trained Foundation Model? (41%)
Token-Level Constraint Boundary Search for Jailbreaking Text-to-Image Models. (38%)
The Obvious Invisible Threat: LLM-Powered GUI Agents' Vulnerability to Fine-Print Injections. (9%)
Chypnosis: Stealthy Secret Extraction using Undervolting-based Static Side-channel Attacks. (1%)
2025-04-14
The Sword of Damocles in ViTs: Computational Redundancy Amplifies Adversarial Transferability. (99%)
Investigating cybersecurity incidents using large language models in latest-generation wireless networks. (83%)
Quantifying Privacy Leakage in Split Inference via Fisher-Approximated Shannon Information Analysis. (73%)
Towards Spatially-Aware and Optimally Faithful Concept-Based Explanations. (56%)
Concept Enhancement Engineering: A Lightweight and Efficient Robust Defense Against Jailbreak Attacks in Embodied AI. (45%)
Shield Bash: Abusing Defensive Coherence State Retrieval to Break Timing Obfuscation. (10%)
Deep Audio Watermarks are Shallow: Limitations of Post-Hoc Watermarking Techniques for Speech. (1%)
Ctrl-Z: Controlling AI Agents via Resampling. (1%)
Beyond Worst-Case Online Classification: VC-Based Regret Bounds for Relaxed Benchmarks. (1%)
2025-04-13
SafeSpeech: Robust and Universal Voice Protection Against Malicious Speech Synthesis. (92%)
CheatAgent: Attacking LLM-Empowered Recommender Systems via LLM Agent. (86%)
RANSAC Revisited: An Improved Algorithm for Robust Subspace Recovery under Adversarial and Noisy Corruptions. (9%)
ControlNET: A Firewall for RAG-based LLM System. (9%)
An Investigation of Large Language Models and Their Vulnerabilities in Spam Detection. (5%)
AdaSteer: Your Aligned LLM is Inherently an Adaptive Jailbreak Defender. (2%)
FractalForensics: Proactive Deepfake Detection and Localization via Fractal Watermarks. (1%)
The Structural Safety Generalization Problem. (1%)
2025-04-12
PapMOT: Exploring Adversarial Patch Attack against Multiple Object Tracking. (98%)
From Visual Explanations to Counterfactual Explanations with Latent Diffusion. (75%)
Bregman Linearized Augmented Lagrangian Method for Nonconvex Constrained Stochastic Zeroth-order Optimization. (68%)
Towards More Efficient, Robust, Instance-adaptive, and Generalizable Sequential Decision making. (1%)
2025-04-11
Adversarial Examples in Environment Perception for Automated Driving (Review). (99%)
Toward Realistic Adversarial Attacks in IDS: A Novel Feasibility Metric for Transferability. (99%)
Toward Spiking Neural Network Local Learning Modules Resistant to Adversarial Attacks. (99%)
Robust SAM: On the Adversarial Robustness of Vision Foundation Models. (98%)
On Transfer-based Universal Attacks in Pure Black-box Setting. (92%)
A Knowledge-guided Adversarial Defense for Resisting Malicious Visual Manipulation. (83%)
Multi-Robot Coordination with Adversarial Perception. (10%)
Robust Steganography from Large Language Models. (5%)
2025-04-10
EO-VLM: VLM-Guided Energy Overload Attacks on Vision Models. (69%)
Benchmarking Adversarial Robustness to Bias Elicitation in Large Language Models: Scalable Automated Assessment with LLM-as-a-Judge. (68%)
Defense against Prompt Injection Attacks via Mixture of Encodings. (38%)
X-Guard: Multilingual Guard Agent for Content Moderation. (13%)
AttentionDefense: Leveraging System Prompt Attention for Explainable Defense Against Novel Jailbreaks. (13%)
PR-Attack: Coordinated Prompt-RAG Attacks on Retrieval-Augmented Generation in Large Language Models via Bilevel Optimization. (11%)
Deceptive Automated Interpretability: Language Models Coordinating to Fool Oversight Systems. (10%)
Achilles Heel of Distributed Multi-Agent Systems. (1%)
QubitHammer Attacks: Qubit Flipping Attacks in Multi-tenant Superconducting Quantum Computers. (1%)
2025-04-09
SafeMLRM: Demystifying Safety in Multi-modal Large Reasoning Models. (1%)
Defending LLM Watermarking Against Spoofing Attacks with Contrastive Representation Learning. (1%)
2025-04-08
Mind the Trojan Horse: Image Prompt Adapter Enabling Scalable and Deceptive Jailbreaking. (97%)
Towards Calibration Enhanced Network by Inverse Adversarial Attack. (92%)
Adversarial Training of Reward Models. (88%)
Exploring Gradient-Guided Masked Language Model to Detect Textual Adversarial Attacks. (86%)
StealthRank: LLM Ranking Manipulation via Stealthy Prompt Optimization. (83%)
Exploiting Meta-Learning-based Poisoning Attacks for Graph Link Prediction. (67%)
Parasite: A Steganography-based Backdoor Attack Framework for Diffusion Models. (13%)
Defending Deep Neural Networks against Backdoor Attacks via Module Switching. (10%)
2025-04-07
Security Risks in Vision-Based Beam Prediction: From Spatial Proxy Attacks to Feature Refinement. (99%)
Don't Lag, RAG: Training-Free Adversarial Detection Using RAG. (88%)
Secure Diagnostics: Adversarial Robustness Meets Clinical Interpretability. (81%)
Two is Better than One: Efficient Ensemble Defense for Robust and Compact Models. (80%)
Sugar-Coated Poison: Benign Generation Unlocks LLM Jailbreaking. (54%)
SINCon: Mitigate LLM-Generated Malicious Message Injection Attack for Rumor Detection. (10%)
Select Me! When You Need a Tool: A Black-box Text Attack on Tool Selection. (9%)
P2Mark: Plug-and-play Parameter-intrinsic Watermarking for Neural Speech Generation. (1%)
SCAM: A Real-World Typographic Robustness Evaluation for Multimodal Foundation Models. (1%)
Revealing the Intrinsic Ethical Vulnerability of Aligned Large Language Models. (1%)
SelfMAD: Enhancing Generalization and Robustness in Morphing Attack Detection via Self-Supervised Learning. (1%)
Technical Report: Full Version of Analyzing and Optimizing Perturbation of DP-SGD Geometrically. (1%)
2025-04-06
Selective Masking Adversarial Attack on Automatic Speech Recognition Systems. (99%)
WeiDetect: Weibull Distribution-Based Defense against Poisoning Attacks in Federated Learning for Network Intrusion Detection Systems. (82%)
On the Robustness of GUI Grounding Models Against Image Attacks. (81%)
Here Comes the Explanation: A Shapley Perspective on Multi-contrast Medical Image Segmentation. (1%)
2025-04-05
Embedding Hidden Adversarial Capabilities in Pre-Trained Diffusion Models. (13%)
QE-RAG: A Robust Retrieval-Augmented Generation Benchmark for Query Entry Errors. (1%)
Impact of Error Rate Misreporting on Resource Allocation in Multi-tenant Quantum Computing and Defense. (1%)
2025-04-04
Disparate Privacy Vulnerability: Targeted Attribute Inference Attacks and Defenses. (10%)
Practical Poisoning Attacks against Retrieval-Augmented Generation. (4%)
Nemotron-H: A Family of Accurate and Efficient Hybrid Mamba-Transformer Models. (1%)
PPFPL: Cross-silo Privacy-preserving Federated Prototype Learning Against Data Poisoning Attacks on Non-IID Data. (1%)
2025-04-03
Moving Target Defense Against Adversarial False Data Injection Attacks In Power Grids. (99%)
Evaluating and Enhancing Segmentation Model Robustness with Metamorphic Testing. (98%)
A Study on Adversarial Robustness of Discriminative Prototypical Learning. (98%)
SLACK: Attacking LiDAR-based SLAM with Adversarial Point Injections. (22%)
Retrieval-Augmented Purifier for Robust LLM-Empowered Recommendation. (12%)
Bridging the Theoretical Gap in Randomized Smoothing. (10%)
JailDAM: Jailbreak Detection with Adaptive Memory for Vision-Language Model. (2%)
ERPO: Advancing Safety Alignment via Ex-Ante Reasoning Preference Optimization. (1%)
2025-04-02
AdPO: Enhancing the Adversarial Robustness of Large Vision-Language Models with Preference Optimization. (99%)
Leveraging Generalizability of Image-to-Image Translation for Enhanced Adversarial Defense. (98%)
Benchmarking the Spatial Robustness of DNNs via Natural and Adversarial Localized Corruptions. (93%)
Breaking BERT: Gradient Attack on Twitter Sentiment Analysis for Targeted Misclassification. (89%)
Overlap-Aware Feature Learning for Robust Unsupervised Domain Adaptation for 3D Semantic Segmentation. (83%)
One Pic is All it Takes: Poisoning Visual Document Retrieval Augmented Generation with a Single Image. (80%)
Robust Unsupervised Domain Adaptation for 3D Point Cloud Segmentation Under Source Adversarial Attacks. (80%)
Text Speaks Louder than Vision: ASCII Art Reveals Textual Biases in Vision-Language Models. (67%)
Multifaceted Evaluation of Audio-Visual Capability for MLLMs: Effectiveness, Efficiency, Generalizability and Robustness. (22%)
Representation Bending for Large Language Model Safety. (12%)
LightDefense: A Lightweight Uncertainty-Driven Defense against Jailbreaks via Shifted Token Distribution. (9%)
Evolving Security in LLMs: A Study of Jailbreak Attacks and Defenses. (3%)
Like Oil and Water: Group Robustness Methods and Poisoning Defenses May Be at Odds. (2%)
Secure Generalization through Stochastic Bidirectional Parameter Updates Using Dual-Gradient Mechanism. (2%)
MCP Safety Audit: LLMs with the Model Context Protocol Allow Major Security Exploits. (1%)
PiCo: Jailbreaking Multimodal Large Language Models via $\textbf{Pi}$ctorial $\textbf{Co}$de Contextualization. (1%)
2025-04-01
Unleashing the Power of Pre-trained Encoders for Universal Adversarial Attack Detection. (99%)
Whispering Under the Eaves: Protecting User Privacy Against Commercial and LLM-powered Automatic Speech Recognition Systems. (99%)
TenAd: A Tensor-based Low-rank Black Box Adversarial Attack for Video Classification. (99%)
Safeguarding Vision-Language Models: Mitigating Vulnerabilities to Gaussian Noise in Perturbation-based Attacks. (78%)
Alleviating Performance Disparity in Adversarial Spatiotemporal Graph Learning Under Zero-Inflated Distribution. (68%)
Impact of Data Duplication on Deep Neural Network-Based Image Classifiers: Robust vs. Standard Models. (47%)
Multilingual and Multi-Accent Jailbreaking of Audio LLMs. (38%)
Safety and Security Risk Mitigation in Satellite Missions via Attack-Fault-Defense Trees. (5%)
FA^{3}-CLIP: Frequency-Aware Cues Fusion and Attack-Agnostic Prompt Learning for Unified Face Attack Detection. (2%)
Exposing the Ghost in the Transformer: Abnormal Detection for Large Language Models via Hidden State Forensics. (1%)
Strategize Globally, Adapt Locally: A Multi-Turn Red Teaming Agent with Dual-Level Learning. (1%)
2025-03-31
$\textit{Agents Under Siege}$: Breaking Pragmatic Multi-Agent LLM Systems with Optimized Prompt Attacks. (96%)
AI-Enhanced Resilience in Power Systems: Adversarial Deep Learning for Robust Short-Term Voltage Stability Assessment under Cyber-Attacks. (96%)
Misaligned Roles, Misplaced Images: Structural Input Perturbations Expose Multimodal Alignment Blind Spots. (87%)
Towards Benchmarking and Assessing the Safety and Robustness of Autonomous Driving on Safety-critical Scenarios. (69%)
A Channel-Triggered Backdoor Attack on Wireless Semantic Image Reconstruction. (68%)
Detecting Functional Bugs in Smart Contracts through LLM-Powered and Bug-Oriented Composite Analysis. (1%)
2025-03-30
Revisiting the Relationship between Adversarial and Clean Training: Why Clean Training Can Make Adversarial Training Better. (50%)
Buffer is All You Need: Defending Federated Learning against Backdoor Attacks under Non-iids via Buffering. (15%)
A Survey on Unlearnable Data. (5%)
2025-03-29
Two Heads Are Better than One: Model-Weight and Latent-Space Analysis for Federated Learning on Non-iid Data against Poisoning Attacks. (80%)
AuditVotes: A Framework Towards More Deployable Certified Robustness for Graph Neural Networks. (76%)
Towards Secure Semantic Communications in the Presence of Intelligent Eavesdroppers. (26%)
2025-03-28
Data-Free Universal Attack by Exploiting the Intrinsic Vulnerability of Deep Models. (99%)
Tropical Bisectors and Carlini-Wagner Attacks. (33%)
Breach in the Shield: Unveiling the Vulnerabilities of Large Language Models. (13%)
T-CIL: Temperature Scaling using Adversarial Perturbation for Calibration in Class-Incremental Learning. (11%)
Imperceptible but Forgeable: Practical Invisible Watermark Forgery via Diffusion Models. (1%)
2025-03-27
Adversarial Wear and Tear: Exploiting Natural Damage for Generating Physical-World Adversarial Examples. (99%)
Clean Image May be Dangerous: Data Poisoning Attacks Against Deep Hashing. (76%)
Non-control-Data Attacks and Defenses: A review. (75%)
Learning to Lie: Reinforcement Learning Attacks Damage Human-AI Teams and Teams of LLMs. (62%)
Tricking Retrievers with Influential Tokens: An Efficient Black-Box Corpus Poisoning Attack. (54%)
Data Poisoning in Deep Learning: A Survey. (2%)
Improving $(\alpha, f)$-Byzantine Resilience in Federated Learning via layerwise aggregation and cosine distance. (1%)
ThinkEdit: Interpretable Weight Editing to Mitigate Overly Short Thinking in Reasoning Models. (1%)
2025-03-26
Enabling Heterogeneous Adversarial Transferability via Feature Permutation Attacks. (99%)
Robust Deep Reinforcement Learning in Robotics via Adaptive Gradient-Masked Adversarial Attacks. (99%)
State-Aware Perturbation Optimization for Robust Deep Reinforcement Learning. (98%)
Feature Statistics with Uncertainty Help Adversarial Robustness. (97%)
Lipschitz Constant Meets Condition Number: Learning Robust and Compact Deep Neural Networks. (74%)
Robust Federated Learning Against Poisoning Attacks: A GAN-Based Defense Framework. (13%)
Protecting Your Video Content: Disrupting Automated Video-based LLM Annotations. (12%)
Prototype Guided Backdoor Defense. (11%)
DR-PETS: Learning-Based Control With Planning in Adversarial Environments. (4%)
Multi-agent Uncertainty-Aware Pessimistic Model-Based Reinforcement Learning for Connected Autonomous Vehicles. (1%)
Are We There Yet? Unraveling the State-of-the-Art Graph Network Intrusion Detection Systems. (1%)
2025-03-25
Towards Imperceptible Adversarial Attacks for Time Series Classification with Local Perturbations and Frequency Analysis. (99%)
Boosting the Transferability of Audio Adversarial Examples with Acoustic Representation Optimization. (99%)
Bitstream Collisions in Neural Image Compression via Adversarial Perturbations. (96%)
ImF: Implicit Fingerprint for Large Language Models. (92%)
Stop Walking in Circles! Bailing Out Early in Projected Gradient Descent. (92%)
SITA: Structurally Imperceptible and Transferable Adversarial Attacks for Stylized Image Generation. (75%)
Playing the Fool: Jailbreaking LLMs and Multimodal LLMs with Out-of-Distribution Strategy. (22%)
Lifting Linear Sketches: Optimal Bounds and Adversarial Robustness. (8%)
Membership Inference Attacks on Large-Scale Models: A Survey. (2%)
Network Inversion for Generating Confidently Classified Counterfeits. (1%)
Nanopass Back-Translation of Call-Return Trees for Mechanized Secure Compilation Proofs. (1%)
2025-03-24
Efficient Adversarial Detection Frameworks for Vehicle-to-Microgrid Services in Edge Computing. (98%)
Deterministic Certification of Graph Neural Networks against Graph Poisoning Attacks with Arbitrary Perturbations. (92%)
NullSwap: Proactive Identity Cloaking Against Deepfake Face Swapping. (78%)
Defeating Prompt Injections by Design. (70%)
Masks and Mimicry: Strategic Obfuscation and Impersonation Attacks on Authorship Verification. (67%)
SoK: How Robust is Audio Watermarking in Generative AI models? (11%)
Graph-Level Label-Only Membership Inference Attack against Graph Neural Networks. (5%)
Leveraging Perturbation Robustness to Enhance Out-of-Distribution Detection. (2%)
Robustness of Proof of Team Sprint (PoTS) Against Attacks: A Simulation-Based Analysis. (2%)
Process or Result? Manipulated Ending Tokens Can Mislead Reasoning LLMs to Ignore the Correct Reasoning Steps. (1%)
Benchmarking Object Detectors under Real-World Distribution Shifts in Satellite Imagery. (1%)
2025-03-23
Metaphor-based Jailbreaking Attacks on Text-to-Image Models. (87%)
Model-Guardian: Protecting against Data-Free Model Stealing Using Gradient Representations and Deceptive Predictions. (64%)
STShield: Single-Token Sentinel for Real-Time Jailbreak Detection in Large Language Models. (45%)
2025-03-21
Robustness of deep learning classification to adversarial input on GPUs: asynchronous parallel accumulation is a source of vulnerability. (99%)
EasyRobust: A Comprehensive and Easy-to-use Toolkit for Robust and Generalized Vision. (99%)
Hi-ALPS -- An Experimental Robustness Quantification of Six LiDAR-based Object Detection Systems for Autonomous Driving. (99%)
Generating Realistic, Diverse, and Fault-Revealing Inputs with Latent Space Interpolation for Testing Deep Neural Networks. (81%)
Jailbreaking the Non-Transferable Barrier via Test-Time Data Disguising. (67%)
Large Language Models Can Verbatim Reproduce Long Malicious Sequences. (45%)
Measuring the Robustness of Audio Deepfake Detectors. (22%)
Lie Detector: Unified Backdoor Detection via Cross-Examination Framework. (15%)
Principal Eigenvalue Regularization for Improved Worst-Class Certified Robustness of Smoothed Classifiers. (9%)
TEMPO: Temporal Preference Optimization of Video LLMs via Difficulty Scheduling and Pre-SFT Alignment. (3%)
2025-03-20
Narrowing Class-Wise Robustness Gaps in Adversarial Training. (97%)
Real AI Agents with Fake Memories: Fatal Context Manipulation Attacks on Web3 Agents. (81%)
ATOM: A Framework of Detecting Query-Based Model Extraction Attacks for Graph Neural Networks. (41%)
From Head to Tail: Efficient Black-box Model Inversion Attack via Long-tailed Learning. (33%)
Debugging and Runtime Analysis of Neural Networks with VLMs (A Case Study). (31%)
REVAL: A Comprehension Evaluation on Reliability and Values of Large Vision-Language Models. (22%)
BadToken: Token-level Backdoor Attacks to Multi-modal Large Language Models. (13%)
Variance-Aware Noisy Training: Hardening DNNs against Unstable Analog Computations. (12%)
Automatically Generating Chinese Homophone Words to Probe Machine Translation Estimation Systems. (1%)
RESFL: An Uncertainty-Aware Framework for Responsible Federated Learning by Balancing Privacy, Fairness and Utility in Autonomous Vehicles. (1%)
Rethinking the Role of Spatial Mixing. (1%)
2025-03-19
Improving Adversarial Transferability on Vision Transformers via Forward Propagation Refinement. (92%)
A Semantic and Clean-label Backdoor Attack against Graph Convolutional Networks. (84%)
Test-Time Backdoor Detection for Object Detection Models. (50%)
Unified Enhancement of the Generalization and Robustness of Language Models via Bi-Stage Optimization. (33%)
Euclid Quick Data Release (Q1). Active galactic nuclei identification using diffusion-based inpainting of Euclid VIS images. (1%)
2025-03-18
Make the Most of Everything: Further Considerations on Disrupting Diffusion-based Customization. (99%)
XOXO: Stealthy Cross-Origin Context Poisoning Attacks against AI Coding Assistants. (89%)
Defending Against Gradient Inversion Attacks for Biomedical Images via Learnable Data Perturbation. (81%)
Unveiling the Role of Randomization in Multiclass Adversarial Classification: Insights from Graph Theory. (69%)
Temporal Context Awareness: A Defense Framework Against Multi-turn Manipulation Attacks on Large Language Models. (67%)
RAT: Boosting Misclassification Detection Ability without Extra Data. (41%)
Survey of Adversarial Robustness in Multimodal Large Language Models. (33%)
On the Robustness Tradeoff in Fine-Tuning. (22%)
MMDT: Decoding the Trustworthiness and Safety of Multimodal Foundation Models. (5%)
Towards properties of adversarial image perturbations. (5%)
Anomaly-Flow: A Multi-domain Federated Generative Adversarial Network for Distributed Denial-of-Service Detection. (1%)
UntrustVul: An Automated Approach for Identifying Untrustworthy Alerts in Vulnerability Detection Models. (1%)
TarPro: Targeted Protection against Malicious Image Editing. (1%)
2025-03-17
Evolution-based Region Adversarial Prompt Learning for Robustness Enhancement in Vision-Language Models. (99%)
Improving Generalization of Universal Adversarial Perturbation via Dynamic Maximin Optimization. (99%)
GSBA$^K$: $top$-$K$ Geometric Score-based Black-box Attack. (99%)
Securing Virtual Reality Experiences: Unveiling and Tackling Cybersickness Attacks with Explainable AI. (93%)
Web Artifact Attacks Disrupt Vision Language Models. (74%)
MirrorGuard: Adaptive Defense Against Jailbreaks via Entropy-Guided Mirror Crafting. (68%)
The Amazon Nova Family of Models: Technical Report and Model Card. (33%)
Optimizing ML Training with Metagradient Descent. (3%)
How Good is my Histopathology Vision-Language Foundation Model? A Holistic Benchmark. (2%)
Escaping Plato's Cave: Robust Conceptual Reasoning through Interpretable 3D Neural Object Volumes. (1%)
ProDiF: Protecting Domain-Invariant Features to Secure Pre-Trained Models Against Extraction. (1%)
2025-03-16
GAN-Based Single-Stage Defense for Traffic Sign Classification Under Adversarial Patch Attack. (99%)
Algebraic Adversarial Attacks on Explainability Models. (89%)
SAUCE: Selective Concept Unlearning in Vision-Language Models with Sparse Autoencoders. (1%)
Shape Bias and Robustness Evaluation via Cue Decomposition for Image Classification and Segmentation. (1%)
Defense Against Model Stealing Based on Account-Aware Distribution Discrepancy. (1%)
2025-03-15
Augmented Adversarial Trigger Learning. (84%)
Robust Dataset Distillation by Matching Adversarial Trajectories. (75%)
Revisiting Training-Inference Trigger Intensity in Backdoor Attacks. (9%)
2025-03-14
Tit-for-Tat: Safeguarding Large Vision-Language Models Against Jailbreak Attacks via Adversarial Defense. (80%)
Are Deep Speech Denoising Models Robust to Adversarial Noise? (67%)
Trust Under Siege: Label Spoofing Attacks against Machine Learning for Android Malware Detection. (64%)
Align in Depth: Defending Jailbreak Attacks via Progressive Answer Detoxification. (62%)
Adversarial Data Collection: Human-Collaborative Perturbations for Efficient and Robust Robotic Imitation Learning. (15%)
A Framework for Evaluating Emerging Cyberattack Capabilities of AI. (1%)
2025-03-13
A Frustratingly Simple Yet Highly Effective Attack Baseline: Over 90% Success Rate Against the Strong Black-box Models of GPT-4.5/4o/o1. (99%)
Hierarchical Self-Supervised Adversarial Training for Robust Vision Models in Histopathology. (98%)
Weakly Supervised Contrastive Adversarial Training for Learning Robust Features from Semi-supervised Data. (92%)
Robustness Tokens: Towards Adversarial Robustness of Transformers. (83%)
AdvPaint: Protecting Images from Inpainting Manipulation via Adversarial Attention Disruption. (47%)
Exploring the Vulnerabilities of Federated Learning: A Deep Dive into Gradient Inversion Attacks. (47%)
TAIJI: Textual Anchoring for Immunizing Jailbreak Images in Vision Language Models. (11%)
Enhancing Facial Privacy Protection via Weakening Diffusion Purification. (10%)
WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application Firewalls. (2%)
JPEG Compliant Compression for Both Human and Machine, A Report. (1%)
2025-03-12
Enhancing Adversarial Example Detection Through Model Explanation. (99%)
AdvAD: Exploring Non-Parametric Diffusion for Imperceptible Adversarial Attacks. (99%)
CyberLLMInstruct: A New Dataset for Analysing Safety of Fine-Tuned LLMs Using Cyber Security Data. (83%)
C^2 ATTACK: Towards Representation Backdoor on CLIP via Concept Confusion. (80%)
Revisiting Backdoor Attacks on Time Series Classification in the Frequency Domain. (76%)
Probing Latent Subspaces in LLM for AI Security: Identifying and Manipulating Adversarial States. (75%)
Detecting and Preventing Data Poisoning Attacks on AI Models. (75%)
Adaptive Backdoor Attacks with Reasonable Constraints on Graph Neural Networks. (64%)
In-Context Defense in Computer Agents: An Empirical Study. (56%)
How Feasible is Augmenting Fake Nodes with Learnable Features as a Counter-strategy against Link Stealing Attacks? (45%)
ExtremeAIGC: Benchmarking LMM Vulnerability to AI-Generated Extremist Content. (22%)
Stealthy Patch-Wise Backdoor Attack in 3D Point Cloud via Curvature Awareness. (15%)
RESTRAIN: Reinforcement Learning-Based Secure Framework for Trigger-Action IoT Environment. (2%)
Silent Branding Attack: Trigger-free Data Poisoning Attack on Text-to-Image Diffusion Models. (2%)
Towards Hardware Supported Domain Generalization in DNN-Based Edge Computing Devices for Health Monitoring. (1%)
Sparse Autoencoder as a Zero-Shot Classifier for Concept Erasing in Text-to-Image Diffusion Models. (1%)
Probing Network Decisions: Capturing Uncertainties and Unveiling Vulnerabilities Without Label Information. (1%)
Prompt Inference Attack on Distributed Large Language Model Inference Frameworks. (1%)
2025-03-11
Quantitative Analysis of Deeply Quantized Tiny Neural Networks Robust to Adversarial Attacks. (98%)
A Grey-box Text Attack Framework using Explainable AI. (92%)
Battling Misinformation: An Empirical Study on Adversarial Factuality in Open-Source Large Language Models. (76%)
Dialogue Injection Attack: Jailbreaking LLMs through Context Manipulation. (70%)
Enhanced Estimation Techniques for Certified Radii in Randomized Smoothing. (56%)
Birds look like cars: Adversarial analysis of intrinsically interpretable deep learning. (33%)
Not All Edges are Equally Robust: Evaluating the Robustness of Ranking-Based Federated Learning. (22%)
Adv-CPG: A Customized Portrait Generation Framework with Facial Adversarial Attacks. (8%)
Generalized Kullback-Leibler Divergence Loss. (2%)
Seal Your Backdoor with Variational Defense. (1%)
2025-03-10
Breaking the Limits of Quantization-Aware Defenses: QADT-R for Robustness Against Patch-Based Adversarial Attacks in QNNs. (99%)
MIGA: Mutual Information-Guided Attack on Denoising Models for Semantic Manipulation. (92%)
Utilizing Jailbreak Probability to Attack and Safeguard Multimodal LLMs. (87%)
CtrlRAG: Black-box Adversarial Attacks Based on Masked Language Models in Retrieval-Augmented Language Generation. (83%)
ReLATE: Resilient Learner Selection for Multivariate Time-Series Classification Against Adversarial Attacks. (82%)
Detecting Backdoor Attacks in Federated Learning via Direction Alignment Inspection. (68%)
Runtime Detection of Adversarial Attacks in AI Accelerators Using Performance Counters. (54%)
Strengthening the Internal Adversarial Robustness in Lifted Neural Networks. (26%)
PoisonedParrot: Subtle Data Poisoning Attacks to Elicit Copyright-Infringing Content from Large Language Models. (13%)
FairDeFace: Evaluating the Fairness and Adversarial Robustness of Face Obfuscation Methods. (2%)
Learning to Localize Leakage of Cryptographic Sensitive Variables. (2%)
2025-03-09
MMARD: Improving the Min-Max Optimization Process in Adversarial Robustness Distillation. (80%)
Long-tailed Adversarial Training with Self-Distillation. (78%)
Life-Cycle Routing Vulnerabilities of LLM Router. (68%)
Can Small Language Models Reliably Resist Jailbreak Attacks? A Comprehensive Evaluation. (15%)
NaviDet: Efficient Input-level Backdoor Detection on Text-to-Image Synthesis via Neuron Activation Variation. (13%)
TH-Bench: Evaluating Evading Attacks via Humanizing AI Text on Machine-Generated Text Detectors. (10%)
AnywhereDoor: Multi-Target Backdoor Attacks on Object Detection. (10%)
2025-03-08
Boosting the Local Invariance for Better Adversarial Transferability. (99%)
Using Mechanistic Interpretability to Craft Adversarial Attacks against Large Language Models. (98%)
Attackers Can Do Better: Over- and Understated Factors of Model Stealing Attacks. (80%)
CeTAD: Towards Certified Toxicity-Aware Distance in Vision Language Models. (73%)
Reinforced Diffuser for Red Teaming Large Vision-Language Models. (68%)
Adversarial Robustness of Discriminative Self-Supervised Learning in Vision. (16%)
Poisoned-MRAG: Knowledge Poisoning Attacks to Multimodal Retrieval Augmented Generation. (13%)
MAD-MAX: Modular And Diverse Malicious Attack MiXtures for Automated LLM Red Teaming. (10%)
Exploring Adversarial Transferability between Kolmogorov-arnold Networks. (5%)
Disrupting Model Merging: A Parameter-Level Defense Without Sacrificing Accuracy. (2%)
Backdoor Attacks on Discrete Graph Diffusion Models. (1%)
2025-03-07
Robust Intrusion Detection System with Explainable Artificial Intelligence. (83%)
Are Your LLM-based Text-to-SQL Models Secure? Exploring SQL Injection via Backdoor Attacks. (22%)
Enhancing Network Security: A Hybrid Approach for Detection and Mitigation of Distributed Denial-of-Service Attacks Using Machine Learning. (1%)
SAS: Segment Anything Small for Ultrasound -- A Non-Generative Data Augmentation Technique for Robust Deep Learning in Ultrasound Imaging. (1%)
2025-03-06
Scale-Invariant Adversarial Attack against Arbitrary-scale Super-resolution. (98%)
From Pixels to Trajectory: Universal Adversarial Example Detection via Temporal Imprints. (98%)
Provable Robust Overfitting Mitigation in Wasserstein Distributionally Robust Optimization. (97%)
Energy-Latency Attacks: A New Adversarial Threat to Deep Learning. (81%)
Poisoning Bayesian Inference via Data Deletion and Replication. (62%)
Know Thy Judge: On the Robustness Meta-Evaluation of LLM Safety Judges. (22%)
One-Shot is Enough: Consolidating Multi-Turn Attacks into Efficient Single-Turn Prompts for LLMs. (12%)
2025-03-05
Task-Agnostic Attacks Against Vision Foundation Models. (99%)
Towards Effective and Sparse Adversarial Attack on Spiking Neural Networks via Breaking Invisible Surrogate Gradients. (99%)
CLIP is Strong Enough to Fight Back: Test-time Counterattacks towards Zero-shot Adversarial Robustness of CLIP. (99%)
Adversarial Example Based Fingerprinting for Robust Copyright Protection in Split Learning. (99%)
Adversarial Training for Multimodal Large Language Models against Jailbreak Attacks. (95%)
Data Poisoning Attacks to Locally Differentially Private Range Query Protocols. (87%)
Towards Robust Universal Information Extraction: Benchmark, Evaluation, and Solution. (83%)
CURVALID: Geometrically-guided Adversarial Prompt Detection. (75%)
GuardDoor: Safeguarding Against Malicious Diffusion Editing via Protective Backdoors. (13%)
Poisoning Attacks to Local Differential Privacy Protocols for Trajectory Data. (13%)
Improving LLM Safety Alignment with Dual-Objective Optimization. (9%)
2025-03-04
Mind the Gap: Detecting Black-box Adversarial Attacks in the Making through Query Update Analysis. (99%)
Quantitative Resilience Modeling for Autonomous Cyber Defense. (1%)
AttackSeqBench: Benchmarking Large Language Models' Understanding of Sequential Patterns in Cyber Attacks. (1%)
2025-03-03
One Stone, Two Birds: Enhancing Adversarial Defense Through the Lens of Distributional Discrepancy. (99%)
Divide and Conquer: Heterogeneous Noise Integration for Diffusion-based Adversarial Purification. (80%)
A Lightweight and Secure Deep Learning Model for Privacy-Preserving Federated Learning in Intelligent Enterprises. (1%)
Protecting DeFi Platforms against Non-Price Flash Loan Attacks. (1%)
2025-03-02
Improving the Transferability of Adversarial Attacks by an Input Transpose. (99%)
Exploiting Vulnerabilities in Speech Translation Systems through Targeted Adversarial Attacks. (99%)
AMUN: Adversarial Machine UNlearning. (92%)
TAET: Two-Stage Adversarial Equalization Training on Long-Tailed Distributions. (54%)
Unnatural Languages Are Not Bugs but Features for LLMs. (1%)
2025-03-01
A Survey of Adversarial Defenses in Vision-based Systems: Categorization, Methods and Challenges. (99%)
Adversarial Attacks on Event-Based Pedestrian Detectors: A Physical Approach. (82%)
BadJudge: Backdoor Vulnerabilities of LLM-as-a-Judge. (16%)
xIDS-EnsembleGuard: An Explainable Ensemble Learning-based Intrusion Detection System. (1%)
Transformer Meets Twicing: Harnessing Unattended Residual Information. (1%)
2025-02-28
QFAL: Quantum Federated Adversarial Learning. (99%)
Data-free Universal Adversarial Perturbation with Pseudo-semantic Prior. (99%)
Concealed Adversarial attacks on neural networks for sequential data. (98%)
Approaching the Harm of Gradient Attacks While Only Flipping Labels. (92%)
Decoder Gradient Shield: Provable and High-Fidelity Prevention of Gradient-Based Box-Free Watermark Removal. (83%)
Fast Adversarial Training against Sparse Attacks Requires Loss Smoothing. (69%)
FC-Attack: Jailbreaking Large Vision-Language Models via Auto-Generated Flowcharts. (68%)
The RAG Paradox: A Black-Box Attack Exploiting Unintentional Vulnerabilities in Retrieval-Augmented Generation Systems. (15%)
Steering Dialogue Dynamics for Robustness against Multi-turn Jailbreaking Attacks. (2%)
Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis. (2%)
L-Lipschitz Gershgorin ResNet Network. (1%)
2025-02-27
LISArD: Learning Image Similarity to Defend Against Gray-box Adversarial Attacks. (99%)
NoPain: No-box Point Cloud Attack via Optimal Transport Singular Boundary. (99%)
Gungnir: Exploiting Stylistic Features in Images for Backdoor Attacks on Diffusion Models. (86%)
Exploring the Impact of Temperature Scaling in Softmax for Classification and Adversarial Robustness. (74%)
Adversarial Robustness in Parameter-Space Classifiers. (69%)
On Adversarial Attacks In Acoustic Drone Localization. (67%)
CRFU: Compressive Representation Forgetting Against Privacy Leakage on Machine Unlearning. (31%)
SecureGaze: Defending Gaze Estimation Against Backdoor Attacks. (13%)
ADAGE: Active Defenses Against GNN Extraction. (13%)
From Data to Sliding Mode Control of Uncertain Large-Scale Networks with Unknown Dynamics. (1%)
LLMs Have Rhythm: Fingerprinting Large Language Models Using Inter-Token Times and Network Traffic Analysis. (1%)
SSD: A State-based Stealthy Backdoor Attack For Navigation System in UAV Route Planning. (1%)
Large Language Models as Attribution Regularizers for Efficient Model Training. (1%)
2025-02-26
Improving Adversarial Transferability in MLLMs via Dynamic Vision-Language Alignment Attack. (99%)
Snowball Adversarial Attack on Traffic Sign Classification. (99%)
Prompt-driven Transferable Adversarial Attack on Person Re-Identification with Attribute-aware Textual Inversion. (99%)
SAP-DIFF: Semantic Adversarial Patch Generation for Black-Box Face Recognition Models via Diffusion Models. (98%)
Neural Antidote: Class-Wise Prompt Tuning for Purifying Backdoors in Pre-trained Vision-Language Models. (87%)
XSS Adversarial Attacks Based on Deep Reinforcement Learning: A Replication and Extension Study. (87%)
HALO: Robust Out-of-Distribution Detection via Joint Optimisation. (86%)
A Dual-Purpose Framework for Backdoor Defense and Backdoor Amplification in Diffusion Models. (83%)
No, of course I can! Refusal Mechanisms Can Be Exploited Using Harmless Fine-Tuning Data. (68%)
Towards Label-Only Membership Inference Attack against Pre-trained Large Language Models. (41%)
Adaptive Attacks Break Defenses Against Indirect Prompt Injection Attacks on LLM Agents. (26%)
Evaluation of Hate Speech Detection Using Large Language Models and Geographical Contextualization. (26%)
Beyond Surface-Level Patterns: An Essence-Driven Defense Framework Against Jailbreak Attacks in LLMs. (3%)
Investigating Generalization of One-shot LLM Steering Vectors. (1%)
2025-02-25
Adversarial Universal Stickers: Universal Perturbation Attacks on Traffic Sign using Stickers. (99%)
Model-Free Adversarial Purification via Coarse-To-Fine Tensor Network Representation. (99%)
CLIPure: Purification in Latent Space via CLIP for Adversarially Robust Zero-Shot Classification. (92%)
Guiding not Forcing: Enhancing the Transferability of Jailbreaking Attacks on LLMs via Removing Superfluous Constraints. (15%)
from Benign import Toxic: Jailbreaking the Language Model via Adversarial Metaphors. (4%)
Exploring Graph Tasks with Pure LLMs: A Comprehensive Benchmark and Investigation. (2%)
Examining the Threat Landscape: Foundation Models and Model Stealing. (2%)
DeBUGCN -- Detecting Backdoors in CNNs Using Graph Convolutional Networks. (1%)
On the Privacy-Preserving Properties of Spiking Neural Networks with Unique Surrogate Gradients and Quantization Levels. (1%)
Learning atomic forces from uncertainty-calibrated adversarial attacks. (1%)
VVRec: Reconstruction Attacks on DL-based Volumetric Video Upstreaming via Latent Diffusion Model with Gamma Distribution. (1%)
Stealthy Backdoor Attack in Self-Supervised Learning Vision Encoders for Large Vision Language Models. (1%)
2025-02-24
Emoti-Attack: Zero-Perturbation Adversarial Attacks on NLP Systems via Emoji Sequences. (99%)
Improving the Transferability of Adversarial Examples by Inverse Knowledge Distillation. (99%)
Adversarial Training for Defense Against Label Poisoning Attacks. (87%)
REINFORCE Adversarial Attacks on Large Language Models: An Adaptive, Distributional, and Semantic Objective. (87%)
On the Vulnerability of Concept Erasure in Diffusion Models. (76%)
MM-PoisonRAG: Disrupting Multimodal RAG with Local and Global Poisoning Attacks. (8%)
A stochastic smoothing framework for nonconvex-nonconcave min-sum-max problems with applications to Wasserstein distributionally robust optimization. (1%)
2025-02-23
VGFL-SA: Vertical Graph Federated Learning Structure Attack Based on Contrastive Learning. (97%)
Class-Conditional Neural Polarizer: A Lightweight and Effective Backdoor Defense by Purifying Poisoned Features. (93%)
Tracking the Copyright of Large Vision-Language Models through Parameter Learning Adversarial Images. (93%)
Keeping up with dynamic attackers: Certifying robustness to adaptive online data poisoning. (68%)
Multi-Target Federated Backdoor Attack Based on Feature Aggregation. (26%)
Guardians of the Agentic System: Preventing Many Shots Jailbreak with Agentic System. (16%)
Towards Optimal Adversarial Robust Reinforcement Learning with Infinity Measurement Error. (13%)
Pay Attention to Real World Perturbations! Natural Robustness Evaluation in Machine Reading Comprehension. (8%)
AISafetyLab: A Comprehensive Framework for AI Safety Evaluation and Improvement. (1%)
2025-02-22
REFINE: Inversion-Free Backdoor Defense via Model Reprogramming. (84%)
A Framework for Evaluating Vision-Language Model Safety: Building Trust in AI for Public Sector Applications. (80%)
PersGuard: Preventing Malicious Personalization via Backdoor Attacks on Pre-trained Text-to-Image Diffusion Models. (45%)
ELBA-Bench: An Efficient Learning Backdoor Attacks Benchmark for Large Language Models. (33%)
FedNIA: Noise-Induced Activation Analysis for Mitigating Data Poisoning in FL. (31%)
Verification of Bit-Flip Attacks against Quantized Neural Networks. (10%)
Unified Prompt Attack Against Text-to-Image Generation Models. (8%)
Detecting OOD Samples via Optimal Transport Scoring Function. (1%)
Merger-as-a-Stealer: Stealing Targeted PII from Aligned LLMs with Model Merging. (1%)
A generative approach to LLM harmfulness detection with special red flag tokens. (1%)
2025-02-21
A Multi-Scale Isolation Forest Approach for Real-Time Detection and Filtering of FGSM Adversarial Attacks in Video Streams of Autonomous Vehicles. (99%)
Cross-Model Transferability of Adversarial Patches in Real-time Segmentation for Autonomous Driving. (98%)
A Defensive Framework Against Adversarial Attacks on Machine Learning-Based Network Intrusion Detection Systems. (92%)
Model Privacy: A Unified Framework to Understand Model Stealing Attacks and Defenses. (78%)
SafeInt: Shielding Large Language Models from Jailbreak Attacks via Safety-Aware Representation Intervention. (67%)
TurboFuzzLLM: Turbocharging Mutation-based Fuzzing for Effectively Jailbreaking Large Language Models in Practice. (13%)
Adversarially-Robust Gossip Algorithms for Approximate Quantile and Mean Computations. (13%)
A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments. (10%)
Single-pass Detection of Jailbreaking Input in Large Language Models. (2%)
2025-02-20
EigenShield: Causal Subspace Filtering via Random Matrix Theory for Adversarially Robust Vision-Language Models. (95%)
Moshi Moshi? A Model Selection Hijacking Adversarial Attack. (92%)
Interpreting Adversarial Attacks and Defences using Architectures with Enhanced Interpretability. (81%)
On the Trustworthiness of Generative Foundation Models: Guideline, Assessment, and Perspective. (64%)
Generalization Certificates for Adversarially Robust Bayesian Linear Regression. (22%)
Factor Graph-based Interpretable Neural Networks. (11%)
PPO-MI: Efficient Black-Box Model Inversion via Proximal Policy Optimization. (10%)
Probabilistic Robustness in Deep Learning: A Concise yet Comprehensive Guide. (10%)
MACPruning: Dynamic Operation Pruning to Mitigate Side-Channel DNN Model Extraction. (4%)
Fundamental Limitations in Defending LLM Finetuning APIs. (3%)
Reliable Explainability of Deep Learning Spatial-Spectral Classifiers for Improved Semantic Segmentation in Autonomous Driving. (1%)
Benchmarking Android Malware Detection: Rethinking the Role of Traditional and Deep Learning Models. (1%)
2025-02-19
Exploiting Prefix-Tree in Structured Output Interfaces for Enhancing Jailbreak Attacking. (15%)
Poisoned Source Code Detection in Code Models. (15%)
SLAMSpoof: Practical LiDAR Spoofing Attacks on Localization Systems Guided by Scan Matching Vulnerability Analysis. (8%)
Towards a perturbation-based explanation for medical AI as differentiable programs. (2%)
Efficient and Optimal Policy Gradient Algorithm for Corrupted Multi-armed Bandits. (1%)
Toward Robust Non-Transferable Learning: A Survey and Benchmark. (1%)
2025-02-18
Iron Sharpens Iron: Defending Against Attacks in Machine-Generated Text Detection with Adversarial Training. (99%)
Preventing the Popular Item Embedding Based Attack in Federated Recommendations. (73%)
Evaluating the Robustness of Multimodal Agents Against Active Environmental Injection Attacks. (45%)
UniGuardian: A Unified Defense for Detecting Prompt Injection, Backdoor Attacks and Adversarial Attacks in Large Language Models. (10%)
DemonAgent: Dynamically Encrypted Multi-Backdoor Implantation Attack on LLM-based Agent. (8%)
The Hidden Risks of Large Reasoning Models: A Safety Assessment of R1. (8%)
Reasoning-to-Defend: Safety-Aware Reasoning Can Defend Large Language Models from Jailbreaking. (3%)
A Fuzzy Evaluation of Sentence Encoders on Grooming Risk Classification. (2%)
H-CoT: Hijacking the Chain-of-Thought Safety Reasoning Mechanism to Jailbreak Large Reasoning Models, Including OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking. (1%)
Fragility-aware Classification for Understanding Risk and Improving Generalization. (1%)
On the Privacy Risks of Spiking Neural Networks: A Membership Inference Analysis. (1%)
2025-02-17
Alignment and Adversarial Robustness: Are More Human-Like Models More Secure? (96%)
Rethinking Audio-Visual Adversarial Vulnerability from Temporal and Modality Perspectives. (96%)
Towards Robust and Secure Embodied AI: A Survey on Vulnerabilities and Attacks. (78%)
Adversary-Aware DPO: Enhancing Safety Alignment in Vision Language Models via Adversarial Training. (67%)
Adversarially Robust CLIP Models Can Induce Better (Robust) Perceptual Metrics. (50%)
Independence Tests for Language Models. (13%)
ReVeil: Unconstrained Concealed Backdoor Attack on Deep Neural Networks using Machine Unlearning. (11%)
Adversarial Alignment for LLMs Requires Simpler, Reproducible, and More Measurable Objectives. (10%)
Can LLM Watermarks Robustly Prevent Unauthorized Knowledge Distillation? (10%)
Robust Partial-Label Learning by Leveraging Class Activation Values. (8%)
BackdoorDM: A Comprehensive Benchmark for Backdoor Learning in Diffusion Model. (2%)
DELMAN: Dynamic Defense Against Large Language Model Jailbreaking with Model Editing. (2%)
A Comprehensive Survey on Concept Erasure in Text-to-Image Diffusion Models. (2%)
AGrail: A Lifelong Agent Guardrail with Effective and Adaptive Safety Detection. (1%)
2025-02-16
PAR-AdvGAN: Improving Adversarial Attack Capability with Progressive Auto-Regression AdvGAN. (99%)
To Think or Not to Think: Exploring the Unthinking Vulnerability in Large Reasoning Models. (93%)
ShieldLearner: A New Paradigm for Jailbreak Attack Defense in LLMs. (69%)
Multi-Faceted Multimodal Monosemanticity. (41%)
ALGEN: Few-shot Inversion Attacks on Textual Embeddings using Alignment and Generation. (11%)
Mimicking the Familiar: Dynamic Command Generation for Information Theft Attacks in LLM Tool-Learning System. (8%)
CCJA: Context-Coherent Jailbreak Attack for Aligned Large Language Models. (8%)
G-Safeguard: A Topology-Guided Security Lens and Treatment on LLM-based Multi-agent Systems. (1%)
Rewrite to Jailbreak: Discover Learnable and Transferable Implicit Harmfulness Instruction. (1%)
2025-02-15
FaceSwapGuard: Safeguarding Facial Privacy from DeepFake Threats through Identity Obfuscation. (83%)
CAE-Net: Generalized Deepfake Image Detection using Convolution and Attention Mechanisms with Spatial and Frequency Domain Features. (8%)
2025-02-14
VocalCrypt: Novel Active Defense Against Deepfake Voice Based on Masking Effect. (54%)
Fast Proxies for LLM Robustness Evaluation. (15%)
X-Boundary: Establishing Exact Safety Boundary to Shield LLMs from Multi-Turn Jailbreaks without Compromising Usability. (3%)
2025-02-13
Pulling Back the Curtain: Unsupervised Adversarial Detection via Contrastive Auxiliary Networks. (99%)
SyntheticPop: Attacking Speaker Verification Systems With Synthetic VoicePops. (67%)
Wasserstein distributional adversarial training for deep neural networks. (54%)
Making Them a Malicious Database: Exploiting Query Code to Jailbreak Aligned Large Language Models. (31%)
FLAME: Flexible LLM-Assisted Moderation Engine. (11%)
LiSA: Leveraging Link Recommender to Attack Graph Neural Networks via Subgraph Injection. (10%)
SoK: State of the time: On Trustworthiness of Digital Clocks. (3%)
Shortcut Learning Susceptibility in Vision Classifiers. (3%)
RLSA-PFL: Robust Lightweight Secure Aggregation with Model Inconsistency Detection in Privacy-Preserving Federated Learning. (1%)
2025-02-12
AdvSwap: Covert Adversarial Perturbation with High Frequency Info-swapping for Autonomous Driving Perception. (99%)
Local Differential Privacy is Not Enough: A Sample Reconstruction Attack against Federated Learning with Local Differential Privacy. (54%)
Examining Multilingual Embedding Models Cross-Lingually Through LLM-Generated Adversarial Examples. (50%)
Typographic Attacks in a Multi-Image Setting. (41%)
Commercial LLM Agents Are Already Vulnerable to Simple Yet Dangerous Attacks. (12%)
Dynamic watermarks in images generated by diffusion models. (3%)
Monge SAM: Robust Reparameterization-Invariant Sharpness-Aware Minimization Based on Loss Geometry. (1%)
Provably Robust Federated Reinforcement Learning. (1%)
2025-02-11
RoMA: Robust Malware Attribution via Byte-level Adversarial Training with Global Perturbations and Adversarial Consistency Regularization. (99%)
Quaternion-Hadamard Network: A Novel Defense Against Adversarial Attacks with a New Dataset. (99%)
Universal Adversarial Attack on Aligned Multimodal LLMs. (98%)
MAA: Meticulous Adversarial Attack against Vision-Language Pre-trained Models. (96%)
Direct Ascent Synthesis: Revealing Hidden Generative Capabilities in Discriminative Models. (68%)
JBShield: Defending Large Language Models from Jailbreak Attacks through Activated Concept Analysis and Manipulation. (41%)
Curvature Tuning: Provable Training-free Model Steering From a Single Parameter. (1%)
Spread them Apart: Towards Robust Watermarking of Generated Content. (1%)
SLVR: Securely Leveraging Client Validation for Robust Federated Learning. (1%)
2025-02-10
Amnesia as a Catalyst for Enhancing Black Box Pixel Attacks in Image Classification and Object Detection. (98%)
CAT: Contrastive Adversarial Training for Evaluating the Robustness of Protective Perturbations in Latent Diffusion Models. (93%)
DROP: Poison Dilution via Knowledge Distillation for Federated Learning. (92%)
SMAB: MAB based word Sensitivity Estimation Framework and its Applications in Adversarial Text Generation. (83%)
Krum Federated Chain (KFC): Using blockchain to defend against adversarial attacks in Federated Learning. (68%)
When Data Manipulation Meets Attack Goals: An In-depth Survey of Attacks for VLMs. (8%)
Robust Watermarks Leak: Channel-Aware Feature Extraction Enables Adversarial Watermark Manipulation. (3%)
2025-02-09
Certifying Language Model Robustness with Fuzzed Randomized Smoothing: An Efficient Defense Against Backdoor Attacks. (76%)
Detection of Physiological Data Tampering Attacks with Quantum Machine Learning. (41%)
Protecting Intellectual Property of EEG-based Neural Networks with Watermarking. (12%)
Optimization under Attack: Resilience, Vulnerability, and the Path to Collapse. (1%)
2025-02-08
Democratic Training Against Universal Adversarial Perturbations. (99%)
Do Spikes Protect Privacy? Investigating Black-Box Model Inversion Attacks in Spiking Neural Networks. (89%)
Rigid Body Adversarial Attacks. (81%)
Effective Black-Box Multi-Faceted Attacks Breach Vision Large Language Model Guardrails. (64%)
Adversarial Machine Learning: Attacks, Defenses, and Open Challenges. (61%)
Filter, Obstruct and Dilute: Defending Against Backdoor Attacks on Semi-Supervised Learning. (41%)
Dual Defense: Enhancing Privacy and Mitigating Poisoning Attacks in Federated Learning. (4%)
Impact of Data Poisoning Attacks on Feasibility and Optimality of Neural Power System Optimizers. (2%)
MADAR: Efficient Continual Learning for Malware Analysis with Diversity-Aware Replay. (1%)
Towards Trustworthy Retrieval Augmented Generation for Large Language Models: A Survey. (1%)
2025-02-07
Mechanistic Understandings of Representation Vulnerabilities and Engineering Robust Vision Transformers. (99%)
Federated Learning for Anomaly Detection in Energy Consumption Data: Assessing the Vulnerability to Adversarial Attacks. (99%)
Towards LLM Unlearning Resilient to Relearning Attacks: A Sharpness-Aware Minimization Perspective and Beyond. (75%)
Robust Graph Learning Against Adversarial Evasion Attacks via Prior-Free Diffusion-Based Structure Purification. (74%)
Neural Encrypted State Transduction for Ransomware Classification: A Novel Approach Using Cryptographic Flow Residuals. (67%)
MELON: Indirect Prompt Injection Defense via Masked Re-execution and Tool Comparison. (50%)
CP-Guard+: A New Paradigm for Malicious Agent Detection and Defense in Collaborative Perception. (11%)
DMPA: Model Poisoning Attacks on Decentralized Federated Learning for Model Differences. (10%)
Adversarially-Robust TD Learning with Markovian Data: Finite-Time Rates and Fundamental Limits. (4%)
The Rising Threat to Emerging AI-Powered Search Engines. (1%)
2025-02-06
Short-length Adversarial Training Helps LLMs Defend Long-length Jailbreak Attacks: Theoretical and Empirical Evidence. (99%)
Confidence Elicitation: A New Attack Vector for Large Language Models. (96%)
Adapting to Evolving Adversaries with Regularized Continual Robust Training. (92%)
BitAbuse: A Dataset of Visually Perturbed Texts for Defending Phishing Attacks. (88%)
Optimizing Perturbations for Improved Training of Machine Learning Models. (69%)
SoK: Benchmarking Poisoning Attacks and Defenses in Federated Learning. (15%)
Provably Robust Explainable Graph Neural Networks against Graph Perturbation Attacks. (12%)
Dark Distillation: Backdooring Distilled Datasets without Accessing Raw Data. (11%)
XAttnMark: Learning Robust Audio Watermarking with Cross-Attention. (1%)
LR0.FM: Low-Res Benchmark and Improving Robustness for Zero-Shot Classification in Foundation Models. (1%)
2025-02-05
How vulnerable is my policy? Adversarial attacks on modern behavior cloning policies. (99%)
Optimizing Robustness and Accuracy in Mixture of Experts: A Dual-Model Approach. (87%)
Improving Adversarial Robustness via Phase and Amplitude-aware Prompting. (80%)
Real-Time Privacy Risk Measurement with Privacy Tokens for Gradient Leakage. (70%)
A Survey on Backdoor Threats in Large Language Models (LLMs): Attacks, Defenses, and Evaluations. (67%)
Large Language Model Adversarial Landscape Through the Lens of Attack Objectives. (56%)
Detecting Backdoor Attacks via Similarity in Semantic Communication Systems. (54%)
DocMIA: Document-Level Membership Inference Attacks against DocVQA Models. (41%)
Understanding and Enhancing the Transferability of Jailbreaking Attacks. (31%)
Conditional Diffusion Models are Medical Image Classifiers that Provide Explainability and Uncertainty for Free. (1%)
2025-02-04
CoRPA: Adversarial Image Generation for Chest X-rays Using Concept Vector Perturbations and Generative Models. (99%)
Dual-Flow: Transferable Multi-Target, Instance-Agnostic Attacks via In-the-wild Cascading Flow Optimization. (97%)
MARAGE: Transferable Multi-Model Adversarial Attack for Retrieval-Augmented Generation Data Extraction. (91%)
FRAUD-RLA: A new reinforcement learning adversarial attack against credit card fraud detection. (87%)
Uncertainty Quantification for Collaborative Object Detection Under Adversarial Attacks. (83%)
Adversarial ML Problems Are Getting Harder to Solve and to Evaluate. (81%)
Wolfpack Adversarial Attack for Robust Multi-Agent Reinforcement Learning. (75%)
Medical Multimodal Model Stealing Attacks via Adversarial Domain Alignment. (68%)
An Attack-Driven Incident Response and Defense System (ADIRDS). (4%)
Semantic Entanglement-Based Ransomware Detection via Probabilistic Latent Encryption Mapping. (4%)
Achievable distributional robustness when the robust risk is only partially identified. (1%)
Multi-Domain Graph Foundation Models: Robust Knowledge Transfer via Topology Alignment. (1%)
2025-02-03
FSPGD: Rethinking Black-box Attacks on Semantic Segmentation. (99%)
Robust-LLaVA: On the Effectiveness of Large-Scale Robust Image Encoders for Multi-modal Large Language Models. (95%)
Mitigation of Camouflaged Adversarial Attacks in Autonomous Vehicles--A Case Study Using CARLA Simulator. (92%)
Boosting Graph Robustness Against Backdoor Attacks: An Over-Similarity Perspective. (78%)
Topic-FlipRAG: Topic-Orientated Adversarial Opinion Manipulation Attacks to Retrieval-Augmented Generation Models. (67%)
Detecting Backdoor Samples in Contrastive Language Image Pretraining. (61%)
Query-Based and Unnoticeable Graph Injection Attack from Neighborhood Perspective. (61%)
Decoding FL Defenses: Systemization, Pitfalls, and Remedies. (50%)
INTACT: Inducing Noise Tolerance through Adversarial Curriculum Training for LiDAR-based Safety-Critical Perception and Autonomy. (50%)
Gradient Norm-based Fine-Tuning for Backdoor Defense in Automatic Speech Recognition. (50%)
Quantum Quandaries: Unraveling Encoding Vulnerabilities in Quantum Neural Networks. (10%)
Bias Beware: The Impact of Cognitive Biases on LLM-Driven Product Recommendations. (9%)
Model Tampering Attacks Enable More Rigorous Evaluations of LLM Capabilities. (9%)
Breaking Focus: Contextual Distraction Curse in Large Language Models. (2%)
Jailbreaking with Universal Multi-Prompts. (1%)
2025-02-02
"I am bad": Interpreting Stealthy, Universal and Robust Audio Jailbreaks in Audio-Language Models. (99%)
AGNNCert: Defending Graph Neural Networks against Arbitrary Perturbations with Deterministic Certification. (98%)
Safety at Scale: A Comprehensive Survey of Large Model Safety. (98%)
Adversarial Robustness in Two-Stage Learning-to-Defer: Algorithms and Guarantees. (93%)
From Compliance to Exploitation: Jailbreak Prompt Attacks on Multimodal LLMs. (86%)
Refining Adaptive Zeroth-Order Optimization at Ease. (73%)
Converting MLPs into Polynomials in Closed Form. (45%)
Boosting Adversarial Robustness and Generalization with Structural Prior. (31%)
Privacy Preserving Properties of Vision Classifiers. (1%)
2025-02-01
Towards Robust Multimodal Large Language Models Against Jailbreak Attacks. (98%)
Reformulation is All You Need: Addressing Malicious Text Features in DNNs. (70%)
Actor Critic with Experience Replay-based automatic treatment planning for prostate cancer intensity modulated radiotherapy. (69%)
TrojanTime: Backdoor Attacks on Time Series Classification. (69%)
Explorations of the Softmax Space: Knowing When the Neural Network Doesn't Know. (1%)
It's Not Just a Phase: On Investigating Phase Transitions in Deep Learning-based Side-channel Analysis. (1%)
2025-01-31
Adversarial Machine Learning: Attacking and Safeguarding Image Datasets. (99%)
Towards the Worst-case Robustness of Large Language Models. (99%)
Redefining Machine Unlearning: A Conformal Prediction-Motivated Approach. (83%)
Adversarial Attacks on AI-Generated Text Detection Models: A Token Probability-Based Approach Using Embeddings. (81%)
Enhancing Model Defense Against Jailbreaks with Proactive Safety Reasoning. (62%)
Deep Learning Model Inversion Attacks and Defenses: A Comprehensive Survey. (54%)
Imitation Game for Adversarial Disillusion with Multimodal Generative Chain-of-Thought Role-Play. (45%)
Understanding Oversmoothing in GNNs as Consensus in Opinion Dynamics. (41%)
Improving LLM Unlearning Robustness via Random Perturbations. (9%)
ALBAR: Adversarial Learning approach to mitigate Biases in Action Recognition. (1%)
2025-01-30
Distorting Embedding Space for Safety: A Defense Mechanism for Adversarially Robust Diffusion Models. (92%)
Illusions of Relevance: Using Content Injection Attacks to Deceive Retrievers, Rerankers, and LLM Judges. (83%)
Trading Inference-Time Compute for Adversarial Robustness. (68%)
Jailbreaking LLMs' Safeguard with Universal Magic Words for Text Embedding Models. (2%)
Constitutional Classifiers: Defending against Universal Jailbreaks across Thousands of Hours of Red Teaming. (2%)
2025-01-29
Topological Signatures of Adversaries in Multimodal Alignments. (93%)
CAMP in the Odyssey: Provably Robust Reinforcement Learning with Certified Radius Maximization. (92%)
Disentangling Safe and Unsafe Corruptions via Anisotropy and Locality. (87%)
SAeUron: Interpretable Concept Unlearning in Diffusion Models with Sparse Autoencoders. (47%)
P-TAME: Explain Any Image Classifier with Trained Perturbations. (3%)
How Much Do Code Language Models Remember? An Investigation on Data Extraction Attacks before and after Fine-tuning. (1%)
2025-01-28
Bones of Contention: Exploring Query-Efficient Attacks Against Skeleton Recognition Systems. (99%)
HateBench: Benchmarking Hate Speech Detectors on LLM-Generated Content and Hate Campaigns. (97%)
Adversarial Masked Autoencoder Purifier with Defense Transferability. (75%)
Scanning Trojaned Models Using Out-of-Distribution Samples. (33%)
Document Screenshot Retrievers are Vulnerable to Pixel Poisoning Attacks. (22%)
Do We Really Need to Design New Byzantine-robust Aggregation Rules? (13%)
Graph of Attacks with Pruning: Optimizing Stealthy Jailbreak Prompt Generation for Enhanced LLM Content Moderation. (12%)
xJailbreak: Representation Space Guided Reinforcement Learning for Interpretable LLM Jailbreaking. (11%)
RODEO: Robust Outlier Detection via Exposing Adaptive Out-of-Distribution Samples. (9%)
A Dual-Agent Adversarial Framework for Robust Generalization in Deep Reinforcement Learning. (9%)
WASUP: Interpretable Classification with Weight-Input Alignment and Class-Discriminative SUPports Vectors. (1%)
2025-01-27
The Relationship Between Network Similarity and Transferability of Adversarial Attacks. (99%)
Targeting Alignment: Extracting Safety Classifiers of Aligned LLMs. (80%)
Data-Free Model-Related Attacks: Unleashing the Potential of Generative AI. (31%)
Towards Safe AI Clinicians: A Comprehensive Study on Large Language Model Jailbreaking in Healthcare. (12%)
Indiana Jones: There Are Always Some Useful Ancient Relics. (3%)
LLM-attacker: Enhancing Closed-loop Adversarial Scenario Generation for Autonomous Driving with Large Language Models. (2%)
Data Duplication: A Novel Multi-Purpose Attack Paradigm in Machine Unlearning. (1%)
2025-01-26
Mitigating Spurious Negative Pairs for Robust Industrial Anomaly Detection. (98%)
PCAP-Backdoor: Backdoor Poisoning Generator for Network Traffic in CPS/IoT Environments. (76%)
CENSOR: Defense Against Gradient Inversion via Orthogonal Subspace Bayesian Sampling. (75%)
A Privacy Enhancing Technique to Evade Detection by Street Video Cameras Without Using Adversarial Accessories. (11%)
FIT-Print: Towards False-claim-resistant Model Ownership Verification via Targeted Fingerprint. (10%)
2025-01-25
Towards Communication-Efficient Adversarial Federated Learning for Robust Edge Intelligence. (98%)
Killing it with Zero-Shot: Adversarially Robust Novelty Detection. (50%)
Hiding in Plain Sight: An IoT Traffic Camouflage Framework for Enhanced Privacy. (12%)
Comprehensive Evaluation of Cloaking Backdoor Attacks on Object Detector in Real-World. (11%)
Mirage in the Eyes: Hallucination Attack on Multi-modal Large Language Models with Only Attention Sink. (10%)
AI-Driven Secure Data Sharing: A Trustworthy and Privacy-Preserving Approach. (4%)
2025-01-24
VideoPure: Diffusion-based Adversarial Purification for Video Recognition. (99%)
Humanity's Last Exam. (92%)
A Note on Implementation Errors in Recent Adaptive Attacks Against Multi-Resolution Self-Ensembles. (62%)
Siren: A Learning-Based Multi-Turn Attack Framework for Simulating Real-World Human Jailbreak Behaviors. (16%)
2025-01-23
Device-aware Optical Adversarial Attack for a Portable Projector-camera System. (99%)
GreedyPixel: Fine-Grained Black-Box Adversarial Attack Via Greedy Algorithm. (99%)
Reinforcement Learning Platform for Adversarial Black-box Attacks with Custom Distortion Filters. (99%)
Black-Box Adversarial Attack on Vision Language Models for Autonomous Driving. (99%)
Defending against Adversarial Malware Attacks on ML-based Android Malware Detection Systems. (98%)
Crossfire: An Elastic Defense Framework for Graph Neural Networks Under Bit Flip Attacks. (83%)
Certified Robustness Under Bounded Levenshtein Distance. (67%)
GraphRAG under Fire. (13%)
Logical Maneuvers: Detecting and Mitigating Adversarial Hardware Faults in Space. (1%)
2025-01-22
Gradient-Free Adversarial Purification with Diffusion Models. (99%)
Modality Unified Attack for Omni-Modality Person Re-Identification. (98%)
Robust Representation Consistency Model via Contrastive Denoising. (84%)
Watching the AI Watchdogs: A Fairness and Robustness Analysis of AI Safety Moderation Classifiers. (11%)
Bad-PFL: Exploring Backdoor Attacks against Personalized Federated Learning. (9%)
Are We Learning the Right Features? A Framework for Evaluating DL-Based Software Vulnerability Detection Solutions. (2%)
2025-01-21
Enhancing Adversarial Transferability via Component-Wise Transformation. (99%)
With Great Backbones Comes Great Adversarial Transferability. (98%)
Transferable Adversarial Attacks on Audio Deepfake Detection. (98%)
Robustness of Selected Learning Models under Label-Flipping Attack. (82%)
Heterogeneous Multi-Player Multi-Armed Bandits Robust To Adversarial Attacks. (82%)
Extend Adversarial Policy Against Neural Machine Translation via Unknown Token. (80%)
Topology of Out-of-Distribution Examples in Deep Neural Networks. (13%)
FedCLEAN: byzantine defense by CLustering Errors of Activation maps in Non-IID federated learning environments. (11%)
Benchmarking Image Perturbations for Testing Automated Driving Assistance Systems. (5%)
A margin-based replacement for cross-entropy loss. (1%)
You Can't Eat Your Cake and Have It Too: The Performance Degradation of LLMs with Jailbreak Defense. (1%)
2025-01-20
Graph Defense Diffusion Model. (97%)
FedMUA: Exploring the Vulnerabilities of Federated Learning to Malicious Unlearning Attacks. (67%)
Poison-RAG: Adversarial Data Poisoning Attacks on Retrieval-Augmented Generation in Recommender Systems. (50%)
On the Adversarial Vulnerabilities of Transfer Learning in Remote Sensing. (41%)
Cross-Entropy Attacks to Language Models via Rare Event Simulation. (12%)
Rethinking Membership Inference Attacks Against Transfer Learning. (9%)
CogMorph: Cognitive Morphing Attacks for Text-to-Image Models. (1%)
2025-01-19
Effectiveness of Adversarial Benign and Malware Examples in Evasion and Poisoning Attacks. (99%)
GRID: Protecting Training Graph from Link Stealing Attacks on GNN Models. (12%)
Can Safety Fine-Tuning Be More Principled? Lessons Learned from Cybersecurity. (10%)
Dagger Behind Smile: Fool LLMs with a Happy Ending Story. (5%)
Temporal Analysis of Adversarial Attacks in Federated Learning. (2%)
Counteracting temporal attacks in Video Copy Detection. (1%)
2025-01-18
Explainable Adversarial Attacks on Coarse-to-Fine Classifiers. (86%)
Stability of neural ODEs by a control over the expansivity of their flows. (26%)
A comprehensive survey on RPL routing-based attacks, defences and future directions in Internet of Things. (12%)
2025-01-17
CaFA: Cost-aware, Feasible Attacks With Database Constraints Against Neural Tabular Classifiers. (99%)
Differentiable Adversarial Attacks for Marked Temporal Point Processes. (86%)
Latent-space adversarial training with post-aware calibration for defending large language models against jailbreak attacks. (62%)
GaussMark: A Practical Approach for Structural Watermarking of Language Models. (2%)
2025-01-16
Double Visual Defense: Adversarial Pre-training and Instruction Tuning for Improving Vision-Language Model Robustness. (98%)
Adversarial-Ensemble Kolmogorov Arnold Networks for Enhancing Indoor Wi-Fi Positioning: A Defensive Approach Against Spoofing and Signal Manipulation Attacks. (80%)
Cooperative Decentralized Backdoor Attacks on Vertical Federated Learning. (31%)
Computing Optimization-Based Prompt Injections Against Closed-Weights Models By Misusing a Fine-Tuning API. (12%)
Neural Honeytrace: A Robust Plug-and-Play Watermarking Framework against Model Extraction Attacks. (1%)
2025-01-15
Salient Information Preserving Adversarial Training Improves Clean and Robust Accuracy. (98%)
ARMOR: Shielding Unlearnable Examples against Data Augmentation. (75%)
Improving Stability Estimates in Adversarial Explainable AI through Alternate Search Methods. (13%)
Improving the Efficiency of Self-Supervised Adversarial Training through Latent Clustering-Based Selection. (12%)
2025-01-14
VENOM: Text-driven Unrestricted Adversarial Example Generation with Diffusion Models. (99%)
Cross-Modal Transferable Image-to-Video Attack on Video Quality Metrics. (99%)
Towards an End-to-End (E2E) Adversarial Learning and Application in the Physical World. (97%)
Energy Backdoor Attack to Deep Neural Networks. (64%)
Gandalf the Red: Adaptive Security for LLMs. (38%)
Playing Devil's Advocate: Unmasking Toxicity and Vulnerabilities in Large Vision-Language Models. (2%)
2025-01-13
MOS-Attack: A Scalable Multi-objective Adversarial Attack Framework. (99%)
Exploring and Mitigating Adversarial Manipulation of Voting-Based Leaderboards. (89%)
Generating Poisoning Attacks against Ridge Regression Models with Categorical Features. (64%)
A4O: All Trigger for One sample. (2%)
A Survey of Early Exit Deep Neural Networks in NLP. (1%)
Towards the Pseudorandomness of Expander Random Walks for Read-Once ACC0 circuits. (1%)
2025-01-12
Protego: Detecting Adversarial Examples for Vision Transformers via Intrinsic Capabilities. (99%)
KeTS: Kernel-based Trust Segmentation against Model Poisoning Attacks. (98%)
ZOQO: Zero-Order Quantized Optimization. (1%)
2025-01-11
RogueRFM: Attacking Refresh Management for Covert-Channel and Denial-of-Service. (10%)
SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning. (10%)
2025-01-10
Effective faking of verbal deception detection with target-aligned adversarial attacks. (87%)
UV-Attack: Physical-World Adversarial Attacks for Person Detection via Dynamic-NeRF-based UV Mapping. (81%)
Fine-tuning is Not Fine: Mitigating Backdoor Attacks in GNNs with Limited Clean Data. (80%)
Towards Backdoor Stealthiness in Model Parameter Space. (61%)
An Attention-Guided Deep Learning Approach for Classifying 39 Skin Lesion Types. (1%)
2025-01-09
HPAC-IDS: A Hierarchical Packet Attention Convolution for Intrusion Detection System. (99%)
DiffAttack: Diffusion-based Timbre-reserved Adversarial Attack in Speaker Identification. (97%)
Enforcing Fundamental Relations via Adversarial Attacks on Input Parameter Correlations. (92%)
SpaLLM-Guard: Pairing SMS Spam Detection Using Open-source and Commercial LLMs. (50%)
SC-Pro: Training-Free Framework for Defending Unsafe Image Synthesis Attack. (38%)
On Measuring Unnoticeability of Graph Adversarial Attacks: Observations, New Measure, and Applications. (33%)
KabaddiPy: A package to enable access to Professional Kabaddi Data. (1%)
Is Your Autonomous Vehicle Safe? Understanding the Threat of Electromagnetic Signal Injection Attacks on Traffic Scene Perception. (1%)
RAG-WM: An Efficient Black-Box Watermarking Approach for Retrieval-Augmented Generation of Large Language Models. (1%)
2025-01-08
LayerMix: Enhanced Data Augmentation through Fractal Integration for Robust Deep Learning. (86%)
Reproducing HotFlip for Corpus Poisoning Attacks in Dense Retrieval. (84%)
Gradient Purification: Defense Against Poisoning Attack in Decentralized Federated Learning. (78%)
Jailbreaking Multimodal Large Language Models via Shuffle Inconsistency. (38%)
Towards Fair Class-wise Robustness: Class Optimal Distribution Adversarial Training. (26%)
2025-01-07
Rethinking Adversarial Attacks in Reinforcement Learning from Policy Distribution Perspective. (81%)
Not all tokens are created equal: Perplexity Attention Weighted Networks for AI generated text detection. (3%)
2025-01-06
FlipedRAG: Black-Box Opinion Manipulation Attacks to Retrieval-Augmented Generation of Large Language Models. (99%)
An Empirical Study of Accuracy-Robustness Tradeoff and Training Efficiency in Self-Supervised Learning. (3%)
Rethinking Byzantine Robustness in Federated Recommendation from Sparse Aggregation Perspective. (2%)
Seeing the Whole in the Parts in Self-Supervised Representation Learning. (1%)
2025-01-05
GCP: Guarded Collaborative Perception with Spatial-Temporal Aware Malicious Agent Detection. (67%)
Layer-Level Self-Exposure and Patch: Affirmative Token Mitigation for Jailbreak Attack Defense. (67%)
Tougher Text, Smarter Models: Raising the Bar for Adversarial Defence Benchmarks. (54%)
Persistence of Backdoor-based Watermarks for Neural Networks: A Comprehensive Evaluation. (5%)
2025-01-04
Distillation-Enhanced Physical Adversarial Attacks. (96%)
Zero-Shot Statistical Tests for LLM-Generated Text Detection using Finite Sample Concentration Inequalities. (83%)
Backdoor Token Unlearning: Exposing and Defending Backdoors in Pretrained Language Models. (75%)
BADTV: Unveiling Backdoor Threats in Third-Party Task Vectors. (38%)
2025-01-03
Towards Robust and Accurate Stability Estimation of Local Surrogate Models in Text-based Explainable AI. (98%)
Detecting and Mitigating Adversarial Attacks on Deep Learning-Based MRI Reconstruction Without Any Retraining. (96%)
Exploring Secure Machine Learning Through Payload Injection and FGSM Attacks on ResNet-50. (93%)
Rerouting LLM Routers. (82%)
AVTrustBench: Assessing and Enhancing Reliability and Robustness in Audio-Visual LLMs. (69%)
Turning Logic Against Itself : Probing Model Defenses Through Contrastive Questions. (62%)
Mingling with the Good to Backdoor Federated Learning. (12%)
AdaMixup: A Dynamic Defense Framework for Membership Inference Attack Mitigation. (10%)
How Toxic Can You Get? Search-based Toxicity Testing for Large Language Models. (9%)
2025-01-02
Adaptive Meta-learning-based Adversarial Training for Robust Automatic Modulation Classification. (99%)
AIM: Additional Image Guided Generation of Transferable Adversarial Attacks. (99%)
HoneypotNet: Backdoor Attacks Against Model Extraction. (93%)
Improving Robustness Estimates in Natural Language Explainable AI though Synonymity Weighted Similarity Measures. (87%)
Stealthy Backdoor Attack to Real-world Models in Android Apps. (80%)
SAFER: Sharpness Aware layer-selective Finetuning for Enhanced Robustness in vision transformers. (45%)
Test Input Validation for Vision-based DL Systems: An Active Learning Approach. (1%)
Predicting the Performance of Black-box LLMs through Self-Queries. (1%)
2025-01-01
Boosting Adversarial Transferability with Spatial Adversarial Alignment. (99%)
Towards Adversarially Robust Deep Metric Learning. (99%)
Image-based Multimodal Models as Intruders: Transferable Multimodal Attacks on Video-based MLLMs. (99%)
Dynamics of Adversarial Attacks on Large Language Model-Based Search Engines. (76%)
TrustRAG: Enhancing Robustness and Trustworthiness in Retrieval-Augmented Generation. (16%)
Defense Strategies for Autonomous Multi-agent Systems: Ensuring Safety and Resilience Under Exponentially Unbounded FDI Attacks. (2%)
How Breakable Is Privacy: Probing and Resisting Model Inversion Attacks in Collaborative Inference. (2%)
2024-12-31
Everywhere Attack: Attacking Locally and Globally to Boost Targeted Transferability. (99%)
Extending XReason: Formal Explanations for Adversarial Detection. (82%)
2024-12-30
RobustBlack: Challenging Black-Box Adversarial Attacks on State-of-the-Art Defenses. (99%)
Adversarial Attack and Defense for LoRa Device Identification and Authentication via Deep Learning. (99%)
Sample Correlation for Fingerprinting Deep Face Recognition. (98%)
Two Heads Are Better Than One: Averaging along Fine-Tuning to Improve Targeted Transferability. (93%)
Unsupervised dense retrieval with conterfactual contrastive learning. (54%)
GASLITEing the Retrieval: Exploring Vulnerabilities in Dense Embedding-based Search. (50%)
ExpShield: Safeguarding Web Text from Unauthorized Crawling and Language Modeling Exploitation. (10%)
Automated Robustness Testing for LLM-based NLP Software. (2%)
DELA: A Novel Approach for Detecting Errors Induced by Large Atomic Condition Numbers. (1%)
2024-12-29
Defending Multimodal Backdoored Models by Repulsive Visual Prompt Tuning. (95%)
Prototypical Distillation and Debiased Tuning for Black-box Unsupervised Domain Adaptation. (10%)
On Adversarial Robustness of Language Models in Transfer Learning. (10%)
Attacks on the neural network and defense methods. (2%)
Cut the Deadwood Out: Post-Training Model Purification with Selective Module Substitution. (2%)
2024-12-28
A Robust Adversarial Ensemble with Causal (Feature Interaction) Interpretations for Image Classification. (99%)
On the Validity of Traditional Vulnerability Scoring Systems for Adversarial Attacks against LLMs. (13%)
MAFT: Efficient Model-Agnostic Fairness Testing for Deep Neural Networks via Zero-Order Gradient Search. (9%)
LLM-Virus: Evolutionary Jailbreak Attack on Large Language Models. (2%)
Defending Against Network Attacks for Secure AI Agent Migration in Vehicular Metaverses. (1%)
2024-12-27
Standard-Deviation-Inspired Regularization for Improving Adversarial Robustness. (99%)
Adversarial Robustness for Deep Learning-based Wildfire Detection Models. (98%)
Enhancing Adversarial Robustness of Deep Neural Networks Through Supervised Contrastive Learning. (96%)
Attribution for Enhanced Explanation with Transferable Adversarial eXploration. (92%)
2024-12-26
Federated Hybrid Training and Self-Adversarial Distillation: Towards Robust Edge Networks. (45%)
An Engorgio Prompt Makes Large Language Model Babble on. (16%)
xSRL: Safety-Aware Explainable Reinforcement Learning -- Safety as a Product of Explainability. (2%)
2024-12-25
Distortion-Aware Adversarial Attacks on Bounding Boxes of Object Detectors. (99%)
Improving Integrated Gradient-based Transferable Adversarial Examples by Refining the Integration Path. (98%)
Imperceptible Adversarial Attacks on Point Clouds Guided by Point-to-Surface Field. (83%)
Adversarial Training for Graph Neural Networks via Graph Subspace Energy Optimization. (75%)
Bridging Interpretability and Robustness Using LIME-Guided Model Refinement. (69%)
Injecting Bias into Text Classification Models using Backdoor Attacks. (15%)
Protective Perturbations against Unauthorized Data Usage in Diffusion-based Image Generation. (10%)
CL-attack: Textual Backdoor Attacks via Cross-Lingual Triggers. (9%)
2024-12-24
SurvAttack: Black-Box Attack On Survival Models through Ontology-Informed EHR Perturbation. (99%)
Evaluating the Adversarial Robustness of Detection Transformers. (99%)
Robustness-aware Automatic Prompt Optimization. (98%)
Attack-in-the-Chain: Bootstrapping Large Language Models for Attacks Against Black-box Neural Ranking Models. (98%)
On the Effectiveness of Adversarial Training on Malware Classifiers. (96%)
Efficient Contrastive Explanations on Demand. (82%)
An Empirical Analysis of Federated Learning Models Subject to Label-Flipping Adversarial Attack. (73%)
Unveiling the Threat of Fraud Gangs to Graph Neural Networks: Multi-Target Graph Injection Attacks Against GNN-Based Fraud Detectors. (41%)
Token Highlighter: Inspecting and Mitigating Jailbreak Prompts for Large Language Models. (38%)
Hypergraph Attacks via Injecting Homogeneous Nodes into Elite Hyperedges. (22%)
Re-assessing ImageNet: How aligned is its single-label assumption with its multi-label nature? (4%)
2024-12-23
Retention Score: Quantifying Jailbreak Risks for Vision Language Models. (99%)
Emerging Security Challenges of Large Language Models. (73%)
Stability Bounds for the Unfolded Forward-Backward Algorithm. (38%)
Double Landmines: Invisible Textual Backdoor Attacks based on Dual-Trigger. (15%)
AEIOU: A Unified Defense Framework against NSFW Prompts in Text-to-Image Models. (2%)
Sensitivity Curve Maximization: Attacking Robust Aggregators in Distributed Learning. (1%)
DiffusionAttacker: Diffusion-Driven Prompt Manipulation for LLM Jailbreak. (1%)
2024-12-22
ErasableMask: A Robust and Erasable Privacy Protection Scheme against Black-box Face Recognition Models. (99%)
NumbOD: A Spatial-Frequency Fusion Attack Against Object Detectors. (99%)
Breaking Barriers in Physical-World Adversarial Examples: Improving Robustness and Transferability via Robust Feature. (99%)
Preventing Non-intrusive Load Monitoring Privacy Invasion: A Precise Adversarial Attack Scheme for Networked Smart Meters. (98%)
A Backdoor Attack Scheme with Invisible Triggers Based on Model Architecture Modification. (45%)
Attack by Yourself: Effective and Unnoticeable Multi-Category Graph Backdoor Attacks with Subgraph Triggers Pool. (22%)
Shaping the Safety Boundaries: Understanding and Defending Against Jailbreaks in Large Language Models. (22%)
Robustness of Large Language Models Against Adversarial Attacks. (13%)
2024-12-21
PB-UAP: Hybrid Universal Adversarial Attack For Image Segmentation. (99%)
Adversarial Attack Against Images Classification based on Generative Adversarial Networks. (98%)
OpenAI o1 System Card. (81%)
TrojFlow: Flow Models are Natural Targets for Trojan Attacks. (78%)
Towards More Robust Retrieval-Augmented Generation: Evaluating RAG Under Adversarial Poisoning Attacks. (76%)
POEX: Policy Executable Embodied AI Jailbreak Attacks. (62%)
Forget Vectors at Play: Universal Input Perturbations Driving Machine Unlearning in Image Classification. (8%)
The Task Shield: Enforcing Task Alignment to Defend Against Indirect Prompt Injection in LLM Agents. (4%)
RoboSignature: Robust Signature and Watermarking on Network Attacks. (1%)
2024-12-20
Adversarial Robustness through Dynamic Ensemble Learning. (99%)
EMPRA: Embedding Perturbation Rank Attack against Neural Ranking Models. (98%)
Watertox: The Art of Simplicity in Universal Attacks A Cross-Model Framework for Robust Adversarial Generation. (98%)
Human-Readable Adversarial Prompts: An Investigation into LLM Vulnerabilities Using Situational Context. (82%)
JailPO: A Novel Black-box Jailbreak Framework via Preference Optimization against Aligned LLMs. (41%)
PoisonCatcher: Revealing and Identifying LDP Poisoning Attacks in IIoT. (22%)
Technical Report for ICML 2024 TiFA Workshop MLLM Attack Challenge: Suffix Injection and Projected Gradient Descent Can Easily Fool An MLLM. (13%)
Texture- and Shape-based Adversarial Attacks for Vehicle Detection in Synthetic Overhead Imagery. (9%)
Robust random graph matching in dense graphs via vector approximate message passing. (1%)
2024-12-19
AutoTrust: Benchmarking Trustworthiness in Large Vision Language Models for Autonomous Driving. (5%)
Boosting GNN Performance via Training Sample Selection Based on Adversarial Robustness Evaluation. (4%)
2024-12-18
A Review of the Duality of Adversarial Learning in Network Intrusion: Attacks and Countermeasures. (89%)
Crabs: Consuming Resrouce via Auto-generation for LLM-DoS Attack under Black-box Settings. (86%)
Mitigating Adversarial Attacks in LLMs through Defensive Suffix Generation. (83%)
Adversarial Hubness in Multi-Modal Retrieval. (82%)
Physics-Based Adversarial Attack on Near-Infrared Human Detector for Nighttime Surveillance Camera Systems. (78%)
Cultivating Archipelago of Forests: Evolving Robust Decision Trees through Island Coevolution. (56%)
A Black-Box Evaluation Framework for Semantic Robustness in Bird's Eye View Detection. (8%)
Speech Watermarking with Discrete Intermediate Representations. (4%)
On the Robustness of Distributed Machine Learning against Transfer Attacks. (2%)
Mesoscopic Insights: Orchestrating Multi-scale & Hybrid Architecture for Image Manipulation Localization. (1%)
Hybrid Data-Free Knowledge Distillation. (1%)
SHAP scores fail pervasively even when Lipschitz succeeds. (1%)
Novel AI Camera Camouflage: Face Cloaking Without Full Disguise. (1%)
2024-12-17
Improving the Transferability of 3D Point Cloud Attack via Spectral-aware Admix and Optimization Designs. (99%)
Targeted View-Invariant Adversarial Perturbations for 3D Object Recognition. (99%)
AdvIRL: Reinforcement Learning-Based Adversarial Attacks on 3D NeRF Models. (98%)
Defending LVLMs Against Vision Attacks through Partial-Perception Supervision. (92%)
Exploring Query Efficient Data Generation towards Data-free Model Stealing in Hard Label Setting. (92%)
Fooling LLM graders into giving better grades through neural activity guided adversarial prompting. (75%)
Practicable Black-box Evasion Attacks on Link Prediction in Dynamic Graphs -- A Graph Sequential Embedding Method. (70%)
Jailbreaking? One Step Is Enough! (64%)
Toxicity Detection towards Adaptability to Changing Perturbations. (11%)
A New Adversarial Perspective for LiDAR-based 3D Object Detection. (9%)
Accuracy Limits as a Barrier to Biometric System Security. (2%)
Neural Control and Certificate Repair via Runtime Monitoring. (1%)
Training Verification-Friendly Neural Networks via Neuron Behavior Consistency. (1%)
Distribution Shifts at Scale: Out-of-distribution Detection in Earth Observation. (1%)
2024-12-16
Adversarially robust generalization theory via Jacobian regularization for deep neural networks. (99%)
Human-in-the-Loop Generation of Adversarial Texts: A Case Study on Tibetan Script. (99%)
Transferable Adversarial Face Attack with Text Controlled Attribute. (98%)
Towards Adversarial Robustness of Model-Level Mixture-of-Experts Architectures for Semantic Segmentation. (86%)
WFCAT: Augmenting Website Fingerprinting with Channel-wise Attention on Timing Features. (33%)
Red Pill and Blue Pill: Controllable Website Fingerprinting Defense via Dynamic Backdoor Learning. (22%)
Sonar-based Deep Learning in Underwater Robotics: Overview, Robustness and Challenges. (1%)
CP-Guard: Malicious Agent Detection and Defense in Collaborative Bird's Eye View Perception. (1%)
Stepwise Reasoning Error Disruption Attack of LLMs. (1%)
2024-12-15
Comprehensive Survey on Adversarial Examples in Cybersecurity: Impacts, Challenges, and Mitigation Strategies. (99%)
Unpacking the Resilience of SNLI Contradiction Examples to Attacks. (99%)
Impact of Adversarial Attacks on Deep Learning Model Explainability. (99%)
UIBDiffusion: Universal Imperceptible Backdoor Attack for Diffusion Models. (99%)
PGD-Imp: Rethinking and Unleashing Potential of Classic PGD with Dual Strategies for Imperceptible Adversarial Attacks. (98%)
Learning Robust and Privacy-Preserving Representations via Information Theory. (92%)
A Comprehensive Review of Adversarial Attacks on Machine Learning. (75%)
Finding a Wolf in Sheep's Clothing: Combating Adversarial Text-To-Image Prompts with Text Summarization. (2%)
Set-Valued Sensitivity Analysis of Deep Neural Networks. (2%)
SpearBot: Leveraging Large Language Models in a Generative-Critique Framework for Spear-Phishing Email Generation. (1%)
A3E: Aligned and Augmented Adversarial Ensemble for Accurate, Robust and Privacy-Preserving EEG Decoding. (1%)
2024-12-14
RAT: Adversarial Attacks on Deep Reinforcement Agents for Targeted Behaviors. (98%)
One Pixel is All I Need. (80%)
Towards Action Hijacking of Large Language Model-based Agent. (26%)
Are Language Models Agnostic to Linguistically Grounded Perturbations? A Case Study of Indic Languages. (1%)
Unbiased General Annotated Dataset Generation. (1%)
2024-12-13
Prompt2Perturb (P2P): Text-Guided Diffusion-Based Adversarial Attacks on Breast Ultrasound Images. (99%)
Robust image classification with multi-modal large language models. (99%)
A2RNet: Adversarial Attack Resilient Network for Robust Infrared and Visible Image Fusion. (92%)
Err on the Side of Texture: Texture Bias on Real Data. (82%)
BinarySelect to Improve Accessibility of Black-Box Attack Research. (80%)
FaceShield: Defending Facial Image against Deepfake Threats. (80%)
On Adversarial Robustness and Out-of-Distribution Robustness of Large Language Models. (78%)
SuperMark: Robust and Training-free Image Watermarking via Diffusion-based Super-Resolution. (67%)
Client-Side Patching against Backdoor Attacks in Federated Learning. (61%)
No Free Lunch for Defending Against Prefilling Attack by In-Context Learning. (22%)
Active Poisoning: Efficient Backdoor Attacks on Transfer Learning-Based Brain-Computer Interfaces. (13%)
Adversarial Robustness of Bottleneck Injected Deep Neural Networks for Task-Oriented Communication. (10%)
BiCert: A Bilinear Mixed Integer Programming Formulation for Precise Certified Bounds Against Data Poisoning Attacks. (1%)
From Allies to Adversaries: Manipulating LLM Tool-Calling through Adversarial Injection. (1%)
2024-12-12
Three-in-One: Robust Enhanced Universal Transferable Anti-Facial Retrieval in Online Social Networks. (99%)
On the Generation and Removal of Speaker Adversarial Perturbation for Voice-Privacy Protection. (95%)
Real-time Identity Defenses against Malicious Personalization of Diffusion Models. (95%)
Deep Learning Model Security: Threats and Defenses. (92%)
A Semi Black-Box Adversarial Bit-Flip Attack with Limited DNN Model Information. (69%)
Evaluating Adversarial Attacks on Traffic Sign Classifiers beyond Standard Baselines. (45%)
SVasP: Self-Versatility Adversarial Style Perturbation for Cross-Domain Few-Shot Learning. (3%)
Obfuscated Activations Bypass LLM Latent-Space Defenses. (2%)
Towards Understanding the Robustness of LLM-based Evaluations under Perturbations. (1%)
L-WISE: Boosting Human Image Category Learning Through Model-Based Image Selection And Enhancement. (1%)
2024-12-11
Adversarial Purification by Consistency-aware Latent Space Optimization on Data Manifolds. (99%)
Doubly-Universal Adversarial Perturbations: Deceiving Vision-Language Models Across Both Images and Text with a Single Perturbation. (98%)
Grimm: A Plug-and-Play Perturbation Rectifier for Graph Neural Networks Defending against Poisoning Attacks. (93%)
Exploiting the Index Gradients for Optimization-Based Jailbreaking on Large Language Models. (83%)
AdvWave: Stealthy Adversarial Jailbreak Attack against Large Audio-Language Models. (82%)
Proactive Adversarial Defense: Harnessing Prompt Tuning in Vision-Language Models to Detect Unseen Backdoored Images. (45%)
Backdoor attacks on DNN and GBDT -- A Case Study from the insurance domain. (16%)
Antelope: Potent and Concealed Jailbreak Attack Strategy. (10%)
Model-Editing-Based Jailbreak against Safety-aligned Large Language Models. (1%)
2024-12-10
Addressing Key Challenges of Adversarial Attacks and Defenses in the Tabular Domain: A Methodological Framework for Coherence and Consistency. (99%)
A Generative Victim Model for Segmentation. (99%)
Backdoor Attacks against No-Reference Image Quality Assessment Models via a Scalable Trigger. (99%)
AHSG: Adversarial Attack on High-level Semantics in Graph Neural Networks. (99%)
Defending Against Neural Network Model Inversion Attacks via Data Poisoning. (98%)
Adversarial Vulnerabilities in Large Language Models for Time Series Forecasting. (98%)
What You See Is Not Always What You Get: An Empirical Study of Code Comprehension by Large Language Models. (92%)
DynamicPAE: Generating Scene-Aware Physical Adversarial Examples in Real-Time. (92%)
Adaptive Epsilon Adversarial Training for Robust Gravitational Wave Parameter Estimation Using Normalizing Flows. (86%)
MAGIC: Mastering Physical Adversarial Generation in Context through Collaborative LLM Agents. (82%)
FlexLLM: Exploring LLM Customization for Moving Target Defense on Black-Box LLMs Against Jailbreak Attacks. (81%)
Stealthy and Robust Backdoor Attack against 3D Point Clouds through Additional Point Features. (76%)
Adversarial Filtering Based Evasion and Backdoor Attacks to EEG-Based Brain-Computer Interfaces. (68%)
A Parametric Approach to Adversarial Augmentation for Cross-Domain Iris Presentation Attack Detection. (61%)
Na'vi or Knave: Jailbreaking Language Models via Metaphorical Avatars. (50%)
CapGen:An Environment-Adaptive Generator of Adversarial Patches. (13%)
PrisonBreak: Jailbreaking Large Language Models with Fewer Than Twenty-Five Targeted Bit-flips. (10%)
Buster: Implanting Semantic Backdoor into Text Encoder to Mitigate NSFW Content Generation. (2%)
2024-12-09
Take Fake as Real: Realistic-like Robust Black-box Adversarial Attack to Evade AIGC Detection. (99%)
Defensive Dual Masking for Robust Adversarial Defense. (99%)
A Real-Time Defense Against Object Vanishing Adversarial Patch Attacks for Object Detection in Autonomous Vehicles. (97%)
Data Free Backdoor Attacks. (64%)
On Evaluating the Durability of Safeguards for Open-Weight LLMs. (38%)
Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy, Research, and Practice. (3%)
StyleMark: A Robust Watermarking Method for Art Style Images Against Black-Box Arbitrary Style Transfer. (2%)
Understanding Gradient Descent through the Training Jacobian. (1%)
Vulnerability, Where Art Thou? An Investigation of Vulnerability Management in Android Smartphone Chipsets. (1%)
2024-12-08
Adversarial Transferability in Deep Denoising Models: Theoretical Insights and Robustness Enhancement via Out-of-Distribution Typical Set Sampling. (99%)
An Effective and Resilient Backdoor Attack Framework against Deep Neural Networks and Vision Transformers. (89%)
Anti-Reference: Universal and Immediate Defense Against Reference-Based Generation. (22%)
PBI-Attack: Prior-Guided Bimodal Interactive Black-Box Jailbreak Attack for Toxicity Maximization. (15%)
SABER: Model-agnostic Backdoor Attack on Chain-of-Thought in Neural Code Generation. (4%)
Enhancing Adversarial Resistance in LLMs with Recursion. (1%)
Membership Inference Attacks and Defenses in Federated Learning: A Survey. (1%)
2024-12-07
PrivAgent: Agentic-based Red-teaming for LLM Privacy Leakage. (92%)
DeMem: Privacy-Enhanced Robust Adversarial Learning via De-Memorization. (76%)
From Flexibility to Manipulation: The Slippery Slope of XAI Evaluation. (47%)
Nearly Solved? Robust Deepfake Detection Requires More than Visual Forensics. (33%)
2024-12-06
LIAR: Leveraging Alignment (Best-of-N) to Jailbreak LLMs in Seconds. (15%)
Not Just Text: Uncovering Vision Modality Typographic Threats in Image Generation Models. (8%)
Towards Predicting the Success of Transfer-based Attacks by Quantifying Shared Feature Representations. (2%)
Backdooring Outlier Detection Methods: A Novel Attack Approach. (2%)
2024-12-05
Intriguing Properties of Robust Classification. (96%)
On the Lack of Robustness of Binary Function Similarity Systems. (92%)
Megatron: Evasive Clean-Label Backdoor Attacks against Vision Transformer. (76%)
Can Targeted Clean-Label Poisoning Attacks Generalize? (13%)
LaserGuider: A Laser Based Physical Backdoor Attack against Deep Neural Networks. (8%)
Safeguarding Text-to-Image Generation via Inference-Time Prompt-Noise Optimization. (3%)
Targeting the Core: A Simple and Effective Method to Attack RAG-based Agents via Direct LLM Manipulation. (2%)
2024-12-04
NODE-AdvGAN: Improving the transferability and perceptual similarity of adversarial examples by dynamic-system-driven adversarial generative model. (99%)
Does Safety Training of LLMs Generalize to Semantically Related Natural Prompts? (99%)
Less is More: A Stealthy and Efficient Adversarial Attack Method for DRL-based Autonomous Driving Policies. (98%)
A Taxonomy of System-Level Attacks on Deep Learning Models in Autonomous Vehicles. (76%)
PBP: Post-training Backdoor Purification for Malware Classifiers. (76%)
Testing Neural Network Verifiers: A Soundness Benchmark with Hidden Counterexamples. (13%)
Black-Box Forgery Attacks on Semantic Watermarks for Diffusion Models. (12%)
Designing DNNs for a trade-off between robustness and processing performance in embedded devices. (11%)
Pre-trained Multiple Latent Variable Generative Models are good defenders against Adversarial Attacks. (4%)
Evaluating Single Event Upsets in Deep Neural Networks for Semantic Segmentation: an embedded system perspective. (1%)
2024-12-03
Sustainable Self-evolution Adversarial Training. (99%)
Gaussian Splatting Under Attack: Investigating Adversarial Noise in 3D Objects. (99%)
Multi-Granularity Tibetan Textual Adversarial Attack Method Based on Masked Language Model. (98%)
Pay Attention to the Robustness of Chinese Minority Language Models! Syllable-level Textual Adversarial Attack on Tibetan Script. (98%)
Can't Slow me Down: Learning Robust and Hardware-Adaptive Object Detectors against Latency Attacks for Edge Devices. (93%)
Hijacking Vision-and-Language Navigation Agents with Adversarial Environmental Attacks. (80%)
TSCheater: Generating High-Quality Tibetan Adversarial Texts via Visual Similarity. (76%)
The Efficacy of Transfer-based No-box Attacks on Image Watermarking: A Pragmatic Analysis. (61%)
AdvDreamer Unveils: Are Vision-Language Models Truly Ready for Real-World 3D Variations? (61%)
Defending Against Diverse Attacks in Federated Learning Through Consensus-Based Bi-Level Optimization. (22%)
OODFace: Benchmarking Robustness of Face Recognition under Common Corruptions and Appearance Variations. (11%)
Gracefully Filtering Backdoor Samples for Generative Large Language Models without Retraining. (2%)
GenMix: Effective Data Augmentation with Generative Diffusion Model Image Editing. (1%)
2024-12-02
Traversing the Subspace of Adversarial Patches. (83%)
DiffPatch: Generating Customizable Adversarial Patches using Diffusion Model. (82%)
Exploring the Robustness of AI-Driven Tools in Digital Forensics: A Preliminary Study. (74%)
Adversarial Sample-Based Approach for Tighter Privacy Auditing in Final Model-Only Scenarios. (69%)
Robust and Transferable Backdoor Attacks Against Deep Image Compression With Selective Frequency Prior. (67%)
Adversarial Attacks on Hyperbolic Networks. (26%)
Compromising the Intelligence of Modern DNNs: On the Effectiveness of Targeted RowPress. (13%)
CopyrightShield: Spatial Similarity Guided Backdoor Defense against Copyright Infringement in Diffusion Models. (10%)
R.I.P.: A Simple Black-box Attack on Continual Test-time Adaptation. (5%)
Reactive Synthesis of Sensor Revealing Strategies in Hypergames on Graphs. (1%)
Precision Profile Pollution Attack on Sequential Recommenders via Influence Function. (1%)
2024-12-01
Intermediate Outputs Are More Sensitive Than You Think. (61%)
Hiding Faces in Plain Sight: Defending DeepFakes by Disrupting Face Detection. (16%)
Online Poisoning Attack Against Reinforcement Learning under Black-box Environments. (11%)
2024-11-30
Hard-Label Black-Box Attacks on 3D Point Clouds. (99%)
Exposing LLM Vulnerabilities: Adversarial Scam Detection and Performance. (69%)
Exact Certification of (Graph) Neural Networks Against Label Poisoning. (22%)
Jailbreak Large Vision-Language Models Through Multi-Modal Linkage. (12%)
2024-11-29
Towards Class-wise Robustness Analysis. (99%)
FLARE: Towards Universal Dataset Purification against Backdoor Attacks. (81%)
Robust Table Integration in Data Lakes. (56%)
On the Adversarial Robustness of Instruction-Tuned Large Language Models for Code. (38%)
Parallel Stacked Aggregated Network for Voice Authentication in IoT-Enabled Smart Devices. (10%)
SURE-VQA: Systematic Understanding of Robustness Evaluation in Medical VQA Tasks. (2%)
Fusing Physics-Driven Strategies and Cross-Modal Adversarial Learning: Toward Multi-Domain Applications. (1%)
2024-11-28
SceneTAP: Scene-Coherent Typographic Adversarial Planner against Vision-Language Models in Real-World Environments. (84%)
PEFT-as-an-Attack! Jailbreaking Language Models during Federated Parameter-Efficient Fine-Tuning. (69%)
Random Sampling for Diffusion-based Adversarial Purification. (26%)
Artificial intelligence and cybersecurity in banking sector: opportunities and risks. (12%)
Understanding and Improving Training-Free AI-Generated Image Detections with Vision Foundation Models. (11%)
LADDER: Multi-objective Backdoor Attack via Evolutionary Algorithm. (2%)
Enhancing Neural Network Robustness Against Fault Injection Through Non-linear Weight Transformations. (2%)
2024-11-27
Visual Adversarial Attack on Vision-Language Models for Autonomous Driving. (99%)
Fall Leaf Adversarial Attack on Traffic Sign Classification. (99%)
Immune: Improving Safety Against Jailbreaks in Multi-modal LLMs via Inference-Time Alignment. (67%)
Neutralizing Backdoors through Information Conflicts for Large Language Models. (26%)
Hidden Data Privacy Breaches in Federated Learning. (22%)
SoK: Watermarking for AI-Generated Content. (3%)
From Open Vocabulary to Open World: Teaching Vision Language Models to Detect Novel Objects. (1%)
2024-11-26
Adversarial Training in Low-Label Regimes with Margin-Based Interpolation. (99%)
BadScan: An Architectural Backdoor Attack on Visual State Space Models. (98%)
Stealthy Multi-Task Adversarial Attacks. (92%)
Adversarial Bounding Boxes Generation (ABBG) Attack against Visual Object Trackers. (82%)
MADE: Graph Backdoor Defense with Masked Unlearning. (82%)
Exploring Visual Vulnerabilities via Multi-Loss Adversarial Search for Jailbreaking Vision-Language Models. (75%)
Privacy-preserving Robotic-based Multi-factor Authentication Scheme for Secure Automated Delivery System. (9%)
PEFTGuard: Detecting Backdoor Attacks Against Parameter-Efficient Fine-Tuning. (2%)
Improved Parallel Derandomization via Finite Automata with Applications. (1%)
Multi-Objective Reinforcement Learning for Automated Resilient Cyber Defence. (1%)
Passive Deepfake Detection Across Multi-modalities: A Comprehensive Survey. (1%)
2024-11-25
Imperceptible Adversarial Examples in the Physical World. (99%)
DiffBreak: Is Diffusion-Based Purification Robust? (99%)
Scaling Laws for Black box Adversarial Attacks. (99%)
Privacy Protection in Personalized Diffusion Models via Targeted Cross-Attention Adversarial Attack. (81%)
UVCG: Leveraging Temporal Consistency for Universal Video Protection. (54%)
Guarding the Gate: ConceptGuard Battles Concept-Level Backdoors in Concept Bottleneck Models. (50%)
Edit Away and My Face Will not Stay: Personal Biometric Defense against Malicious Generative Editing. (50%)
Sparse patches adversarial attacks via extrapolating point-wise information. (47%)
RED: Robust Environmental Design. (10%)
DeDe: Detecting Backdoor Samples for SSL Encoders via Decoders. (10%)
BadSFL: Backdoor Attack against Scaffold Federated Learning. (3%)
Why the Agent Made that Decision: Explaining Deep Reinforcement Learning with Vision Masks. (2%)
XAI and Android Malware Models. (2%)
Revisiting Marr in Face: The Building of 2D--2.5D--3D Representations in Deep Neural Networks. (1%)
2024-11-24
Chain of Attack: On the Robustness of Vision-Language Models Against Transfer-Based Adversarial Attacks. (99%)
ExAL: An Exploration Enhanced Adversarial Learning Algorithm. (92%)
A Tunable Despeckling Neural Network Stabilized via Diffusion Equation. (64%)
Hide in Plain Sight: Clean-Label Backdoor for Auditing Membership Inference. (10%)
Stealth Attacks Against Moving Target Defense for Smart Grid. (2%)
DRIVE: Dual-Robustness via Information Variability and Entropic Consistency in Source-Free Unsupervised Domain Adaptation. (2%)
2024-11-23
Improving Transferable Targeted Attacks with Feature Tuning Mixup. (99%)
Improving the Transferability of Adversarial Attacks on Face Recognition with Diverse Parameters Augmentation. (99%)
LoBAM: LoRA-Based Backdoor Attack on Model Merging. (10%)
Semantic Shield: Defending Vision-Language Models Against Backdooring and Poisoning via Fine-grained Knowledge Alignment. (4%)
2024-11-22
Steering Away from Harm: An Adaptive Approach to Defending Vision Language Model Against Jailbreaks. (99%)
Gradient Masking All-at-Once: Ensemble Everything Everywhere Is Not Robust. (99%)
Exploring the Robustness and Transferability of Patch-Based Adversarial Attacks in Quantized Neural Networks. (99%)
Derivative-Free Diffusion Manifold-Constrained Gradient for Unified XAI. (45%)
Who Can Withstand Chat-Audio Attacks? An Evaluation Benchmark for Large Language Models. (45%)
Universal and Context-Independent Triggers for Precise Control of LLM Outputs. (31%)
Benchmarking the Robustness of Optical Flow Estimation to Corruptions. (13%)
Twin Trigger Generative Networks for Backdoor Attacks against Object Detection. (4%)
Geminio: Language-Guided Gradient Inversion Attacks in Federated Learning. (2%)
Heavy-tailed Contamination is Easier than Adversarial Contamination. (1%)
Exploiting Watermark-Based Defense Mechanisms in Text-to-Image Diffusion Models for Unauthorized Data Usage. (1%)
Reliable Evaluation of Attribution Maps in CNNs: A Perturbation-Based Approach. (1%)
2024-11-21
Generating Realistic Adversarial Examples for Business Processes using Variational Autoencoders. (99%)
Learning Fair Robustness via Domain Mixup. (81%)
GASP: Efficient Black-Box Generation of Adversarial Suffixes for Jailbreaking LLMs. (78%)
Adversarial Prompt Distillation for Vision-Language Models. (75%)
AnywhereDoor: Multi-Target Backdoor Attacks on Object Detection. (74%)
Indiscriminate Disruption of Conditional Inference on Multivariate Gaussians. (50%)
GraphTheft: Quantifying Privacy Risks in Graph Prompt Learning. (4%)
Global Challenge for Safe and Secure LLMs Track 1. (4%)
TrojanEdit: Multimodal Backdoor Attack Against Image Editing Model. (3%)
Evaluating the Robustness of Analogical Reasoning in Large Language Models. (1%)
Memory Backdoor Attacks on Neural Networks. (1%)
2024-11-20
Towards Million-Scale Adversarial Robustness Evaluation With Stronger Individual Attacks. (98%)
TAPT: Test-Time Adversarial Prompt Tuning for Robust Inference in Vision-Language Models. (96%)
Provably Efficient Action-Manipulation Attack Against Continuous Reinforcement Learning. (86%)
A Survey on Adversarial Robustness of LiDAR-based Machine Learning Perception in Autonomous Vehicles. (86%)
Rethinking the Intermediate Features in Adversarial Attacks: Misleading Robotic Models via Adversarial Distillation. (68%)
AI-generated Image Detection: Passive or Watermark? (31%)
SoK: A Systems Perspective on Compound AI Threats and Countermeasures. (12%)
CopyrightMeter: Revisiting Copyright Protection in Text-to-image Models. (12%)
WaterPark: A Robustness Assessment of Language Model Watermarking. (1%)
2024-11-19
NMT-Obfuscator Attack: Ignore a sentence in translation with only one word. (99%)
Stochastic BIQA: Median Randomized Smoothing for Certified Blind Image Quality Assessment. (75%)
When Backdoors Speak: Understanding LLM Backdoor Attacks Through Model-Generated Explanations. (3%)
2024-11-18
Theoretical Corrections and the Leveraging of Reinforcement Learning to Enhance Triangle Attack. (99%)
Adapting to Cyber Threats: A Phishing Evolution Network (PEN) Framework for Phishing Generation and Analyzing Evolution Patterns using Large Language Models. (87%)
CROW: Eliminating Backdoors from Large Language Models via Internal Consistency Regularization. (75%)
DeTrigger: A Gradient-Centric Approach to Backdoor Attack Mitigation in Federated Learning. (75%)
Reliable Poisoned Sample Detection against Backdoor Attacks Enhanced by Sharpness Aware Minimization. (50%)
Few-shot Model Extraction Attacks against Sequential Recommender Systems. (38%)
CLUE-MARK: Watermarking Diffusion Models using CLWE. (26%)
The Dark Side of Trust: Authority Citation-Driven Jailbreak Attacks on Large Language Models. (13%)
Exploring adversarial robustness of JPEG AI: methodology, comparison and new methods. (8%)
2024-11-17
Exploring the Adversarial Vulnerabilities of Vision-Language-Action Models in Robotics. (89%)
JailbreakLens: Interpreting Jailbreak Mechanism in the Lens of Representation and Circuit. (62%)
Countering Backdoor Attacks in Image Recognition: A Survey and Evaluation of Mitigation Strategies. (22%)
SoK: Unifying Cybersecurity and Cybersafety of Multimodal Foundation Models with an Information Theory Approach. (9%)
BackdoorMBTI: A Backdoor Learning Multimodal Benchmark Tool Kit for Backdoor Defense Evaluation. (2%)
CLMIA: Membership Inference Attacks via Unsupervised Contrastive Learning. (2%)
Variational Bayesian Bow tie Neural Networks with Shrinkage. (1%)
2024-11-16
Destabilizing a Social Network Model via Intrinsic Feedback Vulnerabilities. (1%)
2024-11-15
Comparing Robustness Against Adversarial Attacks in Code Generation: LLM-Generated vs. Human-Written. (99%)
A Hard-Label Cryptanalytic Extraction of Non-Fully Connected Deep Neural Networks using Side-Channel Attacks. (98%)
Edge-Only Universal Adversarial Attacks in Distributed Learning. (98%)
Prompt-Guided Environmentally Consistent Adversarial Patch. (82%)
Continual Adversarial Reinforcement Learning (CARL) of False Data Injection detection: forgetting and explainability. (81%)
EveGuard: Defeating Vibration-based Side-Channel Eavesdropping with Audio Adversarial Perturbations. (68%)
Safe Text-to-Image Generation: Simply Sanitize the Prompt Embedding. (11%)
Measuring Non-Adversarial Reproduction of Training Data in Large Language Models. (9%)
MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN. (1%)
Toward Robust and Accurate Adversarial Camouflage Generation against Vehicle Detectors. (1%)
RedTest: Towards Measuring Redundancy in Deep Neural Networks Effectively. (1%)
2024-11-14
BEARD: Benchmarking the Adversarial Robustness for Dataset Distillation. (99%)
Transferable Adversarial Attacks against ASR. (89%)
RenderBender: A Survey on Adversarial Attacks Using Differentiable Rendering. (83%)
Jailbreak Attacks and Defenses against Multimodal Generative Models: A Survey. (69%)
Your Fixed Watermark is Fragile: Towards Semantic-Aware Watermark for EaaS Copyright Protection. (11%)
Are nuclear masks all you need for improved out-of-domain generalisation? A closer look at cancer classification in histopathology. (1%)
2024-11-13
Confidence-aware Denoised Fine-tuning of Off-the-shelf Models for Certified Robustness. (95%)
Trap-MID: Trapdoor-based Defense against Model Inversion Attacks. (81%)
Robust Optimal Power Flow Against Adversarial Attacks: A Tri-Level Optimization Approach. (81%)
The VLLM Safety Paradox: Dual Ease in Jailbreak Attack and Defense. (74%)
LLMStinger: Jailbreaking LLMs using RL fine-tuned LLMs. (8%)
2024-11-12
Chain Association-based Attacking and Shielding Natural Language Processing Systems. (99%)
IAE: Irony-based Adversarial Examples for Sentiment Analysis Systems. (99%)
Zer0-Jack: A Memory-efficient Gradient-based Jailbreaking Method for Black-box Multi-modal Large Language Models. (78%)
Deceiving Question-Answering Models: A Hybrid Word-Level Adversarial Approach. (67%)
A Survey on Adversarial Machine Learning for Code Data: Realistic Threats, Countermeasures, and Interpretations. (64%)
New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook. (13%)
Aligning Visual Contrastive learning models via Preference Optimization. (1%)
Adaptive Meta-Learning for Robust Deepfake Detection: A Multi-Agent Framework to Data Drift and Model Generalization. (1%)
2024-11-11
Boosting the Targeted Transferability of Adversarial Examples via Salient Region & Weighted Feature Drop. (99%)
Computable Model-Independent Bounds for Adversarial Quantum Machine Learning. (69%)
The Inherent Adversarial Robustness of Analog In-Memory Computing. (61%)
Rapid Response: Mitigating LLM Jailbreaks with a Few Examples. (54%)
Semi-Truths: A Large-Scale Dataset of AI-Augmented Images for Evaluating Robustness of AI-Generated Image detectors. (1%)
2024-11-10
Adversarial Detection with a Dynamically Stable System. (99%)
Deferred Backdoor Functionality Attacks on Deep Learning Models. (82%)
SequentialBreak: Large Language Models Can be Fooled by Embedding Jailbreak Prompts into Sequential Prompt Chains. (70%)
2024-11-09
Target-driven Attack for Large Language Models. (73%)
AI-Compass: A Comprehensive and Effective Multi-module Testing Tool for AI Systems. (33%)
2024-11-08
Post-Hoc Robustness Enhancement in Graph Neural Networks with Conditional Random Fields. (41%)
Reasoning Robustness of LLMs to Adversarial Typographical Errors. (13%)
Towards a Re-evaluation of Data Forging Attacks in Practice. (2%)
2024-11-07
Neural Fingerprints for Adversarial Attack Detection. (99%)
Adversarial Robustness of In-Context Learning in Transformers for Linear Regression. (98%)
Seeing is Deceiving: Exploitation of Visual Pathways in Multi-Modal Language Models. (97%)
Attention Masks Help Adversarial Attacks to Bypass Safety Detectors. (97%)
Defending Deep Regression Models against Backdoor Attacks. (78%)
Hardware and Software Platform Inference. (9%)
Saliency Assisted Quantization for Neural Networks. (1%)
MISGUIDE: Security-Aware Attack Analytics for Smart Grid Load Frequency Control. (1%)
2024-11-06
Game-Theoretic Defenses for Robust Conformal Prediction Against Adversarial Attacks in Medical Imaging. (95%)
Deferred Poisoning: Making the Model More Vulnerable via Hessian Singularization. (86%)
FedSECA: Sign Election and Coordinate-wise Aggregation of Gradients for Byzantine Tolerant Federated Learning. (41%)
MRJ-Agent: An Effective Jailbreak Agent for Multi-Round Dialogue. (11%)
Towards Secured Smart Grid 2.0: Exploring Security Threats, Protection Models, and Challenges. (4%)
Mitigating Privacy Risks in LLM Embeddings from Embedding Inversion. (1%)
2024-11-05
Enhancing Adversarial Robustness via Uncertainty-Aware Distributional Adversarial Training. (99%)
Region-Guided Attack on the Segment Anything Model (SAM). (99%)
Double Whammy: Stealthy Data Manipulation aided Reconstruction Attack on Graph Federated Learning. (91%)
Flashy Backdoor: Real-world Environment Backdoor Attack on SNNs with DVS Cameras. (75%)
Formal Logic-guided Robust Federated Learning against Poisoning Attacks. (68%)
Oblivious Defense in ML Models: Backdoor Removal without Detection. (15%)
DM4Steal: Diffusion Model For Link Stealing Attack On Graph Neural Networks. (13%)
FEDLAD: Federated Evaluation of Deep Leakage Attacks and Defenses. (9%)
Lost in Context: The Influence of Context on Feature Attribution Methods for Object Recognition. (3%)
Benchmarking Vision Language Model Unlearning via Fictitious Facial Identity Dataset. (1%)
Inference Optimal VLMs Need Fewer Visual Tokens and More Parameters. (1%)
2024-11-04
Query-Efficient Adversarial Attack Against Vertical Federated Graph Learning. (99%)
Semantic-Aligned Adversarial Evolution Triangle for High-Transferability Vision-Language Attack. (99%)
LiDAttack: Robust Black-box Attack on LiDAR-based Object Detection. (99%)
Alignment-Based Adversarial Training (ABAT) for Improving the Robustness and Accuracy of EEG-Based BCIs. (91%)
Attacking Vision-Language Computer Agents via Pop-ups. (9%)
Stochastic Monkeys at Play: Random Augmentations Cheaply Break LLM Safety Alignment. (2%)
FactTest: Factuality Testing in Large Language Models with Statistical Guarantees. (1%)
Differentially Private Integrated Decision Gradients (IDG-DP) for Radar-based Human Activity Recognition. (1%)
2024-11-03
Undermining Image and Text Classification Algorithms Using Adversarial Attacks. (98%)
SQL Injection Jailbreak: a structural disaster of large language models. (78%)
UniGuard: Towards Universal Safety Guardrails for Jailbreak Attacks on Multimodal Large Language Models. (4%)
Rotation Perturbation Robustness in Point Cloud Analysis: A Perspective of Manifold Distillation. (2%)
Poison Attacks and Adversarial Prompts Against an Informed University Virtual Assistant. (1%)
TabSec: A Collaborative Framework for Novel Insider Threat Detection. (1%)
Learning predictable and robust neural representations by straightening image sequences. (1%)
2024-11-02
Quantum Token Obfuscation via Superposition. (78%)
$B^4$: A Black-Box Scrubbing Attack on LLM Watermarks. (75%)
What Features in Prompts Jailbreak LLMs? Investigating the Mechanisms Behind Attacks. (1%)
2024-11-01
Replace-then-Perturb: Targeted Adversarial Attacks With Visual Reasoning for Vision-Language Models. (99%)
Defense Against Prompt Injection Attack by Leveraging Attack Techniques. (81%)
Certified Robustness for Deep Equilibrium Models via Serialized Random Smoothing. (68%)
Attention Tracker: Detecting Prompt Injection Attacks in LLMs. (26%)
Emoji Attack: A Method for Misleading Judge LLMs in Safety Risk Detection. (22%)
Outlier-Oriented Poisoning Attack: A Grey-box Approach to Disturb Decision Boundaries by Perturbing Outliers in Multiclass Learning. (13%)
Identify Backdoored Model in Federated Learning via Individual Unlearning. (5%)
Plentiful Jailbreaks with String Compositions. (2%)
Uncertainty-based Offline Variational Bayesian Reinforcement Learning for Robustness under Diverse Data Corruptions. (2%)
Examining Attacks on Consensus and Incentive Systems in Proof-of-Work Blockchains: A Systematic Literature Review. (1%)
B-cosification: Transforming Deep Neural Networks to be Inherently Interpretable. (1%)
Towards Building Secure UAV Navigation with FHE-aware Knowledge Distillation. (1%)
2024-10-31
Noise as a Double-Edged Sword: Reinforcement Learning Exploits Randomized Defenses in Neural Networks. (99%)
Protecting Feed-Forward Networks from Adversarial Attacks Using Predictive Coding. (99%)
Wide Two-Layer Networks can Learn from Adversarial Perturbations. (98%)
DiffPAD: Denoising Diffusion-based Adversarial Patch Decontamination. (93%)
I Can Hear You: Selective Robust Training for Deepfake Audio Detection. (86%)
Pseudo-Conversation Injection for LLM Goal Hijacking. (75%)
ARQ: A Mixed-Precision Quantization Framework for Accurate and Certifiably Robust DNNs. (67%)
Optical Lens Attack on Monocular Depth Estimation for Autonomous Driving. (5%)
Adversarial Attacks of Vision Tasks in the Past 10 Years: A Survey. (2%)
2024-10-30
FAIR-TAT: Improving Model Fairness Using Targeted Adversarial Training. (99%)
Keep on Swimming: Real Attackers Only Need Partial Knowledge of a Multi-Model System. (99%)
CausalDiff: Causality-Inspired Disentanglement via Diffusion Model for Adversarial Defense. (99%)
One Prompt to Verify Your Models: Black-Box Text-to-Image Models Verification via Non-Transferable Adversarial Attacks. (98%)
Effective and Efficient Adversarial Detection for Vision-Language Models via A Single Vector. (87%)
HijackRAG: Hijacking Attacks against Retrieval-Augmented Large Language Models. (82%)
Understanding and Improving Adversarial Collaborative Filtering for Robust Recommendation. (67%)
Teaching a Language Model to Distinguish Between Similar Details using a Small Adversarial Training Set. (64%)
Backdoor Attack Against Vision Transformers via Attention Gradient-Based Image Erosion. (62%)
Geometry Cloak: Preventing TGS-based 3D Reconstruction from Copyrighted Images. (2%)
On Memorization of Large Language Models in Logical Reasoning. (1%)
Byzantine-Robust Federated Learning: An Overview With Focus on Developing Sybil-based Attacks to Backdoor Augmented Secure Aggregation Protocols. (1%)
ProTransformer: Robustify Transformers via Plug-and-Play Paradigm. (1%)
Attribute-to-Delete: Machine Unlearning via Datamodel Matching. (1%)
Stealing User Prompts from Mixture of Experts. (1%)
InjecGuard: Benchmarking and Mitigating Over-defense in Prompt Injection Guardrail Models. (1%)
2024-10-29
On the Robustness of Adversarial Training Against Uncertainty Attacks. (99%)
CausAdv: A Causal-based Framework for Detecting Adversarial Examples. (99%)
Text-Guided Attention is All You Need for Zero-Shot Robustness in Vision-Language Models. (98%)
Automated Trustworthiness Oracle Generation for Machine Learning Text Classifiers. (83%)
IDEATOR: Jailbreaking and Benchmarking Large Vision-Language Models Using Themselves. (83%)
Longitudinal Mammogram Exam-based Breast Cancer Diagnosis Models: Vulnerability to Adversarial Attacks. (81%)
AmpleGCG-Plus: A Strong Generative Model of Adversarial Suffixes to Jailbreak LLMs with Higher Success Rates in Fewer Attempts. (78%)
Embedding-based classifiers can detect prompt injection attacks. (64%)
Enhancing Adversarial Attacks through Chain of Thought. (54%)
Power side-channel leakage localization through adversarial training of deep neural networks. (11%)
Enhancing Safety and Robustness of Vision-Based Controllers via Reachability Analysis. (1%)
SVIP: Towards Verifiable Inference of Open-source Large Language Models. (1%)
DynaMath: A Dynamic Visual Benchmark for Evaluating Mathematical Reasoning Robustness of Vision Language Models. (1%)
2024-10-28
Evaluating the Robustness of LiDAR Point Cloud Tracking Against Adversarial Attack. (99%)
AdvI2I: Adversarial Image Attack on Image-to-Image Diffusion models. (96%)
BlueSuffix: Reinforced Blue Teaming for Vision-Language Models Against Jailbreak Attacks. (93%)
FATH: Authentication-based Test-time Defense against Indirect Prompt Injection Attacks. (91%)
TACO: Adversarial Camouflage Optimization on Trucks to Fool Object Detectors. (88%)
Attacking Misinformation Detection Using Adversarial Examples Generated by Language Models. (83%)
Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks. (80%)
Stealthy Jailbreak Attacks on Large Language Models via Benign Data Mirroring. (50%)
Mitigating Unauthorized Speech Synthesis for Voice Protection. (9%)
Mitigating Paraphrase Attacks on Machine-Text Detectors via Paraphrase Inversion. (1%)
Palisade -- Prompt Injection Detection Framework. (1%)
SCULPT: Systematic Tuning of Long Prompts. (1%)
2024-10-27
Integrating uncertainty quantification into randomized smoothing based robustness guarantees. (98%)
LLM Robustness Against Misinformation in Biomedical Question Answering. (80%)
Fine-tuned Large Language Models (LLMs): Improved Prompt Injection Attacks Detection. (1%)
2024-10-26
Adversarial Attacks Against Double RIS-Assisted MIMO Systems-based Autoencoder in Finite-Scattering Environments. (99%)
Transferable Adversarial Attacks on SAM and Its Downstream Models. (99%)
Generative Adversarial Patches for Physical Attacks on Cross-Modal Pedestrian Re-Identification. (98%)
CodePurify: Defend Backdoor Attacks on Neural Code Models via Entropy-based Purification. (76%)
Robust Model Evaluation over Large-scale Federated Networks. (2%)
2024-10-25
GPT-4o System Card. (76%)
RobustKV: Defending Large Language Models against Jailbreak Attacks via KV Eviction. (64%)
Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions. (62%)
Expose Before You Defend: Unifying and Enhancing Backdoor Defenses via Exposed Models. (56%)
Towards Robust Algorithms for Surgical Phase Recognition via Digital Twin-based Scene Representation. (10%)
2024-10-24
GADT: Enhancing Transferable Adversarial Attacks through Gradient-guided Adversarial Data Transformation. (99%)
Adversarial Attacks on Large Language Models Using Regularized Relaxation. (98%)
Iterative Self-Tuning LLMs for Enhanced Jailbreaking Capabilities. (88%)
Humanizing the Machine: Proxy Attacks to Mislead LLM Detectors. (68%)
Complexity Matters: Effective Dimensionality as a Measure for Adversarial Robustness. (33%)
Robust Watermarking Using Generative Priors Against Image Editing: From Benchmarking to Advances. (11%)
2024-10-23
Advancing NLP Security by Leveraging LLMs as Adversarial Engines. (98%)
Backdoor in Seconds: Unlocking Vulnerabilities in Large Pre-trained Models via Model Editing. (93%)
Breaking the Illusion: Real-world Challenges for Adversarial Patches in Object Detection. (70%)
Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning. (16%)
Guide for Defense (G4D): Dynamic Guidance for Robust and Balanced Defense in Large Language Models. (9%)
Securing Federated Learning against Backdoor Threats with Foundation Model Integration. (3%)
Towards Understanding the Fragility of Multilingual LLMs against Fine-Tuning Attacks. (2%)
Countering Autonomous Cyber Threats. (2%)
Is Smoothness the Key to Robustness? A Comparison of Attention and Convolution Models Using a Novel Metric. (1%)
2024-10-22
Detecting Adversarial Examples. (99%)
Test-time Adversarial Defense with Opposite Adversarial Path and High Attack Time Cost. (98%)
AdvWeb: Controllable Black-box Attacks on VLM-powered Web Agents. (97%)
Meta Stackelberg Game: Robust Federated Learning against Adaptive and Mixed Poisoning Attacks. (67%)
Hierarchical Multi-agent Reinforcement Learning for Cyber Network Defense. (41%)
On the Vulnerability of Text Sanitization. (8%)
Context-aware Prompt Tuning: Advancing In-Context Learning with Adversarial Methods. (5%)
Evaluating the Effectiveness of Attack-Agnostic Features for Morphing Attack Detection. (4%)
BadFair: Backdoored Fairness Attacks with Group-conditioned Triggers. (2%)
Invisible Manipulation Deep Reinforcement Learning Enhanced Stealthy Attacks on Battery Energy Management Systems. (1%)
A Hybrid Simulation of DNN-based Gray Box Models. (1%)
2024-10-21
Model Mimic Attack: Knowledge Distillation for Provably Transferable Adversarial Examples. (99%)
Conflict-Aware Adversarial Training. (70%)
Robust Feature Learning for Multi-Index Models in High Dimensions. (68%)
Dual-Model Defense: Safeguarding Diffusion Models from Membership Inference Attacks through Disjoint Data Splitting. (16%)
Metric as Transform: Exploring beyond Affine Transform for Interpretable Neural Network. (13%)
A Realistic Threat Model for Large Language Model Jailbreaks. (11%)
Vulnerabilities in Machine Learning-Based Voice Disorder Detection Systems. (11%)
On the Geometry of Regularization in Adversarial Training: High-Dimensional Asymptotics and Generalization Bounds. (5%)
Boosting Jailbreak Transferability for Large Language Models. (1%)
Extracting Spatiotemporal Data from Gradients with Large Language Models. (1%)
2024-10-20
PEAS: A Strategy for Crafting Transferable Adversarial Examples. (99%)
Efficient Model Extraction via Boundary Sampling. (96%)
The Best Defense is a Good Offense: Countering LLM-Powered Cyberattacks. (76%)
Faster-GCG: Efficient Discrete Optimization Jailbreak Attacks against Aligned Large Language Models. (45%)
Bayesian Concept Bottleneck Models with LLM Priors. (1%)
2024-10-19
Adversarial Training: A Survey. (97%)
Toward Robust RALMs: Revealing the Impact of Imperfect Retrieval on Retrieval-Augmented Language Models. (92%)
Beyond Pruning Criteria: The Dominant Role of Fine-Tuning and Adaptive Ratios in Neural Network Robustness. (81%)
Jailbreaking and Mitigation of Vulnerabilities in Large Language Models. (54%)
SLIC: Secure Learned Image Codec through Compressed Domain Watermarking to Defend Image Manipulation. (11%)
DynaMO: Protecting Mobile DL Models through Coupling Obfuscated DL Operators. (2%)
2024-10-18
A Hybrid Defense Strategy for Boosting Adversarial Robustness in Vision-Language Models. (99%)
Class-RAG: Content Moderation with Retrieval Augmented Generation. (76%)
Attack as Defense: Run-time Backdoor Implantation for Image Content Protection. (61%)
Stochastic Gradient Descent Jittering for Inverse Problems: Alleviating the Accuracy-Robustness Tradeoff. (26%)
Feint and Attack: Attention-Based Strategies for Jailbreaking and Protecting LLMs. (13%)
Real-time Fake News from Adversarial Feedback. (10%)
Unlearning Backdoor Attacks for LLMs with Weak-to-Strong Knowledge Distillation. (5%)
Enhancing Prompt Injection Attacks to LLMs via Poisoning Alignment. (1%)
Adversarial Score identity Distillation: Rapidly Surpassing the Teacher in One Step. (1%)
2024-10-17
MMAD-Purify: A Precision-Optimized Framework for Efficient and Scalable Multi-Modal Attacks. (99%)
DMGNN: Detecting and Mitigating Backdoor Attacks in Graph Neural Networks. (95%)
Adversarial Inception for Bounded Backdoor Poisoning in Deep Reinforcement Learning. (67%)
SPIN: Self-Supervised Prompt INjection. (67%)
Jailbreaking LLM-Controlled Robots. (56%)
Persistent Pre-Training Poisoning of LLMs. (33%)
Trojan Prompt Attacks on Graph Neural Networks. (4%)
Do LLMs Have Political Correctness? Analyzing Ethical Biases and Jailbreak Vulnerabilities in AI Systems. (2%)
2024-10-16
Golyadkin's Torment: Doppelg\"angers and Adversarial Vulnerability. (99%)
DAT: Improving Adversarial Robustness via Generative Amplitude Mix-up in Frequency Domain. (99%)
Boosting Imperceptibility of Stable Diffusion-based Adversarial Examples Generation with Momentum. (99%)
New Paradigm of Adversarial Training: Breaking Inherent Trade-Off between Accuracy and Robustness via Dummy Classes. (98%)
Perseus: Leveraging Common Data Patterns with Curriculum Learning for More Robust Graph Neural Networks. (92%)
Low-Rank Adversarial PGD Attack. (84%)
Data Defenses Against Large Language Models. (76%)
Hiding-in-Plain-Sight (HiPS) Attack on CLIP for Targetted Object Removal from Images. (61%)
NSmark: Null Space Based Black-box Watermarking Defense Framework for Pre-trained Language Models. (26%)
Mitigating the Backdoor Effect for Multi-Task Model Merging via Safety-Aware Subspace. (5%)
Reconstruction of Differentially Private Text Sanitization via Large Language Models. (4%)
Unitary Multi-Margin BERT for Robust Natural Language Processing. (4%)
FedGTST: Boosting Global Transferability of Federated Models via Statistics Tuning. (2%)
Consistency Calibration: Improving Uncertainty Calibration via Consistency among Perturbed Neighbors. (2%)
Efficient Optimization Algorithms for Linear Adversarial Training. (1%)
PromptExp: Multi-granularity Prompt Explanation of Large Language Models. (1%)
Long-Tailed Backdoor Attack Using Dynamic Data Augmentation Operations. (1%)
2024-10-15
Taking off the Rose-Tinted Glasses: A Critical Look at Adversarial ML Through the Lens of Evasion Attacks. (99%)
Efficient and Effective Universal Adversarial Attack against Vision-Language Pre-training Models. (98%)
Deciphering the Chaos: Enhancing Jailbreak Attacks via Adversarial Prompt Translation. (83%)
BeniFul: Backdoor Defense via Middle Feature Analysis for Deep Neural Networks. (82%)
Cognitive Overload Attack:Prompt Injection for Long Context. (62%)
Backdoor Attack on Vertical Federated Graph Neural Network Learning. (31%)
AdvBDGen: Adversarially Fortified Prompt-Specific Fuzzy Backdoor Generator Against LLM Alignment. (31%)
DiffGAN: A Test Generation Approach for Differential Testing of Deep Neural Networks. (10%)
Multi-round jailbreak attack on large language models. (4%)
Geometric Inductive Biases of Deep Networks: The Role of Data and Architecture. (3%)
G-Designer: Architecting Multi-agent Communication Topologies via Graph Neural Networks. (2%)
2024-10-14
Denial-of-Service Poisoning Attacks against Large Language Models. (92%)
Towards Calibrated Losses for Adversarial Robust Reject Option Classification. (86%)
Adversarially Robust Out-of-Distribution Detection Using Lyapunov-Stabilized Embeddings. (86%)
Feature Averaging: An Implicit Bias of Gradient Descent Leading to Non-Robustness in Neural Networks. (83%)
Adversarially Guided Stateful Defense Against Backdoor Attacks in Federated Deep Learning. (81%)
ROSAR: An Adversarial Re-Training Framework for Robust Side-Scan Sonar Object Detection. (67%)
How to Backdoor Consistency Models? (56%)
LLMs know their vulnerabilities: Uncover Safety Gaps through Natural Distribution Shifts. (31%)
Generalized Adversarial Code-Suggestions: Exploiting Contexts of LLM-based Code-Completion. (15%)
Enhancing Robustness in Deep Reinforcement Learning: A Lyapunov Exponent Approach. (13%)
The Implicit Bias of Structured State Space Models Can Be Poisoned With Clean Labels. (2%)
Context-Parametric Inversion: Why Instruction Finetuning May Not Actually Improve Context Reliance. (1%)
Automatically Generating Visual Hallucination Test Cases for Multimodal Large Language Models. (1%)
On Calibration of LLM-based Guard Models for Reliable Content Moderation. (1%)
Regularized Robustly Reliable Learners and Instance Targeted Attacks. (1%)
2024-10-13
S$^4$ST: A Strong, Self-transferable, faSt, and Simple Scale Transformation for Transferable Targeted Attack. (99%)
Understanding Robustness of Parameter-Efficient Tuning for Image Classification. (98%)
Out-of-Bounding-Box Triggers: A Stealthy Approach to Cheat Object Detectors. (75%)
Uncovering, Explaining, and Mitigating the Superficial Safety of Backdoor Defense. (67%)
BlackDAN: A Black-Box Multi-Objective Approach for Effective and Contextual Jailbreaking of Large Language Models. (13%)
Targeted Vaccine: Safety Alignment for Large Language Models against Harmful Fine-Tuning via Layer-wise Perturbation. (1%)
2024-10-12
Unlearn and Burn: Adversarial Machine Unlearning Requests Destroy Model Accuracy. (91%)
Robust 3D Point Clouds Classification based on Declarative Defenders. (2%)
2024-10-11
On the Adversarial Transferability of Generalized "Skip Connections". (99%)
Natural Language Induced Adversarial Images. (99%)
Fragile Giants: Understanding the Susceptibility of Models to Subpopulation Attacks. (70%)
AgentHarm: A Benchmark for Measuring Harmfulness of LLM Agents. (69%)
Training on Fake Labels: Mitigating Label Leakage in Split Learning via Secure Dimension Transformation. (62%)
PoisonBench: Assessing Large Language Model Vulnerability to Data Poisoning. (31%)
AttnGCG: Enhancing Jailbreaking Attacks on LLMs with Attention Manipulation. (31%)
The Good, the Bad and the Ugly: Watermarks, Transferable Attacks and Adversarial Defenses. (16%)
Impeding LLM-assisted Cheating in Introductory Programming Assignments via Adversarial Perturbation. (4%)
AI Learning Algorithms: Deep Learning, Hybrid Models, and Large-Scale Model Integration. (1%)
F2A: An Innovative Approach for Prompt Injection by Utilizing Feign Security Detection Agents. (1%)
RePD: Defending Jailbreak Attack through a Retrieval-based Prompt Decomposition Process. (1%)
JAILJUDGE: A Comprehensive Jailbreak Judge Benchmark with Multi-Agent Enhanced Explanation Evaluation Framework. (1%)
2024-10-10
Time Traveling to Defend Against Adversarial Example Attacks in Image Classification. (99%)
Adversarial Training Can Provably Improve Robustness: Theoretical Analysis of Feature Learning Process Under Structured Data. (99%)
Understanding Adversarially Robust Generalization via Weight-Curvature Index. (98%)
Invisibility Cloak: Disappearance under Human Pose Estimation via Backdoor Attacks. (92%)
A Survey on Physical Adversarial Attacks against Face Recognition Systems. (91%)
Towards Assurance of LLM Adversarial Robustness using Ontology-Driven Argumentation. (74%)
Securing HHL Quantum Algorithm against Quantum Computer Attacks. (73%)
Bilinear MLPs enable weight-based mechanistic interpretability. (70%)
Adversarial Robustness Overestimation and Instability in TRADES. (67%)
RAB$^2$-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients. (61%)
Poison-splat: Computation Cost Attack on 3D Gaussian Splatting. (10%)
A Closer Look at Machine Unlearning for Large Language Models. (4%)
2024-10-09
Break the Visual Perception: Adversarial Attacks Targeting Encoded Visual Tokens of Large Vision-Language Models. (99%)
Understanding Model Ensemble in Transferable Adversarial Attack. (99%)
Secure Video Quality Assessment Resisting Adversarial Attacks. (75%)
Can DeepFake Speech be Reliably Detected? (62%)
Data Taggants: Dataset Ownership Verification via Harmless Targeted Data Poisoning. (15%)
Average Certified Radius is a Poor Metric for Randomized Smoothing. (13%)
JPEG Inspired Deep Learning. (11%)
Adversarial Vulnerability as a Consequence of On-Manifold Inseparibility. (2%)
Cheating Automatic LLM Benchmarks: Null Models Achieve High Win Rates. (2%)
Mind Your Questions! Towards Backdoor Attacks on Text-to-Visualization Models. (2%)
AdaRC: Mitigating Graph Structure Shifts during Test-Time. (1%)
PII-Scope: A Comprehensive Study on Training Data PII Extraction Attacks in LLMs. (1%)
Utilize the Flow before Stepping into the Same River Twice: Certainty Represented Knowledge Flow for Refusal-Aware Instruction Tuning. (1%)
2024-10-08
Hyper Adversarial Tuning for Boosting Adversarial Robustness of Pretrained Large Vision Models. (99%)
DiffusionGuard: A Robust Defense Against Malicious Diffusion-based Image Editing. (98%)
Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification. (98%)
CALoR: Towards Comprehensive Model Inversion Defense. (76%)
Polynomial Time Cryptanalytic Extraction of Deep Neural Networks in the Hard-Label Setting. (74%)
Training-free LLM-generated Text Detection by Mining Token Probability Sequences. (26%)
PFAttack: Stealthy Attack Bypassing Group Fairness in Federated Learning. (10%)
Recent advancements in LLM Red-Teaming: Techniques, Defenses, and Ethical Considerations. (10%)
2024-10-07
LOTOS: Layer-wise Orthogonalization for Training Robust Ensembles. (99%)
AnyAttack: Towards Large-scale Self-supervised Adversarial Attacks on Vision-language Models. (99%)
TaeBench: Improving Quality of Toxic Adversarial Examples. (99%)
Patch is Enough: Naturalistic Adversarial Patch against Vision-Language Pre-training Models. (95%)
MIBench: A Comprehensive Framework for Benchmarking Model Inversion Attack and Defense. (86%)
STOP! Camera Spoofing via the in-Vehicle IP Network. (83%)
SecAlign: Defending Against Prompt Injection with Preference Optimization. (78%)
Double Oracle Neural Architecture Search for Game Theoretic Deep Learning Models. (76%)
Collaboration! Towards Robust Neural Methods for Routing Problems. (70%)
CAT: Concept-level backdoor ATtacks for Concept Bottleneck Models. (11%)
Defense-as-a-Service: Black-box Shielding against Backdoored Graph Models. (8%)
Towards World Simulator: Crafting Physical Commonsense-Based Benchmark for Video Generation. (1%)
2024-10-06
Graded Suspiciousness of Adversarial Texts to Human. (99%)
On the Adversarial Risk of Test Time Adaptation: An Investigation into Realistic Test-Time Data Poisoning. (99%)
TA3: Testing Against Adversarial Attacks on Machine Learning Models. (67%)
Robustness Reprogramming for Representation Learning. (56%)
Towards Understanding and Enhancing Security of Proof-of-Training for DNN Model Ownership Verification. (2%)
Federated Learning Nodes Can Reconstruct Peers' Image Data. (1%)
2024-10-05
Harnessing Task Overload for Scalable Jailbreak Attacks on Large Language Models. (38%)
ConDa: Fast Federated Unlearning with Contribution Dampening. (1%)
2024-10-04
Mitigating Adversarial Perturbations for Deep Reinforcement Learning via Vector Quantization. (98%)
RAFT: Realistic Attacks to Fool Text Detectors. (96%)
A Brain-Inspired Regularizer for Adversarial Robustness. (92%)
Gradient-based Jailbreak Images for Multimodal Fusion Models. (16%)
You Know What I'm Saying -- Jailbreak Attack via Implicit Reference. (16%)
Impact of Regularization on Calibration and Robustness: from the Representation Space Perspective. (13%)
Make Interval Bound Propagation great again. (9%)
Classification-Denoising Networks. (9%)
Knowledge-Augmented Reasoning for EUAIA Compliance and Adversarial Robustness of LLMs. (2%)
BN-SCAFFOLD: controlling the drift of Batch Normalization statistics in Federated Learning. (1%)
Chain-of-Jailbreak Attack for Image Generation Models via Editing Step by Step. (1%)
2024-10-03
SCA: Highly Efficient Semantic-Consistent Unrestricted Adversarial Attack. (99%)
LLM Safeguard is a Double-Edged Sword: Exploiting False Positives for Denial-of-Service Attacks. (47%)
Towards Universal Certified Robustness with Multi-Norm Training. (41%)
Agent Security Bench (ASB): Formalizing and Benchmarking Attacks and Defenses in LLM-based Agents. (15%)
AutoDAN-Turbo: A Lifelong Agent for Strategy Self-Exploration to Jailbreak LLMs. (11%)
Demonstration Attack against In-Context Learning for Code Intelligence. (10%)
Optimizing Adaptive Attacks against Watermarks for Language Models. (5%)
F-Fidelity: A Robust Framework for Faithfulness Evaluation of Explainable AI. (4%)
Unveiling AI's Blind Spots: An Oracle for In-Domain, Out-of-Domain, and Adversarial Errors. (3%)
Jailbreak Antidote: Runtime Safety-Utility Balance via Sparse Representation Adjustment in Large Language Models. (3%)
MTDNS: Moving Target Defense for Resilient DNS Infrastructure. (2%)
Cut the Crap: An Economical Communication Pipeline for LLM-based Multi-Agent Systems. (1%)
IndicSentEval: How Effectively do Multilingual Transformer Models encode Linguistic Properties for Indic Languages? (1%)
BACKTIME: Backdoor Attacks on Multivariate Time Series Forecasting. (1%)
Universally Optimal Watermarking Schemes for LLMs: from Theory to Practice. (1%)
Buckle Up: Robustifying LLMs at Every Customization Stage via Data Curation. (1%)
Erasing Conceptual Knowledge from Language Models. (1%)
2024-10-02
Impact of White-Box Adversarial Attacks on Convolutional Neural Networks. (99%)
Signal Adversarial Examples Generation for Signal Detection Network via White-Box Attack. (99%)
On Using Certified Training towards Empirical Robustness. (99%)
MOREL: Enhancing Adversarial Robustness through Multi-Objective Representation Learning. (99%)
Adversarial Robustness of AI-Generated Image Detectors in the Real World. (99%)
"No Matter What You Do": Purifying GNN Models via Backdoor Unlearning. (93%)
Social Media Authentication and Combating Deepfakes using Semi-fragile Invisible Image Watermarking. (82%)
The Unlikely Hero: Nonideality in Analog Photonic Neural Networks as Built-in Defender Against Adversarial Attacks. (76%)
The Great Contradiction Showdown: How Jailbreak and Stealth Wrestle in Vision-Language Models? (38%)
Endless Jailbreaks with Bijection Learning. (16%)
BadCM: Invisible Backdoor Attack Against Cross-Modal Learning. (13%)
Controlled Generation of Natural Adversarial Documents for Stealthy Retrieval Poisoning. (13%)
Automated Red Teaming with GOAT: the Generative Offensive Agent Tester. (11%)
One Wave to Explain Them All: A Unifying Perspective on Post-hoc Explainability. (1%)
2024-10-01
Empirical Perturbation Analysis of Linear System Solvers from a Data Poisoning Perspective. (54%)
Adversarial Suffixes May Be Features Too! (45%)
2024-09-30
Characterizing Model Robustness via Natural Input Gradients. (92%)
Robust LLM safeguarding via refusal feature adversarial training. (80%)
Resonance Reduction Against Adversarial Attacks in Dynamic Networks via Eigenspectrum Optimization. (76%)
Navigating Threats: A Survey of Physical Adversarial Attacks on LiDAR Perception Systems in Autonomous Vehicles. (45%)
VLMGuard: Defending VLMs against Malicious Prompts via Unlabeled Data. (8%)
2024-09-29
MASKDROID: Robust Android Malware Detection with Masked Graph Representations. (99%)
Adversarial Examples for DNA Classification. (98%)
Discerning the Chaos: Detecting Adversarial Perturbations while Disentangling Intentional from Unintentional Noises. (86%)
BadHMP: Backdoor Attack against Human Motion Prediction. (61%)
Nonideality-aware training makes memristive networks more robust to adversarial attacks. (38%)
Infighting in the Dark: Multi-Labels Backdoor Attack in Federated Learning. (33%)
Towards Robust Extractive Question Answering Models: Rethinking the Training Methodology. (10%)
Learning Robust Policies via Interpretable Hamilton-Jacobi Reachability-Guided Disturbances. (5%)
IDEAW: Robust Neural Audio Watermarking with Invertible Dual-Embedding. (1%)
Can Models Learn Skill Composition from Examples? (1%)
2024-09-28
Efficient Backdoor Defense in Multimodal Contrastive Learning: A Token-Level Unlearning Method for Mitigating Threats. (74%)
GenTel-Safe: A Unified Benchmark and Shielding Framework for Defending Against Prompt Injection Attacks. (13%)
Leveraging MTD to Mitigate Poisoning Attacks in Decentralized FL with Non-IID Data. (11%)
Survey of Security and Data Attacks on Machine Unlearning In Financial and E-Commerce. (2%)
Privacy Attack in Federated Learning is Not Easy: An Experimental Study. (1%)
2024-09-27
Adversarial Challenges in Network Intrusion Detection Systems: Research Insights and Future Prospects. (96%)
Enhancing Robustness of Graph Neural Networks through p-Laplacian. (12%)
Efficient Noise Mitigation for Enhancing Inference Accuracy in DNNs on Mixed-Signal Accelerators. (1%)
In-depth Analysis of Privacy Threats in Federated Learning for Medical Data. (1%)
2024-09-26
Showing Many Labels in Multi-label Classification Models: An Empirical Study of Adversarial Examples. (98%)
Cross-Modality Attack Boosted by Gradient-Evolutionary Multiform Optimization. (98%)
Discovering New Shadow Patterns for Black-Box Attacks on Lane Detection of Autonomous Vehicles. (97%)
Improving Fast Adversarial Training via Self-Knowledge Guidance. (82%)
Faithfulness and the Notion of Adversarial Sensitivity in NLP Explanations. (69%)
CleanerCLIP: Fine-grained Counterfactual Semantic Augmentation for Backdoor Defense in Contrastive Learning. (69%)
DarkSAM: Fooling Segment Anything Model to Segment Nothing. (68%)
Perturb, Attend, Detect and Localize (PADL): Robust Proactive Image Defense. (56%)
Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. (54%)
Backdoor Attacks for LLMs with Weak-To-Strong Knowledge Distillation. (15%)
Harmful Fine-tuning Attacks and Defenses for Large Language Models: A Survey. (15%)
Dark Miner: Defend against unsafe generation for text-to-image diffusion models. (5%)
An Adversarial Perspective on Machine Unlearning for AI Safety. (2%)
Revolutionizing Payload Inspection: A Self-Supervised Journey to Precision with Few Shots. (2%)
2024-09-25
Improving the Shortest Plank: Vulnerability-Aware Adversarial Training for Robust Recommender System. (93%)
A Hybrid Quantum-Classical AI-Based Detection Strategy for Generative Adversarial Network-Based Deepfake Attacks on an Autonomous Vehicle Traffic Sign Classification System. (82%)
RED QUEEN: Safeguarding Large Language Models against Concealed Multi-Turn Jailbreaking. (75%)
Transient Adversarial 3D Projection Attacks on Object Detection in Autonomous Driving. (67%)
Examining the Rat in the Tunnel: Interpretable Multi-Label Classification of Tor-based Malware. (45%)
SWE2: SubWord Enriched and Significant Word Emphasized Framework for Hate Speech Detection. (38%)
SHEATH: Defending Horizontal Collaboration for Distributed CNNs against Adversarial Noise. (22%)
Claim-Guided Textual Backdoor Attack for Practical Applications. (10%)
Cat-and-Mouse Satellite Dynamics: Divergent Adversarial Reinforcement Learning for Contested Multi-Agent Space Operations. (1%)
2024-09-24
Adversarial Backdoor Defense in CLIP. (99%)
Revisiting Acoustic Features for Robust ASR. (84%)
Adversarial Watermarking for Face Recognition. (80%)
Proactive Schemes: A Survey of Adversarial Attacks for Social Good. (54%)
Privacy Evaluation Benchmarks for NLP Models. (45%)
Towards Robust Object Detection: Identifying and Removing Backdoors via Module Inconsistency Analysis. (33%)
PACE: Poisoning Attacks on Learned Cardinality Estimation. (4%)
2024-09-23
Improving Adversarial Robustness for 3D Point Cloud Recognition at Test-Time through Purified Self-Training. (96%)
Interpretability-Guided Test-Time Adversarial Defense. (87%)
PAPILLON: Efficient and Stealthy Fuzz Testing-Powered Jailbreaks for LLMs. (87%)
Data Poisoning-based Backdoor Attack Framework against Supervised Learning Rules of Spiking Neural Networks. (68%)
Attack Atlas: A Practitioner's Perspective on Challenges and Pitfalls in Red Teaming GenAI. (47%)
PROMPTFUZZ: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs. (33%)
Log-normal Mutations and their Use in Detecting Surreptitious Fake Images. (13%)
Curb Your Attention: Causal Attention Gating for Robust Trajectory Prediction in Autonomous Driving. (12%)
Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks. (5%)
Room Impulse Responses help attackers to evade Deep Fake Detection. (1%)
AIM 2024 Sparse Neural Rendering Challenge: Dataset and Benchmark. (1%)
UTrace: Poisoning Forensics for Private Collaborative Learning. (1%)
SDBA: A Stealthy and Long-Lasting Durable Backdoor Attack in Federated Learning. (1%)
2024-09-22
Enhancing LLM-based Autonomous Driving Agents to Mitigate Perception Attacks. (10%)
Evaluating the Performance and Robustness of LLMs in Materials Science Q&A and Property Predictions. (1%)
2024-09-21
Cloud Adversarial Example Generation for Remote Sensing Image Classification. (99%)
Adversarial Attacks on Parts of Speech: An Empirical Study in Text-to-Image Generation. (98%)
When Witnesses Defend: A Witness Graph Topological Layer for Adversarial Graph Learning. (69%)
PathSeeker: Exploring LLM Security Vulnerabilities with a Reinforcement Learning-Based Jailbreak Approach. (62%)
ESPERANTO: Evaluating Synthesized Phrases to Enhance Robustness in AI Detection for Text Origination. (10%)
Perfect Gradient Inversion in Federated Learning: A New Paradigm from the Hidden Subset Sum Problem. (8%)
Data-centric NLP Backdoor Defense from the Lens of Memorization. (4%)
2024-09-20
Efficient Visualization of Neural Networks with Generative Models and Adversarial Perturbations. (99%)
ViTGuard: Attention-aware Detection against Adversarial Examples for Vision Transformer. (99%)
Certified Adversarial Robustness via Partition-based Randomized Smoothing. (81%)
ID-Guard: A Universal Framework for Combating Facial Manipulation via Breaking Identification. (80%)
Persistent Backdoor Attacks in Continual Learning. (73%)
Relationship between Uncertainty in DNNs and Adversarial Attacks. (70%)
PureDiffusion: Using Backdoor to Counter Backdoor in Generative Diffusion Models. (61%)
On the Feasibility of Fully AI-automated Vishing Attacks. (1%)
2024-09-19
Deep generative models as an adversarial attack strategy for tabular machine learning. (99%)
TEAM: Temporal Adversarial Examples Attack Model against Network Intrusion Detection System Applied to RNN. (99%)
Hidden Activations Are Not Enough: A General Approach to Neural Network Predictions. (98%)
Defending against Reverse Preference Attacks is Difficult. (83%)
Revisiting Semi-supervised Adversarial Robustness via Noise-aware Online Robust Distillation. (45%)
VCAT: Vulnerability-aware and Curiosity-driven Adversarial Training for Enhancing Autonomous Vehicle Robustness. (26%)
Data Poisoning and Leakage Analysis in Federated Learning. (11%)
Manipulation Facing Threats: Evaluating Physical Vulnerabilities in End-to-End Vision Language Action Models. (2%)
Hidden in Plain Sound: Environmental Backdoor Poisoning Attacks on Whisper, and Mitigations. (2%)
2024-09-18
Enhancing 3D Robotic Vision Robustness by Minimizing Adversarial Mutual Information through a Curriculum Training Approach. (99%)
ITPatch: An Invisible and Triggered Physical Adversarial Patch against Traffic Sign Recognition. (99%)
NPAT Null-Space Projected Adversarial Training Towards Zero Deterioration. (96%)
ID-Free Not Risk-Free: LLM-Powered Agents Unveil Risks in ID-Free Recommender Systems. (76%)
PAD-FT: A Lightweight Defense for Backdoor Attacks via Data Purification and Fine-Tuning. (68%)
A constrained optimization approach to improve robustness of neural networks. (54%)
Understanding Implosion in Text-to-Image Generative Models. (2%)
2024-09-17
Golden Ratio Search: A Low-Power Adversarial Attack for Deep Learning based Modulation Classification. (98%)
EIA: Environmental Injection Attack on Generalist Web Agents for Privacy Leakage. (76%)
Contextual Breach: Assessing the Robustness of Transformer-based QA Models. (56%)
Prompt Obfuscation for Large Language Models. (3%)
Hard-Label Cryptanalytic Extraction of Neural Network Models. (2%)
2024-09-16
Towards Physically-Realizable Adversarial Attacks in Embodied Vision Navigation. (82%)
CaBaGe: Data-Free Model Extraction using ClAss BAlanced Generator Ensemble. (2%)
Realistic Extreme Behavior Generation for Improved AV Testing. (1%)
Jailbreaking Large Language Models with Symbolic Mathematics. (1%)
Speaker Contrastive Learning for Source Speaker Tracing. (1%)
2024-09-15
Revisiting Physical-World Adversarial Attack on Traffic Sign Recognition: A Commercial Systems Perspective. (98%)
Federated Learning in Adversarial Environments: Testbed Design and Poisoning Resilience in Cybersecurity. (8%)
2024-09-14
Real-world Adversarial Defense against Patch Attacks based on Diffusion Model. (99%)
2024-09-13
XSub: Explanation-Driven Adversarial Attack against Blackbox Classifiers via Feature Substitution. (95%)
Are Existing Road Design Guidelines Suitable for Autonomous Vehicles? (41%)
Clean Label Attacks against SLU Systems. (31%)
FAST: Boosting Uncertainty-based Test Prioritization Methods for Neural Networks via Feature Selection. (15%)
2024-09-12
LoRID: Low-Rank Iterative Diffusion for Adversarial Purification. (99%)
High-Frequency Anti-DreamBooth: Robust Defense against Personalized Image Synthesis. (93%)
FedProphet: Memory-Efficient Federated Adversarial Training via Theoretic-Robustness and Low-Inconsistency Cascade Learning. (93%)
Exploiting Supervised Poison Vulnerability to Strengthen Self-Supervised Defense. (73%)
Sub-graph Based Diffusion Model for Link Prediction. (9%)
Risks When Sharing LoRA Fine-Tuned Diffusion Model Weights. (1%)
Unleashing Worms and Extracting Data: Escalating the Outcome of Attacks against RAG-based Inference in Scale and Severity Using Jailbreaking. (1%)
2024-09-11
Module-wise Adaptive Adversarial Training for End-to-end Autonomous Driving. (99%)
Introducing Perturb-ability Score (PS) to Enhance Robustness Against Evasion Adversarial Attacks on ML-NIDS. (98%)
Securing Vision-Language Models with a Robust Encoder Against Jailbreak and Adversarial Attacks. (98%)
D-CAPTCHA++: A Study of Resilience of Deepfake CAPTCHA under Transferable Imperceptible Adversarial Attack. (93%)
A Cost-Aware Approach to Adversarial Robustness in Neural Networks. (84%)
Attack End-to-End Autonomous Driving through Module-Wise Noise. (74%)
On the Vulnerability of Applying Retrieval-Augmented Generation within Knowledge-Intensive Application Domains. (67%)
Enhancing adversarial robustness in Natural Language Inference using explanations. (67%)
AdvLogo: Adversarial Patch Attack against Object Detectors based on Diffusion Models. (64%)
Understanding Knowledge Drift in LLMs through Misinformation. (1%)
2024-09-10
Unrevealed Threats: A Comprehensive Study of the Adversarial Robustness of Underwater Image Enhancement Models. (99%)
Advancing Hybrid Defense for Byzantine Attacks in Federated Learning. (87%)
Adversarial Attacks to Multi-Modal Models. (76%)
DV-FSR: A Dual-View Target Attack Framework for Federated Sequential Recommendation. (67%)
2024-09-09
Seeing Through the Mask: Rethinking Adversarial Examples for CAPTCHAs. (99%)
Adversarial Attacks on Data Attribution. (99%)
Unlearning or Concealment? A Critical Analysis and Evaluation Metrics for Unlearning in Diffusion Models. (84%)
Input Space Mode Connectivity in Deep Neural Networks. (83%)
On the Weaknesses of Backdoor-based Model Watermarking: An Information-theoretic Perspective. (33%)
Re-evaluating the Advancements of Heterophilic Graph Learning. (1%)
2024-09-08
PIP: Detecting Adversarial Examples in Large Vision-Language Models via Attention Patterns of Irrelevant Probe Questions. (99%)
2DSig-Detect: a semi-supervised framework for anomaly detection on image data using 2D-signatures. (87%)
Vision-fused Attack: Advancing Aggressive and Stealthy Adversarial Text against Neural Machine Translation. (67%)
Natias: Neuron Attribution based Transferable Image Adversarial Steganography. (67%)
2024-09-07
Phrase-Level Adversarial Training for Mitigating Bias in Neural Network-based Automatic Essay Scoring. (86%)
PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via `Singing Pixels'. (80%)
Top-GAP: Integrating Size Priors in CNNs for more Interpretability, Robustness, and Bias Mitigation. (12%)
2024-09-06
Learning to Learn Transferable Generative Attack for Person Re-Identification. (99%)
PANTS: Practical Adversarial Network Traffic Samples against ML-powered Networking Classifiers. (99%)
Secure Traffic Sign Recognition: An Attention-Enabled Universal Image Inpainting Mechanism against Light Patch Attacks. (83%)
Mind The Gap: Can Air-Gaps Keep Your Private Data Secure? (74%)
Exploiting the Data Gap: Utilizing Non-ignorable Missingness to Manipulate Model Learning. (38%)
Context is the Key: Backdoor Attacks for In-Context Learning with Vision Transformers. (8%)
Dual-stream Feature Augmentation for Domain Generalization. (8%)
2024-09-05
A practical approach to evaluating the adversarial distance for machine learning classifiers. (98%)
Non-Uniform Illumination Attack for Fooling Convolutional Neural Networks. (92%)
Limited but consistent gains in adversarial robustness by co-training object recognition models with human EEG. (31%)
Recent Advances in Attack and Defense Approaches of Large Language Models. (4%)
WaterMAS: Sharpness-Aware Maximization for Neural Network Watermarking. (3%)
Understanding Data Importance in Machine Learning Attacks: Does Valuable Data Pose Greater Harm? (1%)
2024-09-04
Bypassing DARCY Defense: Indistinguishable Universal Adversarial Triggers. (99%)
OpenFact at CheckThat! 2024: Combining Multiple Attack Methods for Effective Adversarial Text Generation. (99%)
TASAR: Transfer-based Attack on Skeletal Action Recognition. (99%)
Adversarial Attacks on Machine Learning-Aided Visualizations. (83%)
Transfer-based Adversarial Poisoning Attacks for Online (MIMO-)Deep Receviers. (76%)
Boosting Certificate Robustness for Time Series Classification with Efficient Self-Ensemble. (70%)
AdvSecureNet: A Python Toolkit for Adversarial Machine Learning. (33%)
Active Fake: DeepFake Camouflage. (13%)
Well, that escalated quickly: The Single-Turn Crescendo Attack (STCA). (2%)
"Yes, My LoRD." Guiding Language Model Extraction with Locality Reinforced Distillation. (1%)
2024-09-03
Exploiting the Vulnerability of Large Language Models via Defense-Aware Architectural Backdoor. (97%)
Dynamic Guidance Adversarial Distillation with Enhanced Teacher Knowledge. (92%)
NoiseAttack: An Evasive Sample-Specific Multi-Targeted Backdoor Attack Through White Gaussian Noise. (16%)
Reassessing Noise Augmentation Methods in the Context of Adversarial Speech. (5%)
On the Vulnerability of Skip Connections to Model Inversion Attacks. (3%)
2024-09-02
One-Index Vector Quantization Based Adversarial Attack on Image Classification. (99%)
Adversarial Pruning: A Survey and Benchmark of Pruning Methods for Adversarial Robustness. (99%)
Phantom: Untargeted Poisoning Attacks on Semi-Supervised Learning (Full Version). (68%)
Defending against Model Inversion Attacks via Random Erasing. (64%)
CLIBE: Detecting Dynamic Backdoors in Transformer-based NLP Models. (62%)
Agentic Copyright Watermarking against Adversarial Evidence Forgery with Purification-Agnostic Curriculum Proxy Learning. (33%)
Unveiling the Vulnerability of Private Fine-Tuning in Split-Based Frameworks for Large Language Models: A Bidirectionally Enhanced Attack. (26%)
A Review of Image Retrieval Techniques: Data Augmentation and Adversarial Learning Approaches. (16%)
Spatial-Aware Conformal Prediction for Trustworthy Hyperspectral Image Classification. (1%)
2024-09-01
Comprehensive Botnet Detection by Mitigating Adversarial Attacks, Navigating the Subtleties of Perturbation Distances and Fortifying Predictions with Conformal Layers. (99%)
Accurate Forgetting for All-in-One Image Restoration Model. (83%)
The Dark Side of Human Feedback: Poisoning Large Language Models via User Inputs. (26%)
Fisher Information guided Purification against Backdoor Attacks. (12%)
2024-08-31
HSF: Defending against Jailbreak Attacks with Hidden State Filtering. (75%)
Is Difficulty Calibration All We Need? Towards More Practical Membership Inference Attacks. (15%)
Robust off-policy Reinforcement Learning via Soft Constrained Adversary. (4%)
2024-08-30
LightPure: Realtime Adversarial Image Purification for Mobile Devices Using Diffusion Models. (92%)
Instant Adversarial Purification with Adversarial Consistency Distillation. (87%)
PRADA: Proactive Risk Assessment and Mitigation of Misinformed Demand Attacks on Navigational Route Recommendations. (8%)
Evaluating Reliability in Medical DNNs: A Critical Analysis of Feature and Confidence-Based OOD Detection. (1%)
2024-08-29
STEREO: Towards Adversarially Robust Concept Erasing from Text-to-Image Generation Models. (96%)
PromptSmooth: Certifying Robustness of Medical Vision-Language Models via Prompt Learning. (92%)
SFR-GNN: Simple and Fast Robust GNNs against Structural Attacks. (67%)
Analyzing Inference Privacy Risks Through Gradients in Machine Learning. (54%)
Tex-ViT: A Generalizable, Robust, Texture-based dual-branch cross-attention deepfake detector. (12%)
2024-08-28
Evaluating Model Robustness Using Adaptive Sparse L0 Regularization. (99%)
Defending Text-to-image Diffusion Models: Surprising Efficacy of Textual Perturbations Against Backdoor Attacks. (83%)
Network transferability of adversarial patches in real-time object detection. (83%)
Fusing Pruned and Backdoored Models: Optimal Transport-based Data-free Backdoor Mitigation. (47%)
VFLIP: A Backdoor Defense for Vertical Federated Learning via Identification and Purification. (2%)
FRACTURED-SORRY-Bench: Framework for Revealing Attacks in Conversational Turns Undermining Refusal Efficacy and Defenses over SORRY-Bench (Automated Multi-shot Jailbreaks). (1%)
2024-08-27
Adversarial Attacks and Defenses in Multivariate Time-Series Forecasting for Smart and Connected Infrastructures. (99%)
Improving Adversarial Robustness in Android Malware Detection by Reducing the Impact of Spurious Correlations. (99%)
Certified Causal Defense with Generalizable Robustness. (99%)
Adversarial Manhole: Challenging Monocular Depth Estimation and Semantic Segmentation Models with Patch Attack. (98%)
LLM Defenses Are Not Robust to Multi-Turn Human Jailbreaks Yet. (12%)
Understanding the Effectiveness of Coverage Criteria for Large Language Models: A Special Angle from Jailbreak Attacks. (11%)
Detecting AI Flaws: Target-Driven Attacks on Internal Faults in Language Models. (8%)
SpecGuard: Specification Aware Recovery for Robotic Autonomous Vehicles from Physical Attacks. (3%)
EmoAttack: Utilizing Emotional Voice Conversion for Speech Backdoor Attacks on Deep Speech Classification Models. (2%)
2024-08-26
TART: Boosting Clean Accuracy Through Tangent Direction Guided Adversarial Training. (99%)
2D-Malafide: Adversarial Attacks Against Face Deepfake Detection Systems. (99%)
Feedback-based Modal Mutual Search for Attacking Vision-Language Pre-training Models. (99%)
Celtibero: Robust Layered Aggregation for Federated Learning. (92%)
Dual Adversarial Perturbators Generate rich Views for Recommendation. (5%)
Surprisingly Fragile: Assessing and Addressing Prompt Instability in Multimodal Foundation Models. (1%)
Investigating the Effectiveness of Bayesian Spam Filters in Detecting LLM-modified Spam Mails. (1%)
2024-08-25
On the Robustness of Kolmogorov-Arnold Networks: An Adversarial Perspective. (98%)
HTS-Attack: Heuristic Token Search for Jailbreaking Text-to-Image Models. (97%)
TF-Attack: Transferable and Fast Adversarial Attacks on Large Language Models. (96%)
Sample-Independent Federated Learning Backdoor Attack in Speaker Recognition. (1%)
Generalization of Graph Neural Networks is Robust to Model Mismatch. (1%)
2024-08-24
Probing the Robustness of Vision-Language Pretrained Models: A Multimodal Adversarial Attack Approach. (99%)
Evaluating the Robustness of LiDAR-based 3D Obstacles Detection and Its Impacts on Autonomous Driving Systems. (1%)
2024-08-23
Dynamic Label Adversarial Training for Deep Learning Robustness Against Adversarial Attacks. (99%)
Toward Improving Synthetic Audio Spoofing Detection Robustness via Meta-Learning and Disentangled Training With Adversarial Examples. (98%)
Disentangled Training with Adversarial Examples For Robust Small-footprint Keyword Spotting. (83%)
Protecting against simultaneous data poisoning attacks. (54%)
Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection. (2%)
2024-08-22
Enhancing Transferability of Adversarial Attacks with GE-AdvGAN+: A Comprehensive Framework for Gradient Editing. (99%)
Leveraging Information Consistency in Frequency and Spatial Domain for Adversarial Attacks. (99%)
MakeupAttack: Feature Space Black-box Backdoor Attack on Face Recognition via Makeup Transfer. (98%)
BankTweak: Adversarial Attack against Multi-Object Trackers by Manipulating Feature Banks. (80%)
On the Credibility of Backdoor Attacks Against Object Detectors in the Physical World. (75%)
BackdoorLLM: A Comprehensive Benchmark for Backdoor Attacks on Large Language Models. (70%)
Is Generative AI the Next Tactical Cyber Weapon For Threat Actors? Unforeseen Implications of AI Generated Cyber Attacks. (2%)
VALE: A Multimodal Visual and Language Explanation Framework for Image Classifiers using eXplainable AI and Language Models. (2%)
Quantifying Psychological Sophistication of Malicious Emails. (2%)
2024-08-21
Query-Efficient Video Adversarial Attack with Stylized Logo. (99%)
Pixel Is Not A Barrier: An Effective Evasion Attack for Pixel-Domain Diffusion Models. (92%)
A Practical Trigger-Free Backdoor Attack on Neural Networks. (67%)
First line of defense: A robust first layer mitigates adversarial attacks. (54%)
Exploring Robustness of Visual State Space model against Backdoor Attacks. (45%)
Against All Odds: Overcoming Typology, Script, and Language Confusion in Multilingual Embedding Inversion Attacks. (26%)
Latent Feature and Attention Dual Erasure Attack against Multi-View Diffusion Models for 3D Assets Protection. (12%)
Large Language Models are Good Attackers: Efficient and Stealthy Textual Backdoor Attacks. (10%)
2024-08-20
GAIM: Attacking Graph Neural Networks via Adversarial Influence Maximization. (99%)
Correlation Analysis of Adversarial Attack in Time Series Classification. (99%)
Privacy-preserving Universal Adversarial Defense for Black-box Models. (99%)
MsMemoryGAN: A Multi-scale Memory GAN for Palm-vein Adversarial Purification. (99%)
Revisiting Min-Max Optimization Problem in Adversarial Training. (97%)
Prompt-Agnostic Adversarial Perturbation for Customized Diffusion Models. (97%)
Iterative Window Mean Filter: Thwarting Diffusion-based Adversarial Purification. (87%)
Adversarial Attack for Explanation Robustness of Rationalization Models. (82%)
Towards Robust Knowledge Unlearning: An Adversarial Framework for Assessing and Improving Unlearning Robustness in Large Language Models. (73%)
A Grey-box Attack against Latent Diffusion Model-based Image Editing by Posterior Collapse. (68%)
Security Assessment of Hierarchical Federated Deep Learning. (67%)
Improving Out-of-Distribution Data Handling and Corruption Resistance via Modern Hopfield Networks. (54%)
Ferret: Faster and Effective Automated Red Teaming with Reward-Based Scoring Technique. (50%)
Makeup-Guided Facial Privacy Protection via Untrained Neural Network Priors. (33%)
EEG-Defender: Defending against Jailbreak through Early Exit Generation of Large Language Models. (31%)
Accelerating the Surrogate Retraining for Poisoning Attacks against Recommender Systems. (26%)
Unlocking Adversarial Suffix Optimization Without Affirmative Phrases: Efficient Black-box Jailbreaking via LLM as Optimizer. (10%)
Security Attacks on LLM-based Code Completion Tools. (8%)
MEGen: Generative Backdoor in Large Language Models via Model Editing. (2%)
Learning Randomized Algorithms with Transformers. (1%)
2024-08-19
Detecting Adversarial Attacks in Semantic Segmentation via Uncertainty Estimation: A Deep Analysis. (99%)
Robust Image Classification: Defensive Strategies against FGSM and PGD Adversarial Attacks. (99%)
Segment-Anything Models Achieve Zero-shot Robustness in Autonomous Driving. (98%)
Criticality Leveraged Adversarial Training (CLAT) for Boosted Performance via Parameter Efficiency. (31%)
The Brittleness of AI-Generated Image Watermarking Techniques: Examining Their Robustness Against Visual Paraphrasing Attacks. (5%)
Transferring Backdoors between Large Language Models by Knowledge Distillation. (2%)
Enhance Modality Robustness in Text-Centric Multimodal Alignment with Adversarial Prompting. (1%)
Perfectly Undetectable Reflection and Scaling False Data Injection Attacks via Affine Transformation on Mobile Robot Trajectory Tracking Control. (1%)
2024-08-18
Enhancing Adversarial Transferability with Adversarial Weight Tuning. (99%)
Regularization for Adversarial Robust Learning. (41%)
Adversarial Attacked Teacher for Unsupervised Domain Adaptive Object Detection. (31%)
GANPrompt: Enhancing Robustness in LLM-Based Recommendations with GAN-Enhanced Diversity Prompts. (1%)
Global BGP Attacks that Evade Route Monitoring. (1%)
2024-08-17
Attack Anything: Blind DNNs via Universal Background Adversarial Attack. (99%)
Training Verifiably Robust Agents Using Set-Based Reinforcement Learning. (75%)
DiffZOO: A Purely Query-Based Black-Box Attack for Red-teaming Text-to-Image Generative Model via Zeroth Order Optimization. (67%)
PADetBench: Towards Benchmarking Physical Attacks against Object Detection. (62%)
Malacopula: adversarial automatic speaker verification attacks using a neural-based generalised Hammerstein model. (31%)
BaThe: Defense against the Jailbreak Attack in Multimodal Large Language Models by Treating Harmful Instruction as Backdoor Trigger. (10%)
Characterizing and Evaluating the Reliability of LLMs against Jailbreak Attacks. (5%)
PREMAP: A Unifying PREiMage APproximation Framework for Neural Networks. (2%)
Out-of-distribution materials property prediction using adversarial learning based fine-tuning. (1%)
2024-08-16
Ask, Attend, Attack: A Effective Decision-Based Black-Box Targeted Attack for Image-to-Text Models. (98%)
Towards Physical World Backdoor Attacks against Skeleton Action Recognition. (93%)
LEVIS: Large Exact Verifiable Input Spaces for Neural Networks. (87%)
Can Large Language Models Improve the Adversarial Robustness of Graph Neural Networks? (83%)
Visual-Friendly Concept Protection via Selective Adversarial Perturbations. (75%)
Mitigating Backdoor Attacks in Federated Learning via Flipping Weight Updates of Low-Activation Input Neurons. (1%)
2024-08-15
DFT-Based Adversarial Attack Detection in MRI Brain Imaging: Enhancing Diagnostic Accuracy in Alzheimer's Case Studies. (99%)
A Multi-task Adversarial Attack Against Face Authentication. (98%)
Evaluating Text Classification Robustness to Part-of-Speech Adversarial Examples. (98%)
Unlearnable Examples Detection via Iterative Filtering. (88%)
A Survey of Trojan Attacks and Defenses to Deep Neural Networks. (78%)
Efficient Image-to-Image Diffusion Classifier for Adversarial Robustness. (76%)
Prefix Guidance: A Steering Wheel for Large Language Models to Defend Against Jailbreak Attacks. (74%)
$\textit{MMJ-Bench}$: A Comprehensive Study on Jailbreak Attacks and Defenses for Multimodal Large Language Models. (70%)
Random Gradient Masking as a Defensive Measure to Deep Leakage in Federated Learning. (8%)
A Robust Multi-Stage Intrusion Detection System for In-Vehicle Network Security using Hierarchical Federated Learning. (2%)
2024-08-14
Enhancing Adversarial Attacks via Parameter Adaptive Adversarial Attack. (99%)
TabularBench: Benchmarking Adversarial Robustness for Tabular Deep Learning in Real-world Use-cases. (98%)
Robust Active Learning (RoAL): Countering Dynamic Adversaries in Active Learning with Elastic Weight Consolidation. (80%)
Achieving Data Efficient Neural Networks with Hybrid Concept-based Models. (70%)
Sonic: Fast and Transferable Data Poisoning on Clustering Algorithms. (67%)
BadMerging: Backdoor Attacks Against Model Merging. (47%)
BAPLe: Backdoor Attacks on Medical Foundational Models using Prompt Learning. (38%)
Cognitive Networks and Performance Drive fMRI-Based State Classification Using DNN Models. (1%)
2024-08-13
DePatch: Towards Robust Adversarial Patch for Evading Person Detectors in the Real World. (92%)
Robust Black-box Testing of Deep Neural Networks using Co-Domain Coverage. (12%)
Imagen 3. (11%)
2024-08-12
Towards Adversarial Robustness via Debiased High-Confidence Logit Alignment. (99%)
Fooling SHAP with Output Shuffling Attacks. (81%)
Understanding Byzantine Robustness in Federated Learning with A Black-box Server. (13%)
2024-08-11
Improving Adversarial Transferability with Neighbourhood Gradient Information. (99%)
Classifier Guidance Enhances Diffusion-based Adversarial Purification by Preserving Predictive Information. (98%)
Kov: Transferable and Naturalistic Black-Box LLM Attacks using Markov Decision Processes and Tree Search. (9%)
2024-08-10
ReToMe-VA: Recursive Token Merging for Video Diffusion-based Unrestricted Adversarial Attack. (99%)
StealthDiffusion: Towards Evading Diffusion Forensic Detection through Diffusion Model. (99%)
PointNCBW: Towards Dataset Ownership Verification for Point Clouds via Negative Clean-label Backdoor Watermark. (13%)
2024-08-09
Modeling Electromagnetic Signal Injection Attacks on Camera-based Smart Systems: Applications and Mitigation. (84%)
A Jailbroken GenAI Model Can Cause Substantial Harm: GenAI-powered Applications are Vulnerable to PromptWares. (2%)
Rag and Roll: An End-to-End Evaluation of Indirect Prompt Manipulations in LLM-based Application Frameworks. (2%)
TrajFM: A Vehicle Trajectory Foundation Model for Region and Task Transferability. (1%)
2024-08-08
Constructing Adversarial Examples for Vertical Federated Learning: Optimal Client Corruption through Multi-Armed Bandit. (99%)
Adversarially Robust Industrial Anomaly Detection Through Diffusion Model. (99%)
Ensemble everything everywhere: Multi-scale aggregation for adversarial robustness. (99%)
Eliminating Backdoors in Neural Code Models via Trigger Inversion. (92%)
Improving Network Interpretability via Explanation Consistency Evaluation. (81%)
Unveiling Hidden Visual Information: A Reconstruction Attack Against Adversarial Visual Information Hiding. (80%)
Towards Resilient and Efficient LLMs: A Comparative Study of Efficiency, Performance, and Adversarial Robustness. (67%)
Stability Analysis of Equivariant Convolutional Representations Through The Lens of Equivariant Multi-layered CKNs. (61%)
h4rm3l: A Dynamic Benchmark of Composable Jailbreak Attacks for LLM Safety Assessment. (15%)
VideoQA in the Era of LLMs: An Empirical Study. (1%)
2024-08-07
Investigating Adversarial Attacks in Software Analytics via Machine Learning Explainability. (99%)
Enhancing Output Diversity Improves Conjugate Gradient-based Adversarial Attacks. (98%)
EdgeShield: A Universal and Efficient Edge Computing Framework for Robust AI. (83%)
EnJa: Ensemble Jailbreak on Large Language Models. (83%)
MORTAR: A Model-based Runtime Action Repair Framework for AI-enabled Cyber-Physical Systems. (76%)
LaFA: Latent Feature Attacks on Non-negative Matrix Factorization. (38%)
MTDSense: AI-Based Fingerprinting of Moving Target Defense Techniques in Software-Defined Networking. (26%)
FDI: Attack Neural Code Generation Systems through User Feedback Channel. (5%)
Hard to Explain: On the Computational Hardness of In-Distribution Model Interpretation. (1%)
Decoding Biases: Automated Methods and LLM Judges for Gender Bias Detection in Language Models. (1%)
2024-08-06
Adversarial Robustness of Open-source Text Classification Models and Fine-Tuning Chains. (98%)
Sample-agnostic Adversarial Perturbation for Vision-Language Pre-training Models. (98%)
Simple Perturbations Subvert Ethereum Phishing Transactions Detection: An Empirical Analysis. (92%)
Attacks and Defenses for Generative Diffusion Models: A Comprehensive Survey. (64%)
A Study on Prompt Injection Attack Against LLM-Integrated Mobile Robotic Systems. (2%)
2024-08-05
On the Robustness of Malware Detectors to Adversarial Samples. (99%)
Mitigating Malicious Attacks in Federated Learning via Confidence-aware Defense. (84%)
Black-Box Adversarial Attacks on LLM-Based Code Completion. (62%)
SEAS: Self-Evolving Adversarial Safety Optimization for Large Language Models. (38%)
Pre-trained Encoder Inference: Revealing Upstream Encoders In Downstream Machine Learning Services. (16%)
Why Are My Prompts Leaked? Unraveling Prompt Extraction Threats in Customized Large Language Models. (13%)
Can Reinforcement Learning Unlock the Hidden Dangers in Aligned Large Language Models? (8%)
RCDM: Enabling Robustness for Conditional Diffusion Model. (4%)
Compromising Embodied Agents with Contextual Backdoor Attacks. (4%)
2024-08-04
AdvQDet: Detecting Query-Based Adversarial Attacks with Adversarial Contrastive Prompt Tuning. (99%)
A Survey and Evaluation of Adversarial Attacks for Object Detection. (99%)
Label Augmentation for Neural Networks Robustness. (98%)
Top K Enhanced Reinforcement Learning Attacks on Heterogeneous Graph Node Classification. (76%)
Model Hijacking Attack in Federated Learning. (75%)
Robustness of Watermarking on Text-to-Image Diffusion Models. (22%)
FovEx: Human-inspired Explanations for Vision Transformers and Convolutional Neural Networks. (1%)
2024-08-03
ALIF: Low-Cost Adversarial Audio Attacks on Black-Box Speech Platforms using Linguistic Features. (99%)
Joint Universal Adversarial Perturbations with Interpretations. (99%)
Downstream Transfer Attack: Adversarial Attacks on Downstream Models with Pre-trained Vision Transformers. (99%)
2024-08-02
Guardians of Image Quality: Benchmarking Defenses Against Adversarial Attacks on Image Quality Metrics. (98%)
Trustworthy Machine Learning under Social and Adversarial Data Sources. (83%)
EmoBack: Backdoor Attacks Against Speaker Identification Using Emotional Prosody. (80%)
Interpreting Global Perturbation Robustness of Image Models using Axiomatic Spectral Importance Decomposition. (61%)
Assessing Robustness of Machine Learning Models using Covariate Perturbations. (33%)
Certifiably Robust Encoding Schemes. (31%)
Hallu-PI: Evaluating Hallucination in Multi-modal Large Language Models within Perturbed Inputs. (2%)
Blockchain Amplification Attack. (1%)
2024-08-01
Autonomous LLM-Enhanced Adversarial Attack for Text-to-Motion. (99%)
OTAD: An Optimal Transport-Induced Robust Model for Agnostic Adversarial Attack. (99%)
Securing the Diagnosis of Medical Imaging: An In-depth Analysis of AI-Resistant Attacks. (99%)
CERT-ED: Certifiably Robust Text Classification for Edit Distance. (98%)
ADBM: Adversarial diffusion bridge model for reliable adversarial purification. (96%)
Discrete Randomized Smoothing Meets Quantum Computing. (41%)
Adversarial Text Rewriting for Text-aware Recommender Systems. (13%)
MAARS: Multi-Rate Attack-Aware Randomized Scheduling for Securing Real-time Systems. (1%)
Pathway to Secure and Trustworthy ZSM for LLMs: Attacks, Defense, and Opportunities. (1%)
2024-07-31
Cross-modality Information Check for Detecting Jailbreaking in Multimodal Large Language Models. (98%)
On the Perturbed States for Transformed Input-robust Reinforcement Learning. (92%)
The Llama 3 Herd of Models. (62%)
Certifying Robustness of Learning-Based Keypoint Detection and Pose Estimation Methods. (22%)
Vera Verto: Multimodal Hijacking Attack. (9%)
2024-07-30
Prompt-Driven Contrastive Learning for Transferable Adversarial Attacks. (99%)
AI Safety in Practice: Enhancing Adversarial Robustness in Multimodal Image Captioning. (99%)
FACL-Attack: Frequency-Aware Contrastive Learning for Transferable Adversarial Attacks. (99%)
Vulnerabilities in AI-generated Image Detection: The Challenge of Adversarial Attacks. (99%)
Diff-Cleanse: Identifying and Mitigating Backdoor Attacks in Diffusion Models. (62%)
DeepBaR: Fault Backdoor Attack on Deep Neural Network Layers. (47%)
Breaking Agents: Compromising Autonomous LLM Agents Through Malfunction Amplification. (16%)
Bayesian Low-Rank LeArning (Bella): A Practical Approach to Bayesian Neural Networks. (1%)
2024-07-29
Adversarial Robustness in RGB-Skeleton Action Recognition: Leveraging Attention Modality Reweighter. (99%)
Enhancing Adversarial Text Attacks on BERT Models with Projected Gradient Descent. (99%)
From ML to LLM: Evaluating the Robustness of Phishing Webpage Detection Models against Adversarial Attacks. (96%)
Detecting and Understanding Vulnerabilities in Language Models via Mechanistic Interpretability. (92%)
DDAP: Dual-Domain Anti-Personalization against Text-to-Image Diffusion Models. (68%)
RSC-SNN: Exploring the Trade-off Between Adversarial Robustness and Accuracy in Spiking Neural Networks via Randomized Smoothing Coding. (50%)
Can Editing LLMs Inject Harm? (9%)
BackdoorBench: A Comprehensive Benchmark and Analysis of Backdoor Learning. (3%)
ImagiNet: A Multi-Content Dataset for Generalizable Synthetic Image Detection via Contrastive Learning. (1%)
2024-07-28
Exploring the Adversarial Robustness of CLIP for AI-generated Image Detection. (80%)
2024-07-27
EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection. (99%)
2024-07-26
Debiased Graph Poisoning Attack via Contrastive Surrogate Objective. (93%)
Robust VAEs via Generating Process of Noise Augmented Data. (87%)
Adversarial Robustification via Text-to-Image Diffusion Models. (64%)
A Survey of Malware Detection Using Deep Learning. (5%)
Unveiling Privacy Vulnerabilities: Investigating the Role of Structure in Graph Data. (1%)
UniForensics: Face Forgery Detection via General Facial Representation. (1%)
2024-07-25
Sparse vs Contiguous Adversarial Pixel Perturbations in Multimodal Models: An Empirical Analysis. (99%)
Scaling Trends in Language Model Robustness. (98%)
A Unified Understanding of Adversarial Vulnerability Regarding Unimodal Models and Vision-Language Pre-training Models. (95%)
RIDA: A Robust Attack Framework on Incomplete Graphs. (33%)
Adversarially Robust Decision Transformer. (22%)
Peak-Controlled Logits Poisoning Attack in Federated Distillation. (4%)
Network Inversion of Convolutional Neural Nets. (3%)
Regret-Optimal Defense Against Stealthy Adversaries: A System Level Approach. (1%)
2024-07-24
Physical Adversarial Attack on Monocular Depth Estimation via Shape-Varying Patches. (92%)
FLRT: Fluent Student-Teacher Redteaming. (13%)
2024-07-23
S-E Pipeline: A Vision Transformer (ViT) based Resilient Classification Pipeline for Medical Imaging Against Adversarial Attacks. (87%)
Algebraic Adversarial Attacks on Integrated Gradients. (86%)
Multimodal Unlearnable Examples: Protecting Data against Multimodal Contrastive Learning. (41%)
When AI Defeats Password Deception! A Deep Learning Framework to Distinguish Passwords and Honeywords. (13%)
Figure it Out: Analyzing-based Jailbreak Attack on Large Language Models. (13%)
RedAgent: Red Teaming Large Language Models with Context-aware Autonomous Language Agent. (5%)
From Sands to Mansions: Towards Automated Cyberattack Emulation with Classical Planning and Large Language Models. (1%)
2024-07-22
Enhancing Transferability of Targeted Adversarial Examples: A Self-Universal Perspective. (99%)
Towards Robust Vision Transformer via Masked Adaptive Ensemble. (99%)
Towards Efficient Transferable Preemptive Adversarial Defense. (99%)
On Feasibility of Intent Obfuscating Attacks. (98%)
Poisoning with A Pill: Circumventing Detection in Federated Learning. (92%)
Revisiting the Robust Alignment of Circuit Breakers. (70%)
Latent Adversarial Training Improves Robustness to Persistent Harmful Behaviors in LLMs. (56%)
Imposter.AI: Adversarial Attacks with Hidden Intentions towards Aligned Large Language Models. (11%)
Virtual Reality and Augmented Reality Security: A Reconnaissance and Vulnerability Assessment Approach. (1%)
2024-07-21
Taxonomy Driven Fast Adversarial Training. (99%)
Failures to Find Transferable Image Jailbreaks Between Vision-Language Models. (74%)
A Learning-Based Attack Framework to Break SOTA Poisoning Defenses in Federated Learning. (73%)
SeqMIA: Sequential-Metric Based Membership Inference Attack. (22%)
Explainable AI-based Intrusion Detection System for Industry 5.0: An Overview of the Literature, associated Challenges, the existing Solutions, and Potential Research Directions. (5%)
Benchmark Granularity and Model Robustness for Image-Text Retrieval. (2%)
2024-07-20
Sim-CLIP: Unsupervised Siamese Adversarial Fine-Tuning for Robust and Semantically-Rich Vision-Language Models. (68%)
2024-07-19
Data Poisoning: An Overlooked Threat to Power Grid Resilience. (68%)
Human-Interpretable Adversarial Prompt Attack on Large Language Models with Situational Context. (4%)
Adversarial Databases Improve Success in Retrieval-based Large Language Models. (1%)
On the Robustness of Fully-Spiking Neural Networks in Open-World Scenarios using Forward-Only Learning Algorithms. (1%)
2024-07-18
Cross-Task Attack: A Self-Supervision Generative Framework Based on Attention Shift. (99%)
Beyond Dropout: Robust Convolutional Neural Networks Based on Local Feature Masking. (98%)
Black-Box Opinion Manipulation Attacks to Retrieval-Augmented Generation of Large Language Models. (75%)
Prover-Verifier Games improve legibility of LLM outputs. (61%)
Compressed models are NOT miniature versions of large models. (47%)
Distributionally and Adversarially Robust Logistic Regression via Intersecting Wasserstein Balls. (16%)
A Closer Look at GAN Priors: Exploiting Intermediate Features for Enhanced Model Inversion Attacks. (10%)
2024-07-17
PG-Attack: A Precision-Guided Adversarial Attack Framework Against Vision Foundation Models for Autonomous Driving. (98%)
Preventing Catastrophic Overfitting in Fast Adversarial Training: A Bi-level Optimization Perspective. (98%)
Transferable Adversarial Facial Images for Privacy Protection. (96%)
Context-Aware Fuzzing for Robustness Enhancement of Deep Learning Models. (86%)
Krait: A Backdoor Attack Against Graph Prompt Tuning. (83%)
AgentPoison: Red-teaming LLM Agents via Poisoning Memory or Knowledge Bases. (61%)
Benchmarking Robust Self-Supervised Learning Across Diverse Downstream Tasks. (12%)
Direct Unlearning Optimization for Robust and Safe Text-to-Image Models. (12%)
Contrastive Adversarial Training for Unsupervised Domain Adaptation. (2%)
Rethinking Video-Text Understanding: Retrieval from Counterfactually Augmented Data. (1%)
2024-07-16
Any Target Can be Offense: Adversarial Example Generation via Generalized Latent Infection. (99%)
Variational Randomized Smoothing for Sample-Wise Adversarial Robustness. (99%)
AEMIM: Adversarial Examples Meet Masked Image Modeling. (99%)
Investigating Imperceptibility of Adversarial Attacks on Tabular Data: An Empirical Analysis. (99%)
Enhancing TinyML Security: Study of Adversarial Attack Transferability. (96%)
UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening. (82%)
Relaxing Graph Transformers for Adversarial Attacks. (81%)
Turning Generative Models Degenerate: The Power of Data Poisoning Attacks. (76%)
Learning on Graphs with Large Language Models(LLMs): A Deep Dive into Model Robustness. (33%)
SegSTRONG-C: Segmenting Surgical Tools Robustly On Non-adversarial Generated Corruptions -- An EndoVis'24 Challenge. (33%)
Does Refusal Training in LLMs Generalize to the Past Tense? (15%)
Cover-separable Fixed Neural Network Steganography via Deep Generative Models. (8%)
Model Inversion Attacks Through Target-Specific Conditional Diffusion Models. (4%)
IPA-NeRF: Illusory Poisoning Attack Against Neural Radiance Fields. (1%)
2024-07-15
Wicked Oddities: Selectively Poisoning for Effective Clean-Label Backdoor Attacks. (99%)
Backdoor Attacks against Image-to-Image Networks. (88%)
Towards Adversarially Robust Vision-Language Models: Insights from Design Choices and Prompt Formatting Techniques. (88%)
PartImageNet++ Dataset: Scaling up Part-based Models for Robust Recognition. (80%)
Provable Robustness of (Graph) Neural Networks Against Data Poisoning and Backdoor Attacks. (67%)
Uncertainty is Fragile: Manipulating Uncertainty in Large Language Models. (41%)
Feature Inference Attack on Shapley Values. (12%)
2024-07-14
Transferable 3D Adversarial Shape Completion using Diffusion Models. (99%)
Towards Robust Recommendation via Decision Boundary-aware Graph Contrastive Learning. (92%)
Defending Against Repetitive-based Backdoor Attacks on Semi-supervised Learning through Lens of Rate-Distortion-Perception Trade-off. (76%)
CLIP-Guided Networks for Transferable Targeted Attacks. (76%)
SENTINEL: Securing Indoor Localization against Adversarial Attacks with Capsule Neural Networks. (10%)
2024-07-13
Augmented Neural Fine-Tuning for Efficient Backdoor Purification. (68%)
Partner in Crime: Boosting Targeted Poisoning Attacks against Federated Learning. (67%)
Team up GBDTs and DNNs: Advancing Efficient and Effective Tabular Prediction with Tree-hybrid MLPs. (1%)
2024-07-12
SemiAdv: Query-Efficient Black-Box Adversarial Attack with Unlabeled Images. (99%)
Evaluating the Adversarial Robustness of Semantic Segmentation: Trying Harder Pays Off. (97%)
TAPI: Towards Target-Specific and Adversarial Prompt Injection against Code LLMs. (93%)
Deep Adversarial Defense Against Multilevel-Lp Attacks. (87%)
Robust Yet Efficient Conformal Prediction Sets. (61%)
Refusing Safe Prompts for Multi-modal Large Language Models. (16%)
Security Matrix for Multimodal Agents on Mobile Devices: A Systematic and Proof of Concept Study. (15%)
ASTPrompter: Preference-Aligned Automated Language Model Red-Teaming to Generate Low-Perplexity Unsafe Prompts. (13%)
MaPPing Your Model: Assessing the Impact of Adversarial Attacks on LLM-based Programming Assistants. (13%)
BoBa: Boosting Backdoor Detection through Data Distribution Inference in Federated Learning. (5%)
Refuse Whenever You Feel Unsafe: Improving Safety in LLMs via Decoupled Refusal Training. (1%)
2024-07-11
Rethinking the Threat and Accessibility of Adversarial Attacks against Face Recognition Systems. (99%)
Boosting Adversarial Transferability for Skeleton-based Action Recognition via Exploring the Model Posterior Space. (99%)
Distributed Backdoor Attacks on Federated Graph Learning and Certified Defenses. (98%)
HO-FMN: Hyperparameter Optimization for Fast Minimum-Norm Attacks. (98%)
DeCE: Deceptive Cross-Entropy Loss Designed for Defending Backdoor Attacks. (87%)
How to beat a Bayesian adversary. (81%)
Soft Prompts Go Hard: Steering Visual Language Models with Hidden Meta-Instructions. (74%)
DART: A Solution for Decentralized Federated Learning Model Robustness Analysis. (47%)
Quantitative Evaluation of the Saliency Map for Alzheimer's Disease Classifier with Anatomical Segmentation. (8%)
Enhancing Privacy of Spatiotemporal Federated Learning against Gradient Inversion Attacks. (8%)
Deep Learning for Network Anomaly Detection under Data Contamination: Evaluating Robustness and Mitigating Performance Degradation. (1%)
Are Large Language Models Really Bias-Free? Jailbreak Prompts for Assessing Adversarial Robustness to Bias Elicitation. (1%)
2024-07-10
Adversarial Attacks and Defenses on Text-to-Image Diffusion Models: A Survey. (99%)
A Survey of Attacks on Large Vision-Language Models: Resources, Advances, and Future Trends. (38%)
Model-agnostic clean-label backdoor mitigation in cybersecurity environments. (31%)
Flooding Spread of Manipulated Knowledge in LLM-Based Multi-Agent Communities. (11%)
Invisible Optical Adversarial Stripes on Traffic Sign against Autonomous Vehicles. (8%)
A Comprehensive Survey on the Security of Smart Grid: Challenges, Mitigations, and Future Research Opportunities. (2%)
Was it Slander? Towards Exact Inversion of Generative Language Models. (2%)
CHILLI: A data context-aware perturbation method for XAI. (1%)
2024-07-09
A Hybrid Training-time and Run-time Defense Against Adversarial Attacks in Modulation Classification. (99%)
Universal Multi-view Black-box Attack against Object Detectors via Layout Optimization. (99%)
DLOVE: A new Security Evaluation Tool for Deep Learning Based Watermarking Techniques. (98%)
Countermeasures Against Adversarial Examples in Radio Signal Classification. (97%)
Improving the Transferability of Adversarial Examples by Feature Augmentation. (93%)
Hiding Local Manipulations on SAR Images: a Counter-Forensic Attack. (64%)
Tracing Back the Malicious Clients in Poisoning Attacks to Federated Learning. (26%)
The Quantum Imitation Game: Reverse Engineering of Quantum Machine Learning Models. (15%)
Robust Neural Information Retrieval: An Adversarial and Out-of-distribution Perspective. (13%)
Attack GAN (AGAN ): A new Security Evaluation Tool for Perceptual Encryption. (10%)
Performance Evaluation of Knowledge Graph Embedding Approaches under Non-adversarial Attacks. (8%)
Exploring the Causality of End-to-End Autonomous Driving. (1%)
Distribution System Reconfiguration to Mitigate Load Altering Attacks via Stackelberg Games. (1%)
2024-07-08
Shedding More Light on Robust Classifiers under the lens of Energy-based Models. (98%)
Non-Robust Features are Not Always Useful in One-Class Classification. (92%)
Exposing Privacy Gaps: Membership Inference Attack on Preference Data for LLM Alignment. (1%)
2024-07-07
Rethinking Targeted Adversarial Attacks For Neural Machine Translation. (99%)
Mjolnir: Breaking the Shield of Perturbation-Protected Gradients via Adaptive Diffusion. (64%)
An accurate detection is not all you need to combat label noise in web-noisy datasets. (1%)
Detecting new obfuscated malware variants: A lightweight and interpretable machine learning approach. (1%)
Evolutionary Trigger Detection and Lightweight Model Repair Based Backdoor Defense. (1%)
2024-07-06
A Novel Bifurcation Method for Observation Perturbation Attacks on Reinforcement Learning Agents: Load Altering Attacks on a Cyber Physical Power System. (99%)
Releasing Malevolence from Benevolence: The Menace of Benign Data on Machine Unlearning. (13%)
GCON: Differentially Private Graph Convolutional Network via Objective Perturbation. (12%)
2024-07-05
Remembering Everything Makes You Vulnerable: A Limelight on Machine Unlearning for Personalized Healthcare Sector. (98%)
Jailbreak Attacks and Defenses Against Large Language Models: A Survey. (92%)
Controlling Whisper: Universal Acoustic Adversarial Attacks to Control Speech Foundation Models. (91%)
Self-Supervised Representation Learning for Adversarial Attack Detection. (68%)
On Evaluating The Performance of Watermarked Machine-Generated Texts Under Adversarial Attacks. (61%)
Late Breaking Results: Fortifying Neural Networks: Safeguarding Against Adversarial Attacks with Stochastic Computing. (54%)
Regulating Model Reliance on Non-Robust Features by Smoothing Input Marginal Density. (38%)
Data Poisoning Attacks in Intelligent Transportation Systems: A Survey. (2%)
Non-Cooperative Backdoor Attacks in Federated Learning: A New Threat Landscape. (2%)
Tackling Data Corruption in Offline Reinforcement Learning via Sequence Modeling. (1%)
2024-07-04
TrackPGD: A White-box Attack using Binary Masks against Robust Transformer Trackers. (99%)
Adversarial Robustness of VAEs across Intersectional Subgroups. (99%)
Protecting Deep Learning Model Copyrights with Adversarial Example-Free Reuse Detection. (99%)
Mitigating Low-Frequency Bias: Feature Recalibration and Frequency Attention Regularization for Adversarial Robustness. (92%)
Securing Multi-turn Conversational Language Models Against Distributed Backdoor Triggers. (68%)
Charging Ahead: A Hierarchical Adversarial Framework for Counteracting Advanced Cyber Threats in EV Charging Stations. (15%)
T2IShield: Defending Against Backdoors on Text-to-Image Diffusion Models. (13%)
Automated Progressive Red Teaming. (2%)
Quantifying Prediction Consistency Under Model Multiplicity in Tabular LLMs. (1%)
Certifiably Robust Image Watermark. (1%)
2024-07-03
A Wolf in Sheep's Clothing: Practical Black-box Adversarial Attacks for Evading Learning-based Windows Malware Detection in the Wild. (99%)
$L_p$-norm Distortion-Efficient Adversarial Attack. (99%)
SPLITZ: Certifiable Robustness via Split Lipschitz Randomized Smoothing. (98%)
JailbreakHunter: A Visual Analytics Approach for Jailbreak Prompts Discovery from Large-Scale Human-LLM Conversational Datasets. (83%)
Venomancer: Towards Imperceptible and Target-on-Demand Backdoor Attacks in Federated Learning. (74%)
A Geometric Framework for Adversarial Vulnerability in Machine Learning. (70%)
Safe Unlearning: A Surprisingly Effective and Generalizable Solution to Defend Against Jailbreak Attacks. (54%)
Self-Evaluation as a Defense Against Adversarial Attacks on LLMs. (41%)
Backdoor Graph Condensation. (16%)
Federated Learning for Zero-Day Attack Detection in 5G and Beyond V2X Networks. (2%)
An Empirical Study on Capability of Large Language Models in Understanding Code Semantics. (1%)
On Large Language Models in National Security Applications. (1%)
Robust Adaptation of Foundation Models with Black-Box Visual Prompting. (1%)
Purification Of Contaminated Convolutional Neural Networks Via Robust Recovery: An Approach with Theoretical Guarantee in One-Hidden-Layer Case. (1%)
2024-07-02
Secure Semantic Communication via Paired Adversarial Residual Networks. (99%)
EvolBA: Evolutionary Boundary Attack under Hard-label Black Box condition. (99%)
Adversarial Magnification to Deceive Deepfake Detection through Super Resolution. (98%)
Breach By A Thousand Leaks: Unsafe Information Leakage in `Safe' AI Responses. (80%)
Light-weight Fine-tuning Method for Defending Adversarial Noise in Pre-trained Medical Vision-Language Models. (76%)
Beyond Full Poisoning: Effective Availability Attacks with Partial Perturbation. (68%)
Towards More Realistic Extraction Attacks: An Adversarial Perspective. (22%)
On the Robustness of Graph Reduction Against GNN Backdoor. (13%)
MALT Powers Up Adversarial Attacks. (13%)
Face Reconstruction Transfer Attack as Out-of-Distribution Generalization. (2%)
Robust ADAS: Enhancing Robustness of Machine Learning-based Advanced Driver Assistance Systems for Adverse Weather. (1%)
2024-07-01
Multi-View Black-Box Physical Attacks on Infrared Pedestrian Detectors Using Adversarial Infrared Grid. (98%)
DeepiSign-G: Generic Watermark to Stamp Hidden DNN Parameters for Self-contained Tracking. (82%)
Looking From the Future: Multi-order Iterations Can Enhance Adversarial Attack Transferability. (81%)
QUEEN: Query Unlearning against Model Extraction. (75%)
Formal Verification of Object Detection. (56%)
SoP: Unlock the Power of Social Facilitation for Automatic Jailbreak Attack. (13%)
Securing Distributed Network Digital Twin Systems Against Model Poisoning Attacks. (8%)
A Fingerprint for Large Language Models. (2%)
Unveiling the Unseen: Exploring Whitebox Membership Inference through the Lens of Explainability. (1%)
Unaligning Everything: Or Aligning Any Text to Any Image in Multimodal Models. (1%)
2024-06-30
Learning Robust 3D Representation from CLIP via Dual Denoising. (67%)
Consistency Purification: Effective and Efficient Diffusion Purification towards Certified Robustness. (13%)
UWBAD: Towards Effective and Imperceptible Jamming Attacks Against UWB Ranging Systems with COTS Chips. (2%)
2024-06-29
Query-Efficient Hard-Label Black-Box Attack against Vision Transformers. (99%)
2024-06-28
Deceptive Diffusion: Generating Synthetic Adversarial Examples. (99%)
DiffuseDef: Improved Robustness to Adversarial Attacks. (99%)
Emotion Loss Attacking: Adversarial Attack Perception for Skeleton based on Multi-dimensional Features. (92%)
Steering cooperation: Adversarial attacks on prisoner's dilemma in complex networks. (92%)
IDT: Dual-Task Adversarial Attacks for Privacy Protection. (88%)
Backdoor Attack in Prompt-Based Continual Learning. (22%)
Virtual Context: Enhancing Jailbreak Attacks with Special Token Injection. (11%)
GRACE: Graph-Regularized Attentive Convolutional Entanglement with Laplacian Smoothing for Robust DeepFake Video Detection. (1%)
2024-06-27
Zero-Query Adversarial Attack on Black-box Automatic Speech Recognition Systems. (99%)
Data-Driven Lipschitz Continuity: A Cost-Effective Approach to Improve Adversarial Robustness. (98%)
Investigating and Defending Shortcut Learning in Personalized Diffusion Models. (87%)
Data Poisoning Attacks to Locally Differentially Private Frequent Itemset Mining Protocols. (2%)
Context Matters: An Empirical Study of the Impact of Contextual Information in Temporal Question Answering Systems. (1%)
2024-06-26
Detecting Brittle Decisions for Free: Leveraging Margin Consistency in Deep Robust Classifiers. (98%)
Revisiting Backdoor Attacks against Large Vision-Language Models. (62%)
On Discrete Prompt Optimization for Diffusion Models. (62%)
Breaking the Barrier: Enhanced Utility and Robustness in Smoothed DRL Agents. (54%)
Poisoned LangChain: Jailbreak LLMs by LangChain. (26%)
WildTeaming at Scale: From In-the-Wild Jailbreaks to (Adversarially) Safer Language Models. (12%)
Adversarial Search Engine Optimization for Large Language Models. (9%)
2024-06-25
CuDA2: An approach for Incorporating Traitor Agents into Cooperative Multi-Agent Systems. (99%)
Diffusion-based Adversarial Purification for Intrusion Detection. (98%)
Semantic Deep Hiding for Robust Unlearnable Examples. (76%)
Treatment of Statistical Estimation Problems in Randomized Smoothing for Adversarial Robustness. (67%)
Robustly Optimized Deep Feature Decoupling Network for Fatty Liver Diseases Detection. (13%)
2024-06-24
Evaluating the Robustness of Deep-Learning Algorithm-Selection Models by Evolving Adversarial Instances. (98%)
UNICAD: A Unified Approach for Attack Detection, Noise Reduction and Novel Class Identification. (96%)
ADVSCORE: A Metric for the Evaluation and Creation of Adversarial Benchmarks. (92%)
Automated Adversarial Discovery for Safety Classifiers. (92%)
Improving robustness to corruptions with multiplicative weight perturbations. (74%)
BEEAR: Embedding-based Adversarial Removal of Safety Backdoors in Instruction-tuned Language Models. (38%)
From Perfect to Noisy World Simulation: Customizable Embodied Multi-modal Perturbations for SLAM Robustness Benchmarking. (5%)
Machine Unlearning Fails to Remove Data Poisoning Attacks. (2%)
2024-06-23
Towards unlocking the mystery of adversarial fragility of neural networks. (64%)
CBPF: Filtering Poisoned Data Based on Composite Backdoor Attack. (13%)
Investigating the Influence of Prompt-Specific Shortcuts in AI Generated Text Detection. (8%)
On Instabilities of Unsupervised Denoising Diffusion Models in Magnetic Resonance Imaging Reconstruction. (2%)
Understanding and Diagnosing Deep Reinforcement Learning. (1%)
2024-06-22
The Effect of Similarity Measures on Accurate Stability Estimates for Local Surrogate Models in Text-based Explainable AI. (97%)
Federated Adversarial Learning for Robust Autonomous Landing Runway Detection. (2%)
Privacy Implications of Explainable AI in Data-Driven Systems. (1%)
2024-06-21
ECLIPSE: Expunging Clean-label Indiscriminate Poisons via Sparse Diffusion Purification. (99%)
Deciphering the Definition of Adversarial Robustness for post-hoc OOD Detectors. (99%)
DataFreeShield: Defending Adversarial Attacks without Training Data. (45%)
Large Language Models for Link Stealing Attacks Against Graph Neural Networks. (38%)
Logicbreaks: A Framework for Understanding Subversion of Rule-based Inference. (2%)
MOUNTAINEER: Topology-Driven Visual Analytics for Comparing Local Explanations. (1%)
2024-06-20
Enhancing robustness of data-driven SHM models: adversarial training with circle loss. (99%)
Exploring Layerwise Adversarial Robustness Through the Lens of t-SNE. (87%)
Defending Against Sophisticated Poisoning Attacks with RL-based Aggregation in Federated Learning. (81%)
Jailbreaking as a Reward Misspecification Problem. (78%)
Uniform Convergence of Adversarially Robust Classifiers. (68%)
Prompt Injection Attacks in Defended Systems. (47%)
MEAT: Median-Ensemble Adversarial Training for Improving Robustness and Generalization. (41%)
Countering adversarial perturbations in graphs using error correcting codes. (22%)
Steering Without Side Effects: Improving Post-Deployment Control of Language Models. (15%)
Evaluating Implicit Bias in Large Language Models by Attacking From a Psychometric Perspective. (8%)
PoseBench: Benchmarking the Robustness of Pose Estimation Models under Corruptions. (5%)
Can you trust your explanations? A robustness test for feature attribution methods. (2%)
SeCTIS: A Framework to Secure CTI Sharing. (1%)
2024-06-19
GraphMU: Repairing Robustness of Graph Neural Networks via Machine Unlearning. (99%)
AGSOA:Graph Neural Network Targeted Attack Based on Average Gradient and Structure Optimization. (99%)
Understanding the Robustness of Graph Neural Networks against Adversarial Attacks. (99%)
AgentDojo: A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents. (83%)
Enhancing Cross-Prompt Transferability in Vision-Language Models through Contextual Injection of Target Tokens. (62%)
Textual Unlearning Gives a False Sense of Unlearning. (16%)
Large-Scale Dataset Pruning in Adversarial Training through Data Importance Extrapolation. (9%)
DPO: Dual-Perturbation Optimization for Test-time Adaptation in 3D Object Detection. (3%)
ModSec-Learn: Boosting ModSecurity with Machine Learning. (2%)
RobGC: Towards Robust Graph Condensation. (1%)
2024-06-18
Saliency Attention and Semantic Similarity-Driven Adversarial Perturbation. (99%)
NoiSec: Harnessing Noise for Security against Adversarial and Backdoor Attacks. (99%)
Adversarial Attacks on Multimodal Agents. (96%)
MaskPure: Improving Defense Against Text Adversaries with Stochastic Purification. (95%)
Towards Trustworthy Unsupervised Domain Adaptation: A Representation Learning Perspective for Enhancing Robustness, Discrimination, and Generalization. (76%)
Adversarial Attacks on Large Language Models in Medicine. (70%)
Can Go AIs be adversarially robust? (62%)
DLP: towards active defense against backdoor attacks with decoupled learning process. (31%)
Attack and Defense of Deep Learning Models in the Field of Web Attack Detection. (10%)
SHIELD: Evaluation and Defense Strategies for Copyright Compliance in LLM Text Generation. (10%)
CleanGen: Mitigating Backdoor Attacks for Generation Tasks in Large Language Models. (8%)
Stealth edits for provably fixing or attacking large language models. (2%)
The Power of LLM-Generated Synthetic Data for Stance Detection in Online Political Discussions. (1%)
PRePair: Pointwise Reasoning Enhance Pairwise Evaluating for Robust Instruction-Following Assessments. (1%)
2024-06-17
Obfuscating IoT Device Scanning Activity via Adversarial Example Generation. (99%)
FullCert: Deterministic End-to-End Certification for Training and Inference of Neural Networks. (98%)
Harmonizing Feature Maps: A Graph Convolutional Approach for Enhancing Adversarial Robustness. (93%)
A First Physical-World Trajectory Prediction Attack via LiDAR-induced Deceptions in Autonomous Driving. (82%)
Adversarial Perturbations Cannot Reliably Protect Artists From Generative AI. (76%)
ToxiCloakCN: Evaluating Robustness of Offensive Language Detection in Chinese with Cloaking Perturbations. (22%)
Evading AI-Generated Content Detectors using Homoglyphs. (5%)
BadSampler: Harnessing the Power of Catastrophic Forgetting to Poison Byzantine-robust Federated Learning. (2%)
SoK: A Literature and Engineering Review of Regular Expression Denial of Service. (2%)
Do Parameters Reveal More than Loss for Membership Inference? (1%)
Adversaries With Incentives: A Strategic Alternative to Adversarial Robustness. (1%)
2024-06-16
Improving Adversarial Robustness via Decoupled Visual Representation Masking. (99%)
Imperceptible Face Forgery Attack via Adversarial Semantic Mask. (99%)
KGPA: Robustness Evaluation for Large Language Models via Cross-Domain Knowledge Graphs. (92%)
NBA: defensive distillation for backdoor removal via neural behavior alignment. (80%)
RWKU: Benchmarking Real-World Knowledge Unlearning for Large Language Models. (62%)
ChatBug: A Common Vulnerability of Aligned LLMs Induced by Chat Templates. (61%)
Imperceptible Rhythm Backdoor Attacks: Exploring Rhythm Transformation for Embedding Undetectable Vulnerabilities on Speech Recognition. (10%)
RUPBench: Benchmarking Reasoning Under Perturbations for Robustness Evaluation in Large Language Models. (9%)
2024-06-15
Robust Image Classification in the Presence of Out-of-Distribution and Adversarial Samples Using Attractors in Neural Networks. (98%)
E-SAGE: Explainability-based Defense Against Backdoor Attacks on Graph Neural Networks. (81%)
Emerging Safety Attack and Defense in Federated Instruction Tuning of Large Language Models. (68%)
Enhancing Anomaly Detection Generalization through Knowledge Exposure: The Dual Effects of Augmentation. (1%)
2024-06-14
Over-parameterization and Adversarial Robustness in Neural Networks: An Overview and Empirical Analysis. (99%)
Adaptive Randomized Smoothing: Certified Adversarial Robustness for Multi-Step Defences. (93%)
Robustness-Inspired Defense Against Backdoor Attacks on Graph Neural Networks. (75%)
Automated Design of Linear Bounding Functions for Sigmoidal Nonlinearities in Neural Networks. (67%)
Beyond Slow Signs in High-fidelity Model Extraction. (10%)
Byzantine-Robust Decentralized Federated Learning. (8%)
Self-supervised Monocular Depth Estimation Based on Hierarchical Feature-Guided Diffusion. (1%)
2024-06-13
Improving Adversarial Robustness via Feature Pattern Consistency Constraint. (99%)
Watch the Watcher! Backdoor Attacks on Security-Enhancing Diffusion Models. (98%)
MirrorCheck: Efficient Adversarial Defense for Vision-Language Models. (95%)
Towards Evaluating the Robustness of Visual State Space Models. (89%)
Bag of Tricks: Benchmarking of Jailbreak Attacks on LLMs. (11%)
Steganalysis on Digital Watermarking: Is Your Defense Truly Impervious? (4%)
Opening the Black Box: predicting the trainability of deep neural networks with reconstruction entropy. (2%)
Validation of human benchmark models for Automated Driving System approval: How competent and careful are they really? (1%)
An Unsupervised Approach to Achieve Supervised-Level Explainability in Healthcare Records. (1%)
Large-Scale Evaluation of Open-Set Image Classification Techniques. (1%)
Understanding Hallucinations in Diffusion Models through Mode Interpolation. (1%)
2024-06-12
I Don't Know You, But I Can Catch You: Real-Time Defense against Diverse Adversarial Patches for Object Detectors. (99%)
Transformation-Dependent Adversarial Attacks. (99%)
On Evaluating Adversarial Robustness of Volumetric Medical Segmentation Models. (99%)
Adversarial Evasion Attack Efficiency against Large Language Models. (98%)
When LLM Meets DRL: Advancing Jailbreaking Efficiency via DRL-guided Search. (64%)
RL-JACK: Reinforcement Learning-powered Black-box Jailbreaking Attack against LLMs. (62%)
AdaNCA: Neural Cellular Automata As Adaptors For More Robust Vision Transformer. (22%)
Graph Transductive Defense: a Two-Stage Defense for Graph Membership Inference Attacks. (13%)
On Security Weaknesses and Vulnerabilities in Deep Learning Systems. (8%)
Dataset and Lessons Learned from the 2024 SaTML LLM Capture-the-Flag Competition. (4%)
Improving Noise Robustness through Abstractions and its Impact on Machine Learning. (4%)
StructuralSleight: Automated Jailbreak Attacks on Large Language Models Utilizing Uncommon Text-Organization Structures. (1%)
Adversarial Patch for 3D Local Feature Extractor. (1%)
2024-06-11
Erasing Radio Frequency Fingerprints via Active Adversarial Perturbation. (86%)
AudioMarkBench: Benchmarking Robustness of Audio Watermarking. (83%)
On the H\"{o}lder Stability of Multiset and Graph Neural Networks. (69%)
A Study of Backdoors in Instruction Fine-tuned Language Models. (31%)
Merging Improves Self-Critique Against Jailbreak Attacks. (26%)
Benchmarking Trustworthiness of Multimodal Large Language Models: A Comprehensive Study. (15%)
Dual Thinking and Perceptual Analysis of Deep Learning Models using Human Adversarial Examples. (15%)
MoreauPruner: Robust Pruning of Large Language Models against Weight Perturbations. (5%)
Rethinking the impact of noisy labels in graph classification: A utility and privacy perspective. (1%)
Agnostic Sharpness-Aware Minimization. (1%)
2024-06-10
Texture Re-scalable Universal Adversarial Perturbation. (99%)
Explainable Graph Neural Networks Under Fire. (99%)
Lurking in the shadows: Unveiling Stealthy Backdoor Attacks against Personalized Federated Learning. (81%)
Reinforced Compressive Neural Architecture Search for Versatile Adversarial Robustness. (56%)
Raccoon: Prompt Extraction Benchmark of LLM-Integrated Applications. (56%)
A Survey of Backdoor Attacks and Defenses on Large Language Models: Implications for Security Measures. (13%)
An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection. (8%)
Fast White-Box Adversarial Streaming Without a Random Oracle. (3%)
Unveiling the Safety of GPT-4o: An Empirical Study using Jailbreak Attacks. (2%)
2024-06-09
DMS: Addressing Information Loss with More Steps for Pragmatic Adversarial Attacks. (99%)
MeanSparse: Post-Training Robustness Enhancement Through Mean-Centered Feature Sparsification. (97%)
Stealthy Targeted Backdoor Attacks against Image Captioning. (82%)
ControlLoc: Physical-World Hijacking Attack on Visual Perception in Autonomous Driving. (80%)
Self-supervised Adversarial Training of Monocular Depth Estimation against Physical-World Attacks. (67%)
SlowPerception: Physical-World Latency Attack against Visual Perception in Autonomous Driving. (64%)
ProFeAT: Projected Feature Adversarial Training for Self-Supervised Learning of Robust Representations. (38%)
Certified Robustness to Data Poisoning in Gradient-Based Training. (22%)
Machine Against the RAG: Jamming Retrieval-Augmented Generation with Blocker Documents. (4%)
PSBD: Prediction Shift Uncertainty Unlocks Backdoor Detection. (3%)
Chain-of-Scrutiny: Detecting Backdoor Attacks for Large Language Models. (2%)
A Relevance Model for Threat-Centric Ranking of Cybersecurity Vulnerabilities. (1%)
Safety Alignment Should Be Made More Than Just a Few Tokens Deep. (1%)
Injecting Undetectable Backdoors in Obfuscated Neural Networks and Language Models. (1%)
2024-06-08
SelfDefend: LLMs Can Defend Themselves against Jailbreaking in a Practical Manner. (99%)
One Perturbation is Enough: On Generating Universal Adversarial Perturbations against Vision-Language Pre-training Models. (99%)
Bridging the Gap: Rademacher Complexity in Robust and Standard Generalization. (98%)
Perturbation Towards Easy Samples Improves Targeted Adversarial Transferability. (96%)
Enhancing Adversarial Transferability via Information Bottleneck Constraints. (68%)
Exploring Adversarial Robustness of Deep State Space Models. (56%)
Adversarial flows: A gradient flow characterization of adversarial attacks. (13%)
2024-06-07
ADBA:Approximation Decision Boundary Approach for Black-Box Adversarial Attacks. (99%)
On Minimizing Adversarial Counterfactual Error in Adversarial RL. (98%)
Corpus Poisoning via Approximate Greedy Gradient Descent. (86%)
Compositional Curvature Bounds for Deep Neural Networks. (84%)
Adversarial Tuning: Defending Against Jailbreak Attacks for LLMs. (41%)
Clarifying Myths About the Relationship Between Shape Bias, Accuracy, and Robustness. (22%)
GENIE: Watermarking Graph Neural Networks for Link Prediction. (15%)
The Price of Implicit Bias in Adversarially Robust Generalization. (5%)
Contextual fusion enhances robustness to image blurring. (5%)
LLM Whisperer: An Inconspicuous Attack to Bias LLM Responses. (1%)
2024-06-06
Batch-in-Batch: a new adversarial training framework for initial perturbation and sample selection. (99%)
Talos: A More Effective and Efficient Adversarial Defense for GNN Models Based on the Global Homophily of Graphs. (98%)
Improving Alignment and Robustness with Circuit Breakers. (98%)
Robust Deep Reinforcement Learning against Adversarial Behavior Manipulation. (76%)
AutoJailbreak: Exploring Jailbreak Attacks and Defenses through a Dependency Lens. (69%)
Neural Codec-based Adversarial Sample Detection for Speaker Verification. (68%)
Interpreting the Second-Order Effects of Neurons in CLIP. (68%)
Jailbreak Vision Language Models via Bi-Modal Adversarial Prompt. (56%)
Memorization in deep learning: A survey. (1%)
2024-06-05
VQUNet: Vector Quantization U-Net for Defending Adversarial Atacks by Regularizing Unwanted Noise. (99%)
ZeroPur: Succinct Training-Free Adversarial Purification. (99%)
DifAttack++: Query-Efficient Black-Box Adversarial Attack via Hierarchical Disentangled Feature Space in Cross-Domain. (99%)
Defending Large Language Models Against Attacks With Residual Stream Activation Analysis. (83%)
Graph Neural Network Explanations are Fragile. (80%)
A Geometric View of Data Complexity: Efficient Local Intrinsic Dimension Estimation with Diffusion Models. (68%)
Principles of Designing Robust Remote Face Anti-Spoofing Systems. (13%)
Mutual Information Guided Backdoor Mitigation for Pre-trained Encoders. (13%)
JIGMARK: A Black-Box Approach for Enhancing Image Watermarks against Diffusion Model Edits. (10%)
Are Your Models Still Fair? Fairness Attacks on Graph Neural Networks via Node Injections. (10%)
Enhancing the Resilience of Graph Neural Networks to Topological Perturbations in Sparse Graphs. (8%)
Reconstructing training data from document understanding models. (1%)
FREA: Feasibility-Guided Generation of Safety-Critical Scenarios with Reasonable Adversariality. (1%)
2024-06-04
Advancing Generalized Transfer Attack with Initialization Derived Bilevel Optimization and Dynamic Sequence Truncation. (99%)
Effects of Exponential Gaussian Distribution on (Double Sampling) Randomized Smoothing. (98%)
QROA: A Black-Box Query-Response Optimization Attack on LLMs. (73%)
PuFace: Defending against Facial Cloaking Attacks for Facial Recognition Models. (54%)
A Risk Estimation Study of Native Code Vulnerabilities in Android Applications. (5%)
Verifying the Generalization of Deep Learning to Out-of-Distribution Domains. (3%)
Large Language Models as Carriers of Hidden Messages. (2%)
Nonlinear Transformations Against Unlearnable Datasets. (2%)
Inference Attacks: A Taxonomy, Survey, and Promising Directions. (1%)
The Crystal Ball Hypothesis in diffusion models: Anticipating object positions from initial noise. (1%)
Can Dense Connectivity Benefit Outlier Detection? An Odyssey with NAS. (1%)
2024-06-03
Constraint-based Adversarial Example Synthesis. (99%)
SVASTIN: Sparse Video Adversarial Attack via Spatio-Temporal Invertible Neural Networks. (99%)
Reproducibility Study on Adversarial Attacks Against Robust Transformer Trackers. (93%)
CR-UTP: Certified Robustness against Universal Text Perturbations on Large Language Models. (83%)
Are AI-Generated Text Detectors Robust to Adversarial Perturbations? (80%)
Model for Peanuts: Hijacking ML Models without Training Access is Possible. (62%)
SLANT: Spurious Logo ANalysis Toolkit. (47%)
MedFuzz: Exploring the Robustness of Large Language Models in Medical Question Answering. (16%)
From Feature Visualization to Visual Circuits: Effect of Adversarial Model Manipulation. (12%)
A Game-Theoretic Approach to Privacy-Utility Tradeoff in Sharing Genomic Summary Statistics. (10%)
Poisoning Attacks and Defenses in Recommender Systems: A Survey. (10%)
Unelicitable Backdoors in Language Models via Cryptographic Transformer Circuits. (4%)
PRICE: A Pretrained Model for Cross-Database Cardinality Estimation. (1%)
2024-06-02
Constrained Adaptive Attack: Effective Adversarial Attack Against Deep Neural Networks for Tabular Data. (99%)
Improving Accuracy-robustness Trade-off via Pixel Reweighted Adversarial Training. (98%)
Assessing the Adversarial Security of Perceptual Hashing Algorithms. (31%)
A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder. (31%)
Towards General Robustness Verification of MaxPool-based Convolutional Neural Networks via Tightening Linear Approximation. (13%)
Invisible Backdoor Attacks on Diffusion Models. (2%)
2024-06-01
Robust Knowledge Distillation Based on Feature Variance Against Backdoored Teacher Model. (3%)
2024-05-31
Query Provenance Analysis: Efficient and Robust Defense against Query-based Black-box Attacks. (99%)
Investigating and unmasking feature-level vulnerabilities of CNNs to adversarial perturbations. (95%)
Enhancing Jailbreak Attack Against Large Language Models through Silent Tokens. (56%)
Robust Stable Spiking Neural Networks. (38%)
Improved Techniques for Optimization-Based Jailbreaking on Large Language Models. (26%)
ACE: A Model Poisoning Attack on Contribution Evaluation Methods in Federated Learning. (22%)
Neural Network Verification with Branch-and-Bound for General Nonlinearities. (12%)
Exploring Vulnerabilities and Protections in Large Language Models: A Survey. (10%)
GANcrop: A Contrastive Defense Against Backdoor Attacks in Federated Learning. (9%)
StyDeSty: Min-Max Stylization and Destylization for Single Domain Generalization. (4%)
GI-NAS: Boosting Gradient Inversion Attacks through Adaptive Neural Architecture Search. (1%)
Locking Machine Learning Models into Hardware. (1%)
2024-05-30
Disrupting Diffusion: Token-Level Attention Erasure Attack against Diffusion-based Customization. (99%)
HOLMES: to Detect Adversarial Examples with Multiple Detectors. (99%)
Typography Leads Semantic Diversifying: Amplifying Adversarial Transferability across Multimodal Large Language Models. (99%)
Enhancing Adversarial Robustness in SNNs with Sparse Gradients. (92%)
Exploring the Robustness of Decision-Level Through Adversarial Attacks on LLM-Based Embodied Models. (89%)
Phantom: General Trigger Attacks on Retrieval Augmented Language Generation. (83%)
SleeperNets: Universal Backdoor Poisoning Attacks Against Reinforcement Learning Agents. (75%)
Deep Learning Approaches for Detecting Adversarial Cyberbullying and Hate Speech in Social Networks. (73%)
BAN: Detecting Backdoors Activated by Adversarial Neuron Noise. (68%)
Is My Data in Your Retrieval Database? Membership Inference Attacks Against Retrieval Augmented Generation. (45%)
Defensive Prompt Patch: A Robust and Interpretable Defense of LLMs against Jailbreak Attacks. (38%)
Large Language Model Watermark Stealing With Mixed Integer Programming. (33%)
DiffPhysBA: Diffusion-based Physical Backdoor Attack against Person Re-Identification in Real-World. (22%)
Investigating the Robustness of LLMs on Math Word Problems. (16%)
Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness. (5%)
Certifying Global Robustness for Deep Neural Networks. (2%)
Breaking Indistinguishability with Transfer Learning: A First Look at SPECK32/64 Lightweight Block Ciphers. (1%)
Reconstruction Attacks on Machine Unlearning: Simple Models are Vulnerable. (1%)
2024-05-29
Efficient Black-box Adversarial Attacks via Bayesian Optimization Guided by a Function Prior. (99%)
Leveraging Many-To-Many Relationships for Defending Against Visual-Language Adversarial Attacks. (98%)
Model Agnostic Defense against Adversarial Patch Attacks on Object Detection in Unmanned Aerial Vehicles. (92%)
Diffusion Policy Attacker: Crafting Adversarial Attacks for Diffusion-based Policies. (92%)
Evaluating the Effectiveness and Robustness of Visual Similarity-based Phishing Detection Models. (92%)
Verifiably Robust Conformal Prediction. (82%)
AI Risk Management Should Incorporate Both Safety and Security. (67%)
AutoBreach: Universal and Adaptive Jailbreaking with Efficient Wordplay-Guided Optimization. (61%)
EntProp: High Entropy Propagation for Improving Accuracy and Robustness. (50%)
ConceptPrune: Concept Editing in Diffusion Models via Skilled Neuron Pruning. (26%)
Resurrecting Old Classes with New Data for Exemplar-Free Continual Learning. (22%)
Node Injection Attack Based on Label Propagation Against Graph Neural Network. (12%)
Genshin: General Shield for Natural Language Processing with Large Language Models. (5%)
Confronting the Reproducibility Crisis: A Case Study of Challenges in Cybersecurity AI. (2%)
Enhancing Security and Privacy in Federated Learning using Update Digests and Voting-Based Defense. (1%)
Gone but Not Forgotten: Improved Benchmarks for Machine Unlearning. (1%)
MemControl: Mitigating Memorization in Diffusion Models via Automated Parameter Selection. (1%)
2024-05-28
Towards Unified Robustness Against Both Backdoor and Adversarial Attacks. (99%)
Improved Generation of Adversarial Examples Against Safety-aligned LLMs. (99%)
PureGen: Universal Data Purification for Train-Time Poison Defense via Generative Model Dynamics. (98%)
PureEBM: Universal Poison Purification via Mid-Run Dynamics of Energy-Based Models. (98%)
White-box Multimodal Jailbreaks Against Large Vision-Language Models. (96%)
Defending Large Language Models Against Jailbreak Attacks via Layer-specific Editing. (92%)
Wavelet-Based Image Tokenizer for Vision Transformers. (64%)
Cross-Context Backdoor Attacks against Graph Prompt Learning. (13%)
BlueSWAT: A Lightweight State-Aware Security Framework for Bluetooth Low Energy. (1%)
Watermarking Counterfactual Explanations. (1%)
Black-Box Detection of Language Model Watermarks. (1%)
2024-05-27
Adversarial Attacks on Both Face Recognition and Face Anti-spoofing Models. (99%)
The Uncanny Valley: Exploring Adversarial Robustness from a Flatness Perspective. (99%)
Exploiting the Layered Intrinsic Dimensionality of Deep Models for Practical Adversarial Training. (98%)
Spectral regularization for adversarially-robust representation learning. (86%)
TIMA: Text-Image Mutual Awareness for Balancing Zero-Shot Adversarial Robustness and Generalization Ability. (83%)
OSLO: One-Shot Label-Only Membership Inference Attacks. (81%)
Verifying Properties of Binary Neural Networks Using Sparse Polynomial Optimization. (33%)
Rethinking Pruning for Backdoor Mitigation: An Optimization Perspective. (26%)
Navigating the Safety Landscape: Measuring Risks in Finetuning Large Language Models. (8%)
Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-based Decision-Making Systems. (5%)
LabObf: A Label Protection Scheme for Vertical Federated Learning Through Label Obfuscation. (1%)
Magnitude-based Neuron Pruning for Backdoor Defens. (1%)
2024-05-26
Medical MLLM is Vulnerable: Cross-Modality Jailbreak and Mismatched Attacks on Medical Multimodal Large Language Models. (67%)
Pruning for Robust Concept Erasing in Diffusion Models. (38%)
TrojFM: Resource-efficient Backdoor Attacks against Very Large Foundation Models. (31%)
Partial train and isolate, mitigate backdoor attack. (1%)
Automatic Jailbreaking of the Text-to-Image Generative AI Systems. (1%)
2024-05-25
Breaking the False Sense of Security in Backdoor Defense through Re-Activation Attack. (99%)
Detecting Adversarial Data via Perturbation Forgery. (99%)
Enhancing Adversarial Transferability Through Neighborhood Conditional Sampling. (98%)
R.A.C.E.: Robust Adversarial Concept Erasure for Secure Text-to-Image Diffusion Model. (97%)
Uncertainty Measurement of Deep Learning System based on the Convex Hull of Training Sets. (89%)
Layer-Aware Analysis of Catastrophic Overfitting: Revealing the Pseudo-Robust Shortcut Dependency. (81%)
Mitigating Backdoor Attack by Injecting Proactive Defensive Backdoor. (70%)
Visual-RolePlay: Universal Jailbreak Attack on MultiModal Large Language Models via Role-playing Image Character. (56%)
Intruding with Words: Towards Understanding Graph Injection Attacks at the Text Level. (8%)
No Two Devils Alike: Unveiling Distinct Mechanisms of Fine-tuning Attacks. (4%)
Robust Message Embedding via Attention Flow-Based Steganography. (1%)
Noisy Data Meets Privacy: Training Local Models with Post-Processed Remote Queries. (1%)
2024-05-24
Robust width: A lightweight and certifiable adversarial defense. (99%)
Large Language Model Sentinel: LLM Agent for Adversarial Purification. (99%)
Adversarial Attacks on Hidden Tasks in Multi-Task Learning. (98%)
Evaluating and Safeguarding the Adversarial Robustness of Retrieval-Based In-Context Learning. (95%)
Certifying Adapters: Enabling and Enhancing the Certification of Classifier Adversarial Robustness. (92%)
Efficient Adversarial Training in LLMs with Continuous Attacks. (92%)
Rethinking Independent Cross-Entropy Loss For Graph-Structured Data. (76%)
BDetCLIP: Multimodal Prompting Contrastive Test-Time Backdoor Detection. (61%)
Defensive Unlearning with Adversarial Training for Robust Concept Erasure in Diffusion Models. (47%)
Robustifying Safety-Aligned Large Language Models through Clean Data Curation. (15%)
HiddenSpeaker: Generate Imperceptible Unlearnable Audios for Speaker Verification System. (15%)
Can Implicit Bias Imply Adversarial Robustness? (11%)
Certifiably Robust RAG against Retrieval Corruption. (10%)
BadGD: A unified data-centric framework to identify gradient descent vulnerabilities. (8%)
AuthNet: Neural Network with Integrated Authentication Logic. (5%)
Revisit, Extend, and Enhance Hessian-Free Influence Functions. (2%)
2024-05-23
Eidos: Efficient, Imperceptible Adversarial 3D Point Clouds. (98%)
Certified Robustness against Sparse Adversarial Perturbations via Data Localization. (92%)
A New Formulation for Zeroth-Order Optimization of Adversarial EXEmples in Malware Detection. (91%)
SLIFER: Investigating Performance and Robustness of Malware Detection Pipelines. (89%)
Generating camera failures as a class of physics-based adversarial examples. (87%)
TrojanForge: Generating Adversarial Hardware Trojan Examples with Reinforcement Learning. (84%)
Towards Transferable Attacks Against Vision-LLMs in Autonomous Driving with Typography. (83%)
How Does Bayes Error Limit Probabilistic Robust Accuracy. (76%)
Universal Robustness via Median Randomized Smoothing for Real-World Super-Resolution. (67%)
Invisible Backdoor Attack against Self-supervised Learning. (61%)
Unveiling the Achilles' Heel of NLG Evaluators: A Unified Adversarial Framework Driven by Large Language Models. (33%)
AdjointDEIS: Efficient Gradients for Diffusion Models. (16%)
What Variables Affect Out-of-Distribution Generalization in Pretrained Models? (9%)
Tighter Privacy Auditing of DP-SGD in the Hidden State Threat Model. (8%)
RFLPA: A Robust Federated Learning Framework against Poisoning Attacks with Secure Aggregation. (1%)
Are You Copying My Prompt? Protecting the Copyright of Vision Prompt for VPaaS via Watermark. (1%)
Adaptive Gradient Clipping for Robust Federated Learning. (1%)
2024-05-22
Learning to Transform Dynamically for Better Adversarial Transferability. (99%)
Adversarial Training of Two-Layer Polynomial and ReLU Activation Networks via Convex Optimization. (80%)
Towards Certification of Uncertainty Calibration under Adversarial Attacks. (75%)
LookHere: Vision Transformers with Directed Attention Generalize and Extrapolate. (67%)
Remote Keylogging Attacks in Multi-user VR Applications. (13%)
Nearly Tight Black-Box Auditing of Differentially Private Machine Learning. (5%)
WordGame: Efficient & Effective LLM Jailbreak via Simultaneous Obfuscation in Query and Response. (1%)
2024-05-21
Mellivora Capensis: A Backdoor-Free Training Framework on the Poisoned Dataset without Auxiliary Data. (92%)
Adversarial Training via Adaptive Knowledge Amalgamation of an Ensemble of Teachers. (87%)
Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective. (78%)
EmInspector: Combating Backdoor Attacks in Federated Self-Supervised Learning Through Embedding Inspection. (47%)
Fully Randomized Pointers. (15%)
A novel reliability attack of Physical Unclonable Functions. (13%)
Nearest is Not Dearest: Towards Practical Defense against Quantization-conditioned Backdoor Attacks. (8%)
Dullahan: Stealthy Backdoor Attack against Without-Label-Sharing Split Learning. (4%)
Tiny Refinements Elicit Resilience: Toward Efficient Prefix-Model Against LLM Red-Teaming. (1%)
2024-05-20
A Constraint-Enforcing Reward for Adversarial Attacks on Text Classifiers. (99%)
GAN-GRID: A Novel Generative Attack on Smart Grid Stability Prediction. (98%)
Robust Deep Reinforcement Learning with Adaptive Adversarial Perturbations in Action Space. (76%)
EGAN: Evolutional GAN for Ransomware Evasion. (74%)
Rethinking Robustness Assessment: Adversarial Attacks on Learning-based Quadrupedal Locomotion Controllers. (31%)
Adversarially Diversified Rehearsal Memory (ADRM): Mitigating Memory Overfitting Challenge in Continual Learning. (8%)
Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks. (3%)
DispaRisk: Auditing Fairness Through Usable Information. (1%)
2024-05-19
Adaptive Batch Normalization Networks for Adversarial Robustness. (99%)
An Invisible Backdoor Attack Based On Semantic Feature. (96%)
Certified Robust Accuracy of Neural Networks Are Bounded due to Bayes Errors. (81%)
A GAN-Based Data Poisoning Attack Against Federated Learning Systems and Its Countermeasure. (68%)
SEEP: Training Dynamics Grounds Latent Representation Search for Mitigating Backdoor Poisoning Attacks. (62%)
Fed-Credit: Robust Federated Learning with Credibility Management. (13%)
BOSC: A Backdoor-based Framework for Open Set Synthetic Image Attribution. (5%)
2024-05-18
Towards Robust Policy: Enhancing Offline Reinforcement Learning with Adversarial Attacks and Defenses. (84%)
Trustworthy Actionable Perturbations. (82%)
Fully Exploiting Every Real Sample: SuperPixel Sample Gradient Model Stealing. (13%)
UPAM: Unified Prompt Attack in Text-to-Image Generation Models Against Both Textual Filters and Visual Checkers. (12%)
BadActs: A Universal Backdoor Defense in the Activation Space. (10%)
On Robust Reinforcement Learning with Lipschitz-Bounded Policy Networks. (8%)
Diffusion Model Driven Test-Time Image Adaptation for Robust Skin Lesion Classification. (3%)
RoBERTa-Augmented Synthesis for Detecting Malicious API Requests. (1%)
2024-05-17
Revisiting the Robust Generalization of Adversarial Prompt Tuning. (99%)
Safeguarding Vision-Language Models Against Patched Visual Prompt Injectors. (99%)
Rethinking Graph Backdoor Attacks: A Distribution-Preserving Perspective. (83%)
Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers. (67%)
Boosting Few-Pixel Robustness Verification via Covering Verification Designs. (1%)
2024-05-16
DiffAM: Diffusion-based Adversarial Makeup Transfer for Facial Privacy Protection. (99%)
Infrared Adversarial Car Stickers. (98%)
Adversarial Robustness for Visual Grounding of Multimodal Large Language Models. (95%)
Adversarial Robustness Guarantees for Quantum Classifiers. (81%)
Box-Free Model Watermarks Are Prone to Black-Box Removal Attacks. (13%)
Relational DNN Verification With Cross Executional Bound Refinement. (8%)
Solving the enigma: Enhancing faithfulness and comprehensibility in explanations of deep networks. (1%)
Manifold Integrated Gradients: Riemannian Geometry for Feature Attribution. (1%)
Dealing Doubt: Unveiling Threat Models in Gradient Inversion Attacks under Federated Learning, A Survey and Taxonomy. (1%)
2024-05-15
Properties that allow or prohibit transferability of adversarial attacks among quantized networks. (99%)
Towards Evaluating the Robustness of Automatic Speech Recognition Systems via Audio Style Transfer. (99%)
Cross-Input Certified Training for Universal Perturbations. (98%)
IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency. (4%)
Themis: Automatic and Efficient Deep Learning System Testing with Strong Fault Detection Capability. (4%)
Optimizing Sensor Network Design for Multiple Coverage. (1%)
2024-05-14
SpeechGuard: Exploring the Adversarial Robustness of Multimodal Large Language Models. (99%)
Certifying Robustness of Graph Convolutional Networks for Node Perturbation with Polyhedra Abstract Interpretation. (92%)
The Pitfalls and Promise of Conformal Inference Under Adversarial Attacks. (92%)
The RoboDrive Challenge: Drive Anytime Anywhere in Any Condition. (11%)
Pointwise Lipschitz Continuous Graph Algorithms via Proximal Gradient Analysis. (1%)
Achieving Resolution-Agnostic DNN-based Image Watermarking:A Novel Perspective of Implicit Neural Representation. (1%)
Neural Collapse Meets Differential Privacy: Curious Behaviors of NoisyGD with Near-perfect Representation Learning. (1%)
UnMarker: A Universal Attack on Defensive Watermarking. (1%)
RS-Reg: Probabilistic and Robust Certified Regression Through Randomized Smoothing. (1%)
2024-05-13
Environmental Matching Attack Against Unmanned Aerial Vehicles Object Detection. (96%)
CrossCert: A Cross-Checking Detection Approach to Patch Robustness Certification for Deep Learning Models. (82%)
RAID: A Shared Benchmark for Robust Evaluation of Machine-Generated Text Detectors. (15%)
GLiRA: Black-Box Membership Inference Attack via Knowledge Distillation. (11%)
Backdoor Removal for Generative Large Language Models. (1%)
2024-05-11
Stealthy Imitation: Reward-guided Environment-free Policy Stealing. (1%)
2024-05-10
Improving Transferable Targeted Adversarial Attack via Normalized Logit Calibration and Truncated Feature Mixing. (99%)
Disttack: Graph Adversarial Attacks Toward Distributed GNN Training. (98%)
Exploring the Interplay of Interpretability and Robustness in Deep Neural Networks: A Saliency-guided Approach. (98%)
Evaluating Adversarial Robustness in the Spatial Frequency Domain. (96%)
Certified $\ell_2$ Attribution Robustness via Uniformly Smoothed Attributions. (96%)
PUMA: margin-based data pruning. (80%)
2024-05-09
BB-Patch: BlackBox Adversarial Patch-Attack using Zeroth-Order Optimization. (99%)
Muting Whisper: A Universal Acoustic Adversarial Attack on Speech Foundation Models. (97%)
Poisoning-based Backdoor Attacks for Arbitrary Target Label with Positive Triggers. (80%)
Link Stealing Attacks Against Inductive Graph Neural Networks. (75%)
Hard Work Does Not Always Pay Off: Poisoning Attacks on Neural Architecture Search. (68%)
Concealing Backdoor Model Updates in Federated Learning by Trigger-Optimized Data Poisoning. (62%)
Towards Robust Physical-world Backdoor Attacks on Lane Detection. (50%)
Model Inversion Robustness: Can Transfer Learning Help? (45%)
Chain of Attack: a Semantic-Driven Contextual Multi-Turn attacker for LLM. (3%)
Demystifying Behavior-Based Malware Detection at Endpoints. (2%)
2024-05-08
Universal Adversarial Perturbations for Vision-Language Pre-trained Models. (99%)
Adversarial Threats to Automatic Modulation Open Set Recognition in Wireless Networks. (99%)
Untargeted Adversarial Attack on Knowledge Graph Embeddings. (98%)
Towards Efficient Training and Evaluation of Robust Models against $l_0$ Bounded Adversarial Perturbations. (98%)
Towards Accurate and Robust Architectures via Neural Architecture Search. (96%)
Explanation as a Watermark: Towards Harmless and Multi-bit Model Ownership Verification via Watermarking Feature Attribution. (1%)
2024-05-07
Revisiting character-level adversarial attacks. (99%)
Explainability-Informed Targeted Malware Misclassification. (99%)
Effective and Robust Adversarial Training against Data and Label Corruptions. (70%)
Going Proactive and Explanatory Against Malware Concept Drift. (2%)
Verified Neural Compressed Sensing. (1%)
2024-05-06
Exploring Frequencies via Feature Mixing and Meta-Learning for Improving Adversarial Transferability. (99%)
Cutting through buggy adversarial example defenses: fixing 1 line of code breaks Sabre. (99%)
On Adversarial Examples for Text Classification by Perturbing Latent Representations. (99%)
Is ReLU Adversarially Robust? (98%)
Enhancing O-RAN Security: Evasion Attacks and Robust Defenses for Graph Reinforcement Learning-based Connection Management. (91%)
BadFusion: 2D-Oriented Backdoor Attacks against 3D Object Detection. (75%)
Provably Unlearnable Data Examples. (64%)
DarkFed: A Data-Free Backdoor Attack in Federated Learning. (33%)
UnsafeBench: Benchmarking Image Safety Classifiers on Real-World and AI-Generated Images. (1%)
Why is SAM Robust to Label Noise? (1%)
Detecting Android Malware: From Neural Embeddings to Hands-On Validation with BERTroid. (1%)
LaserEscape: Detecting and Mitigating Optical Probing Attacks. (1%)
2024-05-05
Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS. (88%)
To Each (Textual Sequence) Its Own: Improving Memorized-Data Unlearning in Large Language Models. (15%)
Explainable Malware Detection with Tailored Logic Explained Networks. (2%)
2024-05-04
Probing Human Visual Robustness with Neurally-Guided Deep Neural Networks. (92%)
Updating Windows Malware Detectors: Balancing Robustness and Regression against Adversarial EXEmples. (83%)
Assessing Adversarial Robustness of Large Language Models: An Empirical Study. (76%)
UniDEC : Unified Dual Encoder and Classifier Training for Extreme Multi-Label Classification. (1%)
2024-05-03
A Novel Approach to Guard from Adversarial Attacks using Stable Diffusion. (99%)
From Attack to Defense: Insights into Deep Learning Security Measures in Black-Box Settings. (99%)
ProFLingo: A Fingerprinting-based Copyright Protection Scheme for Large Language Models. (97%)
Impact of Architectural Modifications on Deep Learning Adversarial Robustness. (88%)
ModelShield: Adaptive and Robust Watermark against Model Extraction Attack. (38%)
Robust Explainable Recommendation. (9%)
Adversarial Botometer: Adversarial Analysis for Social Bot Detection. (1%)
2024-05-02
Position Paper: Beyond Robustness Against Single Attack Types. (99%)
Explainability Guided Adversarial Evasion Attacks on Malware Detectors. (98%)
Purify Unlearnable Examples via Rate-Constrained Variational Autoencoders. (88%)
Poisoning Attacks on Federated Learning for Autonomous Driving. (75%)
Adversarial Attacks on Reinforcement Learning Agents for Command and Control. (75%)
Boosting Jailbreak Attack with Momentum. (74%)
Uniformly Stable Algorithms for Adversarial Training and Beyond. (10%)
ATTAXONOMY: Unpacking Differential Privacy Guarantees Against Practical Adversaries. (2%)
2024-05-01
Certified Adversarial Robustness of Machine Learning-based Malware Detectors via (De)Randomized Smoothing. (99%)
JNI Global References Are Still Vulnerable: Attacks and Defenses. (12%)
Robustness of graph embedding methods for community detection. (2%)
Gameplay Filters: Robust Zero-Shot Safety through Adversarial Imagination. (1%)
Exploiting Positional Bias for Query-Agnostic Generative Content in Search. (1%)
2024-04-30
Revisiting the Adversarial Robustness of Vision Language Models: a Multimodal Perspective. (99%)
Probing Unlearned Diffusion Models: A Transferable Adversarial Attack Perspective. (99%)
AttackBench: Evaluating Gradient-based Attacks for Adversarial Examples. (99%)
Provably Robust Conformal Prediction with Improved Efficiency. (98%)
ASAM: Boosting Segment Anything Model with Adversarial Tuning. (98%)
Adversarial Attacks and Defense for Conversation Entailment Task. (98%)
Causal Perception Inspired Representation Learning for Trustworthy Image Quality Assessment. (92%)
Transferring Troubles: Cross-Lingual Transferability of Backdoor Attacks in LLMs with Instruction Tuning. (81%)
Let's Focus: Focused Backdoor Attack against Federated Transfer Learning. (75%)
URVFL: Undetectable Data Reconstruction Attack on Vertical Federated Learning. (1%)
VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel Extensions. (1%)
Physical Backdoor: Towards Temperature-based Backdoor Attacks in the Physical World. (1%)
2024-04-29
A Systematic Evaluation of Adversarial Attacks against Speech Emotion Recognition Models. (99%)
Double Backdoored: Converting Code Large Language Model Backdoors to Traditional Malware via Adversarial Instruction Tuning Attacks. (99%)
Certification of Speaker Recognition Models to Additive Perturbations. (54%)
Espresso: Robust Concept Filtering in Text-to-Image Models. (15%)
Why You Should Not Trust Interpretations in Machine Learning: Adversarial Attacks on Partial Dependence Plots. (13%)
Machine Learning for Windows Malware Detection and Classification: Methods, Challenges and Ongoing Research. (3%)
Towards Quantitative Evaluation of Explainable AI Methods for Deepfake Detection. (1%)
Harmonic Machine Learning Models are Robust. (1%)
Enhancing IoT Security: A Novel Feature Engineering Approach for ML-Based Intrusion Detection Systems. (1%)
2024-04-28
Learnable Linguistic Watermarks for Tracing Model Extraction Attacks on Large Language Models. (1%)
2024-04-27
Towards Robust Recommendation: A Review and an Adversarial Robustness Evaluation Library. (92%)
Privacy-Preserving Aggregation for Decentralized Learning with Byzantine-Robustness. (70%)
Bounding the Expected Robustness of Graph Neural Networks Subject to Node Feature Attacks. (67%)
Are Watermarks Bugs for Deepfake Detectors? Rethinking Proactive Forensics. (2%)
2024-04-26
Attacking Bayes: On the Adversarial Robustness of Bayesian Neural Networks. (99%)
Adversarial Examples: Generation Proposal in the Context of Facial Recognition Systems. (92%)
Human-Imperceptible Retrieval Poisoning Attacks in LLM-Powered Applications. (54%)
Evaluations of Machine Learning Privacy Defenses are Misleading. (3%)
Enhancing Privacy and Security of Autonomous UAV Navigation. (2%)
Adversarial Reweighting with $\alpha$-Power Maximization for Domain Adaptation. (1%)
Changing the Training Data Distribution to Reduce Simplicity Bias Improves In-distribution Generalization. (1%)
Adversarial Consistency and the Uniqueness of the Adversarial Bayes Classifier. (1%)
2024-04-25
Generating Minimalist Adversarial Perturbations to Test Object-Detection Models: An Adaptive Multi-Metric Evolutionary Search Approach. (98%)
PAD: Patch-Agnostic Defense against Adversarial Patch Attacks. (92%)
Robust and Efficient Adversarial Defense in SNNs via Image Purification and Joint Detection. (86%)
Don't Say No: Jailbreaking LLM by Suppressing Refusal. (68%)
A Self-Organizing Clustering System for Unsupervised Distribution Shift Detection. (12%)
Constructing Optimal Noise Channels for Enhanced Robustness in Quantum Machine Learning. (2%)
Energy-Latency Manipulation of Multi-modal Large Language Models via Verbose Samples. (2%)
Talking Nonsense: Probing Large Language Models' Understanding of Adversarial Gibberish Inputs. (1%)
2024-04-24
Steal Now and Attack Later: Evaluating Robustness of Object Detection against Black-box Adversarial Attacks. (99%)
An Analysis of Recent Advances in Deepfake Image Detection in an Evolving Threat Landscape. (99%)
An Empirical Study of Aegis. (98%)
A General Black-box Adversarial Attack on Graph-based Fake News Detectors. (96%)
A Comparative Analysis of Adversarial Robustness for Quantum and Classical Machine Learning Models. (83%)
MISLEAD: Manipulating Importance of Selected features for Learning Epsilon in Evasion Attack Deception. (83%)
Investigating the prompt leakage effect and black-box defenses for multi-turn LLM interactions. (45%)
Investigating Adversarial Trigger Transfer in Large Language Models. (16%)
CLAD: Robust Audio Deepfake Detection Against Manipulation Attacks with Contrastive Learning. (2%)
2024-04-23
Security Analysis of WiFi-based Sensing Systems: Threats from Perturbation Attacks. (61%)
Manipulating Recommender Systems: A Survey of Poisoning Attacks and Countermeasures. (61%)
PoisonedFL: Model Poisoning Attacks to Federated Learning via Multi-Round Consistency. (54%)
Perturbing Attention Gives You More Bang for the Buck: Subtle Imaging Perturbations That Efficiently Fool Customized Diffusion Models. (47%)
Talk Too Much: Poisoning Large Language Models under Token Limit. (38%)
Leverage Variational Graph Representation For Model Poisoning on Federated Learning. (10%)
Formal Verification of Graph Convolutional Networks with Uncertain Node Features and Uncertain Graph Structure. (2%)
Does It Make Sense to Explain a Black Box With Another Black Box? (1%)
Graph Machine Learning in the Era of Large Language Models (LLMs). (1%)
2024-04-22
Towards Understanding the Robustness of Diffusion-Based Purification: A Stochastic Perspective. (98%)
Double Privacy Guard: Robust Traceable Adversarial Watermarking against Face Recognition. (93%)
CloudFort: Enhancing Robustness of 3D Point Cloud Classification Against Backdoor Attacks via Spatial Partitioning and Ensemble Prediction. (74%)
Explicit Lipschitz Value Estimation Enhances Policy Robustness Against Perturbation. (67%)
Audio Anti-Spoofing Detection: A Survey. (62%)
Dual Model Replacement:invisible Multi-target Backdoor Attack based on Federal Learning. (41%)
Protecting Your LLMs with Information Bottleneck. (26%)
Competition Report: Finding Universal Jailbreak Backdoors in Aligned LLMs. (13%)
Deep Learning as Ricci Flow. (2%)
Hyp-OC: Hyperbolic One Class Classification for Face Anti-Spoofing. (1%)
Poisoning Attacks on Federated Learning-based Wireless Traffic Prediction. (1%)
Typos that Broke the RAG's Back: Genetic Attack on RAG Pipeline by Simulating Documents in the Wild via Low-level Perturbations. (1%)
2024-04-21
Attack on Scene Flow using Point Clouds. (98%)
Fermi-Bose Machine. (96%)
Robust EEG-based Emotion Recognition Using an Inception and Two-sided Perturbation Model. (50%)
AdvPrompter: Fast Adaptive Adversarial Prompting for LLMs. (47%)
Swap It Like Its Hot: Segmentation-based spoof attacks on eye-tracking images. (26%)
Trojan Detection in Large Language Models: Insights from The Trojan Detection Challenge. (1%)
2024-04-20
Reliable Model Watermarking: Defending Against Theft without Compromising on Evasion. (99%)
Beyond Score Changes: Adversarial Attack on No-Reference Image Quality Assessment from Two Perspectives. (99%)
Pixel is a Barrier: Diffusion Models Are More Adversarially Robust Than We Think. (99%)
Backdoor Attacks and Defenses on Semantic-Symbol Reconstruction in Semantic Communications. (41%)
2024-04-19
How Real Is Real? A Human Evaluation Framework for Unrestricted Adversarial Examples. (99%)
AED-PADA:Improving Generalizability of Adversarial Example Detection via Principal Adversarial Domain Adaptation. (99%)
A Clean-graph Backdoor Attack against Graph Convolutional Networks with Poisoned Label Only. (75%)
Physical Backdoor Attack can Jeopardize Driving with Vision-Large-Language Models. (5%)
MLSD-GAN -- Generating Strong High Quality Face Morphing Attacks using Latent Semantic Disentanglement. (3%)
Model-Based Counterfactual Explanations Incorporating Feature Space Attributes for Tabular Data. (1%)
LSP Framework: A Compensatory Model for Defeating Trigger Reverse Engineering via Label Smoothing Poisoning. (1%)
2024-04-18
Fortify the Guardian, Not the Treasure: Resilient Adversarial Detectors. (99%)
Advancing the Robustness of Large Language Models through Self-Denoised Smoothing. (98%)
SA-Attack: Speed-adaptive stealthy adversarial attack on trajectory prediction. (98%)
Enhance Robustness of Language Models Against Variation Attack through Graph Integration. (33%)
Uncovering Safety Risks of Large Language Models through Concept Activation Vector. (22%)
Proteus: Preserving Model Confidentiality during Graph Optimizations. (15%)
Omniview-Tuning: Boosting Viewpoint Invariance of Vision-Language Pre-training Models. (2%)
Is There No Such Thing as a Bad Question? H4R: HalluciBot For Ratiocination, Rewriting, Ranking, and Routing. (1%)
2024-04-17
The Victim and The Beneficiary: Exploiting a Poisoned Model to Train a Clean Model on Poisoned Data. (83%)
GenFighter: A Generative and Evolutive Textual Attack Removal. (82%)
Utilizing Adversarial Examples for Bias Mitigation and Accuracy Enhancement. (80%)
Exploring DNN Robustness Against Adversarial Attacks Using Approximate Multipliers. (75%)
Exploring the Transferability of Visual Prompting for Multimodal Large Language Models. (2%)
Toward Understanding the Disagreement Problem in Neural Network Feature Attribution. (1%)
Detector Collapse: Backdooring Object Detection to Catastrophic Overload or Blindness. (1%)
Towards Robust and Interpretable EMG-based Hand Gesture Recognition using Deep Metric Meta Learning. (1%)
2024-04-16
Efficiently Adversarial Examples Generation for Visual-Language Models under Targeted Transfer Scenarios using Diffusion Models. (99%)
Adversarial Identity Injection for Semantic Face Image Synthesis. (38%)
Robust Noisy Label Learning via Two-Stream Sample Distillation. (1%)
2024-04-15
Black-box Adversarial Transferability: An Empirical Study in Cybersecurity Perspective. (99%)
Towards a Novel Perspective on Adversarial Examples Driven by Frequency. (99%)
Ti-Patch: Tiled Physical Adversarial Patch for no-reference video quality metrics. (83%)
Improving Weakly-Supervised Object Localization Using Adversarial Erasing and Pseudo Label. (1%)
Enhancing Code Vulnerability Detection via Vulnerability-Preserving Data Augmentation. (1%)
Consistency and Uncertainty: Identifying Unreliable Responses From Black-Box Vision-Language Models for Selective Visual Question Answering. (1%)
2024-04-14
Counteracting Concept Drift by Learning with Future Malware Predictions. (96%)
Watermark-embedded Adversarial Examples for Copyright Protection against Diffusion Models. (96%)
Adversarial Robustness Limits via Scaling-Law and Human-Alignment Studies. (76%)
FaceCat: Enhancing Face Recognition Security with a Unified Generative Model Framework. (22%)
2024-04-13
Stability and Generalization in Free Adversarial Training. (96%)
Proof-of-Learning with Incentive Security. (2%)
2024-04-12
PASA: Attack Agnostic Unsupervised Adversarial Detection using Prediction & Attribution Sensitivity Analysis. (99%)
Counterfactual Explanations for Face Forgery Detection via Adversarial Removal of Artifacts. (99%)
Struggle with Adversarial Defense? Try Diffusion. (99%)
Multimodal Attack Detection for Action Recognition Models. (83%)
A Survey of Neural Network Robustness Assessment in Image Recognition. (83%)
Practical Region-level Attack against Segment Anything Models. (81%)
FCert: Certifiably Robust Few-Shot Classification in the Era of Foundation Models. (69%)
Mitigating Cascading Effects in Large Adversarial Graph Environments. (2%)
On the Robustness of Language Guidance for Low-Level Vision Tasks: Findings from Depth Estimation. (1%)
Empowering Malware Detection Efficiency within Processing-in-Memory Architecture. (1%)
2024-04-11
Persistent Classification: A New Approach to Stability of Data and Adversarial Examples. (98%)
Eliminating Catastrophic Overfitting Via Abnormal Adversarial Examples Regularization. (98%)
Backdoor Contrastive Learning via Bi-level Trigger Optimization. (96%)
Adversarial Robustness of Distilled and Pruned Deep Learning-based Wireless Classifiers. (92%)
CodeFort: Robust Training for Code Generation Models. (33%)
AmpleGCG: Learning a Universal and Transferable Generative Model of Adversarial Suffixes for Jailbreaking Both Open and Closed LLMs. (12%)
LeapFrog: The Rowhammer Instruction Skip Attack. (8%)
Scaling (Down) CLIP: A Comprehensive Analysis of Data, Architecture, and Training Strategies. (1%)
2024-04-10
Logit Calibration and Feature Contrast for Robust Federated Learning on Non-IID Data. (99%)
Lost in Translation: Modern Neural Networks Still Struggle With Small Realistic Image Transformations. (82%)
Adversarial purification for no-reference image-quality metrics: applicability study and new methods. (26%)
Simpler becomes Harder: Do LLMs Exhibit a Coherent Behavior on Simplified Corpora? (2%)
TrajPRed: Trajectory Prediction with Region-based Relation Learning. (1%)
2024-04-09
Towards Building a Robust Toxicity Predictor. (99%)
On adversarial training and the 1 Nearest Neighbor classifier. (99%)
LRR: Language-Driven Resamplable Continuous Representation against Adversarial Tracking Attacks. (80%)
Towards Robust Domain Generation Algorithm Classification. (80%)
SafeGen: Mitigating Unsafe Content Generation in Text-to-Image Models. (41%)
Sandwich attack: Multi-language Mixture Adaptive Attack on LLMs. (31%)
Aggressive or Imperceptible, or Both: Network Pruning Assisted Hybrid Byzantines in Federated Learning. (26%)
How to Craft Backdoors with Unlabeled Data Alone? (1%)
2024-04-08
Certified PEFTSmoothing: Parameter-Efficient Fine-Tuning with Randomized Smoothing. (99%)
David and Goliath: An Empirical Evaluation of Attacks and Defenses for QNNs at the Deep Edge. (99%)
BruSLeAttack: A Query-Efficient Score-Based Black-Box Sparse Adversarial Attack. (99%)
Case Study: Neural Network Malware Detection Verification for Feature and Image Datasets. (98%)
Out-of-Distribution Data: An Acquaintance of Adversarial Examples -- A Survey. (98%)
Quantum Adversarial Learning for Kernel Methods. (75%)
Investigating the Impact of Quantization on Adversarial Robustness. (50%)
SoK: On Gradient Leakage in Federated Learning. (2%)
SphereHead: Stable 3D Full-head Synthesis with Spherical Tri-plane Representation. (1%)
2024-04-07
Semantic Stealth: Adversarial Text Attacks on NLP Using Several Methods. (99%)
Enabling Privacy-Preserving Cyber Threat Detection with Federated Learning. (15%)
How much reliable is ChatGPT's prediction on Information Extraction under Input Perturbations? (5%)
SemEval-2024 Task 2: Safe Biomedical Natural Language Inference for Clinical Trials. (1%)
2024-04-06
CANEDERLI: On The Impact of Adversarial Training and Transferability on CAN Intrusion Detection Systems. (86%)
Learning Minimal NAP Specifications for Neural Network Verification. (80%)
Data Poisoning Attacks on Off-Policy Policy Evaluation Methods. (67%)
Goal-guided Generative Prompt Injection Attack on Large Language Models. (67%)
Structured Gradient-based Interpretations via Norm-Regularized Adversarial Training. (61%)
Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks. (3%)
2024-04-05
Evaluating Adversarial Robustness: A Comparison Of FGSM, Carlini-Wagner Attacks, And The Role of Distillation as Defense Mechanism. (99%)
Reliable Feature Selection for Adversarially Robust Cyber-Attack Detection. (98%)
DiffuseMix: Label-Preserving Data Augmentation with Diffusion Models. (15%)
Compositional Estimation of Lipschitz Constants for Deep Neural Networks. (13%)
Precision Guided Approach to Mitigate Data Poisoning Attacks in Federated Learning. (12%)
2024-04-04
Meta Invariance Defense Towards Generalizable Robustness to Unknown Adversarial Attacks. (99%)
FACTUAL: A Novel Framework for Contrastive Learning Based Robust SAR Image Classification. (98%)
Learn What You Want to Unlearn: Unlearning Inversion Attacks against Machine Unlearning. (16%)
Knowledge Distillation-Based Model Extraction Attack using GAN-based Private Counterfactual Explanations. (8%)
Red Teaming GPT-4V: Are GPT-4V Safe Against Uni/Multi-Modal Jailbreak Attacks? (2%)
2024-04-03
Adversarial Attacks and Dimensionality in Text Classifiers. (99%)
Unsegment Anything by Simulating Deformation. (97%)
"Are Adversarial Phishing Webpages a Threat in Reality?" Understanding the Users' Perception of Adversarial Webpages. (81%)
JailBreakV-28K: A Benchmark for Assessing the Robustness of MultiModal Large Language Models against Jailbreak Attacks. (75%)
Learn to Disguise: Avoid Refusal Responses in LLM's Defense via a Multi-agent Attacker-Disguiser Game. (11%)
A Unified Membership Inference Method for Visual Self-supervised Encoder via Part-aware Capability. (9%)
Steganographic Passport: An Owner and User Verifiable Credential for Deep Model IP Protection Without Retraining. (1%)
2024-04-02
Humanizing Machine-Generated Content: Evading AI-Text Detection through Adversarial Attack. (99%)
Patch Synthesis for Property Repair of Deep Neural Networks. (99%)
Jailbreaking Prompt Attack: A Controllable Adversarial Attack against Diffusion Models. (97%)
One Noise to Rule Them All: Multi-View Adversarial Attacks with Universal Perturbation. (92%)
Defense without Forgetting: Continual Adversarial Defense with Anisotropic & Isotropic Pseudo Replay. (88%)
Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks. (83%)
READ: Improving Relation Extraction from an ADversarial Perspective. (81%)
Two Heads are Better than One: Nested PoE for Robust Defense Against Multi-Backdoors. (64%)
Red-Teaming Segment Anything Model. (45%)
Towards Robust 3D Pose Transfer with Adversarial Learning. (31%)
Designing a Photonic Physically Unclonable Function Having Resilience to Machine Learning Attacks. (12%)
Exploring Backdoor Vulnerabilities of Chat Models. (2%)
CAPE: CAM as a Probabilistic Ensemble for Enhanced DNN Interpretation. (1%)
2024-04-01
The Double-Edged Sword of Input Perturbations to Robust Accurate Fairness. (99%)
Multi-granular Adversarial Attacks against Black-box Neural Ranking Models. (99%)
BadPart: Unified Black-box Adversarial Patch Attacks against Pixel-wise Regression Tasks. (93%)
UFID: A Unified Framework for Input-level Backdoor Detection on Diffusion Models. (61%)
Poisoning Decentralized Collaborative Recommender System and Its Countermeasures. (33%)
Can Biases in ImageNet Models Explain Generalization? (10%)
Privacy Backdoors: Enhancing Membership Inference through Poisoning Pre-trained Models. (2%)
An incremental hybrid adaptive network-based IDS in Software Defined Networks to detect stealth attacks. (1%)
2024-03-31
PID Control-Based Self-Healing to Improve the Robustness of Large Language Models. (75%)
Machine Learning Robustness: A Primer. (62%)
2024-03-30
STBA: Towards Evaluating the Robustness of DNNs for Query-Limited Black-box Scenario. (99%)
Embodied Active Defense: Leveraging Recurrent Feedback to Counter Adversarial Patches. (98%)
Shortcuts Arising from Contrast: Effective and Covert Clean-Label Attacks in Prompt-Based Learning. (5%)
TG-NAS: Generalizable Zero-Cost Proxies with Operator Description Embedding and Graph Learning for Efficient Neural Architecture Search. (1%)
2024-03-29
On Inherent Adversarial Robustness of Active Vision Systems. (99%)
Benchmarking the Robustness of Temporal Action Detection Models Against Temporal Corruptions. (68%)
Deepfake Sentry: Harnessing Ensemble Intelligence for Resilient Detection and Generalisation. (8%)
The Impact of Prompts on Zero-Shot Detection of AI-Generated Text. (2%)
GDA: Generalized Diffusion for Robust Test-time Adaptation. (1%)
Efficient Data-Free Model Stealing with Label Diversity. (1%)
Cross-Lingual Transfer Robustness to Lower-Resource Languages on Adversarial Datasets. (1%)
2024-03-28
Towards Understanding Dual BN In Hybrid Adversarial Training. (82%)
Improving Adversarial Data Collection by Supporting Annotators: Lessons from GAHD, a German Hate Speech Dataset. (82%)
Leveraging Expert Input for Robust and Explainable AI-Assisted Lung Cancer Detection in Chest X-rays. (56%)
On the Robustness of LDP Protocols for Numerical Attributes under Data Poisoning Attacks. (41%)
MedBN: Robust Test-Time Adaptation against Malicious Test Samples. (10%)
Imperceptible Protection against Style Imitation from Diffusion Models. (2%)
A Backdoor Approach with Inverted Labels Using Dirty Label-Flipping Attacks. (1%)
2024-03-27
Uncertainty-Aware SAR ATR: Defending Against Adversarial Attacks via Bayesian Neural Networks. (99%)
CosalPure: Learning Concept from Group Images for Robust Co-Saliency Detection. (99%)
MMCert: Provable Defense against Adversarial Attacks to Multi-modal Models. (98%)
Bayesian Learned Models Can Detect Adversarial Malware For Free. (97%)
MisGUIDE : Defense Against Data-Free Deep Learning Model Extraction. (95%)
Towards Sustainable SecureML: Quantifying Carbon Footprint of Adversarial Machine Learning. (83%)
Deep Learning for Robust and Explainable Models in Computer Vision. (82%)
SemRoDe: Macro Adversarial Training to Learn Representations That are Robust to Word-Level Attacks. (81%)
JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models. (54%)
Vulnerability Detection with Code Language Models: How Far Are We? (26%)
Spikewhisper: Temporal Spike Backdoor Attacks on Federated Neuromorphic Learning over Low-power Devices. (15%)
Robustness and Visual Explanation for Black Box Image, Video, and ECG Signal Classification with Reinforcement Learning. (15%)
The Impact of Uniform Inputs on Activation Sparsity and Energy-Latency Attacks in Computer Vision. (11%)
Fact Checking Beyond Training Set. (1%)
BAM: Box Abstraction Monitors for Real-time OoD Detection in Object Detection. (1%)
2024-03-26
DataCook: Crafting Anti-Adversarial Examples for Healthcare Data Copyright Protection. (92%)
FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids. (78%)
Boosting Adversarial Training via Fisher-Rao Norm-based Regularization. (69%)
Optimization-based Prompt Injection Attack to LLM-as-a-Judge. (45%)
Targeted Visualization of the Backbone of Encoder LLMs. (9%)
Leak and Learn: An Attacker's Cookbook to Train Using Leaked Data from Federated Learning. (1%)
Exploring LLMs as a Source of Targeted Synthetic Textual Data to Minimize High Confidence Misclassifications. (1%)
2024-03-25
$\textit{LinkPrompt}$: Natural and Universal Adversarial Attacks on Prompt-based Language Models. (99%)
Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving. (98%)
The Anatomy of Adversarial Attacks: Concept-based XAI Dissection. (87%)
DeepKnowledge: Generalisation-Driven Deep Learning Testing. (82%)
Revealing Vulnerabilities of Neural Networks in Parameter Learning and Defense Against Explanation-Aware Backdoors. (70%)
LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning. (69%)
Model-less Is the Best Model: Generating Pure Code Implementations to Replace On-Device DL Models. (1%)
2024-03-24
Subspace Defense: Discarding Adversarial Perturbations by Learning a Subspace for Clean Signals. (99%)
Robust Diffusion Models for Adversarial Purification. (98%)
Ensemble Adversarial Defense via Integration of Multiple Dispersed Low Curvature Models. (98%)
Unlearning Backdoor Threats: Enhancing Backdoor Defense in Multimodal Contrastive Learning via Local Token Unlearning. (5%)
Rumor Detection with a novel graph neural network approach. (4%)
Generating Potent Poisons and Backdoors from Scratch with Guided Diffusion. (2%)
A General and Efficient Federated Split Learning with Pre-trained Image Transformers for Heterogeneous Data. (1%)
2024-03-23
Towards Adversarial Robustness And Backdoor Mitigation in SSL. (76%)
Adversarial Defense Teacher for Cross-Domain Object Detection under Poor Visibility Conditions. (64%)
2024-03-22
Robust optimization for adversarial learning with finite sample complexity guarantees. (96%)
A Transfer Attack to Image Watermarks. (96%)
From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices. (26%)
Clean-image Backdoor Attacks. (12%)
Forward Learning for Gradient-based Black-box Saliency Map Generation. (1%)
2024-03-21
Diffusion Attack: Leveraging Stable Diffusion for Naturalistic Image Attacking. (99%)
Few-Shot Adversarial Prompt Learning on Vision-Language Models. (98%)
Reversible Jump Attack to Textual Classifiers with Modification Reduction. (98%)
Improving Robustness to Model Inversion Attacks via Sparse Coding Architectures. (82%)
Adversary-Robust Graph-Based Learning of WSIs. (45%)
Safeguarding Medical Image Segmentation Datasets against Unauthorized Training via Contour- and Texture-Aware Perturbations. (4%)
2024-03-20
FMM-Attack: A Flow-based Multi-modal Adversarial Attack on Video-based LLMs. (97%)
Certified Human Trajectory Prediction. (97%)
DD-RobustBench: An Adversarial Robustness Benchmark for Dataset Distillation. (96%)
Capsule Neural Networks as Noise Stabilizer for Time Series Data. (93%)
Adversarial Attacks and Defenses in Automated Control Systems: A Comprehensive Benchmark. (70%)
Have You Poisoned My Data? Defending Neural Networks against Data Poisoning. (54%)
Mask-based Invisible Backdoor Attacks on Object Detection. (50%)
Defending Against Indirect Prompt Injection Attacks With Spotlighting. (31%)
Don't be a Fool: Pooling Strategies in Offensive Language Detection from User-Intended Adversarial Attacks. (11%)
BadEdit: Backdooring large language models by model editing. (1%)
Teacher-Student Training for Debiasing: General Permutation Debiasing for Large Language Models. (1%)
Threats, Attacks, and Defenses in Machine Unlearning: A Survey. (1%)
2024-03-19
As Firm As Their Foundations: Can open-sourced foundation models be used to create adversarial examples for downstream tasks? (99%)
Boosting Transferability in Vision-Language Attacks via Diversification along the Intersection Region of Adversarial Trajectory. (99%)
ADAPT to Robustify Prompt Tuning Vision Transformers. (98%)
Marlin: Knowledge-Driven Analysis of Provenance Graphs for Efficient and Robust Detection of Cyber Attacks. (75%)
Resilience in Online Federated Learning: Mitigating Model-Poisoning Attacks via Partial Sharing. (9%)
RigorLLM: Resilient Guardrails for Large Language Models against Undesired Content. (8%)
Robust NAS under adversarial training: benchmark, theory, and beyond. (2%)
Discover and Mitigate Multiple Biased Subgroups in Image Classifiers. (1%)
2024-03-18
SSCAE -- Semantic, Syntactic, and Context-aware natural language Adversarial Examples generator. (99%)
LocalStyleFool: Regional Video Style Transfer Attack Using Segment Anything Model. (99%)
Certified Robustness to Clean-Label Poisoning Using Diffusion Denoising. (99%)
Invisible Backdoor Attack Through Singular Value Decomposition. (96%)
Problem space structural adversarial attacks for Network Intrusion Detection Systems based on Graph Neural Networks. (88%)
Impart: An Imperceptible and Effective Label-Specific Backdoor Attack. (83%)
SSAP: A Shape-Sensitive Adversarial Patch for Comprehensive Disruption of Monocular Depth Estimation in Autonomous Navigation Applications. (78%)
Electioneering the Network: Dynamic Multi-Step Adversarial Attacks for Community Canvassing. (61%)
Advancing Time Series Classification with Multimodal Language Modeling. (1%)
Low-Cost Privacy-Preserving Decentralized Learning. (1%)
2024-03-17
Defense Against Adversarial Attacks on No-Reference Image Quality Models with Gradient Norm Regularization. (99%)
A Modified Word Saliency-Based Adversarial Attack on Text Classification Models. (99%)
Robust Overfitting Does Matter: Test-Time Adversarial Purification With FGSM. (99%)
Forging the Forger: An Attempt to Improve Authorship Verification via Data Augmentation. (76%)
RobustSentEmbed: Robust Sentence Embeddings Using Adversarial Self-Supervised Contrastive Learning. (50%)
COLEP: Certifiably Robust Learning-Reasoning Conformal Prediction via Probabilistic Circuits. (22%)
A Dual-Tier Adaptive One-Class Classification IDS for Emerging Cyberthreats. (9%)
Hierarchical Classification for Intrusion Detection System: Effective Design and Empirical Analysis. (2%)
CBR - Boosting Adaptive Classification By Retrieval of Encrypted Network Traffic with Out-of-distribution. (1%)
Pencil: Private and Extensible Collaborative Learning without the Non-Colluding Assumption. (1%)
2024-03-16
Securely Fine-tuning Pre-trained Encoders Against Adversarial Examples. (98%)
Understanding Robustness of Visual State Space Models for Image Classification. (98%)
Improving Adversarial Transferability of Visual-Language Pre-training Models through Collaborative Multimodal Interaction. (92%)
Edge Private Graph Neural Networks with Singular Value Perturbation. (11%)
2024-03-15
Benchmarking Adversarial Robustness of Image Shadow Removal with Shadow-adaptive Attacks. (99%)
Towards Non-Adversarial Algorithmic Recourse. (99%)
Time-Frequency Jointed Imperceptible Adversarial Attack to Brainprint Recognition with Deep Learning Models. (99%)
Introducing Adaptive Continuous Adversarial Training (ACAT) to Enhance ML Robustness. (87%)
Revisiting Adversarial Training under Long-Tailed Distributions. (80%)
Towards Adversarially Robust Dataset Distillation by Curvature Regularization. (64%)
Interactive Trimming against Evasive Online Data Manipulation Attacks: A Game-Theoretic Approach. (50%)
Securing Federated Learning with Control-Flow Attestation: A Novel Framework for Enhanced Integrity and Resilience against Adversarial Attacks. (12%)
Benchmarking Zero-Shot Robustness of Multimodal Foundation Models: A Pilot Study. (11%)
Not Just Change the Labels, Learn the Features: Watermarking Deep Neural Networks with Multi-View Data. (8%)
Backdoor Secrets Unveiled: Identifying Backdoor Data with Optimized Scaled Prediction Consistency. (3%)
NLP Verification: Towards a General Methodology for Certifying Robustness. (1%)
Robust Influence-based Training Methods for Noisy Brain MRI. (1%)
2024-03-14
An Image Is Worth 1000 Lies: Adversarial Transferability across Prompts on Vision-Language Models. (99%)
Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks. (99%)
Adversarial Fine-tuning of Compressed Neural Networks for Joint Improvement of Robustness and Efficiency. (98%)
Soften to Defend: Towards Adversarial Robustness via Self-Guided Label Refinement. (83%)
Robust Subgraph Learning by Monitoring Early Training Representations. (80%)
LDPRecover: Recovering Frequencies from Poisoning Attacks against Local Differential Privacy. (76%)
AdaShield: Safeguarding Multimodal Large Language Models from Structure-based Attack via Adaptive Shield Prompting. (74%)
Towards White Box Deep Learning. (15%)
Symbiotic Game and Foundation Models for Cyber Deception Operations in Strategic Cyber Warfare. (13%)
PreCurious: How Innocent Pre-Trained Language Models Turn into Privacy Traps. (12%)
AVIBench: Towards Evaluating the Robustness of Large Vision-Language Model on Adversarial Visual-Instructions. (5%)
Optimistic Verifiable Training by Controlling Hardware Nondeterminism. (1%)
Medical Unlearnable Examples: Securing Medical Data from Unauthorized Traning via Sparsity-Aware Local Masking. (1%)
ADEdgeDrop: Adversarial Edge Dropping for Robust Graph Neural Networks. (1%)
2024-03-13
Attack Deterministic Conditional Image Generative Models for Diverse and Controllable Generation. (92%)
Fast Inference of Removal-Based Node Influence. (54%)
Tastle: Distract Large Language Models for Automatic Jailbreak Attack. (31%)
Adaptive Hybrid Masking Strategy for Privacy-Preserving Face Recognition Against Model Inversion Attack. (8%)
RAF-GI: Towards Robust, Accurate and Fast-Convergent Gradient Inversion Attack in Federated Learning. (2%)
Verifix: Post-Training Correction to Improve Label Noise Robustness with Verified Samples. (1%)
2024-03-12
Versatile Defense Against Adversarial Attacks on Image Recognition. (99%)
Towards Model Extraction Attacks in GAN-Based Image Translation via Domain Shift Mitigation. (61%)
Backdoor Attack with Mode Mixture Latent Modification. (8%)
Towards a Framework for Deep Learning Certification in Safety-Critical Applications Using Inherently Safe Design and Run-Time Error Detection. (2%)
Duwak: Dual Watermarks in Large Language Models. (2%)
Visual Privacy Auditing with Diffusion Models. (1%)
2024-03-11
Intra-Section Code Cave Injection for Adversarial Evasion Attacks on Windows PE Malware File. (99%)
epsilon-Mesh Attack: A Surface-based Adversarial Point Cloud Attack for Facial Expression Recognition. (99%)
PeerAiD: Improving Adversarial Distillation from a Specialized Peer Tutor. (98%)
Dynamic Perturbation-Adaptive Adversarial Training on Medical Image Classification. (97%)
Disentangling Policy from Offline Task Representation Learning via Adversarial Data Augmentation. (96%)
PCLD: Point Cloud Layerwise Diffusion for Adversarial Purification. (86%)
Overcoming the Paradox of Certified Training with Gaussian Smoothing. (83%)
Real is not True: Backdoor Attacks Against Deepfake Detection. (78%)
Improving deep learning with prior knowledge and cognitive models: A survey on enhancing explainability, adversarial robustness and zero-shot learning. (61%)
Stealing Part of a Production Language Model. (38%)
AS-FIBA: Adaptive Selective Frequency-Injection for Backdoor Attack on Deep Face Restoration. (9%)
A novel interface for adversarial trivia question-writing. (3%)
Towards the Uncharted: Density-Descending Feature Perturbation for Semi-supervised Semantic Segmentation. (2%)
DNNShield: Embedding Identifiers for Deep Neural Network Ownership Verification. (1%)
Impact of Noisy Supervision in Foundation Model Learning. (1%)
Transformers Learn Low Sensitivity Functions: Investigations and Implications. (1%)
2024-03-10
A Zero Trust Framework for Realization and Defense Against Generative AI Attacks in Power Grid. (22%)
2024-03-09
Hard-label based Small Query Black-box Adversarial Attack. (99%)
IOI: Invisible One-Iteration Adversarial Attack on No-Reference Image- and Video-Quality Metrics. (83%)
iBA: Backdoor Attack on 3D Point Cloud via Reconstructing Itself. (82%)
Attacking Transformers with Feature Diversity Adversarial Perturbation. (70%)
2024-03-08
Hide in Thicket: Generating Imperceptible and Rational Adversarial Perturbations on 3D Point Clouds. (99%)
Gemini 1.5: Unlocking multimodal understanding across millions of tokens of context. (99%)
Exploring the Adversarial Frontier: Quantifying Robustness via Adversarial Hypervolume. (98%)
Prepared for the Worst: A Learning-Based Adversarial Attack for Resilience Analysis of the ICP Algorithm. (93%)
Adversarial Sparse Teacher: Defense Against Distillation-Based Model Stealing Attacks Using Adversarial Examples. (93%)
EVD4UAV: An Altitude-Sensitive Benchmark to Evade Vehicle Detection in UAV. (81%)
The Impact of Quantization on the Robustness of Transformer-based Text Classifiers. (45%)
EdgeLeakage: Membership Information Leakage in Distributed Edge Intelligence Systems. (38%)
Speech Robust Bench: A Robustness Benchmark For Speech Recognition. (1%)
2024-03-07
Defending Against Unforeseen Failure Modes with Latent Adversarial Training. (83%)
Fooling Neural Networks for Motion Forecasting via Adversarial Attacks. (33%)
Automatic and Universal Prompt Injection Attacks against Large Language Models. (31%)
ObjectCompose: Evaluating Resilience of Vision-Based Models on Object-to-Background Compositional Changes. (31%)
Cell reprogramming design by transfer learning of functional transcriptional networks. (1%)
Towards Robustness Analysis of E-Commerce Ranking System. (1%)
2024-03-06
Adversarial Infrared Geometry: Using Geometry to Perform Adversarial Attack against Infrared Pedestrian Detectors. (99%)
Improving Adversarial Training using Vulnerability-Aware Perturbation Budget. (99%)
Effect of Ambient-Intrinsic Dimension Gap on Adversarial Vulnerability. (92%)
Belief-Enriched Pessimistic Q-Learning against Adversarial State Perturbations. (16%)
On the Effectiveness of Distillation in Mitigating Backdoors in Pre-trained Encoder. (2%)
Verified Training for Counterfactual Explanation Robustness under Data Shift. (2%)
2024-03-05
Towards Robust Federated Learning via Logits Calibration on Non-IID Data. (99%)
Mitigating Label Flipping Attacks in Malicious URL Detectors Using Ensemble Trees. (96%)
Minimum Topology Attacks for Graph Neural Networks. (83%)
Federated Learning Under Attack: Exposing Vulnerabilities through Data Poisoning Attacks in Computer Networks. (82%)
A general approach to enhance the survivability of backdoor attacks by decision path coupling. (68%)
Robust Federated Learning Mitigates Client-side Training Data Distribution Inference Attacks. (61%)
Uplift Modeling for Target User Attacks on Recommender Systems. (12%)
FLGuard: Byzantine-Robust Federated Learning via Ensemble of Contrastive Models. (11%)
InjecAgent: Benchmarking Indirect Prompt Injections in Tool-Integrated Large Language Model Agents. (11%)
XAI-Based Detection of Adversarial Attacks on Deepfake Detectors. (8%)
2024-03-04
Robustness Bounds on the Successful Adversarial Examples: Theory and Practice. (99%)
One Prompt Word is Enough to Boost Adversarial Robustness for Pre-trained Vision-Language Models. (99%)
Improving the Robustness of Object Detection and Classification AI models against Adversarial Patch Attacks. (99%)
COMMIT: Certifying Robustness of Multi-Sensor Fusion Systems against Semantic Attacks. (96%)
Inf2Guard: An Information-Theoretic Framework for Learning Privacy-Preserving Representations against Inference Attacks. (26%)
BSDP: Brain-inspired Streaming Dual-level Perturbations for Online Open World Object Detection. (16%)
Mirage: Defense against CrossPath Attacks in Software Defined Networks. (3%)
Bayesian Uncertainty Estimation by Hamiltonian Monte Carlo: Applications to Cardiac MRI Segmentation. (1%)
2024-03-03
GuardT2I: Defending Text-to-Image Models from Adversarial Prompts. (10%)
2024-03-02
SAR-AE-SFP: SAR Imagery Adversarial Example in Real Physics domain with Target Scattering Feature Parameters. (99%)
Inexact Unlearning Needs More Careful Evaluations to Avoid a False Sense of Privacy. (68%)
Breaking Down the Defenses: A Comparative Survey of Attacks on Large Language Models. (56%)
AutoDefense: Multi-Agent LLM Defense against Jailbreak Attacks. (31%)
Adversarial Testing for Visual Grounding via Image-Aware Property Reduction. (11%)
Query Recovery from Easy to Hard: Jigsaw Attack against SSE. (2%)
Accelerating Greedy Coordinate Gradient via Probe Sampling. (1%)
2024-03-01
Robust Deep Reinforcement Learning Through Adversarial Attacks and Training : A Survey. (91%)
Resilience of Entropy Model in Distributed Neural Networks. (67%)
Attacking Delay-based PUFs with Minimal Adversary Model. (45%)
2024-02-29
Unraveling Adversarial Examples against Speaker Identification -- Techniques for Attack Detection and Victim Model Classification. (99%)
How to Train your Antivirus: RL-based Hardening through the Problem-Space. (99%)
On Robustness and Generalization of ML-Based Congestion Predictors to Valid and Imperceptible Perturbations. (88%)
Pointing out the Shortcomings of Relation Extraction Models with Semantically Motivated Adversarials. (76%)
Assessing Visually-Continuous Corruption Robustness of Neural Networks Relative to Human Performance. (38%)
Verification of Neural Networks' Global Robustness. (38%)
SynGhost: Imperceptible and Universal Task-agnostic Backdoor Attack in Pre-trained Language Models. (16%)
PRSA: Prompt Stealing Attacks against Real-World Prompt Services. (9%)
Here's a Free Lunch: Sanitizing Backdoored Models with Model Merge. (2%)
Gradient Cuff: Detecting Jailbreak Attacks on Large Language Models by Exploring Refusal Loss Landscapes. (1%)
Unveiling Typographic Deceptions: Insights of the Typographic Vulnerability in Large Vision-Language Model. (1%)
2024-02-28
Enhancing the "Immunity" of Mixture-of-Experts Networks for Adversarial Defense. (99%)
MPAT: Building Robust Deep Neural Networks against Textual Adversarial Attacks. (99%)
Catastrophic Overfitting: A Potential Blessing in Disguise. (98%)
Living-off-The-Land Reverse-Shell Detection by Informed Data Augmentation. (86%)
A New Era in LLM Security: Exploring Security Concerns in Real-World LLM-based Systems. (64%)
Making Them Ask and Answer: Jailbreaking Large Language Models in Few Queries via Disguise and Reconstruction. (33%)
Out-of-Distribution Detection using Neural Activation Prior. (1%)
2024-02-27
Robustness-Congruent Adversarial Training for Secure Machine Learning Model Updates. (99%)
Extreme Miscalibration and the Illusion of Adversarial Robustness. (99%)
Black-box Adversarial Attacks Against Image Quality Assessment Models. (99%)
Enhancing Tracking Robustness with Auxiliary Adversarial Defense Networks. (99%)
LLM-Resistant Math Word Problem Generation via Adversarial Attacks. (87%)
Breaking the Black-Box: Confidence-Guided Model Inversion Attack for Distribution Shift. (83%)
Model X-ray:Detecting Backdoored Models via Decision Boundary. (67%)
Towards Fairness-Aware Adversarial Learning. (11%)
Time-Restricted Double-Spending Attack on PoW-based Blockchains. (1%)
2024-02-26
Improving the JPEG-resistance of Adversarial Attacks on Face Recognition by Interpolation Smoothing. (99%)
Improving behavior based authentication against adversarial attack using XAI. (99%)
Adversarial example soups: averaging multiple adversarial examples improves transferability without increasing additional generation time. (99%)
A Curious Case of Remarkable Resilience to Gradient Attacks via Fully Convolutional and Differentiable Front End with a Skip Connection. (98%)
Adversarial Perturbations of Physical Signals. (92%)
Unveiling Vulnerability of Self-Attention. (87%)
Edge Detectors Can Make Deep Convolutional Neural Networks More Robust. (83%)
Investigating Deep Watermark Security: An Adversarial Transferability Perspective. (64%)
Defending LLMs against Jailbreaking Attacks via Backtranslation. (64%)
Rainbow Teaming: Open-Ended Generation of Diverse Adversarial Prompts. (62%)
Pandora's White-Box: Precise Training Data Detection and Extraction in Large Language Models. (50%)
WIPI: A New Web Threat for LLM-Driven Web Agents. (8%)
RoCoIns: Enhancing Robustness of Large Language Models through Code-Style Instructions. (4%)
An Innovative Information Theory-based Approach to Tackle and Enhance The Transparency in Phishing Detection. (1%)
2024-02-25
From Noise to Clarity: Unraveling the Adversarial Suffix of Large Language Model Attacks via Translation of Text Embeddings. (98%)
An Adversarial Robustness Benchmark for Enterprise Network Intrusion Detection. (92%)
Defending Large Language Models against Jailbreak Attacks via Semantic Smoothing. (76%)
Adversarial-Robust Transfer Learning for Medical Imaging via Domain Assimilation. (73%)
Evaluating Robustness of Generative Search Engine on Adversarial Factual Questions. (13%)
DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers. (2%)
State-of-the-Art Approaches to Enhancing Privacy Preservation of Machine Learning Datasets: A Survey. (1%)
m2mKD: Module-to-Module Knowledge Distillation for Modular Transformers. (1%)
2024-02-24
PRP: Propagating Universal Perturbations to Attack Large Language Model Guard-Rails. (87%)
LLMs Can Defend Themselves Against Jailbreaking in a Practical Manner: A Vision Paper. (86%)
RAUCA: A Novel Physical Adversarial Attack on Vehicle Detectors via Robust and Accurate Camouflage Generation. (82%)
Towards Robust Image Stitching: An Adaptive Resistance Learning against Compatible Attacks. (76%)
Optimal Zero-Shot Detector for Multi-Armed Attacks. (50%)
Sparse MeZO: Less Parameters for Better Performance in Zeroth-Order LLM Fine-Tuning. (1%)
2024-02-23
Distilling Adversarial Robustness Using Heterogeneous Teachers. (99%)
Fast Adversarial Attacks on Language Models In One GPU Minute. (98%)
A Robust Defense against Adversarial Attacks on Deep Learning-based Malware Detectors via (De)Randomized Smoothing. (98%)
ProTIP: Probabilistic Robustness Verification on Text-to-Image Diffusion Models against Stochastic Perturbation. (93%)
On the Duality Between Sharpness-Aware Minimization and Adversarial Training. (92%)
Low-Frequency Black-Box Backdoor Attack via Evolutionary Algorithm. (87%)
Deep Networks Always Grok and Here is Why. (76%)
BSPA: Exploring Black-box Stealthy Prompt Attacks against Image Generators. (67%)
Reinforcement Learning-Based Approaches for Enhancing Security and Resilience in Smart Control: A Survey on Attack and Defense Methods. (61%)
Break the Breakout: Reinventing LM Defense Against Jailbreak Attacks with Self-Refinement. (5%)
Prime+Retouch: When Cache is Locked and Leaked. (2%)
TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning. (1%)
2024-02-22
SoK: Analyzing Adversarial Examples: A Framework to Study Adversary Knowledge. (99%)
Rethinking Invariance Regularization in Adversarial Training to Improve Robustness-Accuracy Trade-off. (98%)
Stop Reasoning! When Multimodal LLMs with Chain-of-Thought Reasoning Meets Adversarial Images. (93%)
Noise-BERT: A Unified Perturbation-Robust Framework with Noise Alignment Pre-training for Noisy Slot Filling Task. (83%)
Mitigating Fine-tuning Jailbreak Attack with Backdoor Enhanced Alignment. (75%)
Getting Serious about Humor: Crafting Humor Datasets with Unfunny Large Language Models. (26%)
2024-02-21
AttackGNN: Red-Teaming GNNs in Hardware Security Using Reinforcement Learning. (99%)
A Simple and Yet Fairly Effective Defense for Graph Neural Networks. (98%)
Adversarial Purification and Fine-tuning for Robust UDC Image Restoration. (98%)
Is LLM-as-a-Judge Robust? Investigating Universal Adversarial Attacks on Zero-shot LLM Assessment. (83%)
Robustness of Deep Neural Networks for Micro-Doppler Radar Classification. (80%)
Whispers in Grammars: Injecting Covert Backdoors to Compromise Dense Retrieval Systems. (76%)
Flexible Physical Camouflage Generation Based on a Differential Approach. (38%)
VL-Trojan: Multimodal Instruction Backdoor Attacks against Autoregressive Visual Language Models. (10%)
Semantic Mirror Jailbreak: Genetic Algorithm Based Jailbreak Prompts Against Open-source LLMs. (8%)
Coercing LLMs to do and reveal (almost) anything. (4%)
T-Stitch: Accelerating Sampling in Pre-Trained Diffusion Models with Trajectory Stitching. (1%)
2024-02-20
QuanTest: Entanglement-Guided Testing of Quantum Neural Network Systems. (92%)
Defending Jailbreak Prompts via In-Context Adversarial Game. (76%)
Round Trip Translation Defence against Large Language Model Jailbreaking Attacks. (75%)
Investigating the Impact of Model Instability on Explanations and Uncertainty. (69%)
A Comprehensive Study of Jailbreak Attack versus Defense for Large Language Models. (68%)
Learning to Poison Large Language Models During Instruction Tuning. (13%)
Stealthy Adversarial Attacks on Stochastic Multi-Armed Bandits. (3%)
The Wolf Within: Covert Injection of Malice into MLLM Societies via an MLLM Operative. (1%)
RITFIS: Robust input testing framework for LLMs-based intelligent software. (1%)
2024-02-19
Query-Based Adversarial Prompt Generation. (99%)
Adversarial Feature Alignment: Balancing Robustness and Accuracy in Deep Learning via Adversarial Training. (99%)
AICAttack: Adversarial Image Captioning Attack with Attention-Based Optimization. (99%)
An Adversarial Approach to Evaluating the Robustness of Event Identification Models. (98%)
Beyond Worst-case Attacks: Robust RL with Adaptive Defense via Non-dominated Policies. (97%)
Stealing the Invisible: Unveiling Pre-Trained CNN Models through Adversarial Examples and Timing Side-Channels. (92%)
Attacks on Node Attributes in Graph Neural Networks. (83%)
Indiscriminate Data Poisoning Attacks on Pre-trained Feature Extractors. (68%)
Self-Guided Robust Graph Structure Refinement. (67%)
Robust CLIP: Unsupervised Adversarial Fine-Tuning of Vision Embeddings for Robust Large Vision-Language Models. (50%)
Defending Against Weight-Poisoning Backdoor Attacks for Parameter-Efficient Fine-Tuning. (15%)
Robustness and Exploration of Variational and Machine Learning Approaches to Inverse Problems: An Overview. (1%)
Amplifying Training Data Exposure through Fine-Tuning with Pseudo-Labeled Memberships. (1%)
Privacy-Preserving Low-Rank Adaptation for Latent Diffusion Models. (1%)
2024-02-18
A Curious Case of Searching for the Correlation between Training Data and Adversarial Robustness of Transformer Textual Models. (93%)
Evaluating Adversarial Robustness of Low dose CT Recovery. (92%)
Evaluating Efficacy of Model Stealing Attacks and Defenses on Quantum Neural Networks. (83%)
The Effectiveness of Random Forgetting for Robust Generalization. (75%)
Poisoned Forgery Face: Towards Backdoor Attacks on Face Forgery Detection. (26%)
Poisoning Federated Recommender Systems with Fake Users. (5%)
SPML: A DSL for Defending Language Models Against Prompt Attacks. (1%)
Teacher as a Lenient Expert: Teacher-Agnostic Data-Free Knowledge Distillation. (1%)
2024-02-17
Maintaining Adversarial Robustness in Continuous Learning. (75%)
Be Persistent: Towards a Unified Solution for Mitigating Shortcuts in Deep Learning. (22%)
Watch Out for Your Agents! Investigating Backdoor Threats to LLM-Based Agents. (8%)
VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger. (2%)
2024-02-16
DART: A Principled Approach to Adversarially Robust Unsupervised Domain Adaptation. (99%)
Theoretical Understanding of Learning from Adversarial Perturbations. (98%)
Assessing biomedical knowledge robustness in large language models by query-efficient sampling attacks. (98%)
VQAttack: Transferable Adversarial Attacks on Visual Question Answering via Pre-trained Models. (92%)
The AI Security Pyramid of Pain. (47%)
AIM: Automated Input Set Minimization for Metamorphic Security Testing. (2%)
Universal Prompt Optimizer for Safe Text-to-Image Generation. (1%)
ToBlend: Token-Level Blending With an Ensemble of LLMs to Attack AI-Generated Text Detection. (1%)
2024-02-15
Camouflage is all you need: Evaluating and Enhancing Language Model Robustness Against Camouflage Adversarial Attacks. (62%)
On the Safety Concerns of Deploying LLMs/VLMs in Robotics: Highlighting the Risks and Vulnerabilities. (31%)
Backdoor Attack against One-Class Sequential Anomaly Detection Models. (9%)
A Trembling House of Cards? Mapping Adversarial Attacks against Language Agents. (5%)
FedRDF: A Robust and Dynamic Aggregation Function against Poisoning Attacks in Federated Learning. (3%)
Some Targets Are Harder to Identify than Others: Quantifying the Target-dependent Membership Leakage. (1%)
Quantum-Inspired Analysis of Neural Network Vulnerabilities: The Role of Conjugate Variables in System Attacks. (1%)
2024-02-14
How Secure Are Large Language Models (LLMs) for Navigation in Urban Environments? (98%)
Exploring the Adversarial Capabilities of Large Language Models. (98%)
PAL: Proxy-Guided Black-Box Attack on Large Language Models. (92%)
Only My Model On My Data: A Privacy Preserving Approach Protecting one Model and Deceiving Unauthorized Black-Box Models. (92%)
Review-Incorporated Model-Agnostic Profile Injection Attacks on Recommender Systems. (76%)
Attacking Large Language Models with Projected Gradient Descent. (67%)
Detecting Adversarial Spectrum Attacks via Distance to Decision Boundary Statistics. (47%)
SafeDecoding: Defending against Jailbreak Attacks via Safety-Aware Decoding. (38%)
Reward Poisoning Attack Against Offline Reinforcement Learning. (12%)
Rapid Adoption, Hidden Risks: The Dual Impact of Large Language Model Customization. (9%)
Adversarial Nibbler: An Open Red-Teaming Method for Identifying Diverse Harms in Text-to-Image Generation. (3%)
Ten Words Only Still Help: Improving Black-Box AI-Generated Text Detection via Proxy-Guided Efficient Re-Sampling. (2%)
Leveraging the Context through Multi-Round Interactions for Jailbreaking Attacks. (1%)
Towards Robust Model-Based Reinforcement Learning Against Adversarial Corruption. (1%)
Immediate generalisation in humans but a generalisation lag in deep neural networks$\unicode{x2014}$evidence for representational divergence? (1%)
Play Guessing Game with LLM: Indirect Jailbreak Attack with Implicit Clues. (1%)
2024-02-13
Faster Repeated Evasion Attacks in Tree Ensembles. (96%)
Generating Universal Adversarial Perturbations for Quantum Classifiers. (93%)
Enhancing Robustness of Indoor Robotic Navigation with Free-Space Segmentation Models Against Adversarial Attacks. (83%)
Data Reconstruction Attacks and Defenses: A Systematic Evaluation. (76%)
COLD-Attack: Jailbreaking LLMs with Stealthiness and Controllability. (62%)
Test-Time Backdoor Attacks on Multimodal Large Language Models. (56%)
Adversarially Robust Feature Learning for Breast Cancer Diagnosis. (33%)
Agent Smith: A Single Image Can Jailbreak One Million Multimodal LLM Agents Exponentially Fast. (31%)
Adaptive Hierarchical Certification for Segmentation using Randomized Smoothing. (10%)
Feature Attribution with Necessity and Sufficiency via Dual-stage Perturbation Test for Causal Explanation. (1%)
2024-02-12
Understanding Deep Learning defenses Against Adversarial Examples Through Visualizations for Dynamic Risk Assessment. (99%)
Topological safeguard for evasion attack interpreting the neural networks' behavior. (89%)
PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Models. (83%)
Privacy-Preserving Gaze Data Streaming in Immersive Interactive Virtual Reality: Robustness and User Experience. (33%)
OrderBkd: Textual backdoor attack through repositioning. (13%)
Tighter Bounds on the Information Bottleneck with Application to Deep Learning. (10%)
Multi-Attribute Vision Transformers are Efficient and Robust Learners. (9%)
Customizable Perturbation Synthesis for Robust SLAM Benchmarking. (9%)
THE COLOSSEUM: A Benchmark for Evaluating Generalization for Robotic Manipulation. (5%)
Accelerated Smoothing: A Scalable Approach to Randomized Smoothing. (3%)
Game of Trojans: Adaptive Adversaries Against Output-based Trojaned-Model Detectors. (3%)
Local Centrality Minimization with Quality Guarantees. (1%)
NeuralSentinel: Safeguarding Neural Network Reliability and Trustworthiness. (1%)
Do Membership Inference Attacks Work on Large Language Models? (1%)
Pixel Sentence Representation Learning. (1%)
2024-02-11
A Random Ensemble of Encrypted Vision Transformers for Adversarially Robust Defense. (99%)
Accuracy of TextFooler black box adversarial attacks on 01 loss sign activation neural network ensemble. (98%)
2024-02-10
Whispers in the Machine: Confidentiality in LLM-integrated Systems. (26%)
Architectural Neural Backdoors from First Principles. (26%)
2024-02-09
Anomaly Unveiled: Securing Image Classification against Adversarial Patch Attacks. (98%)
Fight Back Against Jailbreaking via Prompt Adversarial Tuning. (95%)
RAMP: Boosting Adversarial Robustness Against Multiple $l_p$ Perturbations. (84%)
System-level Analysis of Adversarial Attacks and Defenses on Intelligence in O-RAN based Cellular Networks. (82%)
The SkipSponge Attack: Sponge Weight Poisoning of Deep Neural Networks. (70%)
Corruption Robust Offline Reinforcement Learning with Human Feedback. (67%)
Quantifying and Enhancing Multi-modal Robustness with Modality Preference. (56%)
StruQ: Defending Against Prompt Injection with Structured Queries. (45%)
FedMIA: An Effective Membership Inference Attack Exploiting "All for One" Principle in Federated Learning. (4%)
Blockchain Bribing Attacks and the Efficacy of Counterincentives. (1%)
For Better or For Worse? Learning Minimum Variance Features With Label Augmentation. (1%)
2024-02-08
JailbreakRadar: Comprehensive Assessment of Jailbreak Attacks Against LLMs. (99%)
Investigating White-Box Attacks for On-Device Models. (93%)
TETRIS: Towards Exploring the Robustness of Interactive Segmentation. (81%)
Linearizing Models for Efficient yet Robust Private Inference. (68%)
A High Dimensional Statistical Model for Adversarial Training: Geometry and Trade-Offs. (54%)
Is Adversarial Training with Compressed Datasets Effective? (10%)
FedAA: A Reinforcement Learning Perspective on Adaptive Aggregation for Fair and Robust Federated Learning. (9%)
2024-02-07
Adversarial Robustness Through Artifact Design. (99%)
Breaking Free: How to Hack Safety Guardrails in Black-Box Diffusion Models! (98%)
Analyzing Adversarial Inputs in Deep Reinforcement Learning. (96%)
Assessing the Brittleness of Safety Alignment via Pruning and Low-Rank Modifications. (1%)
2024-02-06
Boosting Adversarial Transferability across Model Genus by Deformation-Constrained Warping. (98%)
Adversarially Robust Deepfake Detection via Adversarial Feature Similarity Learning. (98%)
SUB-PLAY: Adversarial Policies against Partially Observed Multi-Agent Reinforcement Learning Systems. (76%)
PAC-Bayesian Adversarially Robust Generalization Bounds for Graph Neural Network. (75%)
Enhance DNN Adversarial Robustness and Efficiency via Injecting Noise to Non-Essential Neurons. (74%)
BotSSCL: Social Bot Detection with Self-Supervised Contrastive Learning. (64%)
Privacy Leakage on DNNs: A Survey of Model Inversion Attacks and Defenses. (26%)
Studying Vulnerable Code Entities in R. (10%)
DeMarking: A Defense for Network Flow Watermarking in Real-Time. (10%)
HarmBench: A Standardized Evaluation Framework for Automated Red Teaming and Robust Refusal. (2%)
2024-02-05
A Generative Approach to Surrogate-based Black-box Attacks. (99%)
Transcending Adversarial Perturbations: Manifold-Aided Adversarial Examples with Legitimate Semantics. (99%)
Arabic Synonym BERT-based Adversarial Examples for Text Classification. (99%)
Generalization Properties of Adversarial Training for $\ell_0$-Bounded Adversarial Attacks. (92%)
FoolSDEdit: Deceptively Steering Your Edits Towards Targeted Attribute-aware Distribution. (89%)
Time-Distributed Backdoor Attacks on Federated Spiking Learning. (83%)
Shadowcast: Stealthy Data Poisoning Attacks Against Vision-Language Models. (83%)
Partially Recentralization Softmax Loss for Vision-Language Models Robustness. (81%)
Organic or Diffused: Can We Distinguish Human Art from AI-generated Images? (31%)
DisDet: Exploring Detectability of Backdoor Attack on Diffusion Models. (12%)
Exploring Biologically Inspired Mechanisms of Adversarial Robustness. (4%)
FINEST: Stabilizing Recommendations by Rank-Preserving Fine-Tuning. (1%)
2024-02-04
PROSAC: Provably Safe Certification for Machine Learning Models under Adversarial Attacks. (99%)
Adversarial Text Purification: A Large Language Model Approach for Defense. (99%)
DeSparsify: Adversarial Attack Against Token Sparsification Mechanisms in Vision Transformers. (99%)
Exploiting Class Probabilities for Black-box Sentence-level Attacks. (75%)
Evading Deep Learning-Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach. (41%)
Adversarial Data Augmentation for Robust Speaker Verification. (1%)
2024-02-03
Contrasting Adversarial Perturbations: The Space of Harmless Perturbations. (99%)
Evaluating the Robustness of Off-Road Autonomous Driving Segmentation against Adversarial Attacks: A Dataset-Centric analysis. (96%)
Your Diffusion Model is Secretly a Certifiably Robust Classifier. (92%)
MixedNUTS: Training-Free Accuracy-Robustness Balance via Nonlinearly Mixed Classifiers. (76%)
Analyzing Sentiment Polarity Reduction in News Presentation through Contextual Perturbation and Large Language Models. (68%)
CEPA: Consensus Embedded Perturbation for Agnostic Detection and Inversion of Backdoors. (31%)
Towards Optimal Adversarial Robust Q-learning with Bellman Infinity-error. (10%)
Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices. (9%)
Safety Fine-Tuning at (Almost) No Cost: A Baseline for Vision Large Language Models. (5%)
Data Poisoning for In-context Learning. (5%)
2024-02-02
HQA-Attack: Toward High Quality Black-Box Hard-Label Adversarial Attack on Text. (99%)
$\sigma$-zero: Gradient-based Optimization of $\ell_0$-norm Adversarial Examples. (99%)
STAA-Net: A Sparse and Transferable Adversarial Attack for Speech Emotion Recognition. (99%)
Delving into Decision-based Black-box Attacks on Semantic Segmentation. (93%)
Enhanced Urban Region Profiling with Adversarial Self-Supervised Learning for Robust Forecasting and Security. (92%)
SignSGD with Federated Defense: Harnessing Adversarial Attacks through Gradient Sign Decoding. (92%)
Unlearnable Examples For Time Series. (86%)
Preference Poisoning Attacks on Reward Model Learning. (83%)
Privacy-Preserving Distributed Learning for Residential Short-Term Load Forecasting. (3%)
S2malloc: Statistically Secure Allocator for Use-After-Free Protection And More. (3%)
Cheating Suffix: Targeted Attack to Text-To-Image Diffusion Models with Multi-Modal Priors. (2%)
Fundamental Challenges in Cybersecurity and a Philosophy of Vulnerability-Guided Hardening. (1%)
What Will My Model Forget? Forecasting Forgotten Examples in Language Model Refinement. (1%)
2024-02-01
Benchmarking Transferable Adversarial Attacks. (98%)
Hidding the Ghostwriters: An Adversarial Evaluation of AI-Generated Student Essay Detection. (70%)
Double-Dip: Thwarting Label-Only Membership Inference Attacks with Transfer Learning and Randomization. (64%)
Vision-LLMs Can Fool Themselves with Self-Generated Typographic Attacks. (45%)
Approximating Optimal Morphing Attacks using Template Inversion. (9%)
Trustworthy Distributed AI Systems: Robustness, Privacy, and Governance. (8%)
Vaccine: Perturbation-aware Alignment for Large Language Models against Harmful Fine-tuning Attack. (1%)
algoXSSF: Detection and analysis of cross-site request forgery (XSRF) and cross-site scripting (XSS) attacks via Machine learning algorithms. (1%)
2024-01-31
Adversarial Quantum Machine Learning: An Information-Theoretic Generalization Analysis. (95%)
Invariance-powered Trustworthy Defense via Remove Then Restore. (70%)
BrainLeaks: On the Privacy-Preserving Properties of Neuromorphic Architectures against Model Inversion Attacks. (13%)
LoRec: Large Language Model for Robust Sequential Recommendation against Poisoning Attacks. (9%)
Logit Poisoning Attack in Distillation-based Federated Learning and its Countermeasures. (4%)
Manipulating Predictions over Discrete Inputs in Machine Teaching. (1%)
Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines. (1%)
2024-01-30
Single Word Change is All You Need: Designing Attacks and Defenses for Text Classifiers. (99%)
Robust Prompt Optimization for Defending Language Models Against Jailbreaking Attacks. (98%)
Towards Assessing the Synthetic-to-Measured Adversarial Vulnerability of SAR ATR. (98%)
AdvGPS: Adversarial GPS for Multi-Agent Perception Attack. (95%)
Game-Theoretic Unlearnable Example Generator. (92%)
Camouflage Adversarial Attacks on Multiple Agent Systems. (87%)
Weak-to-Strong Jailbreaking on Large Language Models. (81%)
A Proactive and Dual Prevention Mechanism against Illegal Song Covers empowered by Singing Voice Conversion. (75%)
Improving QA Model Performance with Cartographic Inoculation. (26%)
Towards Visual Syntactical Understanding. (4%)
Provably Robust Multi-bit Watermarking for AI-generated Text via Error Correction Code. (2%)
2024-01-29
LESSON: Multi-Label Adversarial False Data Injection Attack for Deep Learning Locational Detection. (99%)
Adversarial Training on Purification (AToP): Advancing Both Robustness and Generalization. (92%)
Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks. (68%)
GPS: Graph Contrastive Learning via Multi-scale Augmented Views from Adversarial Pooling. (5%)
Security and Privacy Challenges of Large Language Models: A Survey. (1%)
2024-01-28
Addressing Noise and Efficiency Issues in Graph-Based Machine Learning Models From the Perspective of Adversarial Attack. (83%)
Transparency Attacks: How Imperceptible Image Layers Can Fool AI Perception. (75%)
Model Supply Chain Poisoning: Backdooring Pre-trained Models via Embedding Indistinguishability. (26%)
2024-01-27
L-AutoDA: Leveraging Large Language Models for Automated Decision-based Adversarial Attacks. (98%)
2024-01-26
Set-Based Training for Neural Network Verification. (99%)
Mitigating Feature Gap for Adversarial Robustness by Feature Disentanglement. (91%)
Multi-Trigger Backdoor Attacks: More Triggers, More Threats. (82%)
Adversarial Attacks and Defenses in 6G Network-Assisted IoT Systems. (81%)
Conserve-Update-Revise to Cure Generalization and Robustness Trade-off in Adversarial Training. (62%)
Asymptotic Behavior of Adversarial Training Estimator under $\ell_\infty$-Perturbation. (38%)
Better Representations via Adversarial Training in Pre-Training: A Theoretical Perspective. (22%)
MEA-Defender: A Robust Watermark against Model Extraction Attack. (13%)
BackdoorBench: A Comprehensive Benchmark and Analysis of Backdoor Learning. (2%)
2024-01-25
Sparse and Transferable Universal Singular Vectors Attack. (99%)
Friendly Attacks to Improve Channel Coding Reliability. (54%)
Semantic Sensitivities and Inconsistent Predictions: Measuring the Fragility of NLI Models. (16%)
The Risk of Federated Learning to Skew Fine-Tuning Features and Underperform Out-of-Distribution Robustness. (2%)
Novel Quadratic Constraints for Extending LipSDP beyond Slope-Restricted Activations. (1%)
Physical Trajectory Inference Attack and Defense in Decentralized POI Recommendation. (1%)
2024-01-24
A Training Rate and Survival Heuristic for Inference and Robustness Evaluation (TRASHFIRE). (92%)
Can overfitted deep neural networks in adversarial training generalize? -- An approximation viewpoint. (86%)
WPDA: Frequency-based Backdoor Attack with Wavelet Packet Decomposition. (76%)
Exploring Adversarial Threat Models in Cyber Physical Battery Systems. (76%)
Fluent dreaming for language models. (64%)
2024-01-23
Boosting the Transferability of Adversarial Examples via Local Mixup and Adaptive Step Size. (99%)
Securing Recommender System via Cooperative Training. (80%)
Compositional Generative Inverse Design. (56%)
AdCorDA: Classifier Refinement via Adversarial Correction and Domain Adaptation. (33%)
ToDA: Target-oriented Diffusion Attacker against Recommendation System. (13%)
DAFA: Distance-Aware Fair Adversarial Training. (2%)
The twin peaks of learning neural networks. (2%)
2024-01-22
Fast Adversarial Training against Textual Adversarial Attacks. (99%)
A Training-Free Defense Framework for Robust Learned Image Compression. (74%)
Adversarial speech for voice privacy protection from Personalized Speech generation. (73%)
NEUROSEC: FPGA-Based Neuromorphic Audio Security. (13%)
Unraveling Attacks in Machine Learning-based IoT Ecosystems: A Survey and the Open Libraries Behind Them. (13%)
Robustness to distribution shifts of compressed networks for edge devices. (8%)
Text Embedding Inversion Security for Multilingual Language Models. (2%)
Out-of-Distribution Detection & Applications With Ablated Learned Temperature Energy. (1%)
2024-01-21
How Robust Are Energy-Based Models Trained With Equilibrium Propagation? (99%)
Analyzing the Quality Attributes of AI Vision Models in Open Repositories Under Adversarial Attacks. (56%)
Adversarial Augmentation Training Makes Action Recognition Models More Robust to Realistic Video Distribution Shifts. (11%)
Efficient local linearity regularization to overcome catastrophic overfitting. (8%)
2024-01-20
Susceptibility of Adversarial Attack on Medical Image Segmentation Models. (99%)
Finding a Needle in the Adversarial Haystack: A Targeted Paraphrasing Approach For Uncovering Edge Cases with Minimal Distribution Distortion. (96%)
CARE: Ensemble Adversarial Robustness Evaluation Against Adaptive Attackers for Security Applications. (80%)
Inducing High Energy-Latency of Large Vision-Language Models with Verbose Images. (33%)
2024-01-19
PuriDefense: Randomized Local Implicit Adversarial Purification for Defending Black-box Query-based Attacks. (99%)
Explainable and Transferable Adversarial Attack for ML-Based Network Intrusion Detectors. (99%)
The Surprising Harmfulness of Benign Overfitting for Adversarial Robustness. (98%)
FIMBA: Evaluating the Robustness of AI in Genomics via Feature Importance Adversarial Attacks. (56%)
Adversarial Robustness of Link Sign Prediction in Signed Graphs. (26%)
BadChain: Backdoor Chain-of-Thought Prompting for Large Language Models. (3%)
Image Safeguarding: Reasoning with Conditional Vision Language Model and Obfuscating Unsafe Content Counterfactually. (1%)
2024-01-18
HGAttack: Transferable Heterogeneous Graph Adversarial Attack. (99%)
Hijacking Attacks against Neural Networks by Analyzing Training Data. (99%)
Adapters Mixup: Mixing Parameter-Efficient Adapters to Enhance the Adversarial Robustness of Fine-tuned Pre-trained Text Classifiers. (99%)
Hacking Predictors Means Hacking Cars: Using Sensitivity Analysis to Identify Trajectory Prediction Vulnerabilities for Autonomous Driving Security. (92%)
Differentially Private and Adversarially Robust Machine Learning: An Empirical Evaluation. (80%)
Investigating Training Strategies and Model Robustness of Low-Rank Adaptation for Language Modeling in Speech Recognition. (15%)
Power in Numbers: Robust reading comprehension by finetuning with four adversarial sentences per example. (13%)
Cross-Modality Perturbation Synergy Attack for Person Re-identification. (5%)
Vulnerabilities of Foundation Model Integrated Federated Learning Under Adversarial Threats. (2%)
Lateral Phishing With Large Language Models: A Large Organization Comparative Study. (1%)
Large Language Models are Efficient Learners of Noise-Robust Speech Recognition. (1%)
2024-01-17
Towards Scalable and Robust Model Versioning. (93%)
Artwork Protection Against Neural Style Transfer Using Locally Adaptive Adversarial Color Attack. (93%)
MITS-GAN: Safeguarding Medical Imaging from Tampering with Generative Adversarial Networks. (26%)
A GAN-based data poisoning framework against anomaly detection in vertical federated learning. (3%)
An Optimal Transport Approach for Computing Adversarial Training Lower Bounds in Multiclass Classification. (3%)
Attack and Reset for Unlearning: Exploiting Adversarial Noise toward Machine Unlearning through Parameter Re-initialization. (1%)
Caught in the Quicksand of Reasoning, Far from AGI Summit: Evaluating LLMs' Mathematical and Coding Competency through Ontology-guided Interventions. (1%)
2024-01-16
Revealing Vulnerabilities in Stable Diffusion via Targeted Attacks. (99%)
Bag of Tricks to Boost Adversarial Transferability. (99%)
A Generative Adversarial Attack for Multilingual Text Classifiers. (99%)
PPR: Enhancing Dodging Attacks while Maintaining Impersonation Attacks on Face Recognition Systems. (99%)
Robust Localization of Key Fob Using Channel Impulse Response of Ultra Wide Band Sensors for Keyless Entry Systems. (92%)
The Effect of Intrinsic Dataset Properties on Generalization: Unraveling Learning Differences Between Natural and Medical Images. (87%)
RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations. (9%)
Towards Efficient and Certified Recovery from Poisoning Attacks in Federated Learning. (8%)
IPR-NeRF: Ownership Verification meets Neural Radiance Field. (3%)
IoTWarden: A Deep Reinforcement Learning Based Real-time Defense System to Mitigate Trigger-action IoT Attacks. (1%)
2024-01-15
Robustness Against Adversarial Attacks via Learning Confined Adversarial Polytopes. (99%)
Authorship Obfuscation in Multilingual Machine-Generated Text Detection. (13%)
2024-01-14
LookAhead: Preventing DeFi Attacks via Unveiling Adversarial Contracts. (80%)
Crafter: Facial Feature Crafting against Inversion-based Identity Theft on Deep Models. (70%)
2024-01-13
Exploring Adversarial Attacks against Latent Diffusion Model from the Perspective of Adversarial Transferability. (99%)
Left-right Discrepancy for Adversarial Attack on Stereo Networks. (98%)
2024-01-12
Adversarial Examples are Misaligned in Diffusion Model Manifolds. (98%)
How Johnny Can Persuade LLMs to Jailbreak Them: Rethinking Persuasion to Challenge AI Safety by Humanizing LLMs. (2%)
Enhancing Consistency and Mitigating Bias: A Data Replay Approach for Incremental Learning. (1%)
An Analytical Framework for Modeling and Synthesizing Malicious Attacks on ACC Vehicles. (1%)
Intention Analysis Makes LLMs A Good Jailbreak Defender. (1%)
2024-01-11
GE-AdvGAN: Improving the transferability of adversarial samples by gradient editing-based adversarial generative model. (99%)
Universal Vulnerabilities in Large Language Models: In-context Learning Backdoor Attacks. (61%)
Revisiting Jailbreaking for Large Language Models: A Representation Engineering Perspective. (22%)
Can We Trust the Unlabeled Target Data? Towards Backdoor Attack and Defense on Model Adaptation. (8%)
Manipulating Feature Visualizations with Gradient Slingshots. (3%)
Combating Adversarial Attacks with Multi-Agent Debate. (3%)
2024-01-10
Exploring Vulnerabilities of No-Reference Image Quality Assessment Models: A Query-Based Black-Box Method. (83%)
TrustLLM: Trustworthiness in Large Language Models. (75%)
SENet: Visual Detection of Online Social Engineering Attack Campaigns. (4%)
Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training. (2%)
CoLafier: Collaborative Noisy Label Purifier With Local Intrinsic Dimensionality Guidance. (1%)
Brave: Byzantine-Resilient and Privacy-Preserving Peer-to-Peer Federated Learning. (1%)
FBSDetector: Fake Base Station and Multi Step Attack Detection in Cellular Networks using Machine Learning. (1%)
2024-01-09
Revisiting Adversarial Training at Scale. (26%)
SoK: Facial Deepfake Detectors. (11%)
Advancing Ante-Hoc Explainable Models through Generative Adversarial Networks. (3%)
2024-01-08
Pre-trained Model Guided Fine-Tuning for Zero-Shot Adversarial Robustness. (99%)
Robustness Assessment of a Runway Object Classifier for Safe Aircraft Taxiing. (54%)
Coupling Graph Neural Networks with Fractional Order Continuous Dynamics: A Robustness Study. (45%)
Logits Poisoning Attack in Federated Distillation. (12%)
Attack-Resilient Image Watermarking Using Stable Diffusion. (3%)
Dense Hopfield Networks in the Teacher-Student Setting. (1%)
2024-01-07
Invisible Reflections: Leveraging Infrared Laser Reflections to Target Traffic Sign Perception. (87%)
Data-Driven Subsampling in the Presence of an Adversarial Actor. (86%)
ROIC-DM: Robust Text Inference and Classification via Diffusion Model. (33%)
2024-01-06
Data-Dependent Stability Analysis of Adversarial Training. (98%)
End-to-End Anti-Backdoor Learning on Images and Time Series. (61%)
2024-01-05
Transferable Learned Image Compression-Resistant Adversarial Perturbations. (99%)
Enhancing targeted transferability via feature space fine-tuning. (98%)
Calibration Attack: A Framework For Adversarial Attacks Targeting Calibration. (76%)
A backdoor attack against link prediction tasks with graph neural networks. (45%)
TEN-GUARD: Tensor Decomposition for Backdoor Attack Detection in Deep Neural Networks. (1%)
MLLM-Protector: Ensuring MLLM's Safety without Hurting Performance. (1%)
2024-01-04
Vulnerabilities Unveiled: Adversarially Attacking a Multimodal Vision Langauge Model for Pathology Imaging. (99%)
A Random Ensemble of Encrypted models for Enhancing Robustness against Adversarial Examples. (99%)
AdvSQLi: Generating Adversarial SQL Injections against Real-world WAF-as-a-service. (95%)
Evasive Hardware Trojan through Adversarial Power Trace. (92%)
Object-oriented backdoor attack against image captioning. (76%)
DEM: A Method for Certifying Deep Neural Network Classifier Outputs in Aerospace. (2%)
Secure Control of Connected and Automated Vehicles Using Trust-Aware Robust Event-Triggered Control Barrier Functions. (2%)
A Survey Analyzing Generalization in Deep Reinforcement Learning. (1%)
2024-01-03
Towards Robust Semantic Segmentation against Patch-based Attack via Attention Refinement. (92%)
Spy-Watermark: Robust Invisible Watermarking for Backdoor Attack. (62%)
FullLoRA-AT: Efficiently Boosting the Robustness of Pretrained Vision Transformers. (33%)
Integrated Cyber-Physical Resiliency for Power Grids under IoT-Enabled Dynamic Botnet Attacks. (22%)
Enhancing Generalization of Invisible Facial Privacy Cloak via Gradient Accumulation. (1%)
2024-01-02
JMA: a General Algorithm to Craft Nearly Optimal Targeted Adversarial Example. (99%)
Dual Teacher Knowledge Distillation with Domain Alignment for Face Anti-spoofing. (92%)
SpecFormer: Guarding Vision Transformer Robustness via Maximum Singular Value Penalization. (75%)
Unveiling the Stealthy Threat: Analyzing Slow Drift GPS Spoofing Attacks for Autonomous Vehicles in Urban Environments and Enabling the Resilience. (10%)
Imperio: Language-Guided Backdoor Attacks for Arbitrary Model Control. (4%)
Will 6G be Semantic Communications? Opportunities and Challenges from Task Oriented and Secure Communications to Integrated Sensing. (2%)
2024-01-01
Safety and Performance, Why Not Both? Bi-Objective Optimized Model Compression against Heterogeneous Attacks Toward AI Software Deployment. (12%)
Detection and Defense Against Prominent Attacks on Preconditioned LLM-Integrated Virtual Assistants. (8%)
A Novel Evaluation Framework for Assessing Resilience Against Prompt Injection Attacks in Large Language Models. (2%)
2023-12-31
AR-GAN: Generative Adversarial Network-Based Defense Method Against Adversarial Attacks on the Traffic Sign Classification System of Autonomous Vehicles. (99%)
Does Few-shot Learning Suffer from Backdoor Attacks? (98%)
Is It Possible to Backdoor Face Forgery Detection with Natural Triggers? (68%)
2023-12-30
Explainability-Driven Leaf Disease Classification using Adversarial Training and Knowledge Distillation. (84%)
CamPro: Camera-based Anti-Facial Recognition. (81%)
TPatch: A Triggered Physical Adversarial Patch. (76%)
A clean-label graph backdoor attack method in node classification task. (9%)
2023-12-29
Jatmo: Prompt Injection Defense by Task-Specific Finetuning. (54%)
SSL-OTA: Unveiling Backdoor Threats in Self-Supervised Learning for Object Detection. (11%)
Towards Faithful Explanations for Text Classification with Robustness Improvement and Explanation Guided Training. (9%)
2023-12-28
Adversarial Attacks on Image Classification Models: Analysis and Defense. (99%)
Attack Tree Analysis for Adversarial Evasion Attacks. (99%)
BlackboxBench: A Comprehensive Benchmark of Black-box Adversarial Attacks. (99%)
Can you See me? On the Visibility of NOPs against Android Malware Detectors. (98%)
MVPatch: More Vivid Patch for Adversarial Camouflaged Attacks on Object Detectors in the Physical World. (98%)
Explainability-Based Adversarial Attack on Graphs Through Edge Perturbation. (92%)
DOEPatch: Dynamically Optimized Ensemble Model for Adversarial Patches Generation. (83%)
Securing NextG Systems against Poisoning Attacks on Federated Learning: A Game-Theoretic Solution. (64%)
Timeliness: A New Design Metric and a New Attack Surface. (1%)
2023-12-27
Adversarial Attacks on LoRa Device Identification and Rogue Signal Detection with Deep Learning. (98%)
Domain Generalization with Vital Phase Augmentation. (3%)
2023-12-26
From text to multimodal: a survey of adversarial example generation in question answering systems. (92%)
Natural Adversarial Patch Generation Method Based on Latent Diffusion Model. (76%)
Robust Survival Analysis with Adversarial Regularization. (61%)
Universal Pyramid Adversarial Training for Improved ViT Performance. (5%)
2023-12-25
GanFinger: GAN-Based Fingerprint Generation for Deep Neural Network Ownership Verification. (96%)
Adversarial Item Promotion on Visually-Aware Recommender Systems by Guided Diffusion. (84%)
Punctuation Matters! Stealthy Backdoor Attack for Language Models. (11%)
2023-12-23
Adversarial Data Poisoning for Fake News Detection: How to Make a Model Misclassify a Target News without Modifying It. (10%)
Pre-trained Trojan Attacks for Visual Recognition. (1%)
TVE: Learning Meta-attribution for Transferable Vision Explainer. (1%)
2023-12-22
MEAOD: Model Extraction Attack against Object Detectors. (83%)
Asymmetric Bias in Text-to-Image Generation with Adversarial Attacks. (82%)
Understanding the Regularity of Self-Attention with Optimal Transport. (31%)
Attacking Byzantine Robust Aggregation in High Dimensions. (22%)
SODA: Protecting Proprietary Information in On-Device Machine Learning Models. (4%)
Adaptive Domain Inference Attack. (2%)
Energy-based learning algorithms for analog computing: a comparative study. (2%)
2023-12-21
AutoAugment Input Transformation for Highly Transferable Targeted Attacks. (99%)
Where and How to Attack? A Causality-Inspired Recipe for Generating Counterfactual Adversarial Examples. (98%)
Elevating Defenses: Bridging Adversarial Training and Watermarking for Model Resilience. (86%)
Adversarial Infrared Curves: An Attack on Infrared Pedestrian Detectors in the Physical World. (74%)
Exploiting Novel GPT-4 APIs. (8%)
2023-12-20
Mutual-modality Adversarial Attack with Semantic Perturbation. (99%)
LRS: Enhancing Adversarial Transferability through Lipschitz Regularized Surrogate. (99%)
Adversarial Markov Games: On Adaptive Decision-Based Attacks and Defenses. (98%)
Benchmarking and Defending Against Indirect Prompt Injection Attacks on Large Language Models. (98%)
PGN: A perturbation generation network against deep reinforcement learning. (96%)
ARBiBench: Benchmarking Adversarial Robustness of Binarized Neural Networks. (96%)
Scaling Compute Is Not All You Need for Adversarial Robustness. (93%)
Doubly Perturbed Task Free Continual Learning. (9%)
Interactive Visualization of Time-Varying Flow Fields Using Particle Tracing Neural Networks. (1%)
2023-12-19
Tensor Train Decomposition for Adversarial Attacks on Computer Vision Models. (96%)
Rethinking Randomized Smoothing from the Perspective of Scalability. (86%)
SkyMask: Attack-agnostic Robust Federated Learning with Fine-grained Learnable Masks. (74%)
Progressive Poisoned Data Isolation for Training-time Backdoor Defense. (61%)
Adversarial AutoMixup. (11%)
Shaping Up SHAP: Enhancing Stability through Layer-Wise Neighbor Selection. (1%)
I-CEE: Tailoring Explanations of Image Classifications Models to User Expertise. (1%)
2023-12-18
Gemini: A Family of Highly Capable Multimodal Models. (99%)
Adv-Diffusion: Imperceptible Adversarial Face Identity Attack via Latent Diffusion Model. (99%)
The Ultimate Combo: Boosting Adversarial Example Transferability by Composing Data Augmentations. (99%)
DataElixir: Purifying Poisoned Dataset to Mitigate Backdoor Attacks via Diffusion Models. (16%)
A Comprehensive Survey of Attack Techniques, Implementation, and Mitigation Strategies in Large Language Models. (10%)
Model Stealing Attack against Recommender System. (10%)
Model Stealing Attack against Graph Classification with Authenticity, Uncertainty and Diversity. (4%)
MISA: Unveiling the Vulnerabilities in Split Federated Learning. (1%)
A Survey of Side-Channel Attacks in Context of Cache -- Taxonomies, Analysis and Mitigation. (1%)
2023-12-17
UltraClean: A Simple Framework to Train Robust Neural Networks against Backdoor Attacks. (98%)
The Pros and Cons of Adversarial Robustness. (92%)
A Mutation-Based Method for Multi-Modal Jailbreaking Attack Detection. (80%)
Robust Node Representation Learning via Graph Variational Diffusion Networks. (11%)
A Study on Transferability of Deep Learning Models for Network Intrusion Detection. (4%)
2023-12-16
Perturbation-Invariant Adversarial Training for Neural Ranking Models: Improving the Effectiveness-Robustness Trade-Off. (99%)
Rethinking Robustness of Model Attributions. (80%)
SAME: Sample Reconstruction Against Model Extraction Attacks. (13%)
TrojFair: Trojan Fairness Attacks. (8%)
Transformers in Unsupervised Structure-from-Motion. (3%)
TrojFSP: Trojan Insertion in Few-shot Prompt Tuning. (2%)
2023-12-15
LogoStyleFool: Vitiating Video Recognition Systems via Logo Style Transfer. (99%)
Embodied Adversarial Attack: A Dynamic Robust Physical Attack in Autonomous Driving. (99%)
Towards Transferable Targeted 3D Adversarial Attack in the Physical World. (99%)
A Malware Classification Survey on Adversarial Attacks and Defences. (98%)
FlowMur: A Stealthy and Practical Audio Backdoor Attack with Limited Knowledge. (76%)
Closing the Gap: Achieving Better Accuracy-Robustness Tradeoffs Against Query-Based Attacks. (74%)
Fragility, Robustness and Antifragility in Deep Learning. (67%)
VNN: Verification-Friendly Neural Networks with Hard Robustness Guarantees. (67%)
Silent Guardian: Protecting Text from Malicious Exploitation by Large Language Models. (10%)
2023-12-14
AVA: Inconspicuous Attribute Variation-based Adversarial Attack bypassing DeepFake Detection. (99%)
Continual Adversarial Defense. (95%)
SlowTrack: Increasing the Latency of Camera-based Perception in Autonomous Driving Using Adversarial Examples. (92%)
On the Difficulty of Defending Contrastive Learning against Backdoor Attacks. (84%)
Detection and Defense of Unlearnable Examples. (81%)
Improve Robustness of Reinforcement Learning against Observation Perturbations via $l_\infty$ Lipschitz Policy Networks. (81%)
Adversarial Robustness on Image Classification with $k$-means. (81%)
Data and Model Poisoning Backdoor Attacks on Wireless Federated Learning, and the Defense Mechanisms: A Comprehensive Survey. (76%)
DRAM-Locker: A General-Purpose DRAM Protection Mechanism against Adversarial DNN Weight Attacks. (45%)
No-Skim: Towards Efficiency Robustness Evaluation on Skimming-based Language Models. (45%)
Forbidden Facts: An Investigation of Competing Objectives in Llama-2. (45%)
Coevolutionary Algorithm for Building Robust Decision Trees under Minimax Regret. (13%)
Exploring Transferability for Randomized Smoothing. (5%)
Split-Ensemble: Efficient OOD-aware Ensemble via Task and Model Splitting. (1%)
2023-12-13
Defenses in Adversarial Machine Learning: A Survey. (99%)
Robust Few-Shot Named Entity Recognition with Boundary Discrimination and Correlation Purification. (99%)
Universal Adversarial Framework to Improve Adversarial Robustness for Diabetic Retinopathy Detection. (98%)
Towards Inductive Robustness: Distilling and Fostering Wave-induced Resonance in Transductive GCNs Against Graph Adversarial Attacks. (83%)
Scalable Ensemble-based Detection Method against Adversarial Attacks for speaker verification. (64%)
Accelerating the Global Aggregation of Local Explanations. (47%)
Erasing Self-Supervised Learning Backdoor by Cluster Activation Masking. (22%)
Efficient Representation of the Activation Space in Deep Neural Networks. (11%)
Efficient Toxic Content Detection by Bootstrapping and Distilling Large Language Models. (1%)
2023-12-12
Radio Signal Classification by Adversarially Robust Quantum Machine Learning. (99%)
SSTA: Salient Spatially Transformed Attack. (99%)
DTA: Distribution Transform-based Attack for Query-Limited Scenario. (99%)
May the Noise be with you: Adversarial Training without Adversarial Examples. (98%)
Collapse-Oriented Adversarial Training with Triplet Decoupling for Robust Image Retrieval. (98%)
Focus on Hiders: Exploring Hidden Threats for Enhancing Adversarial Training. (98%)
QuadAttack: A Quadratic Programming Approach to Ordered Top-K Attacks. (97%)
Attacking the Loop: Adversarial Attacks on Graph-based Loop Closure Detection. (92%)
ReRoGCRL: Representation-based Robustness in Goal-Conditioned Reinforcement Learning. (86%)
Robust MRI Reconstruction by Smoothed Unrolling (SMUG). (82%)
Cost Aware Untargeted Poisoning Attack against Graph Neural Networks,. (70%)
EdgePruner: Poisoned Edge Pruning in Graph Contrastive Learning. (47%)
Causality Analysis for Evaluating the Security of Large Language Models. (22%)
SimAC: A Simple Anti-Customization Method for Protecting Face Privacy against Text-to-Image Synthesis of Diffusion Models. (13%)
Divide-and-Conquer Attack: Harnessing the Power of LLM to Bypass Safety Filters of Text-to-Image Models. (8%)
Eroding Trust In Aerial Imagery: Comprehensive Analysis and Evaluation Of Adversarial Attacks In Geospatial Systems. (5%)
Securing Graph Neural Networks in MLaaS: A Comprehensive Realization of Query-based Integrity Verification. (2%)
Majority is Not Required: A Rational Analysis of the Private Double-Spend Attack from a Sub-Majority Adversary. (1%)
Rethinking Model Inversion Attacks With Patch-Wise Reconstruction. (1%)
2023-12-11
MalPurifier: Enhancing Android Malware Detection with Adversarial Purification against Evasion Attacks. (99%)
Towards Transferable Adversarial Attacks with Centralized Perturbation. (99%)
Sparse but Strong: Crafting Adversarially Robust Graph Lottery Tickets. (83%)
Reward Certification for Policy Smoothed Reinforcement Learning. (78%)
Activation Gradient based Poisoned Sample Detection Against Backdoor Attacks. (31%)
Poisoned ChatGPT Finds Work for Idle Hands: Exploring Developers' Coding Practices with Insecure Suggestions from Poisoned AI Models. (22%)
Promoting Counterfactual Robustness through Diversity. (13%)
Resilient Path Planning for UAVs in Data Collection under Adversarial Attacks. (10%)
Adversarial Camera Patch: An Effective and Robust Physical-World Attack on Object Detectors. (1%)
Robust Graph Neural Network based on Graph Denoising. (1%)
2023-12-10
Data-Free Hard-Label Robustness Stealing Attack. (86%)
A Practical Survey on Emerging Threats from AI-driven Voice Attacks: How Vulnerable are Commercial Voice Control Systems? (76%)
An Ambiguity Measure for Recognizing the Unknowns in Deep Learning. (12%)
METAL: Metamorphic Testing Framework for Analyzing Large-Language Model Qualities. (2%)
2023-12-09
Poisoning $\times$ Evasion: Symbiotic Adversarial Robustness for Graph Neural Networks. (99%)
Improving Adversarial Robust Fairness via Anti-Bias Soft Label Distillation. (98%)
Dynamic Adversarial Attacks on Autonomous Driving Systems. (98%)
Initialization Matters for Adversarial Transfer Learning. (76%)
2023-12-08
HC-Ref: Hierarchical Constrained Refinement for Robust Adversarial Training of GNNs. (99%)
SA-Attack: Improving Adversarial Transferability of Vision-Language Pre-training Models via Self-Augmentation. (99%)
MIMIR: Masked Image Modeling for Mutual Information-based Adversarial Robustness. (99%)
BELT: Old-School Backdoor Attacks can Evade the State-of-the-Art Defense with Backdoor Exclusivity Lifting. (96%)
An adversarial attack approach for eXplainable AI evaluation on deepfake detection models. (38%)
A Red Teaming Framework for Securing AI in Maritime Autonomous Systems. (3%)
Annotation-Free Group Robustness via Loss-Based Resampling. (2%)
HuRef: HUman-REadable Fingerprint for Large Language Models. (2%)
Topology-Based Reconstruction Prevention for Decentralised Learning. (1%)
2023-12-07
MimicDiffusion: Purifying Adversarial Perturbation via Mimicking Clean Diffusion Model. (99%)
OT-Attack: Enhancing Adversarial Transferability of Vision-Language Models via Optimal Transport Optimization. (99%)
Diffence: Fencing Membership Privacy With Diffusion Models. (97%)
FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning. (70%)
Forcing Generative Models to Degenerate Ones: The Power of Data Poisoning Attacks. (64%)
DeceptPrompt: Exploiting LLM-driven Code Generation via Adversarial Natural Language Instructions. (15%)
2023-12-06
Defense against ML-based Power Side-channel Attacks on DNN Accelerators with Adversarial Attacks. (98%)
Defense Against Adversarial Attacks using Convolutional Auto-Encoders. (97%)
Node-aware Bi-smoothing: Certified Robustness against Graph Injection Attacks. (88%)
RoAST: Robustifying Language Models via Adversarial Perturbation with Selective Training. (54%)
Detecting Voice Cloning Attacks via Timbre Watermarking. (13%)
Synthesizing Physical Backdoor Datasets: An Automated Framework Leveraging Deep Generative Models. (11%)
Dr. Jekyll and Mr. Hyde: Two Faces of LLMs. (4%)
MICRO: Model-Based Offline Reinforcement Learning with a Conservative Bellman Operator. (2%)
2023-12-05
Generating Visually Realistic Adversarial Patch. (99%)
A Simple Framework to Enhance the Adversarial Robustness of Deep Learning-based Intrusion Detection System. (99%)
Realistic Scatterer Based Adversarial Attacks on SAR Image Classifiers. (99%)
ScAR: Scaling Adversarial Robustness for LiDAR Object Detection. (99%)
Class Incremental Learning for Adversarial Robustness. (98%)
Provable Adversarial Robustness for Group Equivariant Tasks: Graphs, Point Clouds, Molecules, and More. (89%)
On the Robustness of Large Multimodal Models Against Image Adversarial Attacks. (69%)
Scaling Laws for Adversarial Attacks on Language Model Activations. (50%)
Indirect Gradient Matching for Adversarial Robust Distillation. (13%)
Robust Backdoor Detection for Deep Learning via Topological Evolution Dynamics. (3%)
Prompt Optimization via Adversarial In-Context Learning. (3%)
Privacy-Preserving Task-Oriented Semantic Communications Against Model Inversion Attacks. (2%)
Machine Vision Therapy: Multimodal Large Language Models Can Enhance Visual Robustness via Denoising In-Context Learning. (2%)
2023-12-04
Adversarial Medical Image with Hierarchical Feature Hiding. (99%)
InstructTA: Instruction-Tuned Targeted Attack for Large Vision-Language Models. (99%)
Singular Regularization with Information Bottleneck Improves Model's Adversarial Robustness. (98%)
Two-stage optimized unified adversarial patch for attacking visible-infrared cross-modal detectors in the physical world. (12%)
Auto DP-SGD: Dual Improvements of Privacy and Accuracy via Automatic Clipping Threshold and Noise Multiplier Estimation. (1%)
Rejuvenating image-GPT as Strong Visual Representation Learners. (1%)
2023-12-03
QuantAttack: Exploiting Dynamic Quantization to Attack Vision Transformers. (99%)
OCGEC: One-class Graph Embedding Classification for DNN Backdoor Detection. (61%)
Evaluating the Security of Satellite Systems. (16%)
Exploring Adversarial Robustness of LiDAR-Camera Fusion Model in Autonomous Driving. (13%)
Towards Sample-specific Backdoor Attack with Clean Labels via Attribute Trigger. (2%)
2023-12-02
TranSegPGD: Improving Transferability of Adversarial Examples on Semantic Segmentation. (99%)
Rethinking PGD Attack: Is Sign Function Necessary? (98%)
PROFL: A Privacy-Preserving Federated Learning Method with Stringent Defense Against Poisoning Attacks. (61%)
Mendata: A Framework to Purify Manipulated Training Data. (2%)
2023-12-01
TransURL: Improving malicious URL detection with multi-layer Transformer encoding and multi-scale pyramid features. (83%)
Survey of Security Issues in Memristor-based Machine Learning Accelerators for RF Analysis. (22%)
Deep Generative Attacks and Countermeasures for Data-Driven Offline Signature Verification. (10%)
The Philosopher's Stone: Trojaning Plugins of Large Language Models. (4%)
Temperature Balancing, Layer-wise Weight Analysis, and Neural Network Training. (1%)
Crystal: Enhancing Blockchain Mining Transparency with Quorum Certificate. (1%)
2023-11-30
Improving the Robustness of Quantized Deep Neural Networks to White-Box Attacks using Stochastic Quantization and Information-Theoretic Ensemble Training. (98%)
Adversarial Attacks and Defenses for Wireless Signal Classifiers using CDI-aware GANs. (98%)
Universal Backdoor Attacks. (97%)
Fool the Hydra: Adversarial Attacks against Multi-view Object Detection Systems. (97%)
Corrupting Convolution-based Unlearnable Datasets with Pixel-based Image Transformations. (88%)
Optimal Attack and Defense for Reinforcement Learning. (76%)
Can Protective Perturbation Safeguard Personal Data from Being Exploited by Stable Diffusion? (74%)
Improving Adversarial Transferability via Model Alignment. (68%)
Data-Agnostic Model Poisoning against Federated Learning: A Graph Autoencoder Approach. (62%)
Mark My Words: Analyzing and Evaluating Language Model Watermarks. (9%)
2023-11-29
Improving the Robustness of Transformer-based Large Language Models with Dynamic Attention. (98%)
Group-wise Sparse and Explainable Adversarial Attacks. (96%)
Quantum Neural Networks under Depolarization Noise: Exploring White-Box Attacks and Defenses. (88%)
On the Adversarial Robustness of Graph Contrastive Learning Methods. (83%)
Adversarial Robust Memory-Based Continual Learner. (81%)
Improving Faithfulness for Vision Transformers. (80%)
TARGET: Template-Transferable Backdoor Attack Against Prompt-based NLP Models via GPT4. (68%)
Topology-Preserving Adversarial Training. (10%)
Query-Relevant Images Jailbreak Large Multi-Modal Models. (9%)
Analyzing and Explaining Image Classifiers via Diffusion Guidance. (8%)
Poisoning Attacks Against Contrastive Recommender Systems. (2%)
SenTest: Evaluating Robustness of Sentence Encoders. (2%)
Critical Influence of Overparameterization on Sharpness-aware Minimization. (1%)
Meta Co-Training: Two Views are Better than One. (1%)
CLIPC8: Face liveness detection algorithm based on image-text pairs and contrastive learning. (1%)
Unveiling the Implicit Toxicity in Large Language Models. (1%)
2023-11-28
Vulnerability Analysis of Transformer-based Optical Character Recognition to Adversarial Attacks. (99%)
NeRFTAP: Enhancing Transferability of Adversarial Patches on Face Recognition using Neural Radiance Fields. (99%)
Efficient Key-Based Adversarial Defense for ImageNet by Using Pre-trained Model. (98%)
RADAP: A Robust and Adaptive Defense Against Diverse Adversarial Patches on Face Recognition. (92%)
STR-Cert: Robustness Certification for Deep Text Recognition on Deep Learning Pipelines and Vision Transformers. (26%)
1-Lipschitz Layers Compared: Memory, Speed, and Certifiable Robustness. (13%)
Scalable Extraction of Training Data from (Production) Language Models. (10%)
Cooperative Abnormal Node Detection with Adversary Resistance. (10%)
On robust overfitting: adversarial training induced distribution matters. (1%)
Understanding the (Extra-)Ordinary: Validating Deep Model Decisions with Prototypical Concept-based Explanations. (1%)
Shadows Don't Lie and Lines Can't Bend! Generative Models don't know Projective Geometry...for now. (1%)
Enhancing Cyber-Resilience in Integrated Energy System Scheduling with Demand Response Using Deep Reinforcement Learning. (1%)
2023-11-27
RetouchUAA: Unconstrained Adversarial Attack via Image Retouching. (99%)
Adversaral Doodles: Interpretable and Human-drawable Attacks Provide Describable Insights. (99%)
Rethinking Mixup for Improving the Adversarial Transferability. (98%)
Instruct2Attack: Language-Guided Semantic Adversarial Attacks. (98%)
CLAP: Isolating Content from Style through Contrastive Learning with Augmented Prompts. (95%)
A Survey on Vulnerability of Federated Learning: A Learning Algorithm Perspective. (50%)
Threshold Breaker: Can Counter-Based RowHammer Prevention Mechanisms Truly Safeguard DRAM? (31%)
Elijah: Eliminating Backdoors Injected in Diffusion Models via Distribution Shift. (31%)
Distributed Attacks over Federated Reinforcement Learning-enabled Cell Sleep Control. (22%)
"Do Users fall for Real Adversarial Phishing?" Investigating the Human response to Evasive Webpages. (15%)
How Many Unicorns Are in This Image? A Safety Evaluation Benchmark for Vision LLMs. (12%)
Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms. (1%)
2023-11-26
Adversarial Purification of Information Masking. (99%)
Having Second Thoughts? Let's hear it. (56%)
BadCLIP: Trigger-Aware Prompt Learning for Backdoor Attacks on CLIP. (13%)
Confidence Is All You Need for MI Attacks. (2%)
2023-11-25
Mixing Classifiers to Alleviate the Accuracy-Robustness Trade-Off. (68%)
Effective Backdoor Mitigation Depends on the Pre-training Objective. (15%)
Robust Graph Neural Networks via Unbiased Aggregation. (12%)
2023-11-24
Trainwreck: A damaging adversarial attack on image classifiers. (99%)
Segment (Almost) Nothing: Prompt-Agnostic Adversarial Attacks on Segmentation Models. (96%)
Universal Jailbreak Backdoors from Poisoned Human Feedback. (1%)
2023-11-23
When Side-Channel Attacks Break the Black-Box Property of Embedded Artificial Intelligence. (99%)
Adversarial defense based on distribution transfer. (99%)
Robust and Interpretable COVID-19 Diagnosis on Chest X-ray Images using Adversarial Training. (68%)
Presentation Attack Detection using Convolutional Neural Networks and Local Binary Patterns. (1%)
2023-11-22
A Survey of Adversarial CAPTCHAs on its History, Classification and Generation. (99%)
Transfer Attacks and Defenses for Large Language Models on Coding Tasks. (99%)
Panda or not Panda? Understanding Adversarial Attacks with Interactive Visualization. (98%)
Hard Label Black Box Node Injection Attack on Graph Neural Networks. (93%)
Security and Privacy Challenges in Deep Learning Models. (74%)
A Somewhat Robust Image Watermark against Diffusion-based Editing Models. (50%)
OASIS: Offsetting Active Reconstruction Attacks in Federated Learning. (15%)
Unified Classification and Rejection: A One-versus-All Framework. (1%)
2023-11-21
SD-NAE: Generating Natural Adversarial Examples with Stable Diffusion. (96%)
Stable Unlearnable Example: Enhancing the Robustness of Unlearnable Examples via Stable Error-Minimizing Noise. (96%)
Attention Deficit is Ordered! Fooling Deformable Vision Transformers with Collaborative Adversarial Patches. (75%)
Attacking Motion Planners Using Adversarial Perception Errors. (69%)
Toward Robust Imperceptible Perturbation against Unauthorized Text-to-image Diffusion-based Synthesis. (62%)
Iris Presentation Attack: Assessing the Impact of Combining Vanadium Dioxide Films with Artificial Eyes. (1%)
2023-11-20
ODDR: Outlier Detection & Dimension Reduction Based Defense Against Adversarial Patches. (99%)
DefensiveDR: Defending against Adversarial Patches using Dimensionality Reduction. (99%)
Generating Valid and Natural Adversarial Examples with Large Language Models. (99%)
AdvGen: Physical Adversarial Attack on Face Presentation Attack Detection Systems. (99%)
Beyond Boundaries: A Comprehensive Survey of Transferable Attacks on AI Systems. (70%)
Understanding Variation in Subpopulation Susceptibility to Poisoning Attacks. (15%)
Training robust and generalizable quantum models. (10%)
BrainWash: A Poisoning Attack to Forget in Continual Learning. (4%)
2023-11-19
Adversarial Prompt Tuning for Vision-Language Models. (98%)
Token-Level Adversarial Prompt Detection Based on Perplexity Measures and Contextual Information. (78%)
BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning. (69%)
EditShield: Protecting Unauthorized Image Editing by Instruction-guided Diffusion Models. (10%)
2023-11-18
Boost Adversarial Transferability by Uniform Scale and Mix Mask Method. (99%)
Improving Adversarial Transferability by Stable Diffusion. (99%)
Attention-Based Real-Time Defenses for Physical Adversarial Attacks in Vision Applications. (92%)
TextGuard: Provable Defense against Backdoor Attacks on Text Classification. (82%)
Robust Network Slicing: Multi-Agent Policies, Adversarial Attacks, and Defensive Strategies. (1%)
2023-11-17
Breaking Temporal Consistency: Generating Video Universal Adversarial Perturbations Using Image Models. (97%)
PACOL: Poisoning Attacks Against Continual Learners. (93%)
Two-Factor Authentication Approach Based on Behavior Patterns for Defeating Puppet Attacks. (1%)
An Information-theoretic Security Analysis of Honeyword. (1%)
2023-11-16
Breaking Boundaries: Balancing Performance and Robustness in Deep Wireless Traffic Forecasting. (99%)
Hijacking Large Language Models via Adversarial In-Context Learning. (92%)
Test-time Backdoor Mitigation for Black-Box Large Language Models with Defensive Demonstrations. (64%)
Cognitive Overload: Jailbreaking Large Language Models with Overloaded Logical Thinking. (54%)
RLHFPoison: Reward Poisoning Attack for Reinforcement Learning with Human Feedback in Large Language Models. (16%)
Towards Improving Robustness Against Common Corruptions using Mixture of Class Specific Experts. (2%)
Understanding the Effectiveness of Large Language Models in Detecting Security Vulnerabilities. (2%)
Bergeron: Combating Adversarial Attacks through a Conscience-Based Alignment Framework. (2%)
Identifying the Truth of Global Model: A Generic Solution to Defend Against Byzantine and Backdoor Attacks in Federated Learning (full version). (2%)
Towards more Practical Threat Models in Artificial Intelligence Security. (2%)
You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks. (1%)
2023-11-15
Jailbreaking GPT-4V via Self-Adversarial Attacks with System Prompts. (99%)
Backdoor Activation Attack: Attack Large Language Models using Activation Steering for Safety-Alignment. (74%)
Fast Certification of Vision-Language Models Using Incremental Randomized Smoothing. (64%)
Adversarially Robust Spiking Neural Networks Through Conversion. (61%)
How Trustworthy are Open-Source LLMs? An Assessment under Malicious Demonstrations Shows their Vulnerabilities. (16%)
Defending Large Language Models Against Jailbreaking Attacks Through Goal Prioritization. (16%)
Privacy Threats in Stable Diffusion Models. (13%)
MirrorNet: A TEE-Friendly Framework for Secure On-device DNN Inference. (2%)
JAB: Joint Adversarial Prompting and Belief Augmentation. (1%)
Beyond Detection: Unveiling Fairness Vulnerabilities in Abusive Language Models. (1%)
2023-11-14
Towards Improving Robustness Against Common Corruptions in Object Detectors Using Adversarial Contrastive Learning. (99%)
Physical Adversarial Examples for Multi-Camera Systems. (99%)
DALA: A Distribution-Aware LoRA-Based Adversarial Attack against Language Models. (99%)
On The Relationship Between Universal Adversarial Attacks And Sparse Representations. (98%)
A Wolf in Sheep's Clothing: Generalized Nested Jailbreak Prompts can Fool Large Language Models Easily. (62%)
Evaluating Concurrent Robustness of Language Models Across Diverse Challenge Sets. (26%)
The Perception-Robustness Tradeoff in Deterministic Image Restoration. (1%)
2023-11-13
Adversarial Purification for Data-Driven Power System Event Classifiers with Diffusion Models. (99%)
Parrot-Trained Adversarial Examples: Pushing the Practicality of Black-Box Audio Attacks against Speaker Recognition Models. (99%)
An Extensive Study on Adversarial Attack against Pre-trained Models of Code. (99%)
Multi-agent Attacks for Black-box Social Recommendations. (96%)
On the Robustness of Neural Collapse and the Neural Collapse of Robustness. (87%)
Tabdoor: Backdoor Vulnerabilities in Transformer-based Neural Networks for Tabular Data. (70%)
2023-11-12
Learning Globally Optimized Language Structure via Adversarial Training. (83%)
Resilient Graph Neural Networks: A Coupled Dynamical Systems Approach. (70%)
Analytical Verification of Deep Neural Network Performance for Time-Synchronized Distribution System State Estimation. (5%)
DialMAT: Dialogue-Enabled Transformer with Moment-Based Adversarial Training. (1%)
2023-11-11
Robust Text Classification: Analyzing Prototype-Based Networks. (97%)
2023-11-10
Robust Adversarial Attacks Detection for Deep Learning based Relative Pose Estimation for Space Rendezvous. (99%)
Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive Patches. (99%)
Transferability Bound Theory: Exploring Relationship between Adversarial Transferability and Flatness. (99%)
Resilient and constrained consensus against adversarial attacks: A distributed MPC framework. (84%)
CALLOC: Curriculum Adversarial Learning for Secure and Robust Indoor Localization. (1%)
Practical Membership Inference Attacks against Fine-tuned Large Language Models via Self-prompt Calibration. (1%)
2023-11-09
ABIGX: A Unified Framework for eXplainable Fault Detection and Classification. (68%)
Honest Score Client Selection Scheme: Preventing Federated Learning Label Flipping Attacks in Non-IID Scenarios. (50%)
Scale-MIA: A Scalable Model Inversion Attack against Secure Federated Learning via Latent Space Reconstruction. (15%)
FigStep: Jailbreaking Large Vision-language Models via Typographic Visual Prompts. (2%)
FireMatch: A Semi-Supervised Video Fire Detection Network Based on Consistency and Distribution Alignment. (1%)
2023-11-08
Constrained Adaptive Attacks: Realistic Evaluation of Adversarial Examples and Robust Training of Deep Neural Networks for Tabular Data. (99%)
Army of Thieves: Enhancing Black-Box Model Extraction via Ensemble based sample selection. (70%)
Frontier Language Models are not Robust to Adversarial Arithmetic, or "What do I need to say so you agree 2+2=5? (61%)
SCAAT: Improving Neural Network Interpretability via Saliency Constrained Adaptive Adversarial Training. (10%)
Familiarity-Based Open-Set Recognition Under Adversarial Attacks. (9%)
Domain Adaptive Object Detection via Balancing Between Self-Training and Adversarial Learning. (1%)
Counter-Empirical Attacking based on Adversarial Reinforcement Learning for Time-Relevant Scoring System. (1%)
2023-11-07
Unveiling Safety Vulnerabilities of Large Language Models. (61%)
When Fairness Meets Privacy: Exploring Privacy Threats in Fair Binary Classifiers through Membership Inference Attacks. (10%)
Identifying and Mitigating Vulnerabilities in LLM-Integrated Applications. (2%)
SoK: Security Below the OS -- A Security Analysis of UEFI. (1%)
Do LLMs exhibit human-like response biases? A case study in survey design. (1%)
2023-11-06
Measuring Adversarial Datasets. (92%)
Can LLMs Follow Simple Rules? (68%)
Preserving Privacy in GANs Against Membership Inference Attack. (33%)
Cal-DETR: Calibrated Detection Transformer. (4%)
Understanding Deep Representation Learning via Layerwise Feature Compression and Discrimination. (1%)
2023-11-05
Certified Defense on the Fairness of Graph Neural Networks. (10%)
2023-11-04
From Trojan Horses to Castle Walls: Unveiling Bilateral Data Poisoning Effects in Diffusion Models. (74%)
2023-11-03
Efficient Black-Box Adversarial Attacks on Neural Text Detectors. (22%)
The Alignment Problem in Context. (2%)
2023-11-02
Adversary ML Resilience in Autonomous Driving Through Human Centered Perception Mechanisms. (99%)
Towards Evaluating Transfer-based Attacks Systematically, Practically, and Fairly. (99%)
Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game. (93%)
On the Lipschitz constant of random neural networks. (92%)
Universal Perturbation-based Secret Key-Controlled Data Hiding. (80%)
Distilling Out-of-Distribution Robustness from Vision-Language Foundation Models. (76%)
Assist Is Just as Important as the Goal: Image Resurfacing to Aid Model's Robust Prediction. (13%)
Robust Adversarial Reinforcement Learning via Bounded Rationality Curricula. (12%)
Sequential Subset Matching for Dataset Distillation. (1%)
E(2) Equivariant Neural Networks for Robust Galaxy Morphology Classification. (1%)
Robust Identity Perceptual Watermark Against Deepfake Face Swapping. (1%)
2023-11-01
NEO-KD: Knowledge-Distillation-Based Adversarial Training for Robust Multi-Exit Neural Networks. (99%)
Adversarial Examples in the Physical World: A Survey. (98%)
Optimal Cost Constrained Adversarial Attacks For Multiple Agent Systems. (80%)
Improving Robustness for Vision Transformer with a Simple Dynamic Scanning Augmentation. (76%)
MIST: Defending Against Membership Inference Attacks Through Membership-Invariant Subspace Training. (75%)
Robustness Tests for Automatic Machine Translation Metrics with Adversarial Attacks. (1%)
Open-Set Face Recognition with Maximal Entropy and Objectosphere Loss. (1%)
2023-10-31
Amoeba: Circumventing ML-supported Network Censorship via Adversarial Reinforcement Learning. (99%)
Robust Safety Classifier for Large Language Models: Adversarial Prompt Shield. (99%)
LFAA: Crafting Transferable Targeted Adversarial Examples with Low-Frequency Perturbations. (99%)
Magmaw: Modality-Agnostic Adversarial Attacks on Machine Learning-Based Wireless Communication Systems. (98%)
Is Robustness Transferable across Languages in Multilingual Neural Machine Translation? (26%)
Dynamic Batch Norm Statistics Update for Natural Robustness. (22%)
In Search of Lost Online Test-time Adaptation: A Survey. (1%)
2023-10-30
Label-Only Model Inversion Attacks via Knowledge Transfer. (83%)
Exploring Geometry of Blind Spots in Vision Models. (83%)
Adversarial Attacks and Defenses in Large Language Models: Old and New Threats. (74%)
Generated Distributions Are All You Need for Membership Inference Attacks Against Generative Models. (61%)
Causal Fair Metric: Bridging Causality, Individual Fairness, and Adversarial Robustness. (33%)
Differentially Private Reward Estimation with Preference Feedback. (16%)
Asymmetric Diffusion Based Channel-Adaptive Secure Wireless Semantic Communications. (10%)
Privacy-Preserving Federated Learning over Vertically and Horizontally Partitioned Data for Financial Anomaly Detection. (1%)
2023-10-29
Blacksmith: Fast Adversarial Training of Vision Transformers via a Mixture of Single-step and Multi-step Methods. (99%)
Boosting Decision-Based Black-Box Adversarial Attack with Gradient Priors. (98%)
BERT Lost Patience Won't Be Robust to Adversarial Slowdown. (98%)
Adversarial Examples Are Not Real Features. (98%)
IMPRESS: Evaluating the Resilience of Imperceptible Perturbations Against Unauthorized Data Usage in Diffusion-Based Generative AI. (82%)
Poisoning Retrieval Corpora by Injecting Adversarial Passages. (68%)
Label Poisoning is All You Need. (54%)
Robustifying Language Models with Test-Time Adaptation. (47%)
Path Analysis for Effective Fault Localization in Deep Neural Networks. (13%)
From Chatbots to PhishBots? -- Preventing Phishing scams created using ChatGPT, Google Bard and Claude. (1%)
2023-10-28
Assessing and Improving Syntactic Adversarial Robustness of Pre-trained Models for Code Translation. (92%)
Benchmark Generation Framework with Customizable Distortions for Image Classifier Robustness. (86%)
Purify++: Improving Diffusion-Purification with Advanced Diffusion Models and Control of Randomness. (61%)
Large Language Models Are Better Adversaries: Exploring Generative Clean-Label Backdoor Attacks Against Text Classifiers. (47%)
Where have you been? A Study of Privacy Risk for Point-of-Interest Recommendation. (10%)
2023-10-27
DiffAttack: Evasion Attacks Against Diffusion-Based Adversarial Purification. (99%)
Understanding and Improving Ensemble Adversarial Defense. (99%)
LipSim: A Provably Robust Perceptual Similarity Metric. (45%)
Elevating Code-mixed Text Handling through Auditory Information of Words. (5%)
Understanding Parameter Saliency via Extreme Value Theory. (1%)
2023-10-26
Unscrambling the Rectification of Adversarial Attacks Transferability across Computer Networks. (99%)
A Survey on Transferability of Adversarial Examples across Deep Neural Networks. (99%)
Defending Against Transfer Attacks From Public Models. (99%)
Uncertainty-weighted Loss Functions for Improved Adversarial Attacks on Semantic Segmentation. (93%)
Detection Defenses: An Empty Promise against Adversarial Patch Attacks on Optical Flow. (93%)
CBD: A Certified Backdoor Detector Based on Local Dominant Probability. (76%)
SoK: Pitfalls in Evaluating Black-Box Attacks. (76%)
Instability of computer vision models is a necessary result of the task itself. (26%)
PAC-tuning:Fine-tuning Pretrained Language Models with PAC-driven Perturbed Gradient Descent. (1%)
A minimax optimal control approach for robust neural ODEs. (1%)
2023-10-25
Break it, Imitate it, Fix it: Robustness by Generating Human-Like Attacks. (93%)
Trust, but Verify: Robust Image Segmentation using Deep Learning. (54%)
Dual Defense: Adversarial, Traceable, and Invisible Robust Watermarking against Face Swapping. (26%)
On the Proactive Generation of Unsafe Images From Text-To-Image Models Using Benign Prompts. (22%)
Wide Flat Minimum Watermarking for Robust Ownership Verification of GANs. (12%)
Multi-scale Diffusion Denoised Smoothing. (1%)
SparseDFF: Sparse-View Feature Distillation for One-Shot Dexterous Manipulation. (1%)
2023-10-24
Adversarial sample generation and training using geometric masks for accurate and resilient license plate character recognition. (99%)
RAEDiff: Denoising Diffusion Probabilistic Models Based Reversible Adversarial Examples Self-Generation and Self-Recovery. (92%)
Defense Against Model Extraction Attacks on Recommender Systems. (92%)
Segue: Side-information Guided Generative Unlearnable Examples for Facial Privacy Protection in Real World. (89%)
Hierarchical Randomized Smoothing. (75%)
Improving Robustness and Reliability in Medical Image Classification with Latent-Guided Diffusion and Nested-Ensembles. (74%)
Momentum Gradient-based Untargeted Attack on Hypergraph Neural Networks. (73%)
Corrupting Neuron Explanations of Deep Visual Features. (41%)
Guiding LLM to Fool Itself: Automatically Manipulating Machine Reading Comprehension Shortcut Triggers. (10%)
A Survey on Detection of LLMs-Generated Content. (1%)
White-box Compiler Fuzzing Empowered by Large Language Models. (1%)
Enhancing Large Language Models for Secure Code Generation: A Dataset-driven Study on Vulnerability Mitigation. (1%)
2023-10-23
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval. (99%)
F$^2$AT: Feature-Focusing Adversarial Training via Disentanglement of Natural and Perturbed Patterns. (99%)
AutoDAN: Automatic and Interpretable Adversarial Attacks on Large Language Models. (98%)
Fast Propagation is Better: Accelerating Single-Step Adversarial Training via Sampling Subnetworks. (98%)
On the Detection of Image-Scaling Attacks in Machine Learning. (15%)
Unleashing the potential of prompt engineering: a comprehensive review. (1%)
RoboDepth: Robust Out-of-Distribution Depth Estimation under Corruptions. (1%)
Calibration of Time-Series Forecasting: Detecting and Adapting Context-Driven Distribution Shift. (1%)
The Janus Interface: How Fine-Tuning in Large Language Models Amplifies the Privacy Risks. (1%)
2023-10-22
Diffusion-Based Adversarial Purification for Speaker Verification. (99%)
CT-GAT: Cross-Task Generative Adversarial Attack based on Transferability. (99%)
Imperceptible CMOS camera dazzle for adversarial attacks on deep neural networks. (92%)
ADoPT: LiDAR Spoofing Attack Detection Based on Point-Level Temporal Consistency. (26%)
Attention-Enhancing Backdoor Attacks Against BERT-based Models. (13%)
MoPe: Model Perturbation-based Privacy Attacks on Language Models. (9%)
Reputation-Based Federated Learning Defense to Mitigate Threats in EEG Signal Classification. (1%)
2023-10-21
Adversarial Image Generation by Spatial Transformation in Perceptual Colorspaces. (99%)
Training Image Derivatives: Increased Accuracy and Universal Robustness. (5%)
2023-10-20
Beyond Hard Samples: Robust and Effective Grammatical Error Correction with Cycle Self-Augmenting. (99%)
An LLM can Fool Itself: A Prompt-Based Adversarial Attack. (99%)
Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models. (61%)
The Hidden Adversarial Vulnerabilities of Medical Federated Learning. (45%)
Adversarial Attacks on Fairness of Graph Neural Networks. (26%)
FLTracer: Accurate Poisoning Attack Provenance in Federated Learning. (26%)
Can We Trust the Similarity Measurement in Federated Learning? (15%)
Data-Free Knowledge Distillation Using Adversarially Perturbed OpenGL Shader Images. (4%)
VOICE-ZEUS: Impersonating Zoom's E2EE-Protected Static Media and Textual Communications via Simple Voice Manipulations. (4%)
2023-10-19
Automatic Hallucination Assessment for Aligned Large Language Models via Transferable Adversarial Attacks. (98%)
Generating Robust Adversarial Examples against Online Social Networks (OSNs). (98%)
Recoverable Privacy-Preserving Image Classification through Noise-like Adversarial Examples. (98%)
Learn from the Past: A Proxy based Adversarial Defense Framework to Boost Robustness. (98%)
OODRobustBench: benchmarking and analyzing adversarial robustness under distribution shift. (97%)
PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses. (97%)
Prompt Injection Attacks and Defenses in LLM-Integrated Applications. (47%)
Attack Prompt Generation for Red Teaming and Defending Large Language Models. (15%)
SecurityNet: Assessing Machine Learning Vulnerabilities on Public Models. (5%)
To grok or not to grok: Disentangling generalization and memorization on corrupted algorithmic datasets. (1%)
Detecting Shared Data Manipulation in Distributed Optimization Algorithms. (1%)
Towards Robust Pruning: An Adaptive Knowledge-Retention Pruning Strategy for Language Models. (1%)
2023-10-18
Exploring Decision-based Black-box Attacks on Face Forgery Detection. (99%)
Segment Anything Meets Universal Adversarial Perturbation. (99%)
IRAD: Implicit Representation-driven Image Resampling against Adversarial Attacks. (99%)
Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights. (99%)
Tailoring Adversarial Attacks on Deep Neural Networks for Targeted Class Manipulation Using DeepFool Algorithm. (99%)
Malicious Agent Detection for Robust Multi-Agent Collaborative Perception. (87%)
Black-Box Training Data Identification in GANs via Detector Networks. (82%)
Adversarial Training for Physics-Informed Neural Networks. (81%)
REVAMP: Automated Simulations of Adversarial Attacks on Arbitrary Objects in Realistic Scenes. (80%)
Quantifying Privacy Risks of Prompts in Visual Prompt Learning. (76%)
To Generate or Not? Safety-Driven Unlearned Diffusion Models Are Still Easy To Generate Unsafe Images ... For Now. (47%)
CAT: Closed-loop Adversarial Training for Safe End-to-End Driving. (2%)
PrivInfer: Privacy-Preserving Inference for Black-box Large Language Model. (1%)
2023-10-17
The Efficacy of Transformer-based Adversarial Attacks in Security Domains. (99%)
Adversarial Robustness Unhardening via Backdoor Attacks in Federated Learning. (99%)
WaveAttack: Asymmetric Frequency Obfuscation-based Backdoor Attacks Against Deep Neural Networks. (15%)
Generalizability of CNN Architectures for Face Morph Presentation Attack. (1%)
2023-10-16
Survey of Vulnerabilities in Large Language Models Revealed by Adversarial Attacks. (98%)
Regularization properties of adversarially-trained linear regression. (92%)
Fast Adversarial Label-Flipping Attack on Tabular Data. (84%)
A Non-monotonic Smooth Activation Function. (83%)
Quantifying Assistive Robustness Via the Natural-Adversarial Frontier. (68%)
A Comprehensive Study of Privacy Risks in Curriculum Learning. (67%)
DANAA: Towards transferable attacks with double adversarial neuron attribution. (26%)
Demystifying Poisoning Backdoor Attacks from a Statistical Perspective. (9%)
Prompt Packer: Deceiving LLMs through Compositional Instruction with Hidden Attacks. (4%)
Robust Multi-Agent Reinforcement Learning via Adversarial Regularization: Theoretical Foundation and Stable Algorithms. (3%)
Passive Inference Attacks on Split Learning via Adversarial Regularization. (3%)
On the Transferability of Learning Models for Semantic Segmentation for Remote Sensing Data. (2%)
Orthogonal Uncertainty Representation of Data Manifold for Robust Long-Tailed Learning. (1%)
Will the Prince Get True Love's Kiss? On the Model Sensitivity to Gender Perturbation over Fairytale Texts. (1%)
2023-10-15
Towards Deep Learning Models Resistant to Transfer-based Adversarial Attacks via Data-centric Robust Learning. (99%)
SCME: A Self-Contrastive Method for Data-free and Query-Limited Model Extraction Attack. (99%)
AFLOW: Developing Adversarial Examples under Extremely Noise-limited Settings. (99%)
Black-box Targeted Adversarial Attack on Segment Anything (SAM). (99%)
Evading Detection Actively: Toward Anti-Forensics against Forgery Localization. (97%)
Explore the Effect of Data Selection on Poison Efficiency in Backdoor Attacks. (61%)
Ring-A-Bell! How Reliable are Concept Removal Methods for Diffusion Models? (9%)
VFLAIR: A Research Library and Benchmark for Vertical Federated Learning. (3%)
2023-10-14
BufferSearch: Generating Black-Box Adversarial Texts With Lower Queries. (98%)
2023-10-13
Is Certifying $\ell_p$ Robustness Still Worthwhile? (99%)
User Inference Attacks on Large Language Models. (41%)
On the Over-Memorization During Natural, Robust and Catastrophic Overfitting. (1%)
2023-10-12
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks. (99%)
Concealed Electronic Countermeasures of Radar Signal with Adversarial Examples. (93%)
Provably Cost-Sensitive Adversarial Defense via Randomized Smoothing. (93%)
Attacks Meet Interpretability (AmI) Evaluation and Findings. (92%)
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization. (68%)
Fed-Safe: Securing Federated Learning in Healthcare Against Adversarial Attacks. (64%)
Bucks for Buckets (B4B): Active Defenses Against Stealing Encoders. (31%)
Sentinel: An Aggregation Function to Secure Decentralized Federated Learning. (13%)
Defending Our Privacy With Backdoors. (10%)
Investigating the Robustness and Properties of Detection Transformers (DETR) Toward Difficult Images. (9%)
Polynomial Time Cryptanalytic Extraction of Neural Network Models. (3%)
Latent Point Collapse on a Low Dimensional Embedding in Deep Neural Network Classifiers. (1%)
SEE-OoD: Supervised Exploration For Enhanced Out-of-Distribution Detection. (1%)
XAI Benchmark for Visual Explanation. (1%)
Jailbreaking Black Box Large Language Models in Twenty Queries. (1%)
Voyager: MTD-Based Aggregation Protocol for Mitigating Poisoning Attacks on DFL. (1%)
2023-10-11
Boosting Black-box Attack to Deep Neural Networks with Conditional Diffusion Models. (99%)
Promoting Robustness of Randomized Smoothing: Two Cost-Effective Approaches. (89%)
An Adversarial Example for Direct Logit Attribution: Memory Management in GELU-4L. (13%)
Prompt Backdoors in Visual Prompt Learning. (11%)
Why Train More? Effective and Efficient Membership Inference via Memorization. (10%)
Towards Causal Deep Learning for Vulnerability Detection. (4%)
Deep Reinforcement Learning for Autonomous Cyber Defence: A Survey. (4%)
2023-10-10
A Geometrical Approach to Evaluate the Adversarial Robustness of Deep Neural Networks. (99%)
My Brother Helps Me: Node Injection Based Adversarial Attack on Social Bot Detection. (98%)
Adversarial Robustness in Graph Neural Networks: A Hamiltonian Approach. (83%)
Adversarial optimization leads to over-optimistic security-constrained dispatch, but sampling can help. (76%)
No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML. (62%)
Comparing the Robustness of Modern No-Reference Image- and Video-Quality Metrics to Adversarial Attacks. (47%)
GraphCloak: Safeguarding Task-specific Knowledge within Graph-structured Data from Unauthorized Exploitation. (22%)
Latent Diffusion Counterfactual Explanations. (5%)
FTFT: efficient and robust Fine-Tuning by transFerring Training dynamics. (2%)
Investigating the Adversarial Robustness of Density Estimation Using the Probability Flow ODE. (2%)
Jailbreak and Guard Aligned Language Models with Only Few In-Context Demonstrations. (1%)
2023-10-09
PAC-Bayesian Spectrally-Normalized Bounds for Adversarially Robust Generalization. (92%)
Domain Watermark: Effective and Harmless Dataset Copyright Protection is Closed at Hand. (22%)
Theoretical Analysis of Robust Overfitting for Wide DNNs: An NTK Approach. (5%)
Exploring adversarial attacks in federated learning for medical imaging. (2%)
2023-10-08
GReAT: A Graph Regularized Adversarial Training Method. (99%)
An Initial Investigation of Neural Replay Simulator for Over-the-Air Adversarial Perturbations to Automatic Speaker Verification. (99%)
AdvSV: An Over-the-Air Adversarial Attack Dataset for Speaker Verification. (96%)
Transferable Availability Poisoning Attacks. (83%)
BRAINTEASER: Lateral Thinking Puzzles for Large Language Models. (26%)
Stealthy Backdoor Attack via Confidence-driven Sampling. (10%)
Adversarial Attacks on Combinatorial Multi-Armed Bandits. (5%)
2023-10-07
Improving Adversarial Attacks on Latent Diffusion Model. (99%)
IPMix: Label-Preserving Data Augmentation Method for Training Robust Classifiers. (76%)
Test-Time Adaptation Induces Stronger Accuracy and Agreement-on-the-Line. (1%)
2023-10-06
Assessing Robustness via Score-Based Adversarial Image Generation. (99%)
VLATTACK: Multimodal Adversarial Attacks on Vision-Language Tasks via Pre-trained Models. (98%)
Generating Less Certain Adversarial Examples Improves Robust Generalization. (98%)
Kick Bad Guys Out! Conditionally Activated Anomaly Detection in Federated Learning with Zero-Knowledge Proof Verification. (84%)
2023-10-05
OMG-ATTACK: Self-Supervised On-Manifold Generation of Transferable Evasion Attacks. (99%)
Untargeted White-box Adversarial Attack with Heuristic Defence Methods in Real-time Deep Learning based Network Intrusion Detection System. (99%)
Enhancing Robust Representation in Adversarial Training: Alignment and Exclusion Criteria. (99%)
An Integrated Algorithm for Robust and Imperceptible Audio Adversarial Examples. (98%)
Adversarial Machine Learning for Social Good: Reframing the Adversary as an Ally. (98%)
SmoothLLM: Defending Large Language Models Against Jailbreaking Attacks. (92%)
Better Safe than Sorry: Pre-training CLIP against Targeted Data Poisoning and Backdoor Attacks. (64%)
Targeted Adversarial Attacks on Generalizable Neural Radiance Fields. (56%)
Certification of Deep Learning Models for Medical Image Segmentation. (15%)
Certifiably Robust Graph Contrastive Learning. (5%)
Towards Robust and Generalizable Training: An Empirical Study of Noisy Slot Filling for Input Perturbations. (2%)
2023-10-04
Optimizing Key-Selection for Face-based One-Time Biometrics via Morphing. (98%)
Misusing Tools in Large Language Models With Visual Adversarial Examples. (97%)
Burning the Adversarial Bridges: Robust Windows Malware Detection Against Binary-level Mutations. (82%)
Raze to the Ground: Query-Efficient Adversarial HTML Attacks on Machine-Learning Phishing Webpage Detectors. (81%)
Shielding the Unseen: Privacy Protection through Poisoning NeRF with Spatial Deformation. (10%)
2023-10-03
Splitting the Difference on Adversarial Training. (99%)
DeepZero: Scaling up Zeroth-Order Optimization for Deep Model Training. (97%)
SlowFormer: Universal Adversarial Patch for Attack on Compute and Energy Efficiency of Inference Efficient Vision Transformers. (86%)
Towards Stable Backdoor Purification through Feature Shift Tuning. (83%)
Jailbreaker in Jail: Moving Target Defense for Large Language Models. (73%)
AutoDAN: Generating Stealthy Jailbreak Prompts on Aligned Large Language Models. (56%)
Beyond Labeling Oracles: What does it mean to steal ML models? (47%)
A Recipe for Improved Certifiable Robustness. (22%)
Exploring Model Learning Heterogeneity for Boosting Ensemble Robustness. (13%)
FLEDGE: Ledger-based Federated Learning Resilient to Inference and Backdoor Attacks. (11%)
AutoLoRa: A Parameter-Free Automated Robust Fine-Tuning Framework. (3%)
2023-10-02
Fooling the Textual Fooler via Randomizing Latent Representations. (99%)
LLM Lies: Hallucinations are not Bugs, but Features as Adversarial Examples. (93%)
Adversarial Client Detection via Non-parametric Subspace Monitoring in the Internet of Federated Things. (92%)
LoFT: Local Proxy Fine-tuning For Improving Transferability Of Adversarial Attacks Against Large Language Model. (87%)
Gotcha! This Model Uses My Code! Evaluating Membership Leakage Risks in Code Models. (13%)
Toward effective protection against diffusion based mimicry through score distillation. (3%)
Fool Your (Vision and) Language Model With Embarrassingly Simple Permutations. (1%)
2023-10-01
A Survey of Robustness and Safety of 2D and 3D Deep Learning Models Against Adversarial Attacks. (99%)
Counterfactual Image Generation for adversarially robust and interpretable Classifiers. (96%)
Understanding Adversarial Transferability in Federated Learning. (93%)
On the Onset of Robust Overfitting in Adversarial Training. (87%)
GhostEncoder: Stealthy Backdoor Attacks with Dynamic Triggers to Pre-trained Encoders in Self-supervised Learning. (61%)
Fewer is More: Trojan Attacks on Parameter-Efficient Fine-Tuning. (9%)
Can Pre-trained Networks Detect Familiar Out-of-Distribution Data? (1%)
How well does LLM generate security tests? (1%)
2023-09-30
Understanding the Robustness of Randomized Feature Defense Against Query-Based Adversarial Attacks. (99%)
Human-Producible Adversarial Examples. (98%)
Black-box Attacks on Image Activity Prediction and its Natural Language Explanations. (98%)
Horizontal Class Backdoor to Deep Learning. (84%)
Refutation of Shapley Values for XAI -- Additional Evidence. (8%)
2023-09-29
Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks. (99%)
Efficient Biologically Plausible Adversarial Training. (98%)
Can Sensitive Information Be Deleted From LLMs? Objectives for Defending Against Extraction Attacks. (96%)
On Continuity of Robust and Accurate Classifiers. (93%)
Adversarial Machine Learning in Latent Representations of Neural Networks. (93%)
Certified Robustness via Dynamic Margin Maximization and Improved Lipschitz Regularization. (92%)
Toward Robust Recommendation via Real-time Vicinal Defense. (82%)
Adversarial Explainability: Utilizing Explainable Machine Learning in Bypassing IoT Botnet Detection Systems. (31%)
Practical Membership Inference Attacks Against Large-Scale Multi-Modal Models: A Pilot Study. (13%)
Distributed Resilient Control of DC Microgrids Under Generally Unbounded FDI Attacks. (1%)
Source Inference Attacks: Beyond Membership Inference Attacks in Federated Learning. (1%)
2023-09-28
Investigating Human-Identifiable Features Hidden in Adversarial Perturbations. (98%)
Parameter-Saving Adversarial Training: Reinforcing Multi-Perturbation Robustness via Hypernetworks. (98%)
Towards Poisoning Fair Representations. (70%)
On the Trade-offs between Adversarial Robustness and Actionable Explanations. (68%)
The Lipschitz-Variance-Margin Tradeoff for Enhanced Randomized Smoothing. (56%)
Post-Training Overfitting Mitigation in DNN Classifiers. (41%)
Leveraging Optimization for Adaptive Attacks on Image Watermarks. (13%)
Random and Safe Cache Architecture to Defeat Cache Timing Attacks. (9%)
Robust Offline Reinforcement Learning -- Certify the Confidence Interval. (4%)
A Primer on Bayesian Neural Networks: Review and Debates. (2%)
2023-09-27
On the Computational Entanglement of Distant Features in Adversarial Machine Learning. (99%)
Adversarial Examples Might be Avoidable: The Role of Data Concentration in Adversarial Robustness. (95%)
Defending Against Physical Adversarial Patch Attacks on Infrared Human Detection. (95%)
Automatic Feature Fairness in Recommendation via Adversaries. (33%)
Warfare:Breaking the Watermark Protection of AI-Generated Content. (12%)
Generating Transferable Adversarial Simulation Scenarios for Self-Driving via Neural Rendering. (11%)
Breaking On-Chip Communication Anonymity using Flow Correlation Attacks. (4%)
Genetic Algorithm-Based Dynamic Backdoor Attack on Federated Learning-Based Network Traffic Classification. (1%)
2023-09-26
Structure Invariant Transformation for better Adversarial Transferability. (99%)
Privacy-preserving and Privacy-attacking Approaches for Speech and Audio -- A Survey. (16%)
Neural Stochastic Differential Equations for Robust and Explainable Analysis of Electromagnetic Unintended Radiated Emissions. (2%)
Collaborative Watermarking for Adversarial Speech Synthesis. (1%)
2023-09-25
DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space. (99%)
Gray-box Adversarial Attack of Deep Reinforcement Learning-based Trading Agents. (98%)
SurrogatePrompt: Bypassing the Safety Filter of Text-To-Image Models via Substitution. (1%)
2023-09-24
Adversarial Attacks on Video Object Segmentation with Hard Region Discovery. (99%)
Vulnerabilities in Video Quality Assessment Models: The Challenge of Adversarial Attacks. (98%)
On the Effectiveness of Adversarial Samples against Ensemble Learning-based Windows PE Malware Detectors. (86%)
Benchmarking Local Robustness of High-Accuracy Binary Neural Networks for Enhanced Traffic Sign Recognition. (80%)
Projected Randomized Smoothing for Certified Adversarial Robustness. (76%)
Combining Two Adversarial Attacks Against Person Re-Identification Systems. (73%)
Seeing Is Not Always Believing: Invisible Collision Attack and Defence on Pre-Trained Models. (2%)
2023-09-23
Defending Pre-trained Language Models as Few-shot Learners against Backdoor Attacks. (61%)
Moving Target Defense based Secured Network Slicing System in the O-RAN Architecture. (1%)
Detecting and Mitigating System-Level Anomalies of Vision-Based Controllers. (1%)
2023-09-22
RBFormer: Improve Adversarial Robustness of Transformer by Robust Bias. (99%)
Spatial-frequency channels, shape bias, and adversarial robustness. (69%)
VIC-KD: Variance-Invariance-Covariance Knowledge Distillation to Make Keyword Spotting More Robust Against Adversarial Attacks. (69%)
Understanding Deep Gradient Leakage via Inversion Influence Functions. (15%)
Pixel-wise Smoothing for Certified Robustness against Camera Motion Perturbations. (10%)
Privacy Assessment on Reconstructed Images: Are Existing Evaluation Metrics Faithful to Human Perception? (5%)
Expressive variational quantum circuits provide inherent privacy in federated learning. (1%)
On Data Fabrication in Collaborative Vehicular Perception: Attacks and Countermeasures. (1%)
2023-09-21
Improving Machine Learning Robustness via Adversarial Training. (99%)
Goal-Oriented Prompt Attack and Safety Evaluation for LLMs. (69%)
HANS, are you clever? Clever Hans Effect Analysis of Neural Systems. (45%)
On the Relationship between Skill Neurons and Robustness in Prompt Tuning. (12%)
DeepTheft: Stealing DNN Model Architectures through Power Side Channel. (1%)
2023-09-20
How Robust is Google's Bard to Adversarial Image Attacks? (99%)
PRAT: PRofiling Adversarial aTtacks. (99%)
When to Trust AI: Advances and Challenges for Certification of Neural Networks. (64%)
AudioFool: Fast, Universal and synchronization-free Cross-Domain Attack on Speech Recognition. (54%)
Understanding Pose and Appearance Disentanglement in 3D Human Pose Estimation. (54%)
Fed-LSAE: Thwarting Poisoning Attacks against Federated Cyber Threat Detection System via Autoencoder-based Latent Space Inspection. (5%)
Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization. (2%)
Generalized Face Forgery Detection via Adaptive Learning for Pre-trained Vision Transformer. (1%)
2023-09-19
Language Guided Adversarial Purification. (99%)
What Learned Representations and Influence Functions Can Tell Us About Adversarial Examples. (99%)
Adversarial Attacks Against Uncertainty Quantification. (99%)
Model Leeching: An Extraction Attack Targeting LLMs. (76%)
Information Leakage from Data Updates in Machine Learning Models. (16%)
Robin: A Novel Method to Produce Robust Interpreters for Deep Learning-Based Code Classifiers. (16%)
SPFL: A Self-purified Federated Learning Method Against Poisoning Attacks. (12%)
It's Simplex! Disaggregating Measures to Improve Certified Robustness. (11%)
Nebula: Self-Attention for Dynamic Malware Analysis. (5%)
Extreme Image Transformations Facilitate Robust Latent Object Representations. (1%)
2023-09-18
Stealthy Physical Masked Face Recognition Attack via Adversarial Style Optimization. (99%)
Transferable Adversarial Attack on Image Tampering Localization. (99%)
Efficient Low-Rank GNN Defense Against Structural Attacks. (96%)
Evaluating Adversarial Robustness with Expected Viable Performance. (45%)
Dual Student Networks for Data-Free Model Stealing. (26%)
Securing Fixed Neural Network Steganography. (5%)
GPTFUZZER: Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts. (4%)
Spoofing attack augmentation: can differently-trained attack models improve generalisation? (3%)
Frame-to-Utterance Convergence: A Spectra-Temporal Approach for Unified Spoofing Detection. (1%)
2023-09-17
Reducing Adversarial Training Cost with Gradient Approximation. (99%)
Defending Against Alignment-Breaking Attacks via Robustly Aligned LLM. (61%)
2023-09-16
Context-aware Adversarial Attack on Named Entity Recognition. (99%)
Inverse classification with logistic and softmax classifiers: efficient optimization. (56%)
Robust Backdoor Attacks on Object Detection in Real World. (11%)
Conditional Mutual Information Constrained Deep Learning for Classification. (5%)
2023-09-15
Adversarial Attacks on Tables with Entity Swap. (92%)
HINT: Healthy Influential-Noise based Training to Defend against Data Poisoning Attacks. (87%)
Distributionally Robust Post-hoc Classifiers under Prior Shifts. (1%)
A Duty to Forget, a Right to be Assured? Exposing Vulnerabilities in Machine Unlearning Services. (1%)
2023-09-14
Unleashing the Adversarial Facet of Software Debloating. (98%)
SLMIA-SR: Speaker-Level Membership Inference Attacks against Speaker Recognition Systems. (76%)
What Matters to Enhance Traffic Rule Compliance of Imitation Learning for Automated Driving. (50%)
BAGEL: Backdoor Attacks against Federated Contrastive Learning. (16%)
Physical Invisible Backdoor Based on Camera Imaging. (2%)
M3Dsynth: A dataset of medical 3D images with AI-generated local manipulations. (1%)
2023-09-13
Semantic Adversarial Attacks via Diffusion Models. (99%)
Hardening RGB-D Object Recognition Systems against Adversarial Patch Attacks. (99%)
Mitigating Adversarial Attacks in Federated Learning with Trusted Execution Environments. (99%)
PhantomSound: Black-Box, Query-Efficient Audio Adversarial Attack via Split-Second Phoneme Injection. (99%)
APICom: Automatic API Completion via Prompt Learning and Adversarial Training-based Data Augmentation. (92%)
RAIN: Your Language Models Can Align Themselves without Finetuning. (83%)
Differentiable JPEG: The Devil is in the Details. (70%)
Deep Nonparametric Convexified Filtering for Computational Photography, Image Synthesis and Adversarial Defense. (41%)
MASTERKEY: Practical Backdoor Attack Against Speaker Verification Systems. (38%)
Client-side Gradient Inversion Against Federated Learning from Poisoning. (22%)
Safe Reinforcement Learning with Dual Robustness. (1%)
2023-09-12
Using Reed-Muller Codes for Classification with Rejection and Recovery. (99%)
Certified Robust Models with Slack Control and Large Lipschitz Constants. (98%)
Exploring Non-additive Randomness on ViT against Query-Based Black-Box Attacks. (98%)
Compiled Models, Built-In Exploits: Uncovering Pervasive Bit-Flip Attack Surfaces in DNN Executables. (83%)
Backdoor Attacks and Countermeasures in Natural Language Processing Models: A Comprehensive Security Review. (61%)
CToMP: A Cycle-task-oriented Memory Protection Scheme for Unmanned Systems. (8%)
Language Models as Black-Box Optimizers for Vision-Language Models. (4%)
2023-09-11
Generalized Attacks on Face Verification Systems. (88%)
Adversarial Attacks Assessment of Salient Object Detection via Symbolic Learning. (76%)
Exploiting Machine Unlearning for Backdoor Attacks in Deep Learning System. (68%)
Privacy Side Channels in Machine Learning Systems. (10%)
Divergences in Color Perception between Deep Neural Networks and Humans. (4%)
Catch You Everything Everywhere: Guarding Textual Inversion via Concept Watermarking. (1%)
Optimize Weight Rounding via Signed Gradient Descent for the Quantization of LLMs. (1%)
2023-09-10
Outlier Robust Adversarial Training. (98%)
DAD++: Improved Data-free Test Time Adversarial Defense. (98%)
Machine Translation Models Stand Strong in the Face of Adversarial Attacks. (86%)
Secure Set-Based State Estimation for Linear Systems under Adversarial Attacks on Sensors. (12%)
2023-09-09
Towards Robust Model Watermark via Reducing Parametric Vulnerability. (8%)
RecAD: Towards A Unified Library for Recommender Attack and Defense. (1%)
2023-09-08
Exploring Robust Features for Improving Adversarial Robustness. (99%)
ARRTOC: Adversarially Robust Real-Time Optimization and Control. (2%)
Adversarial attacks on hybrid classical-quantum Deep Learning models for Histopathological Cancer Detection. (1%)
Counterfactual Explanations via Locally-guided Sequential Algorithmic Recourse. (1%)
2023-09-07
Experimental Study of Adversarial Attacks on ML-based xApps in O-RAN. (99%)
How adversarial attacks can disrupt seemingly stable accurate classifiers. (99%)
Adversarially Robust Deep Learning with Optimal-Transport-Regularized Divergences. (95%)
DiffDefense: Defending against Adversarial Attacks via Diffusion Models. (80%)
One-to-Multiple Clean-Label Image Camouflage (OmClic) based Backdoor Attack on Deep Learning. (73%)
Promoting Fairness in GNNs: A Characterization of Stability. (1%)
2023-09-06
Certifying LLM Safety against Adversarial Prompting. (99%)
SWAP: Exploiting Second-Ranked Logits for Adversarial Attacks on Time Series. (84%)
Byzantine-Robust Federated Learning with Variance Reduction and Differential Privacy. (68%)
J-Guard: Journalism Guided Adversarially Robust Detection of AI-generated News. (38%)
MIRA: Cracking Black-box Watermarking on Deep Neural Networks via Model Inversion-based Removal Attacks. (22%)
My Art My Choice: Adversarial Protection Against Unruly AI. (2%)
VeriDIP: Verifying Ownership of Deep Neural Networks through Privacy Leakage Fingerprints. (1%)
A Theoretical Explanation of Activation Sparsity through Flat Minima and Adversarial Robustness. (1%)
2023-09-05
The Adversarial Implications of Variable-Time Inference. (99%)
Adaptive Adversarial Training Does Not Increase Recourse Costs. (92%)
Black-Box Attacks against Signed Graph Analysis via Balance Poisoning. (87%)
RobustEdge: Low Power Adversarial Detection for Cloud-Edge Systems. (83%)
Building a Winning Team: Selecting Source Model Ensembles using a Submodular Transferability Estimation Approach. (4%)
Robust Recommender System: A Survey and Future Directions. (3%)
Dual Adversarial Alignment for Realistic Support-Query Shift Few-shot Learning. (1%)
2023-09-04
Hindering Adversarial Attacks with Multiple Encrypted Patch Embeddings. (99%)
Improving Visual Quality and Transferability of Adversarial Attacks on Face Recognition Simultaneously with Adversarial Restoration. (99%)
Adv3D: Generating 3D Adversarial Examples in Driving Scenarios with NeRF. (99%)
Toward Defensive Letter Design. (98%)
MathAttack: Attacking Large Language Models Towards Math Solving Ability. (97%)
Efficient Defense Against Model Stealing Attacks on Convolutional Neural Networks. (93%)
Efficient Query-Based Attack against ML-Based Android Malware Detection under Zero Knowledge Setting. (92%)
EventTrojan: Manipulating Non-Intrusive Speech Quality Assessment via Imperceptible Events. (15%)
Safe and Robust Watermark Injection with a Single OoD Image. (8%)
Dropout Attacks. (2%)
Uncertainty in AI: Evaluating Deep Neural Networks on Out-of-Distribution Images. (2%)
2023-09-03
Robust and Efficient Interference Neural Networks for Defending Against Adversarial Attacks in ImageNet. (99%)
Turn Fake into Real: Adversarial Head Turn Attacks Against Deepfake Detection. (98%)
AdvMono3D: Advanced Monocular 3D Object Detection with Depth-Aware Robust Adversarial Training. (98%)
Robust Adversarial Defense by Tensor Factorization. (89%)
CARNet: Collaborative Adversarial Resilience for Robust Underwater Image Enhancement and Perception. (31%)
2023-09-02
Towards Certified Probabilistic Robustness with High Accuracy. (98%)
Timbre-reserved Adversarial Attack in Speaker Identification. (98%)
Regularly Truncated M-estimators for Learning with Noisy Labels. (1%)
2023-09-01
Baseline Defenses for Adversarial Attacks Against Aligned Language Models. (99%)
Curating Naturally Adversarial Datasets for Trustworthy AI in Healthcare. (99%)
Non-Asymptotic Bounds for Adversarial Excess Risk under Misspecified Models. (89%)
Why do universal adversarial attacks work on large language models?: Geometry might be the answer. (83%)
RenAIssance: A Survey into AI Text-to-Image Generation in the Era of Large Model. (1%)
Learned Visual Features to Textual Explanations. (1%)
2023-08-31
Adversarial Finetuning with Latent Representation Constraint to Mitigate Accuracy-Robustness Tradeoff. (98%)
Image Hijacking: Adversarial Images can Control Generative Models at Runtime. (98%)
The Power of MEME: Adversarial Malware Creation with Model-Based Reinforcement Learning. (93%)
Everyone Can Attack: Repurpose Lossy Compression as a Natural Backdoor Attack. (75%)
Fault Injection and Safe-Error Attack for Extraction of Embedded Neural Network Models. (75%)
FTA: Stealthy and Robust Backdoor Attack with Flexible Trigger on Federated Learning. (45%)
2023-08-30
Explainable and Trustworthy Traffic Sign Detection for Safe Autonomous Driving: An Inductive Logic Programming Approach. (98%)
Robust Principles: Architectural Design Principles for Adversarially Robust CNNs. (11%)
2023-08-29
Adaptive Attack Detection in Text Classification: Leveraging Space Exploration Features for Text Sentiment Classification. (99%)
Advancing Adversarial Robustness Through Adversarial Logit Update. (99%)
Imperceptible Adversarial Attack on Deep Neural Networks from Image Boundary. (99%)
A Classification-Guided Approach for Adversarial Attacks against Neural Machine Translation. (99%)
MDTD: A Multi Domain Trojan Detector for Deep Neural Networks. (97%)
3D Adversarial Augmentations for Robust Out-of-Domain Predictions. (87%)
Everything Perturbed All at Once: Enabling Differentiable Graph Attacks. (84%)
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image Generative Models. (75%)
Vulnerability of Machine Learning Approaches Applied in IoT-based Smart Grid: A Review. (75%)
Can We Rely on AI? (50%)
Uncertainty Aware Training to Improve Deep Learning Model Calibration for Classification of Cardiac MR Images. (1%)
2023-08-28
Adversarial Attacks on Foundational Vision Models. (80%)
DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing. (45%)
Identifying and Mitigating the Security Risks of Generative AI. (45%)
ReMAV: Reward Modeling of Autonomous Vehicles for Finding Likely Failure Events. (13%)
Rep2wav: Noise Robust text-to-speech Using self-supervised representations. (1%)
Are Existing Out-Of-Distribution Techniques Suitable for Network Intrusion Detection? (1%)
2023-08-27
FaceChain: A Playground for Human-centric Artificial Intelligence Generated Content. (1%)
Detecting Language Model Attacks with Perplexity. (1%)
2023-08-24
Exploring Transferability of Multimodal Adversarial Samples for Vision-Language Pre-training Models with Contrastive Learning. (99%)
Don't Look into the Sun: Adversarial Solarization Attacks on Image Classifiers. (92%)
Evaluating the Vulnerabilities in ML systems in terms of adversarial attacks. (82%)
Fast Adversarial Training with Smooth Convergence. (3%)
WavMark: Watermarking for Audio Generation. (2%)
Prediction without Preclusion: Recourse Verification with Reachable Sets. (1%)
2023-08-23
On-Manifold Projected Gradient Descent. (99%)
Sample Complexity of Robust Learning against Evasion Attacks. (98%)
LCANets++: Robust Audio Classification using Multi-layer Neural Networks with Lateral Competition. (92%)
BaDExpert: Extracting Backdoor Functionality for Accurate Backdoor Input Detection. (74%)
RemovalNet: DNN Fingerprint Removal Attacks. (69%)
A Survey of Graph Unlearning. (2%)
Ensembling Uncertainty Measures to Improve Safety of Black-Box Classifiers. (1%)
Aparecium: Revealing Secrets from Physical Photographs. (1%)
2023-08-22
Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection. (99%)
SEA: Shareable and Explainable Attribution for Query-based Black-box Attacks. (99%)
Does Physical Adversarial Example Really Matter to Autonomous Driving? Towards System-Level Effect of Adversarial Object Evasion Attack. (98%)
Protect Federated Learning Against Backdoor Attacks via Data-Free Trigger Generation. (86%)
Revisiting and Exploring Efficient Fast Adversarial Training via LAW: Lipschitz Regularization and Auto Weight Averaging. (76%)
Adversarial Illusions in Multi-Modal Embeddings. (75%)
Designing an attack-defense game: how to increase robustness of financial transaction models via a competition. (75%)
Adversarial Training Using Feedback Loops. (74%)
LEAP: Efficient and Automated Test Method for NLP Software. (31%)
PatchBackdoor: Backdoor Attack against Deep Neural Networks without Model Modification. (16%)
2023-08-21
Improving the Transferability of Adversarial Examples with Arbitrary Style Transfer. (99%)
Spear and Shield: Adversarial Attacks and Defense Methods for Model-Based Link Prediction on Continuous-Time Dynamic Graphs. (99%)
Enhancing Adversarial Attacks: The Similar Target Method. (99%)
Adversarial Attacks on Code Models with Discriminative Graph Patterns. (96%)
Temporal-Distributed Backdoor Attack Against Video Based Action Recognition. (88%)
Measuring the Effect of Causal Disentanglement on the Adversarial Robustness of Neural Network Models. (76%)
Single-User Injection for Invisible Shilling Attack against Recommender Systems. (62%)
On the Adversarial Robustness of Multi-Modal Foundation Models. (4%)
Unlocking Accuracy and Fairness in Differentially Private Image Classification. (2%)
2023-08-20
Boosting Adversarial Transferability by Block Shuffle and Rotation. (99%)
Improving Adversarial Robustness of Masked Autoencoders via Test-time Frequency-domain Prompting. (96%)
HoSNN: Adversarially-Robust Homeostatic Spiking Neural Networks with Adaptive Firing Thresholds. (96%)
Hiding Backdoors within Event Sequence Data via Poisoning Attacks. (95%)
Adversarial Collaborative Filtering for Free. (61%)
Efficient Joint Optimization of Layer-Adaptive Weight Pruning in Deep Neural Networks. (1%)
A Study on Robustness and Reliability of Large Language Model Code Generation. (1%)
2023-08-19
A Comparison of Adversarial Learning Techniques for Malware Detection. (99%)
Robust Mixture-of-Expert Training for Convolutional Neural Networks. (83%)
2023-08-18
Black-box Adversarial Attacks against Dense Retrieval Models: A Multi-view Contrastive Learning Method. (99%)
Attacking logo-based phishing website detectors with adversarial perturbations. (99%)
Compensating Removed Frequency Components: Thwarting Voice Spectrum Reduction Attacks. (92%)
DFB: A Data-Free, Low-Budget, and High-Efficacy Clean-Label Backdoor Attack. (54%)
Backdoor Mitigation by Correcting the Distribution of Neural Activations. (11%)
Towards Attack-tolerant Federated Learning via Critical Parameter Analysis. (9%)
On Gradient-like Explanation under a Black-box Setting: When Black-box Explanations Become as Good as White-box. (9%)
Defending Label Inference Attacks in Split Learning under Regression Setting. (4%)
An Image is Worth a Thousand Toxic Words: A Metamorphic Testing Framework for Content Moderation Software. (1%)
Proceedings of the 2nd International Workshop on Adaptive Cyber Defense. (1%)
2023-08-17
AIR: Threats of Adversarial Attacks on Deep Learning-Based Information Recovery. (99%)
Towards a Practical Defense against Adversarial Attacks on Deep Learning-based Malware Detectors via Randomized Smoothing. (99%)
A White-Box False Positive Adversarial Attack Method on Contrastive Loss Based Offline Handwritten Signature Verification Models. (98%)
Causal Adversarial Perturbations for Individual Fairness and Robustness in Heterogeneous Data Spaces. (16%)
That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications. (10%)
Evaluating the Instruction-Following Robustness of Large Language Models to Prompt Injection. (10%)
General Lipschitz: Certified Robustness Against Resolvable Semantic Transformations via Transformation-Dependent Randomized Smoothing. (3%)
2023-08-16
Benchmarking Adversarial Robustness of Compressed Deep Learning Models. (81%)
Test-Time Poisoning Attacks Against Test-Time Adaptation Models. (73%)
Self-Deception: Reverse Penetrating the Semantic Firewall of Large Language Models. (67%)
Dynamic Neural Network is All You Need: Understanding the Robustness of Dynamic Mechanisms in Neural Networks. (61%)
Expressivity of Graph Neural Networks Through the Lens of Adversarial Robustness. (33%)
2023-08-15
SEDA: Self-Ensembling ViT with Defensive Distillation and Adversarial Training for robust Chest X-rays Classification. (99%)
Backpropagation Path Search On Adversarial Transferability. (99%)
A Review of Adversarial Attacks in Computer Vision. (99%)
Robustness Over Time: Understanding Adversarial Examples' Effectiveness on Longitudinal Versions of Large Language Models. (95%)
Simple and Efficient Partial Graph Adversarial Attack: A New Perspective. (93%)
2023-08-14
3DHacker: Spectrum-based Decision Boundary Generation for Hard-label 3D Point Cloud Attack. (99%)
White-Box Adversarial Attacks on Deep Learning-Based Radio Frequency Fingerprint Identification. (99%)
AdvCLIP: Downstream-agnostic Adversarial Examples in Multimodal Contrastive Learning. (99%)
Enhancing the Antidote: Improved Pointwise Certifications against Poisoning Attacks. (68%)
LLM Self Defense: By Self Examination, LLMs Know They Are Being Tricked. (61%)
DISBELIEVE: Distance Between Client Models is Very Essential for Effective Local Model Poisoning Attacks. (13%)
ACTIVE: Towards Highly Transferable 3D Physical Camouflage for Universal and Robust Vehicle Evasion. (10%)
SAM Meets Robotic Surgery: An Empirical Study on Generalization, Robustness and Adaptation. (1%)
2023-08-13
SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection. (99%)
Understanding the robustness difference between stochastic gradient descent and adaptive gradient methods. (45%)
A Survey on Deep Neural Network Pruning-Taxonomy, Comparison, Analysis, and Recommendations. (1%)
Robustified ANNs Reveal Wormholes Between Human Category Percepts. (1%)
Faithful to Whom? Questioning Interpretability Measures in NLP. (1%)
2023-08-12
Not So Robust After All: Evaluating the Robustness of Deep Neural Networks to Unseen Adversarial Attacks. (99%)
One-bit Flip is All You Need: When Bit-flip Attack Meets Model Training. (13%)
2023-08-11
Enhancing Generalization of Universal Adversarial Perturbation through Gradient Aggregation. (98%)
Physical Adversarial Attacks For Camera-based Smart Systems: Current Trends, Categorization, Applications, Research Challenges, and Future Outlook. (98%)
Face Encryption via Frequency-Restricted Identity-Agnostic Attacks. (96%)
White-box Membership Inference Attacks against Diffusion Models. (68%)
Test-Time Backdoor Defense via Detecting and Repairing. (10%)
Continual Face Forgery Detection via Historical Distribution Preserving. (2%)
Fast and Accurate Transferability Measurement by Evaluating Intra-class Feature Variance. (1%)
2023-08-10
Hard No-Box Adversarial Attack on Skeleton-Based Human Action Recognition with Skeleton-Motion-Informed Gradient. (99%)
Symmetry Defense Against XGBoost Adversarial Perturbation Attacks. (96%)
Complex Network Effects on the Robustness of Graph Convolutional Networks. (92%)
Critical Points ++: An Agile Point Cloud Importance Measure for Robust Classification, Adversarial Defense and Explainable AI. (80%)
State Machine Frameworks for Website Fingerprinting Defenses: Maybe Not. (61%)
FLShield: A Validation Based Federated Learning Framework to Defend Against Poisoning Attacks. (45%)
Comprehensive Analysis of Network Robustness Evaluation Based on Convolutional Neural Networks with Spatial Pyramid Pooling. (1%)
2023-08-09
Adv-Inpainting: Generating Natural and Transferable Adversarial Patch via Attention-guided Feature Fusion. (98%)
Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning. (93%)
Adversarial Deep Reinforcement Learning for Cyber Security in Software Defined Networks. (81%)
Data-Free Model Extraction Attacks in the Context of Object Detection. (41%)
2023-08-08
Pelta: Shielding Transformers to Mitigate Evasion Attacks in Federated Learning. (99%)
Federated Zeroth-Order Optimization using Trajectory-Informed Surrogate Gradients. (81%)
The Model Inversion Eavesdropping Attack in Semantic Communication Systems. (67%)
A Comprehensive Assessment Benchmark for Rigorously Evaluating Deep Learning Image Classifiers. (67%)
XGBD: Explanation-Guided Graph Backdoor Detection. (54%)
Improved Activation Clipping for Universal Backdoor Mitigation and Test-Time Detection. (50%)
Evil Operation: Breaking Speaker Recognition with PaddingBack. (31%)
Backdoor Federated Learning by Poisoning Backdoor-Critical Layers. (15%)
2023-08-07
Fixed Inter-Neuron Covariability Induces Adversarial Robustness. (98%)
Exploring the Physical World Adversarial Robustness of Vehicle Detection. (98%)
PAIF: Perception-Aware Infrared-Visible Image Fusion for Attack-Tolerant Semantic Segmentation. (86%)
A reading survey on adversarial machine learning: Adversarial attacks and their understanding. (81%)
A Four-Pronged Defense Against Byzantine Attacks in Federated Learning. (54%)
Improving Performance of Semi-Supervised Learning by Adversarial Attacks. (11%)
Mondrian: Prompt Abstraction Attack Against Large Language Models for Cheaper API Pricing. (10%)
2023-08-06
SAAM: Stealthy Adversarial Attack on Monoculor Depth Estimation. (99%)
CGBA: Curvature-aware Geometric Black-box Attack. (99%)
APBench: A Unified Benchmark for Availability Poisoning Attacks and Defenses. (98%)
Unsupervised Adversarial Detection without Extra Model: Training Loss Should Change. (82%)
Using Overlapping Methods to Counter Adversaries in Community Detection. (50%)
2023-08-05
An Adaptive Model Ensemble Adversarial Attack for Boosting Adversarial Transferability. (99%)
An AI-Enabled Framework to Defend Ingenious MDT-based Attacks on the Emerging Zero Touch Cellular Networks. (92%)
A Security and Usability Analysis of Local Attacks Against FIDO2. (1%)
Approximating Positive Homogeneous Functions with Scale Invariant Neural Networks. (1%)
2023-08-04
Multi-attacks: Many images $+$ the same adversarial attack $\to$ many target labels. (99%)
RobustMQ: Benchmarking Robustness of Quantized Models. (75%)
SureFED: Robust Federated Learning via Uncertainty-Aware Inward and Outward Inspection. (67%)
Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks. (67%)
Universal Defensive Underpainting Patch: Making Your Text Invisible to Optical Character Recognition. (31%)
BlindSage: Label Inference Attacks against Node-level Vertical Federated Graph Neural Networks. (9%)
2023-08-03
Hard Adversarial Example Mining for Improving Robust Fairness. (99%)
URET: Universal Robustness Evaluation Toolkit (for Evasion). (99%)
AdvFAS: A robust face anti-spoofing framework against adversarial examples. (98%)
FROD: Robust Object Detection for Free. (67%)
ParaFuzz: An Interpretability-Driven Technique for Detecting Poisoned Samples in NLP. (33%)
From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application? (4%)
2023-08-02
Inaudible Adversarial Perturbation: Manipulating the Recognition of User Speech in Real Time. (99%)
Isolation and Induction: Training Robust Deep Neural Networks against Model Stealing Attacks. (98%)
Mercury: An Automated Remote Side-channel Attack to Nvidia Deep Learning Accelerator. (16%)
TEASMA: A Practical Approach for the Test Assessment of Deep Neural Networks using Mutation Analysis. (2%)
LSF-IDM: Automotive Intrusion Detection Model with Lightweight Attribution and Semantic Fusion. (1%)
2023-08-01
Dynamic ensemble selection based on Deep Neural Network Uncertainty Estimation for Adversarial Robustness. (99%)
Improving Generalization of Adversarial Training via Robust Critical Fine-Tuning. (99%)
LimeAttack: Local Explainable Method for Textual Hard-Label Adversarial Attack. (99%)
Doubly Robust Instance-Reweighted Adversarial Training. (82%)
Training on Foveated Images Improves Robustness to Adversarial Attacks. (82%)
Kidnapping Deep Learning-based Multirotors using Optimized Flying Adversarial Patches. (47%)
Robust Linear Regression: Phase-Transitions and Precise Tradeoffs for General Norms. (22%)
Learning to Generate Training Datasets for Robust Semantic Segmentation. (9%)
Zero-Shot Learning by Harnessing Adversarial Samples. (1%)
A Novel Cross-Perturbation for Single Domain Generalization. (1%)
2023-07-31
A Novel Deep Learning based Model to Defend Network Intrusion Detection System against Adversarial Attacks. (99%)
Transferable Attack for Semantic Segmentation. (99%)
Universal Adversarial Defense in Remote Sensing Based on Pre-trained Denoising Diffusion Models. (99%)
Defense of Adversarial Ranking Attack in Text Retrieval: Benchmark and Baseline via Detection. (97%)
Text-CRS: A Generalized Certified Robustness Framework against Textual Adversarial Attacks. (86%)
BAGM: A Backdoor Attack for Manipulating Text-to-Image Generative Models. (26%)
Adversarially Robust Neural Legal Judgement Systems. (11%)
Virtual Prompt Injection for Instruction-Tuned Large Language Models. (10%)
Noisy Self-Training with Data Augmentations for Offensive and Hate Speech Detection Tasks. (1%)
2023-07-30
Theoretically Principled Trade-off for Stateful Defenses against Query-Based Black-Box Attacks. (99%)
Benchmarking and Analyzing Robust Point Cloud Recognition: Bag of Tricks for Defending Adversarial Examples. (99%)
Probabilistically robust conformal prediction. (91%)
On Updating Static Output Feedback Controllers Under State-Space Perturbation. (1%)
2023-07-29
You Can Backdoor Personalized Federated Learning. (92%)
On Neural Network approximation of ideal adversarial attack and convergence of adversarial training. (92%)
Exposing Hidden Attackers in Industrial Control Systems using Micro-distortions. (41%)
2023-07-28
Beating Backdoor Attack at Its Own Game. (97%)
Adversarial training for tabular data with attack propagation. (67%)
Improving Realistic Worst-Case Performance of NVCiM DNN Accelerators through Training with Right-Censored Gaussian Noise. (10%)
What can Discriminator do? Towards Box-free Ownership Verification of Generative Adversarial Network. (4%)
2023-07-27
R-LPIPS: An Adversarially Robust Perceptual Similarity Metric. (99%)
Universal and Transferable Adversarial Attacks on Aligned Language Models. (99%)
When Measures are Unreliable: Imperceptible Adversarial Perturbations toward Top-$k$ Multi-Label Learning. (99%)
Backdoor Attacks for In-Context Learning with Language Models. (97%)
FLARE: Fingerprinting Deep Reinforcement Learning Agents using Universal Adversarial Masks. (93%)
Unified Adversarial Patch for Visible-Infrared Cross-modal Attacks in the Physical World. (92%)
NSA: Naturalistic Support Artifact to Boost Network Confidence. (62%)
SEV-Step: A Single-Stepping Framework for AMD-SEV. (3%)
Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance. (1%)
AC-Norm: Effective Tuning for Medical Image Analysis via Affine Collaborative Normalization. (1%)
2023-07-26
Enhanced Security against Adversarial Examples Using a Random Ensemble of Encrypted Vision Transformer Models. (99%)
Set-level Guidance Attack: Boosting Adversarial Transferability of Vision-Language Pre-training Models. (99%)
Defending Adversarial Patches via Joint Region Localizing and Inpainting. (99%)
Lateral-Direction Localization Attack in High-Level Autonomous Driving: Domain-Specific Defense Opportunity via Lane Detection. (67%)
Plug and Pray: Exploiting off-the-shelf components of Multi-Modal Models. (33%)
Coupled-Space Attacks against Random-Walk-based Anomaly Detection. (11%)
FakeTracer: Proactively Defending Against Face-swap DeepFakes via Implanting Traces in Training. (5%)
Open Image Content Disarm And Reconstruction. (1%)
2023-07-25
On the unreasonable vulnerability of transformers for image restoration -- and an easy fix. (99%)
Imperceptible Physical Attack against Face Recognition Systems via LED Illumination Modulation. (99%)
Efficient Estimation of Average-Case Robustness for Multi-Class Classification. (13%)
Foundational Models Defining a New Era in Vision: A Survey and Outlook. (10%)
2023-07-24
Why Don't You Clean Your Glasses? Perception Attacks with Dynamic Optical Perturbations. (99%)
Lost In Translation: Generating Adversarial Examples Robust to Round-Trip Translation. (99%)
Data-free Black-box Attack based on Diffusion Model. (62%)
Adaptive Certified Training: Towards Better Accuracy-Robustness Tradeoffs. (56%)
An Estimator for the Sensitivity to Perturbations of Deep Neural Networks. (31%)
Cyber Deception against Zero-day Attacks: A Game Theoretic Approach. (12%)
Malware Resistant Data Protection in Hyper-connected Networks: A survey. (10%)
Investigating the Robustness of Sequential Recommender Systems Against Training Data Perturbations. (9%)
Digital Twins for Moving Target Defense Validation in AC Microgrids. (1%)
Towards Bridging the FL Performance-Explainability Trade-Off: A Trustworthy 6G RAN Slicing Use-Case. (1%)
Learning Provably Robust Estimators for Inverse Problems via Jittering. (1%)
2023-07-23
Towards Generic and Controllable Attacks Against Object Detection. (99%)
Downstream-agnostic Adversarial Examples. (99%)
AdvDiff: Generating Unrestricted Adversarial Examples using Diffusion Models. (99%)
Gradient-Based Word Substitution for Obstinate Adversarial Examples Generation in Language Models. (98%)
A First Look at On-device Models in iOS Apps. (84%)
Robust Automatic Speech Recognition via WavAugment Guided Phoneme Adversarial Training. (83%)
Cross Contrastive Feature Perturbation for Domain Generalization. (1%)
2023-07-22
Backdoor Attacks against Voice Recognition Systems: A Survey. (13%)
2023-07-21
Fast Adaptive Test-Time Defense with Robust Features. (99%)
Unveiling Vulnerabilities in Interpretable Deep Learning Systems with Query-Efficient Black-box Attacks. (99%)
FMT: Removing Backdoor Feature Maps via Feature Map Testing in Deep Neural Networks. (81%)
Improving Viewpoint Robustness for Visual Recognition via Adversarial Training. (80%)
OUTFOX: LLM-generated Essay Detection through In-context Learning with Adversarially Generated Examples. (62%)
HybridAugment++: Unified Frequency Spectra Perturbations for Model Robustness. (26%)
Mitigating Communications Threats in Decentralized Federated Learning through Moving Target Defense. (1%)
2023-07-20
A LLM Assisted Exploitation of AI-Guardian. (98%)
Improving Transferability of Adversarial Examples via Bayesian Attacks. (98%)
Adversarial attacks for mixtures of classifiers. (54%)
PATROL: Privacy-Oriented Pruning for Collaborative Inference Against Model Inversion Attacks. (33%)
A Holistic Assessment of the Reliability of Machine Learning Systems. (4%)
Making Pre-trained Language Models both Task-solvers and Self-calibrators. (2%)
Boundary State Generation for Testing and Improvement of Autonomous Driving Systems. (1%)
A Survey of What to Share in Federated Learning: Perspectives on Model Utility, Privacy Leakage, and Communication Efficiency. (1%)
2023-07-19
Backdoor Attack against Object Detection with Clean Annotation. (93%)
Shared Adversarial Unlearning: Backdoor Mitigation by Unlearning Shared Adversarial Examples. (92%)
Rethinking Backdoor Attacks. (83%)
Towards Building More Robust Models with Frequency Bias. (81%)
Improving Surrogate Model Robustness to Perturbations for Dynamical Systems Through Machine Learning and Data Assimilation. (26%)
2023-07-18
CertPri: Certifiable Prioritization for Deep Neural Networks via Movement Cost in Feature Space. (67%)
FedDefender: Client-Side Attack-Tolerant Federated Learning. (50%)
Can Neural Network Memorization Be Localized? (4%)
2023-07-17
Analyzing the Impact of Adversarial Examples on Explainable Machine Learning. (99%)
Adversarial Attacks on Traffic Sign Recognition: A Survey. (98%)
Discretization-based ensemble model for robust learning in IoT. (87%)
Unstoppable Attack: Label-Only Model Inversion via Conditional Diffusion Model. (83%)
Runtime Stealthy Perception Attacks against DNN-based Adaptive Cruise Control Systems. (22%)
On the Fly Neural Style Smoothing for Risk-Averse Domain Generalization. (2%)
A Machine Learning based Empirical Evaluation of Cyber Threat Actors High Level Attack Patterns over Low level Attack Patterns in Attributing Attacks. (1%)
2023-07-16
Towards Viewpoint-Invariant Visual Recognition via Adversarial Training. (83%)
Towards Stealthy Backdoor Attacks against Speech Recognition via Elements of Sound. (73%)
Diffusion to Confusion: Naturalistic Adversarial Patch Generation Based on Diffusion Model for Object Detector. (10%)
Lipschitz Continuous Algorithms for Covering Problems. (1%)
2023-07-15
On the Robustness of Split Learning against Adversarial Attacks. (99%)
Why Does Little Robustness Help? A Further Step Towards Understanding Adversarial Transferability. (99%)
Unified Adversarial Patch for Cross-modal Attacks in the Physical World. (92%)
MasterKey: Automated Jailbreak Across Multiple Large Language Model Chatbots. (2%)
2023-07-14
Vulnerability-Aware Instance Reweighting For Adversarial Training. (99%)
Mitigating Adversarial Vulnerability through Causal Parameter Estimation by Adversarial Double Machine Learning. (99%)
On the Sensitivity of Deep Load Disaggregation to Adversarial Attacks. (99%)
RFLA: A Stealthy Reflected Light Adversarial Attack in the Physical World. (98%)
Frequency Domain Adversarial Training for Robust Volumetric Medical Segmentation. (98%)
Alleviating the Effect of Data Imbalance on Adversarial Training. (92%)
Structured Pruning of Neural Networks for Constraints Learning. (76%)
Boosting Backdoor Attack with A Learnable Poisoning Sample Selection Strategy. (68%)
Erasing, Transforming, and Noising Defense Network for Occluded Person Re-Identification. (31%)
Omnipotent Adversarial Training in the Wild. (9%)
Certified Robustness for Large Language Models with Self-Denoising. (5%)
2023-07-13
Multi-objective Evolutionary Search of Variable-length Composite Semantic Perturbations. (99%)
MF-CLIP: Leveraging CLIP as Surrogate Models for No-box Adversarial Attacks. (99%)
Effective Prompt Extraction from Language Models. (4%)
Layer-wise Linear Mode Connectivity. (1%)
Defeating Proactive Jammers Using Deep Reinforcement Learning for Resource-Constrained IoT Networks. (1%)
Towards Traitor Tracing in Black-and-White-Box DNN Watermarking with Tardos-based Codes. (1%)
2023-07-12
Single-Class Target-Specific Attack against Interpretable Deep Learning Systems. (99%)
Microbial Genetic Algorithm-based Black-box Attack against Interpretable Deep Learning Systems. (99%)
Rational Neural Network Controllers. (2%)
Misclassification in Automated Content Analysis Causes Bias in Regression. Can We Fix It? Yes We Can! (1%)
A Bayesian approach to quantifying uncertainties and improving generalizability in traffic prediction models. (1%)
2023-07-11
ATWM: Defense against adversarial malware based on adversarial training. (99%)
Membership Inference Attacks on DNNs using Adversarial Perturbations. (89%)
Random-Set Convolutional Neural Network (RS-CNN) for Epistemic Deep Learning. (12%)
On the Vulnerability of DeepFake Detectors to Attacks Generated by Denoising Diffusion Models. (10%)
Differential Analysis of Triggers and Benign Features for Black-Box DNN Backdoor Detection. (2%)
Scale Alone Does not Improve Mechanistic Interpretability in Vision Models. (1%)
Memorization Through the Lens of Curvature of Loss Function Around Samples. (1%)
The Butterfly Effect in Artificial Intelligence Systems: Implications for AI Bias and Fairness. (1%)
2023-07-10
Practical Trustworthiness Model for DNN in Dedicated 6G Application. (33%)
Distill-SODA: Distilling Self-Supervised Vision Transformer for Source-Free Open-Set Domain Adaptation in Computational Pathology. (1%)
2023-07-09
GNP Attack: Transferable Adversarial Examples via Gradient Norm Penalty. (98%)
Enhancing Adversarial Robustness via Score-Based Optimization. (98%)
2023-07-08
Adversarial Self-Attack Defense and Spatial-Temporal Relation Mining for Visible-Infrared Video Person Re-Identification. (99%)
Random Position Adversarial Patch for Vision Transformers. (83%)
Robust Ranking Explanations. (38%)
2023-07-07
A Theoretical Perspective on Subnetwork Contributions to Adversarial Robustness. (81%)
Fooling Contrastive Language-Image Pre-trained Models with CLIPMasterPrints. (68%)
Scalable Membership Inference Attacks via Quantile Regression. (33%)
RADAR: Robust AI-Text Detection via Adversarial Learning. (5%)
Generation of Time-Varying Impedance Attacks Against Haptic Shared Control Steering Systems. (1%)
2023-07-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
NatLogAttack: A Framework for Attacking Natural Language Inference Models with Natural Logic. (92%)
Quantification of Uncertainty with Adversarial Models. (68%)
A Vulnerability of Attribution Methods Using Pre-Softmax Scores. (41%)
Probabilistic and Semantic Descriptions of Image Manifolds and Their Applications. (8%)
T-MARS: Improving Visual Representations by Circumventing Text Feature Learning. (1%)
2023-07-05
Adversarial Attacks on Image Classification Models: FGSM and Patch Attacks and their Impact. (98%)
DARE: Towards Robust Text Explanations in Biomedical and Healthcare Applications. (69%)
Detecting Images Generated by Deep Diffusion Models using their Local Intrinsic Dimensionality. (67%)
GIT: Detecting Uncertainty, Out-Of-Distribution and Adversarial Samples using Gradients and Invariance Transformations. (62%)
Securing Cloud FPGAs Against Power Side-Channel Attacks: A Case Study on Iterative AES. (5%)
On the Adversarial Robustness of Generative Autoencoders in the Latent Space. (3%)
2023-07-04
SCAT: Robust Self-supervised Contrastive Learning via Adversarial Training for Text Classification. (99%)
LEAT: Towards Robust Deepfake Disruption in Real-World Scenarios via Latent Ensemble Attack. (83%)
Interpretable Computer Vision Models through Adversarial Training: Unveiling the Robustness-Interpretability Connection. (68%)
Overconfidence is a Dangerous Thing: Mitigating Membership Inference Attacks by Enforcing Less Confident Prediction. (45%)
Physically Realizable Natural-Looking Clothing Textures Evade Person Detectors via 3D Modeling. (26%)
An Analysis of Untargeted Poisoning Attack and Defense Methods for Federated Online Learning to Rank Systems. (13%)
Machine Learning-Based Intrusion Detection: Feature Selection versus Feature Extraction. (1%)
Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data. (1%)
2023-07-03
Pareto-Secure Machine Learning (PSML): Fingerprinting and Securing Inference Serving Systems. (99%)
A Dual Stealthy Backdoor: From Both Spatial and Frequency Perspectives. (83%)
Analyzing the vulnerabilities in SplitFed Learning: Assessing the robustness against Data Poisoning Attacks. (62%)
What Distributions are Robust to Indiscriminate Poisoning Attacks for Linear Learners? (62%)
Adversarial Learning in Real-World Fraud Detection: Challenges and Perspectives. (45%)
Understanding the Transferability of Representations via Task-Relatedness. (13%)
Enhancing the Robustness of QMIX against State-adversarial Attacks. (4%)
Towards Building Self-Aware Object Detectors via Reliable Uncertainty Quantification and Calibration. (1%)
2023-07-02
Query-Efficient Decision-based Black-Box Patch Attack. (99%)
Interpretability and Transparency-Driven Detection and Transformation of Textual Adversarial Examples (IT-DT). (99%)
From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy. (10%)
CLIMAX: An exploration of Classifier-Based Contrastive Explanations. (2%)
2023-07-01
Common Knowledge Learning for Generating Transferable Adversarial Examples. (99%)
Adversarial Attacks and Defenses on 3D Point Cloud Classification: A Survey. (99%)
Brightness-Restricted Adversarial Attack Patch. (75%)
Fedward: Flexible Federated Backdoor Defense Framework with Non-IID Data. (54%)
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training. (26%)
SysNoise: Exploring and Benchmarking Training-Deployment System Inconsistency. (13%)
Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD. (10%)
CasTGAN: Cascaded Generative Adversarial Network for Realistic Tabular Data Synthesis. (5%)
FedDefender: Backdoor Attack Defense in Federated Learning. (2%)
Hiding in Plain Sight: Differential Privacy Noise Exploitation for Evasion-resilient Localized Poisoning Attacks in Multiagent Reinforcement Learning. (1%)
2023-06-30
Defense against Adversarial Cloud Attack on Remote Sensing Salient Object Detection. (99%)
Efficient Backdoor Removal Through Natural Gradient Fine-tuning. (8%)
Minimum-norm Sparse Perturbations for Opacity in Linear Systems. (1%)
2023-06-29
Post-train Black-box Defense via Bayesian Boundary Correction. (99%)
Towards Optimal Randomized Strategies in Adversarial Example Game. (96%)
Neural Polarizer: A Lightweight and Effective Backdoor Defense via Purifying Poisoned Features. (13%)
NeuralFuse: Learning to Recover the Accuracy of Access-Limited Neural Network Inference in Low-Voltage Regimes. (1%)
2023-06-28
Boosting Adversarial Transferability with Learnable Patch-wise Masks. (99%)
Evaluating Similitude and Robustness of Deep Image Denoising Models via Adversarial Attack. (99%)
Mitigating Accuracy-Robustness Trade-off via Balanced Multi-Teacher Adversarial Distillation. (99%)
Group-based Robustness: A General Framework for Customized Robustness in the Real World. (98%)
Distributional Modeling for Location-Aware Adversarial Patches. (98%)
Enrollment-stage Backdoor Attacks on Speaker Recognition Systems via Adversarial Ultrasound. (98%)
Does Saliency-Based Training bring Robustness for Deep Neural Networks in Image Classification? (93%)
On Practical Aspects of Aggregation Defenses against Data Poisoning Attacks. (50%)
On the Exploitability of Instruction Tuning. (13%)
2023-06-27
Advancing Adversarial Training by Injecting Booster Signal. (98%)
IMPOSITION: Implicit Backdoor Attack through Scenario Injection. (96%)
Adversarial Training for Graph Neural Networks: Pitfalls, Solutions, and New Directions. (92%)
Robust Proxy: Improving Adversarial Robustness by Robust Proxy Learning. (89%)
Your Attack Is Too DUMB: Formalizing Attacker Scenarios for Adversarial Transferability. (87%)
[Re] Double Sampling Randomized Smoothing. (69%)
Cooperation or Competition: Avoiding Player Domination for Multi-Target Robustness via Adaptive Budgets. (68%)
Catch Me If You Can: A New Low-Rate DDoS Attack Strategy Disguised by Feint. (26%)
Shilling Black-box Review-based Recommender Systems through Fake Review Generation. (1%)
2023-06-26
On the Universal Adversarial Perturbations for Efficient Data-free Adversarial Detection. (99%)
Are aligned neural networks adversarially aligned? (99%)
The race to robustness: exploiting fragile models for urban camouflage and the imperative for machine learning security. (92%)
3D-Aware Adversarial Makeup Generation for Facial Privacy Protection. (92%)
Towards Sybil Resilience in Decentralized Learning. (80%)
On the Resilience of Machine Learning-Based IDS for Automotive Networks. (78%)
DSRM: Boost Textual Adversarial Training with Distribution Shift Risk Minimization. (75%)
PWSHAP: A Path-Wise Explanation Model for Targeted Variables. (8%)
2023-06-25
A Spectral Perspective towards Understanding and Improving Adversarial Robustness. (99%)
On Evaluating the Adversarial Robustness of Semantic Segmentation Models. (99%)
Robust Spatiotemporal Traffic Forecasting with Reinforced Dynamic Adversarial Training. (98%)
Enhancing Adversarial Training via Reweighting Optimization Trajectory. (97%)
RobuT: A Systematic Study of Table QA Robustness Against Human-Annotated Adversarial Perturbations. (87%)
Computational Asymmetries in Robust Classification. (80%)
2023-06-24
Boosting Model Inversion Attacks with Adversarial Examples. (98%)
Machine Learning needs Better Randomness Standards: Randomised Smoothing and PRNG-based attacks. (98%)
Similarity Preserving Adversarial Graph Contrastive Learning. (96%)
Weighted Automata Extraction and Explanation of Recurrent Neural Networks for Natural Language Tasks. (70%)
2023-06-23
Creating Valid Adversarial Examples of Malware. (99%)
Adversarial Robustness Certification for Bayesian Neural Networks. (92%)
A First Order Meta Stackelberg Method for Robust Federated Learning. (10%)
2023-06-22
Visual Adversarial Examples Jailbreak Large Language Models. (99%)
Towards quantum enhanced adversarial robustness in machine learning. (99%)
Rethinking the Backward Propagation for Adversarial Transferability. (99%)
Evading Forensic Classifiers with Attribute-Conditioned Adversarial Faces. (96%)
Adversarial Resilience in Sequential Prediction via Abstention. (93%)
Document Image Cleaning using Budget-Aware Black-Box Approximation. (92%)
Anticipatory Thinking Challenges in Open Worlds: Risk Management. (81%)
Towards Reliable Evaluation and Fast Training of Robust Semantic Segmentation Models. (80%)
Cross-lingual Cross-temporal Summarization: Dataset, Models, Evaluation. (45%)
A First Order Meta Stackelberg Method for Robust Federated Learning (Technical Report). (33%)
Impacts and Risk of Generative AI Technology on Cyber Defense. (4%)
2023-06-21
Adversarial Attacks Neutralization via Data Set Randomization. (99%)
A Comprehensive Study on the Robustness of Image Classification and Object Detection in Remote Sensing: Surveying and Benchmarking. (92%)
Sample Attackability in Natural Language Adversarial Attacks. (92%)
Revisiting Image Classifier Training for Improved Certified Robust Defense against Adversarial Patches. (76%)
DP-BREM: Differentially-Private and Byzantine-Robust Federated Learning with Client Momentum. (47%)
FFCV: Accelerating Training by Removing Data Bottlenecks. (3%)
2023-06-20
Reversible Adversarial Examples with Beam Search Attack and Grayscale Invariance. (99%)
Universal adversarial perturbations for multiple classification tasks with quantum classifiers. (99%)
Physics-constrained Attack against Convolution-based Human Motion Prediction. (99%)
FDINet: Protecting against DNN Model Extraction via Feature Distortion Index. (50%)
DecodingTrust: A Comprehensive Assessment of Trustworthiness in GPT Models. (33%)
Towards a robust and reliable deep learning approach for detection of compact binary mergers in gravitational wave data. (3%)
Mitigating Speculation-based Attacks through Configurable Hardware/Software Co-design. (1%)
LVM-Med: Learning Large-Scale Self-Supervised Vision Models for Medical Imaging via Second-order Graph Matching. (1%)
2023-06-19
Comparative Evaluation of Recent Universal Adversarial Perturbations in Image Classification. (99%)
Adversarial Robustness of Prompt-based Few-Shot Learning for Natural Language Understanding. (75%)
Adversarial Training Should Be Cast as a Non-Zero-Sum Game. (73%)
Eigenpatches -- Adversarial Patches from Principal Components. (38%)
Practical and General Backdoor Attacks against Vertical Federated Learning. (13%)
BNN-DP: Robustness Certification of Bayesian Neural Networks via Dynamic Programming. (5%)
2023-06-17
Edge Learning for 6G-enabled Internet of Things: A Comprehensive Survey of Vulnerabilities, Datasets, and Defenses. (98%)
Understanding Certified Training with Interval Bound Propagation. (38%)
GlyphNet: Homoglyph domains dataset and detection using attention-based Convolutional Neural Networks. (9%)
Bkd-FedGNN: A Benchmark for Classification Backdoor Attacks on Federated Graph Neural Network. (1%)
2023-06-16
Wasserstein distributional robustness of neural networks. (99%)
Query-Free Evasion Attacks Against Machine Learning-Based Malware Detectors with Generative Adversarial Networks. (99%)
You Don't Need Robust Machine Learning to Manage Adversarial Attack Risks. (98%)
Towards Better Certified Segmentation via Diffusion Models. (73%)
Adversarially robust clustering with optimality guarantees. (5%)
CLIP2Protect: Protecting Facial Privacy using Text-Guided Makeup via Adversarial Latent Search. (1%)
2023-06-15
DIFFender: Diffusion-Based Adversarial Defense against Patch Attacks in the Physical World. (99%)
OVLA: Neural Network Ownership Verification using Latent Watermarks. (64%)
Evaluating the Robustness of Text-to-image Diffusion Models against Real-world Attacks. (62%)
On Strengthening and Defending Graph Reconstruction Attack with Markov Chain Approximation. (33%)
Robustness Analysis on Foundational Segmentation Models. (11%)
DiffAug: A Diffuse-and-Denoise Augmentation for Training Robust Classifiers. (3%)
Explore, Establish, Exploit: Red Teaming Language Models from Scratch. (1%)
Community Detection Attack against Collaborative Learning-based Recommender Systems. (1%)
Concealing CAN Message Sequences to Prevent Schedule-based Bus-off Attacks. (1%)
2023-06-14
Reliable Evaluation of Adversarial Transferability. (99%)
A Relaxed Optimization Approach for Adversarial Attacks against Neural Machine Translation Models. (99%)
X-Detect: Explainable Adversarial Patch Detection for Object Detectors in Retail. (98%)
Augment then Smooth: Reconciling Differential Privacy with Certified Robustness. (98%)
Efficient Backdoor Attacks for Deep Neural Networks in Real-world Scenarios. (83%)
A Unified Framework of Graph Information Bottleneck for Robustness and Membership Privacy. (75%)
On the Robustness of Latent Diffusion Models. (73%)
A Proxy Attack-Free Strategy for Practically Improving the Poisoning Efficiency in Backdoor Attacks. (38%)
Improving Selective Visual Question Answering by Learning from Your Peers. (1%)
2023-06-13
Theoretical Foundations of Adversarially Robust Learning. (99%)
Finite Gaussian Neurons: Defending against adversarial attacks by making neural networks say "I don't know". (99%)
I See Dead People: Gray-Box Adversarial Attack on Image-To-Text Models. (99%)
Robustness of SAM: Segment Anything Under Corruptions and Beyond. (98%)
Area is all you need: repeatable elements make stronger adversarial attacks. (98%)
Malafide: a novel adversarial convolutive noise attack against deepfake and spoofing detection systems. (96%)
Revisiting and Advancing Adversarial Training Through A Simple Baseline. (87%)
Generative Watermarking Against Unauthorized Subject-Driven Image Synthesis. (78%)
Privacy Inference-Empowered Stealthy Backdoor Attack on Federated Learning under Non-IID Scenarios. (22%)
DHBE: Data-free Holistic Backdoor Erasing in Deep Neural Networks via Restricted Adversarial Distillation. (22%)
Temporal Gradient Inversion Attacks with Robust Optimization. (8%)
Few-shot Multi-domain Knowledge Rearming for Context-aware Defence against Advanced Persistent Threats. (2%)
2023-06-12
When Vision Fails: Text Attacks Against ViT and OCR. (99%)
AROID: Improving Adversarial Robustness Through Online Instance-Wise Data Augmentation. (99%)
How robust accuracy suffers from certified training with convex relaxations. (73%)
Graph Agent Network: Empowering Nodes with Decentralized Communications Capabilities for Adversarial Resilience. (54%)
Frequency-Based Vulnerability Analysis of Deep Learning Models against Image Corruptions. (13%)
On the Robustness of Removal-Based Feature Attributions. (11%)
VillanDiffusion: A Unified Backdoor Attack Framework for Diffusion Models. (1%)
2023-06-11
Securing Visually-Aware Recommender Systems: An Adversarial Image Reconstruction and Detection Framework. (99%)
Neural Architecture Design and Robustness: A Dataset. (76%)
TrojLLM: A Black-box Trojan Prompt Attack on Large Language Models. (68%)
2023-06-10
Boosting Adversarial Robustness using Feature Level Stochastic Smoothing. (92%)
NeRFool: Uncovering the Vulnerability of Generalizable Neural Radiance Fields against Adversarial Perturbations. (83%)
The Defense of Networked Targets in General Lotto games. (13%)
2023-06-09
Detecting Adversarial Directions in Deep Reinforcement Learning to Make Robust Decisions. (84%)
When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems. (78%)
Overcoming Adversarial Attacks for Human-in-the-Loop Applications. (45%)
2023-06-08
Adversarial Evasion Attacks Practicality in Networks: Testing the Impact of Dynamic Learning. (99%)
Boosting Adversarial Transferability by Achieving Flat Local Maxima. (99%)
COVER: A Heuristic Greedy Adversarial Attack on Prompt-based Learning in Language Models. (93%)
Generalizable Lightweight Proxy for Robust NAS against Diverse Perturbations. (83%)
G$^2$uardFL: Safeguarding Federated Learning Against Backdoor Attacks through Attributed Client Graph Clustering. (62%)
A Melting Pot of Evolution and Learning. (41%)
FedMLSecurity: A Benchmark for Attacks and Defenses in Federated Learning and LLMs. (22%)
PriSampler: Mitigating Property Inference of Diffusion Models. (13%)
Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting. (12%)
Robustness Testing for Multi-Agent Reinforcement Learning: State Perturbations on Critical Agents. (10%)
Enhancing Robustness of AI Offensive Code Generators via Data Augmentation. (10%)
Conservative Prediction via Data-Driven Confidence Minimization. (8%)
Robust Framework for Explanation Evaluation in Time Series Classification. (2%)
Open Set Relation Extraction via Unknown-Aware Training. (1%)
2023-06-07
Extracting Cloud-based Model with Prior Knowledge. (99%)
Expanding Scope: Adapting English Adversarial Attacks to Chinese. (99%)
PromptAttack: Probing Dialogue State Trackers with Adversarial Prompts. (92%)
Optimal Transport Model Distributional Robustness. (83%)
PromptRobust: Towards Evaluating the Robustness of Large Language Models on Adversarial Prompts. (76%)
A Linearly Convergent GAN Inversion-based Algorithm for Reverse Engineering of Deceptions. (45%)
Faithful Knowledge Distillation. (41%)
Divide and Repair: Using Options to Improve Performance of Imitation Learning Against Adversarial Demonstrations. (16%)
Can current NLI systems handle German word order? Investigating language model performance on a new German challenge set of minimal pairs. (15%)
Adversarial Sample Detection Through Neural Network Transport Dynamics. (10%)
2023-06-06
Revisiting the Trade-off between Accuracy and Robustness via Weight Distribution of Filters. (99%)
Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations. (97%)
Transferable Adversarial Robustness for Categorical Data via Universal Robust Embeddings. (93%)
Adversarial attacks and defenses in explainable artificial intelligence: A survey. (64%)
Exploring Model Dynamics for Accumulative Poisoning Discovery. (62%)
Membership inference attack with relative decision boundary distance. (33%)
Performance-optimized deep neural networks are evolving into worse models of inferotemporal visual cortex. (8%)
Adversarial Attacks and Defenses for Semantic Communication in Vehicular Metaverses. (1%)
2023-06-05
Adversarial alignment: Breaking the trade-off between the strength of an attack and its relevance to human perception. (99%)
Evading Black-box Classifiers Without Breaking Eggs. (99%)
Evaluating robustness of support vector machines with the Lagrangian dual approach. (97%)
A Robust Likelihood Model for Novelty Detection. (93%)
Adversarial Ink: Componentwise Backward Error Attacks on Deep Learning. (86%)
Enhance Diffusion to Improve Robust Generalization. (76%)
KNOW How to Make Up Your Mind! Adversarially Detecting and Alleviating Inconsistencies in Natural Language Explanations. (68%)
Stable Diffusion is Unstable. (45%)
Neuron Activation Coverage: Rethinking Out-of-distribution Detection and Generalization. (1%)
Security Knowledge-Guided Fuzzing of Deep Learning Libraries. (1%)
Input-gradient space particle inference for neural network ensembles. (1%)
2023-06-04
Adversary for Social Good: Leveraging Adversarial Attacks to Protect Personal Attribute Privacy. (98%)
Aerial Swarm Defense using Interception and Herding Strategies. (1%)
2023-06-03
Towards Black-box Adversarial Example Detection: A Data Reconstruction-based Method. (99%)
Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning in Cybersecurity Games. (67%)
Can Directed Graph Neural Networks be Adversarially Robust? (56%)
Flew Over Learning Trap: Learn Unlearnable Samples by Progressive Staged Training. (47%)
Benchmarking Robustness of Adaptation Methods on Pre-trained Vision-Language Models. (1%)
2023-06-02
Towards Understanding Clean Generalization and Robust Overfitting in Adversarial Training. (99%)
A Closer Look at the Adversarial Robustness of Deep Equilibrium Models. (92%)
Adaptive Attractors: A Defense Strategy against ML Adversarial Collusion Attacks. (83%)
Poisoning Network Flow Classifiers. (61%)
Hyperparameter Learning under Data Poisoning: Analysis of the Influence of Regularization via Multiobjective Bilevel Optimization. (54%)
Invisible Image Watermarks Are Provably Removable Using Generative AI. (33%)
Robust low-rank training via approximate orthonormal constraints. (22%)
Supervised Adversarial Contrastive Learning for Emotion Recognition in Conversations. (13%)
Improving Adversarial Robustness of DEQs with Explicit Regulations Along the Neural Dynamics. (11%)
Covert Communication Based on the Poisoning Attack in Federated Learning. (10%)
VoteTRANS: Detecting Adversarial Text without Training by Voting on Hard Labels of Transformations. (3%)
Unlearnable Examples for Diffusion Models: Protect Data from Unauthorized Exploitation. (2%)
MutateNN: Mutation Testing of Image Recognition Models Deployed on Hardware Accelerators. (1%)
Towards Robust GAN-generated Image Detection: a Multi-view Completion Representation. (1%)
Improving the generalizability and robustness of large-scale traffic signal control. (1%)
2023-06-01
Adversarial Attack Based on Prediction-Correction. (99%)
Constructing Semantics-Aware Adversarial Examples with Probabilistic Perspective. (98%)
Reconstruction Distortion of Learned Image Compression with Imperceptible Perturbations. (96%)
Intriguing Properties of Text-guided Diffusion Models. (92%)
Versatile Backdoor Attack with Visible, Semantic, Sample-Specific, and Compatible Triggers. (82%)
Improving the Robustness of Summarization Systems with Dual Augmentation. (76%)
Adversarial Robustness in Unsupervised Machine Learning: A Systematic Review. (38%)
Does Black-box Attribute Inference Attacks on Graph Neural Networks Constitute Privacy Risk? (13%)
CALICO: Self-Supervised Camera-LiDAR Contrastive Pre-training for BEV Perception. (13%)
ModelObfuscator: Obfuscating Model Information to Protect Deployed ML-based Systems. (4%)
2023-05-31
Exploring the Vulnerabilities of Machine Learning and Quantum Machine Learning to Adversarial Attacks using a Malware Dataset: A Comparative Analysis. (98%)
Graph-based methods coupled with specific distributional distances for adversarial attack detection. (98%)
Adversarial-Aware Deep Learning System based on a Secondary Classical Machine Learning Verification Approach. (98%)
Adversarial Clean Label Backdoor Attacks and Defenses on Text Classification Systems. (54%)
Deception by Omission: Using Adversarial Missingness to Poison Causal Structure Learning. (26%)
Red Teaming Language Model Detectors with Language Models. (15%)
Ambiguity in solving imaging inverse problems with deep learning based operators. (1%)
2023-05-30
Pseudo-Siamese Network based Timbre-reserved Black-box Adversarial Attack in Speaker Identification. (99%)
Breeding Machine Translations: Evolutionary approach to survive and thrive in the world of automated evaluation. (64%)
Which Models have Perceptually-Aligned Gradients? An Explanation via Off-Manifold Robustness. (56%)
Incremental Randomized Smoothing Certification. (33%)
Defense Against Shortest Path Attacks. (16%)
A Multilingual Evaluation of NER Robustness to Adversarial Inputs. (15%)
It begins with a boundary: A geometric view on probabilistically robust learning. (10%)
Adversarial Attacks on Online Learning to Rank with Stochastic Click Models. (2%)
Learning Perturbations to Explain Time Series Predictions. (1%)
2023-05-29
From Adversarial Arms Race to Model-centric Evaluation: Motivating a Unified Automatic Robustness Evaluation Framework. (99%)
Fourier Analysis on Robustness of Graph Convolutional Neural Networks for Skeleton-based Action Recognition. (92%)
Exploiting Explainability to Design Adversarial Attacks and Evaluate Attack Resilience in Hate-Speech Detection Models. (92%)
UMD: Unsupervised Model Detection for X2X Backdoor Attacks. (81%)
Membership Inference Attacks against Language Models via Neighbourhood Comparison. (73%)
Trustworthy Sensor Fusion against Inaudible Command Attacks in Advanced Driver-Assistance System. (41%)
Trainable and Explainable Simplicial Map Neural Networks. (41%)
Robust Lipschitz Bandits to Adversarial Corruptions. (11%)
Towards minimizing efforts for Morphing Attacks -- Deep embeddings for morphing pair selection and improved Morphing Attack Detection. (8%)
2023-05-28
Amplification trojan network: Attack deep neural networks by amplifying their inherent weakness. (99%)
NaturalFinger: Generating Natural Fingerprint with Generative Adversarial Networks. (92%)
Backdoor Attacks Against Incremental Learners: An Empirical Evaluation Study. (41%)
NOTABLE: Transferable Backdoor Attacks Against Prompt-based NLP Models. (38%)
Choose your Data Wisely: A Framework for Semantic Counterfactuals. (13%)
BadLabel: A Robust Perspective on Evaluating and Enhancing Label-noise Learning. (5%)
Black-Box Anomaly Attribution. (1%)
2023-05-27
Adversarial Attack On Yolov5 For Traffic And Road Sign Detection. (99%)
Rapid Plug-in Defenders. (99%)
Two Heads are Better than One: Towards Better Adversarial Robustness by Combining Transduction and Rejection. (99%)
On the Importance of Backbone to the Adversarial Robustness of Object Detectors. (93%)
Modeling Adversarial Attack on Pre-trained Language Models as Sequential Decision Making. (92%)
No-Regret Online Reinforcement Learning with Adversarial Losses and Transitions. (2%)
FoPro-KD: Fourier Prompted Effective Knowledge Distillation for Long-Tailed Medical Image Recognition. (1%)
2023-05-26
On Evaluating Adversarial Robustness of Large Vision-Language Models. (99%)
DistriBlock: Identifying adversarial audio samples by leveraging characteristics of the output distribution. (98%)
Rethinking Adversarial Policies: A Generalized Attack Formulation and Provable Defense in Multi-Agent RL. (96%)
A Tale of Two Approximations: Tightening Over-Approximation for DNN Robustness Verification via Under-Approximation. (45%)
Adversarial Attacks on Online Learning to Rank with Click Feedback. (38%)
DeepSeaNet: Improving Underwater Object Detection using EfficientDet. (2%)
Trust-Aware Resilient Control and Coordination of Connected and Automated Vehicles. (1%)
Efficient Detection of LLM-generated Texts with a Bayesian Surrogate Model. (1%)
2023-05-25
IDEA: Invariant Defense for Graph Adversarial Robustness. (99%)
Don't Retrain, Just Rewrite: Countering Adversarial Perturbations by Rewriting Text. (98%)
Diffusion-Based Adversarial Sample Generation for Improved Stealthiness and Controllability. (98%)
PEARL: Preprocessing Enhanced Adversarial Robust Learning of Image Deraining for Semantic Segmentation. (96%)
CARSO: Counter-Adversarial Recall of Synthetic Observations. (93%)
Adversarial Attacks on Leakage Detectors in Water Distribution Networks. (86%)
On the Robustness of Segment Anything. (73%)
Detecting Adversarial Data by Probing Multiple Perturbations Using Expected Perturbation Score. (67%)
Rethinking Diversity in Deep Neural Network Testing. (50%)
IMBERT: Making BERT Immune to Insertion-based Backdoor Attacks. (13%)
Securing Deep Generative Models with Universal Adversarial Signature. (2%)
Concept-Centric Transformers: Enhancing Model Interpretability through Object-Centric Concept Learning within a Shared Global Workspace. (1%)
2023-05-24
How do humans perceive adversarial text? A reality check on the validity and naturalness of word-based adversarial attacks. (99%)
Introducing Competition to Boost the Transferability of Targeted Adversarial Examples through Clean Feature Mixup. (99%)
Robust Classification via a Single Diffusion Model. (99%)
Frequency maps reveal the correlation between Adversarial Attacks and Implicit Bias. (99%)
Fantastic DNN Classifiers and How to Identify them without Data. (91%)
Adversarial Demonstration Attacks on Large Language Models. (88%)
AdvFunMatch: When Consistent Teaching Meets Adversarial Robustness. (76%)
Reconstructive Neuron Pruning for Backdoor Defense. (75%)
Another Dead End for Morphological Tags? Perturbed Inputs and Parsing. (74%)
Instructions as Backdoors: Backdoor Vulnerabilities of Instruction Tuning for Large Language Models. (50%)
From Shortcuts to Triggers: Backdoor Defense with Denoised PoE. (47%)
Clever Hans or Neural Theory of Mind? Stress Testing Social Reasoning in Large Language Models. (22%)
Adversarial robustness of amortized Bayesian inference. (11%)
Sharpness-Aware Data Poisoning Attack. (10%)
How to fix a broken confidence estimator: Evaluating post-hoc methods for selective classification with deep neural networks. (3%)
M4: Multi-generator, Multi-domain, and Multi-lingual Black-Box Machine-Generated Text Detection. (1%)
Ghostbuster: Detecting Text Ghostwritten by Large Language Models. (1%)
2023-05-23
The Best Defense is a Good Offense: Adversarial Augmentation against Adversarial Attacks. (99%)
Enhancing Accuracy and Robustness through Adversarial Training in Class Incremental Continual Learning. (99%)
QFA2SR: Query-Free Adversarial Transfer Attacks to Speaker Recognition Systems. (98%)
Expressive Losses for Verified Robustness via Convex Combinations. (95%)
Impact of Light and Shadow on Robustness of Deep Neural Networks. (87%)
A Causal View of Entity Bias in (Large) Language Models. (10%)
Decoupled Kullback-Leibler Divergence Loss. (1%)
2023-05-22
Latent Magic: An Investigation into Adversarial Examples Crafted in the Semantic Latent Space. (99%)
Uncertainty-based Detection of Adversarial Attacks in Semantic Segmentation. (99%)
FGAM:Fast Adversarial Malware Generation Method Based on Gradient Sign. (98%)
Adversarial Defenses via Vector Quantization. (98%)
Attribute-Guided Encryption with Facial Texture Masking. (98%)
DiffProtect: Generate Adversarial Examples with Diffusion Models for Facial Privacy Protection. (98%)
Byzantine Robust Cooperative Multi-Agent Reinforcement Learning as a Bayesian Game. (93%)
Towards Benchmarking and Assessing Visual Naturalness of Physical World Adversarial Attacks. (88%)
Flying Adversarial Patches: Manipulating the Behavior of Deep Learning-based Autonomous Multirotors. (54%)
DeepBern-Nets: Taming the Complexity of Certifying Neural Networks using Bernstein Polynomial Activations and Precise Bound Propagation. (50%)
The defender's perspective on automatic speaker verification: An overview. (22%)
Model Stealing Attack against Multi-Exit Networks. (10%)
Adversarial Nibbler: A Data-Centric Challenge for Improving the Safety of Text-to-Image Models. (2%)
Improving Classifier Robustness through Active Generation of Pairwise Counterfactuals. (1%)
Tied-Augment: Controlling Representation Similarity Improves Data Augmentation. (1%)
Adaptive Face Recognition Using Adversarial Information Network. (1%)
Watermarking Text Data on Large Language Models for Dataset Copyright. (1%)
2023-05-21
Mist: Towards Improved Adversarial Examples for Diffusion Models. (99%)
Are Your Explanations Reliable? Investigating the Stability of LIME in Explaining Text Classifiers by Marrying XAI and Adversarial Attack. (81%)
FAQ: Mitigating the Impact of Faults in the Weight Memory of DNN Accelerators through Fault-Aware Quantization. (1%)
2023-05-20
Dynamic Transformers Provide a False Sense of Efficiency. (92%)
Annealing Self-Distillation Rectification Improves Adversarial Training. (76%)
Stability, Generalization and Privacy: Precise Analysis for Random and NTK Features. (8%)
2023-05-19
Multi-Task Models Adversarial Attacks. (98%)
DAP: A Dynamic Adversarial Patch for Evading Person Detectors. (92%)
Efficient ConvBN Blocks for Transfer Learning and Beyond. (67%)
Mitigating Backdoor Poisoning Attacks through the Lens of Spurious Correlation. (8%)
Long-tailed Visual Recognition via Gaussian Clouded Logit Adjustment. (5%)
SneakyPrompt: Evaluating Robustness of Text-to-image Generative Models' Safety Filters. (4%)
Latent Imitator: Generating Natural Individual Discriminatory Instances for Black-Box Fairness Testing. (2%)
Controlling the Extraction of Memorized Data from Large Language Models via Prompt-Tuning. (1%)
2023-05-18
Deep PackGen: A Deep Reinforcement Learning Framework for Adversarial Network Packet Generation. (99%)
Adversarial Amendment is the Only Force Capable of Transforming an Enemy into a Friend. (99%)
Architecture-agnostic Iterative Black-box Certified Defense against Adversarial Patches. (99%)
Towards an Accurate and Secure Detector against Adversarial Perturbations. (99%)
Quantifying the robustness of deep multispectral segmentation models against natural perturbations and data poisoning. (99%)
How Deep Learning Sees the World: A Survey on Adversarial Attacks & Defenses. (98%)
RobustFair: Adversarial Evaluation through Fairness Confusion Directed Gradient Search. (93%)
Attacks on Online Learners: a Teacher-Student Analysis. (54%)
Explaining V1 Properties with a Biologically Constrained Deep Learning Architecture. (47%)
Large Language Models can be Guided to Evade AI-Generated Text Detection. (3%)
Zero-Day Backdoor Attack against Text-to-Image Diffusion Models via Personalization. (2%)
Re-thinking Data Availablity Attacks Against Deep Neural Networks. (1%)
TrustSER: On the Trustworthiness of Fine-tuning Pre-trained Speech Embeddings For Speech Emotion Recognition. (1%)
2023-05-17
Content-based Unrestricted Adversarial Attack. (99%)
Raising the Bar for Certified Adversarial Robustness with Diffusion Models. (95%)
The Adversarial Consistency of Surrogate Risks for Binary Classification. (10%)
Variational Classification. (1%)
Compress, Then Prompt: Improving Accuracy-Efficiency Trade-off of LLM Inference with Transferable Prompt. (1%)
PaLM 2 Technical Report. (1%)
2023-05-16
Iterative Adversarial Attack on Image-guided Story Ending Generation. (99%)
Releasing Inequality Phenomena in $L_{\infty}$-Adversarial Training via Input Gradient Distillation. (98%)
Ortho-ODE: Enhancing Robustness and of Neural ODEs against Adversarial Attacks. (54%)
Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples. (50%)
2023-05-15
Attacking Perceptual Similarity Metrics. (99%)
Exploiting Frequency Spectrum of Adversarial Images for General Robustness. (96%)
Training Neural Networks without Backpropagation: A Deeper Dive into the Likelihood Ratio Method. (4%)
Assessing Hidden Risks of LLMs: An Empirical Study on Robustness, Consistency, and Credibility. (1%)
2023-05-14
Diffusion Models for Imperceptible and Transferable Adversarial Attack. (99%)
Improving Defensive Distillation using Teacher Assistant. (96%)
Manipulating Visually-aware Federated Recommender Systems and Its Countermeasures. (82%)
Watermarking Text Generated by Black-Box Language Models. (9%)
2023-05-13
DNN-Defender: A Victim-Focused In-DRAM Defense Mechanism for Taming Adversarial Weight Attack on DNNs. (86%)
On enhancing the robustness of Vision Transformers: Defensive Diffusion. (76%)
Decision-based iterative fragile watermarking for model integrity verification. (50%)
2023-05-12
Efficient Search of Comprehensively Robust Neural Architectures via Multi-fidelity Evaluation. (73%)
Adversarial Security and Differential Privacy in mmWave Beam Prediction in 6G networks. (68%)
Mastering Percolation-like Games with Deep Learning. (1%)
2023-05-11
Distracting Downpour: Adversarial Weather Attacks for Motion Estimation. (74%)
Backdoor Attack with Sparse and Invisible Trigger. (68%)
Watch This Space: Securing Satellite Communication through Resilient Transmitter Fingerprinting. (1%)
2023-05-10
A Black-Box Attack on Code Models via Representation Nearest Neighbor Search. (99%)
Inter-frame Accelerate Attack against Video Interpolation Models. (99%)
Randomized Smoothing with Masked Inference for Adversarially Robust Text Classifications. (98%)
Stealthy Low-frequency Backdoor Attack against Deep Neural Networks. (80%)
Towards Invisible Backdoor Attacks in the Frequency Domain against Deep Neural Networks. (75%)
The Robustness of Computer Vision Models against Common Corruptions: a Survey. (50%)
An Empirical Study on the Robustness of the Segment Anything Model (SAM). (22%)
Robust multi-agent coordination via evolutionary generation of auxiliary adversarial attackers. (12%)
2023-05-09
Quantization Aware Attack: Enhancing the Transferability of Adversarial Attacks across Target Models with Different Quantization Bitwidths. (99%)
Attack Named Entity Recognition by Entity Boundary Interference. (98%)
VSMask: Defending Against Voice Synthesis Attack via Real-Time Predictive Perturbation. (96%)
Investigating the Corruption Robustness of Image Classifiers with Random Lp-norm Corruptions. (75%)
On the Relation between Sharpness-Aware Minimization and Adversarial Robustness. (56%)
Effects of Real-Life Traffic Sign Alteration on YOLOv7- an Object Recognition Model. (13%)
Turning Privacy-preserving Mechanisms against Federated Learning. (9%)
BadCS: A Backdoor Attack Framework for Code search. (8%)
Quantum Machine Learning for Malware Classification. (1%)
2023-05-08
Toward Adversarial Training on Contextualized Language Representation. (93%)
Understanding Noise-Augmented Training for Randomized Smoothing. (64%)
TAPS: Connecting Certified and Adversarial Training. (41%)
Privacy-preserving Adversarial Facial Features. (22%)
Communication-Robust Multi-Agent Learning by Adaptable Auxiliary Multi-Agent Adversary Generation. (1%)
2023-05-07
Adversarial Examples Detection with Enhanced Image Difference Features based on Local Histogram Equalization. (99%)
Pick your Poison: Undetectability versus Robustness in Data Poisoning Attacks against Deep Image Classification. (93%)
2023-05-06
The Best Defense is Attack: Repairing Semantics in Textual Adversarial Examples. (99%)
Beyond the Model: Data Pre-processing Attack to Deep Learning Models in Android Apps. (92%)
Towards Prompt-robust Face Privacy Protection via Adversarial Decoupling Augmentation Framework. (38%)
Text-to-Image Diffusion Models can be Easily Backdoored through Multimodal Data Poisoning. (2%)
2023-05-05
White-Box Multi-Objective Adversarial Attack on Dialogue Generation. (99%)
Evading Watermark based Detection of AI-Generated Content. (87%)
Verifiable Learning for Robust Tree Ensembles. (15%)
Repairing Deep Neural Networks Based on Behavior Imitation. (4%)
2023-05-04
Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection. (99%)
IMAP: Intrinsically Motivated Adversarial Policy. (99%)
Single Node Injection Label Specificity Attack on Graph Neural Networks via Reinforcement Learning. (78%)
Faulting original McEliece's implementations is possible: How to mitigate this risk? (2%)
2023-05-03
New Adversarial Image Detection Based on Sentiment Analysis. (99%)
A Data-Driven Defense against Edge-case Model Poisoning Attacks on Federated Learning. (86%)
Defending against Insertion-based Textual Backdoor Attacks via Attribution. (61%)
On the Security Risks of Knowledge Graph Reasoning. (26%)
Backdoor Learning on Sequence to Sequence Models. (5%)
Rethinking Graph Lottery Tickets: Graph Sparsity Matters. (2%)
PTP: Boosting Stability and Performance of Prompt Tuning with Perturbation-Based Regularizer. (1%)
2023-05-02
Boosting Adversarial Transferability via Fusing Logits of Top-1 Decomposed Feature. (99%)
DABS: Data-Agnostic Backdoor attack at the Server in Federated Learning. (73%)
Towards Imperceptible Document Manipulations against Neural Ranking Models. (67%)
Sentiment Perception Adversarial Attacks on Neural Machine Translation Systems. (50%)
Prompt as Triggers for Backdoor Attack: Examining the Vulnerability in Language Models. (8%)
2023-05-01
Attack-SAM: Towards Evaluating Adversarial Robustness of Segment Anything Model. (99%)
Physical Adversarial Attacks for Surveillance: A Survey. (98%)
Revisiting Robustness in Graph Machine Learning. (98%)
Stratified Adversarial Robustness with Rejection. (96%)
Poisoning Language Models During Instruction Tuning. (2%)
2023-04-30
Assessing Vulnerabilities of Adversarial Learning Algorithm through Poisoning Attacks. (98%)
2023-04-29
FedGrad: Mitigating Backdoor Attacks in Federated Learning Through Local Ultimate Gradients Inspection. (81%)
Enhancing Adversarial Contrastive Learning via Adversarial Invariant Regularization. (33%)
Adversarial Representation Learning for Robust Privacy Preservation in Audio. (1%)
2023-04-28
Topic-oriented Adversarial Attacks against Black-box Neural Ranking Models. (99%)
On the existence of solutions to adversarial training in multiclass classification. (75%)
The Power of Typed Affine Decision Structures: A Case Study. (3%)
faulTPM: Exposing AMD fTPMs' Deepest Secrets. (3%)
SAM Meets Robotic Surgery: An Empirical Study in Robustness Perspective. (1%)
2023-04-27
Adversary Aware Continual Learning. (80%)
Fusion is Not Enough: Single-Modal Attacks to Compromise Fusion Models in Autonomous Driving. (75%)
Boosting Big Brother: Attacking Search Engines with Encodings. (68%)
ChatGPT as an Attack Tool: Stealthy Textual Backdoor Attack via Blackbox Generative Model Trigger. (62%)
Improve Video Representation with Temporal Adversarial Augmentation. (26%)
Origin Tracing and Detecting of LLMs. (1%)
Deep Intellectual Property Protection: A Survey. (1%)
Interactive Greybox Penetration Testing for Cloud Access Control using IAM Modeling and Deep Reinforcement Learning. (1%)
2023-04-26
Improving Adversarial Transferability via Intermediate-level Perturbation Decay. (98%)
Detection of Adversarial Physical Attacks in Time-Series Image Data. (92%)
Blockchain-based Federated Learning with SMPC Model Verification Against Poisoning Attack for Healthcare Systems. (13%)
2023-04-25
Improving Robustness Against Adversarial Attacks with Deeply Quantized Neural Networks. (99%)
Generating Adversarial Examples with Task Oriented Multi-Objective Optimization. (99%)
SHIELD: Thwarting Code Authorship Attribution. (98%)
Lyapunov-Stable Deep Equilibrium Models. (82%)
LSTM-based Load Forecasting Robustness Against Noise Injection Attack in Microgrid. (1%)
2023-04-24
Evaluating Adversarial Robustness on Document Image Classification. (99%)
Combining Adversaries with Anti-adversaries in Training. (64%)
Enhancing Fine-Tuning Based Backdoor Defense with Sharpness-Aware Minimization. (41%)
Opinion Control under Adversarial Network Perturbation: A Stackelberg Game Approach. (10%)
Robust Tickets Can Transfer Better: Drawing More Transferable Subnetworks in Transfer Learning. (1%)
2023-04-23
StyLess: Boosting the Transferability of Adversarial Examples. (99%)
Evading DeepFake Detectors via Adversarial Statistical Consistency. (98%)
2023-04-22
Detecting Adversarial Faces Using Only Real Face Self-Perturbations. (98%)
Universal Adversarial Backdoor Attacks to Fool Vertical Federated Learning in Cloud-Edge Collaboration. (70%)
2023-04-21
INK: Inheritable Natural Backdoor Attack Against Model Distillation. (97%)
Individual Fairness in Bayesian Neural Networks. (69%)
Denial-of-Service or Fine-Grained Control: Towards Flexible Model Poisoning Attacks on Federated Learning. (64%)
Interpretable and Robust AI in EEG Systems: A Survey. (12%)
MAWSEO: Adversarial Wiki Search Poisoning for Illicit Online Promotion. (2%)
2023-04-20
Towards the Universal Defense for Query-Based Audio Adversarial Attacks. (99%)
Diversifying the High-level Features for better Adversarial Transferability. (99%)
Using Z3 for Formal Modeling and Verification of FNN Global Robustness. (98%)
Certified Adversarial Robustness Within Multiple Perturbation Bounds. (96%)
Can Perturbations Help Reduce Investment Risks? Risk-Aware Stock Recommendation via Split Variational Adversarial Training. (93%)
Adversarial Infrared Blocks: A Black-box Attack to Thermal Infrared Detectors at Multiple Angles in Physical World. (89%)
An Analysis of the Completion Time of the BB84 Protocol. (22%)
A Plug-and-Play Defensive Perturbation for Copyright Protection of DNN-based Applications. (13%)
Enhancing object detection robustness: A synthetic and natural perturbation approach. (12%)
RoCOCO: Robustness Benchmark of MS-COCO to Stress-test Image-Text Matching Models. (8%)
Get Rid Of Your Trail: Remotely Erasing Backdoors in Federated Learning. (2%)
Learning Sample Difficulty from Pre-trained Models for Reliable Prediction. (1%)
2023-04-19
Jedi: Entropy-based Localization and Removal of Adversarial Patches. (84%)
GREAT Score: Global Robustness Evaluation of Adversarial Perturbation using Generative Models. (81%)
Secure Split Learning against Property Inference, Data Reconstruction, and Feature Space Hijacking Attacks. (5%)
Density-Insensitive Unsupervised Domain Adaption on 3D Object Detection. (1%)
On the Robustness of Aspect-based Sentiment Analysis: Rethinking Model, Data, and Training. (1%)
Fundamental Limitations of Alignment in Large Language Models. (1%)
2023-04-18
Wavelets Beat Monkeys at Adversarial Robustness. (99%)
Towards the Transferable Audio Adversarial Attack via Ensemble Methods. (99%)
Masked Language Model Based Textual Adversarial Example Detection. (99%)
In ChatGPT We Trust? Measuring and Characterizing the Reliability of ChatGPT. (80%)
Generative models improve fairness of medical classifiers under distribution shifts. (13%)
2023-04-17
Evil from Within: Machine Learning Backdoors through Hardware Trojans. (15%)
GrOVe: Ownership Verification of Graph Neural Networks using Embeddings. (13%)
OOD-CV-v2: An extended Benchmark for Robustness to Out-of-Distribution Shifts of Individual Nuisances in Natural Images. (1%)
2023-04-16
A Random-patch based Defense Strategy Against Physical Attacks for Face Recognition Systems. (98%)
RNN-Guard: Certified Robustness Against Multi-frame Attacks for Recurrent Neural Networks. (96%)
JoB-VS: Joint Brain-Vessel Segmentation in TOF-MRA Images. (15%)
2023-04-14
Interpretability is a Kind of Safety: An Interpreter-based Ensemble for Adversary Defense. (99%)
Combining Generators of Adversarial Malware Examples to Increase Evasion Rate. (99%)
Cross-Entropy Loss Functions: Theoretical Analysis and Applications. (3%)
Pool Inference Attacks on Local Differential Privacy: Quantifying the Privacy Guarantees of Apple's Count Mean Sketch in Practice. (2%)
2023-04-13
Generating Adversarial Examples with Better Transferability via Masking Unimportant Parameters of Surrogate Model. (99%)
Certified Zeroth-order Black-Box Defense with Robust UNet Denoiser. (96%)
False Claims against Model Ownership Resolution. (93%)
Adversarial Examples from Dimensional Invariance. (45%)
Understanding Overfitting in Adversarial Training in Kernel Regression. (1%)
LSFSL: Leveraging Shape Information in Few-shot Learning. (1%)
2023-04-12
Generative Adversarial Networks-Driven Cyber Threat Intelligence Detection Framework for Securing Internet of Things. (92%)
Exploiting Logic Locking for a Neural Trojan Attack on Machine Learning Accelerators. (1%)
2023-04-11
RecUP-FL: Reconciling Utility and Privacy in Federated Learning via User-configurable Privacy Defense. (99%)
Simultaneous Adversarial Attacks On Multiple Face Recognition System Components. (98%)
Boosting Cross-task Transferability of Adversarial Patches with Visual Relations. (98%)
Benchmarking the Physical-world Adversarial Robustness of Vehicle Detection. (92%)
On the Adversarial Inversion of Deep Biometric Representations. (67%)
Overload: Latency Attacks on Object Detection for Edge Devices. (33%)
Towards More Robust and Accurate Sequential Recommendation with Cascade-guided Adversarial Training. (9%)
2023-04-10
Generating Adversarial Attacks in the Latent Space. (98%)
Reinforcement Learning-Based Black-Box Model Inversion Attacks. (67%)
Defense-Prefix for Preventing Typographic Attacks on CLIP. (16%)
Helix++: A platform for efficiently securing software. (1%)
2023-04-09
Certifiable Black-Box Attacks with Randomized Adversarial Examples: Breaking Defenses with Provable Confidence. (99%)
Adversarially Robust Neural Architecture Search for Graph Neural Networks. (80%)
Unsupervised Multi-Criteria Adversarial Detection in Deep Image Retrieval. (68%)
2023-04-08
Robust Deep Learning Models Against Semantic-Preserving Adversarial Attack. (99%)
RobCaps: Evaluating the Robustness of Capsule Networks against Affine Transformations and Adversarial Attacks. (98%)
Exploring the Connection between Robust and Generative Models. (67%)
Benchmarking the Robustness of Quantized Models. (47%)
Attack-Augmentation Mixing-Contrastive Skeletal Representation Learning. (15%)
Deep Prototypical-Parts Ease Morphological Kidney Stone Identification and are Competitively Robust to Photometric Perturbations. (4%)
EMP-SSL: Towards Self-Supervised Learning in One Training Epoch. (1%)
2023-04-07
Architecture-Preserving Provable Repair of Deep Neural Networks. (1%)
ASPEST: Bridging the Gap Between Active Learning and Selective Prediction. (1%)
2023-04-06
Manipulating Federated Recommender Systems: Poisoning with Synthetic Users and Its Countermeasures. (45%)
Quantifying and Defending against Privacy Threats on Federated Knowledge Graph Embedding. (45%)
Improving Visual Question Answering Models through Robustness Analysis and In-Context Learning with a Chain of Basic Questions. (10%)
EZClone: Improving DNN Model Extraction Attack via Shape Distillation from GPU Execution Profiles. (4%)
Evaluating the Robustness of Machine Reading Comprehension Models to Low Resource Entity Renaming. (2%)
Rethinking Evaluation Protocols of Visual Representations Learned via Self-supervised Learning. (1%)
Reliable Learning for Test-time Attacks and Distribution Shift. (1%)
Benchmarking Robustness to Text-Guided Corruptions. (1%)
2023-04-05
A Certified Radius-Guided Attack Framework to Image Segmentation Models. (99%)
How to choose your best allies for a transferable attack? (99%)
Going Further: Flatness at the Rescue of Early Stopping for Adversarial Example Transferability. (99%)
Robust Neural Architecture Search. (92%)
Hyper-parameter Tuning for Adversarially Robust Models. (62%)
JPEG Compressed Images Can Bypass Protections Against AI Editing. (15%)
FACE-AUDITOR: Data Auditing in Facial Recognition Systems. (1%)
2023-04-04
CGDTest: A Constrained Gradient Descent Algorithm for Testing Neural Networks. (31%)
Selective Knowledge Sharing for Privacy-Preserving Federated Distillation without A Good Teacher. (1%)
EGC: Image Generation and Classification via a Single Energy-Based Model. (1%)
2023-04-03
Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning. (76%)
Model-Agnostic Reachability Analysis on Deep Neural Networks. (75%)
NetFlick: Adversarial Flickering Attacks on Deep Learning Based Video Compression. (69%)
Learning About Simulated Adversaries from Human Defenders using Interactive Cyber-Defense Games. (1%)
2023-04-01
GradMDM: Adversarial Attack on Dynamic Networks. (84%)
Instance-level Trojan Attacks on Visual Question Answering via Adversarial Learning in Neuron Activation Space. (67%)
2023-03-31
Improving Fast Adversarial Training with Prior-Guided Knowledge. (99%)
To be Robust and to be Fair: Aligning Fairness with Robustness. (93%)
Fooling Polarization-based Vision using Locally Controllable Polarizing Projection. (91%)
Per-Example Gradient Regularization Improves Learning Signals from Noisy Data. (3%)
Secure Federated Learning against Model Poisoning Attacks via Client Filtering. (2%)
DIME-FM: DIstilling Multimodal and Efficient Foundation Models. (1%)
A Generative Framework for Low-Cost Result Validation of Outsourced Machine Learning Tasks. (1%)
2023-03-30
Adversarial Attack and Defense for Dehazing Networks. (97%)
Generating Adversarial Samples in Mini-Batches May Be Detrimental To Adversarial Robustness. (96%)
Towards Adversarially Robust Continual Learning. (95%)
Understanding the Robustness of 3D Object Detection with Bird's-Eye-View Representations in Autonomous Driving. (81%)
Robo3D: Towards Robust and Reliable 3D Perception against Corruptions. (2%)
Model-agnostic explainable artificial intelligence for object detection in image data. (1%)
Establishing baselines and introducing TernaryMixOE for fine-grained out-of-distribution detection. (1%)
Explainable Intrusion Detection Systems Using Competitive Learning Techniques. (1%)
Differential Area Analysis for Ransomware: Attacks, Countermeasures, and Limitations. (1%)
2023-03-29
Latent Feature Relation Consistency for Adversarial Robustness. (99%)
Beyond Empirical Risk Minimization: Local Structure Preserving Regularization for Improving Adversarial Robustness. (99%)
Targeted Adversarial Attacks on Wind Power Forecasts. (88%)
Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias. (67%)
ImageNet-E: Benchmarking Neural Network Robustness via Attribute Editing. (56%)
Graph Neural Networks for Hardware Vulnerability Analysis -- Can you Trust your GNN? (16%)
Mole Recruitment: Poisoning of Image Classifiers via Selective Batch Sampling. (10%)
A Tensor-based Convolutional Neural Network for Small Dataset Classification. (2%)
ALUM: Adversarial Data Uncertainty Modeling from Latent Model Uncertainty Compensation. (1%)
2023-03-28
A Pilot Study of Query-Free Adversarial Attack against Stable Diffusion. (99%)
Improving the Transferability of Adversarial Samples by Path-Augmented Method. (99%)
Towards Effective Adversarial Textured 3D Meshes on Physical Face Recognition. (99%)
Transferable Adversarial Attacks on Vision Transformers with Token Gradient Regularization. (98%)
Denoising Autoencoder-based Defensive Distillation as an Adversarial Robustness Algorithm. (98%)
TransAudio: Towards the Transferable Adversarial Audio Attack via Learning Contextualized Perturbations. (98%)
A Survey on Malware Detection with Graph Representation Learning. (41%)
Provable Robustness for Streaming Models with a Sliding Window. (15%)
Machine-learned Adversarial Attacks against Fault Prediction Systems in Smart Electrical Grids. (9%)
On the Use of Reinforcement Learning for Attacking and Defending Load Frequency Control. (3%)
Hard-normal Example-aware Template Mutual Matching for Industrial Anomaly Detection. (1%)
A Universal Identity Backdoor Attack against Speaker Verification based on Siamese Network. (1%)
2023-03-27
Classifier Robustness Enhancement Via Test-Time Transformation. (99%)
Improving the Transferability of Adversarial Examples via Direction Tuning. (99%)
EMShepherd: Detecting Adversarial Samples via Side-channel Leakage. (99%)
Learning the Unlearnable: Adversarial Augmentations Suppress Unlearnable Example Attacks. (97%)
Detecting Backdoors During the Inference Stage Based on Corruption Robustness Consistency. (76%)
CAT:Collaborative Adversarial Training. (69%)
Diffusion Denoised Smoothing for Certified and Adversarial Robust Out-Of-Distribution Detection. (67%)
Personalized Federated Learning on Long-Tailed Data via Adversarial Feature Augmentation. (41%)
Mask and Restore: Blind Backdoor Defense at Test Time with Masked Autoencoder. (41%)
Sequential training of GANs against GAN-classifiers reveals correlated "knowledge gaps" present among independently trained GAN instances. (41%)
Anti-DreamBooth: Protecting users from personalized text-to-image synthesis. (5%)
2023-03-26
MGTBench: Benchmarking Machine-Generated Text Detection. (61%)
2023-03-25
AdvCheck: Characterizing Adversarial Examples via Local Gradient Checking. (99%)
CFA: Class-wise Calibrated Fair Adversarial Training. (98%)
PORE: Provably Robust Recommender Systems against Data Poisoning Attacks. (68%)
Improving robustness of jet tagging algorithms with adversarial training: exploring the loss surface. (12%)
2023-03-24
PIAT: Parameter Interpolation based Adversarial Training for Image Classification. (99%)
How many dimensions are required to find an adversarial example? (99%)
Effective black box adversarial attack with handcrafted kernels. (99%)
Survey on Adversarial Attack and Defense for Medical Image Analysis: Methods and Challenges. (99%)
Improved Adversarial Training Through Adaptive Instance-wise Loss Smoothing. (99%)
Feature Separation and Recalibration for Adversarial Robustness. (98%)
Physically Adversarial Infrared Patches with Learnable Shapes and Locations. (97%)
Generalist: Decoupling Natural and Robust Generalization. (96%)
Ensemble-based Blackbox Attacks on Dense Prediction. (86%)
Backdoor Attacks with Input-unique Triggers in NLP. (54%)
PoisonedGNN: Backdoor Attack on Graph Neural Networks-based Hardware Security Systems. (22%)
Enhancing Multiple Reliability Measures via Nuisance-extended Information Bottleneck. (5%)
Optimal Smoothing Distribution Exploration for Backdoor Neutralization in Deep Learning-based Traffic Systems. (2%)
TRAK: Attributing Model Behavior at Scale. (1%)
2023-03-23
Watch Out for the Confusing Faces: Detecting Face Swapping with the Probability Distribution of Face Identification Models. (68%)
Quadratic Graph Attention Network (Q-GAT) for Robust Construction of Gene Regulatory Networks. (50%)
Optimization and Optimizers for Adversarial Robustness. (41%)
Adversarial Robustness and Feature Impact Analysis for Driver Drowsiness Detection. (41%)
Decentralized Adversarial Training over Graphs. (15%)
Paraphrasing evades detectors of AI-generated text, but retrieval is an effective defense. (15%)
Don't FREAK Out: A Frequency-Inspired Approach to Detecting Backdoor Poisoned Samples in DNNs. (8%)
Low-frequency Image Deep Steganography: Manipulate the Frequency Distribution to Hide Secrets with Tenacious Robustness. (1%)
Efficient Symbolic Reasoning for Neural-Network Verification. (1%)
2023-03-22
Reliable and Efficient Evaluation of Adversarial Robustness for Deep Hashing-Based Retrieval. (99%)
Semantic Image Attack for Visual Model Diagnosis. (99%)
Revisiting DeepFool: generalization and improvement. (99%)
Wasserstein Adversarial Examples on Univariant Time Series Data. (99%)
Test-time Defense against Adversarial Attacks: Detection and Reconstruction of Adversarial Examples via Masked Autoencoder. (99%)
Sibling-Attack: Rethinking Transferable Adversarial Attacks against Face Recognition. (78%)
An Extended Study of Human-like Behavior under Adversarial Training. (76%)
Distribution-restrained Softmax Loss for the Model Robustness. (38%)
Backdoor Defense via Adaptively Splitting Poisoned Dataset. (16%)
Edge Deep Learning Model Protection via Neuron Authorization. (11%)
2023-03-21
Information-containing Adversarial Perturbation for Combating Facial Manipulation Systems. (99%)
State-of-the-art optical-based physical adversarial attacks for deep learning computer vision systems. (99%)
Bridging Optimal Transport and Jacobian Regularization by Optimal Trajectory for Enhanced Adversarial Defense. (99%)
Efficient Decision-based Black-box Patch Attacks on Video Recognition. (98%)
Black-box Backdoor Defense via Zero-shot Image Purification. (86%)
Out of Thin Air: Exploring Data-Free Adversarial Robustness Distillation. (10%)
Influencer Backdoor Attack on Semantic Segmentation. (10%)
LOKI: Large-scale Data Reconstruction Attack against Federated Learning through Model Manipulation. (9%)
Poisoning Attacks in Federated Edge Learning for Digital Twin 6G-enabled IoTs: An Anticipatory Study. (1%)
2023-03-20
TWINS: A Fine-Tuning Framework for Improved Transferability of Adversarial Robustness and Generalization. (99%)
Adversarial Attacks against Binary Similarity Systems. (99%)
DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness. (99%)
Translate your gibberish: black-box adversarial attack on machine translation systems. (83%)
GNN-Ensemble: Towards Random Decision Graph Neural Networks. (56%)
Benchmarking Robustness of 3D Object Detection to Common Corruptions in Autonomous Driving. (41%)
Did You Train on My Dataset? Towards Public Dataset Protection with Clean-Label Backdoor Watermarking. (9%)
Boosting Semi-Supervised Learning by Exploiting All Unlabeled Data. (2%)
Make Landscape Flatter in Differentially Private Federated Learning. (1%)
Robustifying Token Attention for Vision Transformers. (1%)
2023-03-19
Randomized Adversarial Training via Taylor Expansion. (99%)
AdaptGuard: Defending Against Universal Attacks for Model Adaptation. (82%)
2023-03-18
NoisyHate: Mining Online Human-Written Perturbations for Realistic Robustness Benchmarking of Content Moderation Models. (98%)
FedRight: An Effective Model Copyright Protection for Federated Learning. (96%)
2023-03-17
Fuzziness-tuned: Improving the Transferability of Adversarial Examples. (99%)
It Is All About Data: A Survey on the Effects of Data on Adversarial Robustness. (99%)
Robust Mode Connectivity-Oriented Adversarial Defense: Enhancing Neural Network Robustness Against Diversified $\ell_p$ Attacks. (99%)
Detection of Uncertainty in Exceedance of Threshold (DUET): An Adversarial Patch Localizer. (83%)
Can AI-Generated Text be Reliably Detected? (45%)
Adversarial Counterfactual Visual Explanations. (31%)
MedLocker: A Transferable Adversarial Watermarking for Preventing Unauthorized Analysis of Medical Image Dataset. (16%)
Mobile Edge Adversarial Detection for Digital Twinning to the Metaverse with Deep Reinforcement Learning. (9%)
Moving Target Defense for Service-oriented Mission-critical Networks. (1%)
2023-03-16
Rethinking Model Ensemble in Transfer-based Adversarial Attacks. (99%)
Class Attribute Inference Attacks: Inferring Sensitive Class Information by Diffusion-Based Attribute Manipulations. (68%)
Among Us: Adversarially Robust Collaborative Perception by Consensus. (67%)
Exorcising ''Wraith'': Protecting LiDAR-based Object Detector in Automated Driving System from Appearing Attacks. (50%)
Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation. (11%)
2023-03-15
Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information. (99%)
Robust Evaluation of Diffusion-Based Adversarial Purification. (83%)
DeeBBAA: A benchmark Deep Black Box Adversarial Attack against Cyber-Physical Power Systems. (81%)
The Devil's Advocate: Shattering the Illusion of Unexploitable Data using Diffusion Models. (67%)
EvalAttAI: A Holistic Approach to Evaluating Attribution Maps in Robust and Non-Robust Models. (45%)
Agnostic Multi-Robust Learning Using ERM. (12%)
Reinforce Data, Multiply Impact: Improved Model Accuracy and Robustness with Dataset Reinforcement. (1%)
GPT-4 Technical Report. (1%)
2023-03-14
Verifying the Robustness of Automatic Credibility Assessment. (99%)
Resilient Dynamic Average Consensus based on Trusted agents. (69%)
Improving Adversarial Robustness with Hypersphere Embedding and Angular-based Regularizations. (31%)
2023-03-13
Review on the Feasibility of Adversarial Evasion Attacks and Defenses for Network Intrusion Detection Systems. (99%)
Constrained Adversarial Learning for Automated Software Testing: a literature review. (99%)
Can Adversarial Examples Be Parsed to Reveal Victim Model Information? (99%)
SMUG: Towards robust MRI reconstruction by smoothed unrolling. (98%)
Model-tuning Via Prompts Makes NLP Models Adversarially Robust. (96%)
Robust Contrastive Language-Image Pretraining against Adversarial Attacks. (83%)
Model Extraction Attacks on Split Federated Learning. (47%)
WDiscOOD: Out-of-Distribution Detection via Whitened Linear Discriminative Analysis. (1%)
Pixel-wise Gradient Uncertainty for Convolutional Neural Networks applied to Out-of-Distribution Segmentation. (1%)
2023-03-12
Adv-Bot: Realistic Adversarial Botnet Attacks against Network Intrusion Detection Systems. (99%)
Adaptive Local Adversarial Attacks on 3D Point Clouds for Augmented Reality. (99%)
DNN-Alias: Deep Neural Network Protection Against Side-Channel Attacks via Layer Balancing. (96%)
Multi-metrics adaptively identifies backdoors in Federated learning. (92%)
Adversarial Attacks to Direct Data-driven Control for Destabilization. (91%)
Backdoor Defense via Deconfounded Representation Learning. (83%)
Interpreting Hidden Semantics in the Intermediate Layers of 3D Point Cloud Classification Neural Network. (76%)
Boosting Source Code Learning with Data Augmentation: An Empirical Study. (11%)
2023-03-11
Improving the Robustness of Deep Convolutional Neural Networks Through Feature Learning. (99%)
SHIELD: An Adaptive and Lightweight Defense against the Remote Power Side-Channel Attacks on Multi-tenant FPGAs. (8%)
2023-03-10
Turning Strengths into Weaknesses: A Certified Robustness Inspired Attack Framework against Graph Neural Networks. (99%)
Boosting Adversarial Attacks by Leveraging Decision Boundary Information. (99%)
Adversarial Attacks and Defenses in Machine Learning-Powered Networks: A Contemporary Survey. (99%)
Investigating Stateful Defenses Against Black-Box Adversarial Examples. (99%)
MIXPGD: Hybrid Adversarial Training for Speech Recognition Systems. (99%)
Do we need entire training data for adversarial training? (99%)
TrojDiff: Trojan Attacks on Diffusion Models with Diverse Targets. (61%)
Adapting Contrastive Language-Image Pretrained (CLIP) Models for Out-of-Distribution Detection. (13%)
2023-03-09
NoiseCAM: Explainable AI for the Boundary Between Noise and Adversarial Attacks. (99%)
Evaluating the Robustness of Conversational Recommender Systems by Adversarial Examples. (92%)
Identification of Systematic Errors of Image Classifiers on Rare Subgroups. (83%)
Learning the Legibility of Visual Text Perturbations. (78%)
Efficient Certified Training and Robustness Verification of Neural ODEs. (75%)
Feature Unlearning for Pre-trained GANs and VAEs. (68%)
2023-03-08
Immune Defense: A Novel Adversarial Defense Mechanism for Preventing the Generation of Adversarial Examples. (99%)
Decision-BADGE: Decision-based Adversarial Batch Attack with Directional Gradient Estimation. (99%)
Exploring Adversarial Attacks on Neural Networks: An Explainable Approach. (99%)
BeamAttack: Generating High-quality Textual Adversarial Examples through Beam Search and Mixed Semantic Spaces. (99%)
DeepGD: A Multi-Objective Black-Box Test Selection Approach for Deep Neural Networks. (3%)
2023-03-07
Logit Margin Matters: Improving Transferable Targeted Adversarial Attack by Logit Calibration. (99%)
Patch of Invisibility: Naturalistic Physical Black-Box Adversarial Attacks on Object Detectors. (98%)
Robustness-preserving Lifelong Learning via Dataset Condensation. (96%)
CUDA: Convolution-based Unlearnable Datasets. (82%)
EavesDroid: Eavesdropping User Behaviors via OS Side-Channels on Smartphones. (11%)
Stabilized training of joint energy-based models and their practical applications. (2%)
2023-03-06
CleanCLIP: Mitigating Data Poisoning Attacks in Multimodal Contrastive Learning. (41%)
Students Parrot Their Teachers: Membership Inference on Model Distillation. (31%)
On the Feasibility of Specialized Ability Extracting for Large Language Code Models. (22%)
A Unified Algebraic Perspective on Lipschitz Neural Networks. (15%)
Learning to Backdoor Federated Learning. (15%)
Partial-Information, Longitudinal Cyber Attacks on LiDAR in Autonomous Vehicles. (10%)
ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning. (1%)
Rethinking Confidence Calibration for Failure Prediction. (1%)
2023-03-05
Visual Analytics of Neuron Vulnerability to Adversarial Attacks on Convolutional Neural Networks. (99%)
Consistent Valid Physically-Realizable Adversarial Attack against Crowd-flow Prediction Models. (99%)
Adversarial Sampling for Fairness Testing in Deep Neural Network. (98%)
Local Environment Poisoning Attacks on Federated Reinforcement Learning. (12%)
Robustness, Evaluation and Adaptation of Machine Learning Models in the Wild. (10%)
Knowledge-Based Counterfactual Queries for Visual Question Answering. (3%)
2023-03-04
Improved Robustness Against Adaptive Attacks With Ensembles and Error-Correcting Output Codes. (68%)
2023-03-03
PointCert: Point Cloud Classification with Deterministic Certified Robustness Guarantees. (91%)
Certified Robust Neural Networks: Generalization and Corruption Resistance. (82%)
AdvART: Adversarial Art for Camouflaged Object Detection Attacks. (75%)
Backdoor Attacks and Defenses in Federated Learning: Survey, Challenges and Future Research Directions. (47%)
Adversarial Attacks on Machine Learning in Embedded and IoT Platforms. (38%)
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat Models. (33%)
Stealthy Perception-based Attacks on Unmanned Aerial Vehicles. (16%)
TrojText: Test-time Invisible Textual Trojan Insertion. (2%)
2023-03-02
Defending against Adversarial Audio via Diffusion Model. (99%)
Demystifying Causal Features on Adversarial Examples and Causal Inoculation for Robust Network by Adversarial Instrumental Variable Regression. (99%)
AdvRain: Adversarial Raindrops to Attack Camera-based Smart Vision Systems. (99%)
APARATE: Adaptive Adversarial Patch for CNN-based Monocular Depth Estimation for Autonomous Navigation. (99%)
Targeted Adversarial Attacks against Neural Machine Translation. (98%)
The Double-Edged Sword of Implicit Bias: Generalization vs. Robustness in ReLU Networks. (93%)
Feature Perturbation Augmentation for Reliable Evaluation of Importance Estimators in Neural Networks. (10%)
D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks. (3%)
Interpretable System Identification and Long-term Prediction on Time-Series Data. (1%)
Consistency Models. (1%)
CADeSH: Collaborative Anomaly Detection for Smart Homes. (1%)
Conflict-Based Cross-View Consistency for Semi-Supervised Semantic Segmentation. (1%)
2023-03-01
To Make Yourself Invisible with Adversarial Semantic Contours. (99%)
Adversarial Examples Exist in Two-Layer ReLU Networks for Low Dimensional Data Manifolds. (98%)
Frauds Bargain Attack: Generating Adversarial Text Samples via Word Manipulation Process. (97%)
A Practical Upper Bound for the Worst-Case Attribution Deviations. (70%)
Combating Exacerbated Heterogeneity for Robust Models in Federated Learning. (54%)
Poster: Sponge ML Model Attacks of Mobile Apps. (8%)
DOLOS: A Novel Architecture for Moving Target Defense. (8%)
Mitigating Backdoors in Federated Learning with FLD. (2%)
Competence-Based Analysis of Language Models. (1%)
2023-02-28
A semantic backdoor attack against Graph Convolutional Networks. (98%)
Single Image Backdoor Inversion via Robust Smoothed Classifiers. (88%)
Feature Extraction Matters More: Universal Deepfake Disruption through Attacking Ensemble Feature Extractors. (67%)
Backdoor Attacks Against Deep Image Compression via Adaptive Frequency Trigger. (11%)
FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases. (1%)
2023-02-27
A Comprehensive Study on Robustness of Image Classification Models: Benchmarking and Rethinking. (99%)
Adversarial Attack with Raindrops. (99%)
Physical Adversarial Attacks on Deep Neural Networks for Traffic Sign Recognition: A Feasibility Study. (99%)
Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks. (98%)
CBA: Contextual Background Attack against Optical Aerial Detection in the Physical World. (98%)
Improving Model Generalization by On-manifold Adversarial Augmentation in the Frequency Domain. (96%)
Efficient and Low Overhead Website Fingerprinting Attacks and Defenses based on TCP/IP Traffic. (83%)
GLOW: Global Layout Aware Attacks on Object Detection. (81%)
Online Black-Box Confidence Estimation of Deep Neural Networks. (16%)
Implicit Poisoning Attacks in Two-Agent Reinforcement Learning: Adversarial Policies for Training-Time Attacks. (15%)
Differentially Private Diffusion Models Generate Useful Synthetic Images. (10%)
Learning to Retain while Acquiring: Combating Distribution-Shift in Adversarial Data-Free Knowledge Distillation. (5%)
2023-02-26
Contextual adversarial attack against aerial detection in the physical world. (99%)
Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators. (96%)
2023-02-25
Deep Learning-based Multi-Organ CT Segmentation with Adversarial Data Augmentation. (99%)
Scalable Attribution of Adversarial Attacks via Multi-Task Learning. (99%)
SATBA: An Invisible Backdoor Attack Based On Spatial Attention. (74%)
Bayesian Neural Networks Avoid Encoding Complex and Perturbation-Sensitive Concepts. (1%)
2023-02-24
Defending Against Backdoor Attacks by Layer-wise Feature Analysis. (68%)
Chaotic Variational Auto encoder-based Adversarial Machine Learning. (54%)
Robust Weight Signatures: Gaining Robustness as Easy as Patching Weights? (12%)
2023-02-23
Less is More: Data Pruning for Faster Adversarial Training. (99%)
A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots. (99%)
Boosting Adversarial Transferability using Dynamic Cues. (99%)
HyperAttack: Multi-Gradient-Guided White-box Adversarial Structure Attack of Hypergraph Neural Networks. (98%)
Investigating Catastrophic Overfitting in Fast Adversarial Training: A Self-fitting Perspective. (84%)
More than you've asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models. (70%)
On the Hardness of Robustness Transfer: A Perspective from Rademacher Complexity over Symmetric Difference Hypothesis Space. (68%)
Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity. (2%)
2023-02-22
Mitigating Adversarial Attacks in Deepfake Detection: An Exploration of Perturbation and AI Techniques. (99%)
PAD: Towards Principled Adversarial Malware Detection Against Evasion Attacks. (98%)
Provable Robustness Against a Union of $\ell_0$ Adversarial Attacks. (97%)
ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning Paradigms. (33%)
On the Robustness of ChatGPT: An Adversarial and Out-of-distribution Perspective. (12%)
2023-02-21
MultiRobustBench: Benchmarking Robustness Against Multiple Attacks. (99%)
MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-based Malware Detection. (99%)
Interpretable Spectrum Transformation Attacks to Speaker Recognition. (98%)
Characterizing the Optimal 0-1 Loss for Multi-class Classification with a Test-time Attacker. (97%)
Generalization Bounds for Adversarial Contrastive Learning. (31%)
2023-02-20
An Incremental Gray-box Physical Adversarial Attack on Neural Network Training. (98%)
Variation Enhanced Attacks Against RRAM-based Neuromorphic Computing System. (97%)
Seasoning Model Soups for Robustness to Adversarial and Natural Distribution Shifts. (88%)
Poisoning Web-Scale Training Datasets is Practical. (83%)
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network. (47%)
Take Me Home: Reversing Distribution Shifts using Reinforcement Learning. (26%)
Model-based feature selection for neural networks: A mixed-integer programming approach. (22%)
Prompt Stealing Attacks Against Text-to-Image Generation Models. (1%)
2023-02-19
X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection. (99%)
Stationary Point Losses for Robust Model. (93%)
On Feasibility of Server-side Backdoor Attacks on Split Learning. (76%)
2023-02-18
Adversarial Machine Learning: A Systematic Survey of Backdoor Attack, Weight Attack and Adversarial Example. (99%)
Delving into the Adversarial Robustness of Federated Learning. (98%)
Meta Style Adversarial Training for Cross-Domain Few-Shot Learning. (83%)
Towards Safer Generative Language Models: A Survey on Safety Risks, Evaluations, and Improvements. (67%)
MedViT: A Robust Vision Transformer for Generalized Medical Image Classification. (12%)
RobustNLP: A Technique to Defend NLP Models Against Backdoor Attacks. (11%)
Beyond Distribution Shift: Spurious Features Through the Lens of Training Dynamics. (2%)
2023-02-17
Measuring Equality in Machine Learning Security Defenses. (96%)
Function Composition in Trustworthy Machine Learning: Implementation Choices, Insights, and Questions. (5%)
RetVec: Resilient and Efficient Text Vectorizer. (4%)
2023-02-16
On the Effect of Adversarial Training Against Invariance-based Adversarial Examples. (99%)
High-frequency Matters: An Overwriting Attack and defense for Image-processing Neural Network Watermarking. (67%)
Marich: A Query-efficient Distributionally Equivalent Model Extraction Attack using Public Data. (3%)
A Novel Noise Injection-based Training Scheme for Better Model Robustness. (2%)
2023-02-15
Masking and Mixing Adversarial Training. (99%)
Robust Mid-Pass Filtering Graph Convolutional Networks. (98%)
Graph Adversarial Immunization for Certifiable Robustness. (98%)
XploreNAS: Explore Adversarially Robust & Hardware-efficient Neural Architectures for Non-ideal Xbars. (87%)
Tight Auditing of Differentially Private Machine Learning. (41%)
Field-sensitive Data Flow Integrity. (1%)
Uncertainty-Estimation with Normalized Logits for Out-of-Distribution Detection. (1%)
2023-02-14
Regret-Based Defense in Adversarial Reinforcement Learning. (99%)
On the Role of Randomization in Adversarially Robust Classification. (99%)
Attacking Fake News Detectors via Manipulating News Social Engagement. (83%)
An Experimental Study of Byzantine-Robust Aggregation Schemes in Federated Learning. (31%)
A Modern Look at the Relationship between Sharpness and Generalization. (10%)
Bounding Training Data Reconstruction in DP-SGD. (8%)
Security Defense For Smart Contracts: A Comprehensive Survey. (1%)
READIN: A Chinese Multi-Task Benchmark with Realistic and Diverse Input Noises. (1%)
2023-02-13
Sneaky Spikes: Uncovering Stealthy Backdoor Attacks in Spiking Neural Networks with Neuromorphic Data. (98%)
Raising the Cost of Malicious AI-Powered Image Editing. (82%)
Targeted Attack on GPT-Neo for the SATML Language Model Data Extraction Challenge. (8%)
Backdoor Learning for NLP: Recent Advances, Challenges, and Future Research Directions. (1%)
2023-02-12
TextDefense: Adversarial Text Detection based on Word Importance Entropy. (99%)
2023-02-11
Mutation-Based Adversarial Attacks on Neural Text Detectors. (69%)
HateProof: Are Hateful Meme Detection Systems really Robust? (13%)
MTTM: Metamorphic Testing for Textual Content Moderation Software. (2%)
Pushing the Accuracy-Group Robustness Frontier with Introspective Self-play. (1%)
High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption. (1%)
2023-02-10
Making Substitute Models More Bayesian Can Enhance Transferability of Adversarial Examples. (98%)
Unnoticeable Backdoor Attacks on Graph Neural Networks. (80%)
Step by Step Loss Goes Very Far: Multi-Step Quantization for Adversarial Text Attacks. (73%)
2023-02-09
IB-RAR: Information Bottleneck as Regularizer for Adversarial Robustness. (98%)
Adversarial Example Does Good: Preventing Painting Imitation from Diffusion Models via Adversarial Examples. (98%)
Mithridates: Auditing and Boosting Backdoor Resistance of Machine Learning Pipelines. (81%)
Imperceptible Sample-Specific Backdoor to DNN with Denoising Autoencoder. (62%)
Better Diffusion Models Further Improve Adversarial Training. (22%)
Augmenting NLP data to counter Annotation Artifacts for NLI Tasks. (16%)
Incremental Satisfiability Modulo Theory for Verification of Deep Neural Networks. (1%)
2023-02-08
WAT: Improve the Worst-class Robustness in Adversarial Training. (99%)
Et Tu Certifications: Robustness Certificates Yield Better Adversarial Examples. (99%)
Shortcut Detection with Variational Autoencoders. (13%)
Continuous Learning for Android Malware Detection. (13%)
Training-free Lexical Backdoor Attacks on Language Models. (8%)
On Function-Coupled Watermarks for Deep Neural Networks. (2%)
Unsupervised Learning of Initialization in Deep Neural Networks via Maximum Mean Discrepancy. (1%)
2023-02-07
Toward Face Biometric De-identification using Adversarial Examples. (98%)
Attacking Cooperative Multi-Agent Reinforcement Learning by Adversarial Minority Influence. (83%)
Membership Inference Attacks against Diffusion Models. (64%)
Temporal Robustness against Data Poisoning. (12%)
Robustness Implies Fairness in Casual Algorithmic Recourse. (2%)
Low-Latency Communication using Delay-Aware Relays Against Reactive Adversaries. (1%)
2023-02-06
Less is More: Understanding Word-level Textual Adversarial Attack via n-gram Frequency Descend. (99%)
SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction Consistency. (92%)
Exploring and Exploiting Decision Boundary Dynamics for Adversarial Robustness. (87%)
Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks. (75%)
GAT: Guided Adversarial Training with Pareto-optimal Auxiliary Tasks. (67%)
Target-based Surrogates for Stochastic Optimization. (1%)
Dropout Injection at Test Time for Post Hoc Uncertainty Quantification in Neural Networks. (1%)
One-shot Empirical Privacy Estimation for Federated Learning. (1%)
2023-02-05
On the Role of Contrastive Representation Learning in Adversarial Robustness: An Empirical Study. (54%)
Leaving Reality to Imagination: Robust Classification via Generated Datasets. (2%)
2023-02-04
CosPGD: a unified white-box adversarial attack for pixel-wise prediction tasks. (99%)
A Minimax Approach Against Multi-Armed Adversarial Attacks Detection. (86%)
AUTOLYCUS: Exploiting Explainable AI (XAI) for Model Extraction Attacks against Decision Tree Models. (84%)
Run-Off Election: Improved Provable Defense against Data Poisoning Attacks. (83%)
Certified Robust Control under Adversarial Perturbations. (78%)
2023-02-03
TextShield: Beyond Successfully Detecting Adversarial Sentences in Text Classification. (96%)
DeTorrent: An Adversarial Padding-only Traffic Analysis Defense. (73%)
SoK: A Systematic Evaluation of Backdoor Trigger Characteristics in Image Classification. (61%)
Beyond the Universal Law of Robustness: Sharper Laws for Random Features and Neural Tangent Kernels. (15%)
Asymmetric Certified Robustness via Feature-Convex Neural Networks. (8%)
Revisiting Personalized Federated Learning: Robustness Against Backdoor Attacks. (2%)
BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers. (2%)
From Robustness to Privacy and Back. (2%)
DCA: Delayed Charging Attack on the Electric Shared Mobility System. (1%)
Augmenting Rule-based DNS Censorship Detection at Scale with Machine Learning. (1%)
2023-02-02
TransFool: An Adversarial Attack against Neural Machine Translation Models. (99%)
Beyond Pretrained Features: Noisy Image Modeling Provides Adversarial Defense. (99%)
On the Robustness of Randomized Ensembles to Adversarial Perturbations. (75%)
Provably Bounding Neural Network Preimages. (64%)
A sliced-Wasserstein distance-based approach for out-of-class-distribution detection. (62%)
Effective Robustness against Natural Distribution Shifts for Models with Different Training Data. (13%)
SPECWANDS: An Efficient Priority-based Scheduler Against Speculation Contention Attacks. (10%)
Defensive ML: Defending Architectural Side-channels with Adversarial Obfuscation. (2%)
Generalized Uncertainty of Deep Neural Networks: Taxonomy and Applications. (1%)
Dataset Distillation Fixes Dataset Reconstruction Attacks. (1%)
2023-02-01
Universal Soldier: Using Universal Adversarial Perturbations for Detecting Backdoor Attacks. (99%)
Effectiveness of Moving Target Defenses for Adversarial Attacks in ML-based Malware Detection. (92%)
Exploring Semantic Perturbations on Grover. (56%)
BackdoorBox: A Python Toolbox for Backdoor Learning. (10%)
2023-01-31
Reverse engineering adversarial attacks with fingerprints from adversarial examples. (99%)
The Impacts of Unanswerable Questions on the Robustness of Machine Reading Comprehension Models. (97%)
Are Defenses for Graph Neural Networks Robust? (80%)
Adversarial Training of Self-supervised Monocular Depth Estimation against Physical-World Attacks. (75%)
Fairness-aware Vision Transformer via Debiased Self-Attention. (50%)
Robust Linear Regression: Gradient-descent, Early-stopping, and Beyond. (47%)
Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression. (12%)
DRAINCLoG: Detecting Rogue Accounts with Illegally-obtained NFTs using Classifiers Learned on Graphs. (1%)
Identifying the Hazard Boundary of ML-enabled Autonomous Systems Using Cooperative Co-Evolutionary Search. (1%)
2023-01-30
Feature-Space Bayesian Adversarial Learning Improved Malware Detector Robustness. (99%)
Improving Adversarial Transferability with Scheduled Step Size and Dual Example. (99%)
Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification. (99%)
RS-Del: Edit Distance Robustness Certificates for Sequence Classifiers via Randomized Deletion. (99%)
Identifying Adversarially Attackable and Robust Samples. (99%)
On Robustness of Prompt-based Semantic Parsing with Large Pre-trained Language Model: An Empirical Study on Codex. (98%)
Anchor-Based Adversarially Robust Zero-Shot Learning Driven by Language. (96%)
Inference Time Evidences of Adversarial Attacks for Forensic on Transformers. (87%)
On the Efficacy of Metrics to Describe Adversarial Attacks. (82%)
Benchmarking Robustness to Adversarial Image Obfuscations. (74%)
Extracting Training Data from Diffusion Models. (5%)
Affinity Uncertainty-based Hard Negative Mining in Graph Contrastive Learning. (2%)
M3FAS: An Accurate and Robust MultiModal Mobile Face Anti-Spoofing System. (1%)
2023-01-29
Unlocking Deterministic Robustness Certification on ImageNet. (98%)
Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid. (93%)
Improving the Accuracy-Robustness Trade-Off of Classifiers via Adaptive Smoothing. (83%)
Uncovering Adversarial Risks of Test-Time Adaptation. (82%)
Adversarial Attacks on Adversarial Bandits. (69%)
Towards Verifying the Geometric Robustness of Large-scale Neural Networks. (54%)
Lateralized Learning for Multi-Class Visual Classification Tasks. (13%)
Diverse, Difficult, and Odd Instances (D2O): A New Test Set for Object Classification. (3%)
Adversarial Style Augmentation for Domain Generalization. (2%)
Confidence-Aware Calibration and Scoring Functions for Curriculum Learning. (1%)
2023-01-28
Node Injection for Class-specific Network Poisoning. (82%)
Out-of-distribution Detection with Energy-based Models. (82%)
Gradient Shaping: Enhancing Backdoor Attack Against Reverse Engineering. (13%)
Selecting Models based on the Risk of Damage Caused by Adversarial Attacks. (1%)
2023-01-27
Semantic Adversarial Attacks on Face Recognition through Significant Attributes. (99%)
Targeted Attacks on Timeseries Forecasting. (99%)
Adapting Step-size: A Unified Perspective to Analyze and Improve Gradient-based Methods for Adversarial Attacks. (98%)
PECAN: A Deterministic Certified Defense Against Backdoor Attacks. (97%)
Vertex-based reachability analysis for verifying ReLU deep neural networks. (93%)
OccRob: Efficient SMT-Based Occlusion Robustness Verification of Deep Neural Networks. (92%)
PCV: A Point Cloud-Based Network Verifier. (88%)
Robust Transformer with Locality Inductive Bias and Feature Normalization. (88%)
Analyzing Robustness of the Deep Reinforcement Learning Algorithm in Ramp Metering Applications Considering False Data Injection Attack and Defense. (87%)
Learning to Unlearn: Instance-wise Unlearning for Pre-trained Classifiers. (80%)
Certified Invertibility in Neural Networks via Mixed-Integer Programming. (76%)
2023-01-26
Attacking Important Pixels for Anchor-free Detectors. (99%)
Certified Interpretability Robustness for Class Activation Mapping. (92%)
Minerva: A File-Based Ransomware Detector. (69%)
Interaction-level Membership Inference Attack Against Federated Recommender Systems. (31%)
2023-01-25
On the Adversarial Robustness of Camera-based 3D Object Detection. (99%)
RobustPdM: Designing Robust Predictive Maintenance against Adversarial Attacks. (99%)
BDMMT: Backdoor Sample Detection for Language Models through Model Mutation Testing. (98%)
A Data-Centric Approach for Improving Adversarial Training Through the Lens of Out-of-Distribution Detection. (96%)
A Study on FGSM Adversarial Training for Neural Retrieval. (75%)
Distilling Cognitive Backdoor Patterns within an Image. (5%)
Connecting metrics for shape-texture knowledge in computer vision. (1%)
2023-01-24
Blockchain-aided Secure Semantic Communication for AI-Generated Content in Metaverse. (13%)
Learning Effective Strategies for Moving Target Defense with Switching Costs. (1%)
Data Augmentation Alone Can Improve Adversarial Training. (1%)
2023-01-23
DODEM: DOuble DEfense Mechanism Against Adversarial Attacks Towards Secure Industrial Internet of Things Analytics. (99%)
Practical Adversarial Attacks Against AI-Driven Power Allocation in a Distributed MIMO Network. (92%)
BayBFed: Bayesian Backdoor Defense for Federated Learning. (78%)
Backdoor Attacks in Peer-to-Peer Federated Learning. (68%)
Optimising Event-Driven Spiking Neural Network with Regularisation and Cutoff. (1%)
2023-01-22
Provable Unrestricted Adversarial Training without Compromise with Generalizability. (99%)
ContraBERT: Enhancing Code Pre-trained Models via Contrastive Learning. (8%)
2023-01-20
Limitations of Piecewise Linearity for Efficient Robustness Certification. (95%)
Towards Understanding How Self-training Tolerates Data Backdoor Poisoning. (16%)
Dr.Spider: A Diagnostic Evaluation Benchmark towards Text-to-SQL Robustness. (8%)
Defending SDN against packet injection attacks using deep learning. (2%)
2023-01-19
On the Vulnerability of Backdoor Defenses for Federated Learning. (62%)
On the Relationship Between Information-Theoretic Privacy Metrics And Probabilistic Information Privacy. (31%)
RNAS-CL: Robust Neural Architecture Search by Cross-Layer Knowledge Distillation. (16%)
Enhancing Deep Learning with Scenario-Based Override Rules: a Case Study. (1%)
2023-01-17
Denoising Diffusion Probabilistic Models as a Defense against Adversarial Attacks. (98%)
Adversarial Robust Deep Reinforcement Learning Requires Redefining Robustness. (68%)
Label Inference Attack against Split Learning under Regression Setting. (8%)
2023-01-16
$\beta$-DARTS++: Bi-level Regularization for Proxy-robust Differentiable Architecture Search. (1%)
Modeling Uncertain Feature Representation for Domain Generalization. (1%)
2023-01-15
BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense. (4%)
2023-01-14
Adaptive Deep Neural Network Inference Optimization with EENet. (1%)
2023-01-13
On the feasibility of attacking Thai LPR systems with adversarial examples. (99%)
2023-01-12
Security-Aware Approximate Spiking Neural Networks. (87%)
Jamming Attacks on Decentralized Federated Learning in General Multi-Hop Wireless Networks. (3%)
2023-01-11
Phase-shifted Adversarial Training. (82%)
Universal Detection of Backdoor Attacks via Density-based Clustering and Centroids Analysis. (78%)
2023-01-10
On the Robustness of AlphaFold: A COVID-19 Case Study. (73%)
CDA: Contrastive-adversarial Domain Adaptation. (38%)
User-Centered Security in Natural Language Processing. (12%)
Leveraging Diffusion For Strong and High Quality Face Morphing Attacks. (3%)
2023-01-09
Over-The-Air Adversarial Attacks on Deep Learning Wi-Fi Fingerprinting. (99%)
On the Susceptibility and Robustness of Time Series Models through Adversarial Attack and Defense. (98%)
Is Federated Learning a Practical PET Yet? (13%)
SoK: Hardware Defenses Against Speculative Execution Attacks. (1%)
2023-01-08
RobArch: Designing Robust Architectures against Adversarial Attacks. (76%)
Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons. (2%)
MoreauGrad: Sparse and Robust Interpretation of Neural Networks via Moreau Envelope. (1%)
2023-01-07
REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service. (99%)
Adversarial training with informed data selection. (99%)
2023-01-06
Code Difference Guided Adversarial Example Generation for Deep Code Models. (99%)
Stealthy Backdoor Attack for Code Models. (98%)
2023-01-05
Silent Killer: A Stealthy, Clean-Label, Black-Box Backdoor Attack. (98%)
gRoMA: a Tool for Measuring the Global Robustness of Deep Neural Networks. (96%)
Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks. (61%)
TrojanPuzzle: Covertly Poisoning Code-Suggestion Models. (4%)
Can Large Language Models Change User Preference Adversarially? (1%)
2023-01-04
Availability Adversarial Attack and Countermeasures for Deep Learning-based Load Forecasting. (98%)
Beckman Defense. (84%)
GUAP: Graph Universal Attack Through Adversarial Patching. (81%)
Enhancement attacks in biomedical machine learning. (1%)
2023-01-03
Explainability and Robustness of Deep Visual Classification Models. (92%)
Look, Listen, and Attack: Backdoor Attacks Against Video Action Recognition. (83%)
Backdoor Attacks Against Dataset Distillation. (50%)
Analysis of Label-Flip Poisoning Attack on Machine Learning Based Malware Detector. (33%)
2023-01-02
Efficient Robustness Assessment via Adversarial Spatial-Temporal Focus on Videos. (92%)
2023-01-01
Generalizable Black-Box Adversarial Attack with Meta Learning. (99%)
ExploreADV: Towards exploratory attack for Neural Networks. (99%)
Trojaning semi-supervised learning model via poisoning wild images on the web. (47%)
2022-12-30
Tracing the Origin of Adversarial Attack for Forensic Investigation and Deterrence. (99%)
Guidance Through Surrogate: Towards a Generic Diagnostic Attack. (99%)
Defense Against Adversarial Attacks on Audio DeepFake Detection. (91%)
Adversarial attacks and defenses on ML- and hardware-based IoT device fingerprinting and identification. (82%)
Unlearnable Clusters: Towards Label-agnostic Unlearnable Examples. (22%)
Targeted k-node Collapse Problem: Towards Understanding the Robustness of Local k-core Structure. (1%)
2022-12-29
"Real Attackers Don't Compute Gradients": Bridging the Gap Between Adversarial ML Research and Practice. (68%)
Detection of out-of-distribution samples using binary neuron activation patterns. (11%)
2022-12-28
Thermal Heating in ReRAM Crossbar Arrays: Challenges and Solutions. (99%)
Certifying Safety in Reinforcement Learning under Adversarial Perturbation Attacks. (98%)
Publishing Efficient On-device Models Increases Adversarial Vulnerability. (95%)
Differentiable Search of Accurate and Robust Architectures. (92%)
Robust Ranking Explanations. (76%)
Evaluating Generalizability of Deep Learning Models Using Indian-COVID-19 CT Dataset. (1%)
2022-12-27
EDoG: Adversarial Edge Detection For Graph Neural Networks. (98%)
Learning When to Use Adaptive Adversarial Image Perturbations against Autonomous Vehicles. (86%)
Sparse Mixture Once-for-all Adversarial Training for Efficient In-Situ Trade-Off Between Accuracy and Robustness of DNNs. (62%)
XMAM:X-raying Models with A Matrix to Reveal Backdoor Attacks for Federated Learning. (56%)
2022-12-25
Simultaneously Optimizing Perturbations and Positions for Black-box Adversarial Patch Attacks. (99%)
2022-12-24
Frequency Regularization for Improving Adversarial Robustness. (99%)
2022-12-23
Out-of-Distribution Detection with Reconstruction Error and Typicality-based Penalty. (61%)
Towards Scalable Physically Consistent Neural Networks: an Application to Data-driven Multi-zone Thermal Building Models. (1%)
2022-12-22
Adversarial Machine Learning and Defense Game for NextG Signal Classification with Deep Learning. (98%)
Aliasing is a Driver of Adversarial Attacks. (80%)
GAN-based Domain Inference Attack. (2%)
Hybrid Quantum-Classical Generative Adversarial Network for High Resolution Image Generation. (1%)
2022-12-21
Revisiting Residual Networks for Adversarial Robustness: An Architectural Perspective. (80%)
Vulnerabilities of Deep Learning-Driven Semantic Communications to Backdoor (Trojan) Attacks. (67%)
A Theoretical Study of The Effects of Adversarial Attacks on Sparse Regression. (13%)
2022-12-20
A Comprehensive Study and Comparison of the Robustness of 3D Object Detectors Against Adversarial Attacks. (98%)
Multi-head Uncertainty Inference for Adversarial Attack Detection. (98%)
In and Out-of-Domain Text Adversarial Robustness via Label Smoothing. (98%)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks. (96%)
Unleashing the Power of Visual Prompting At the Pixel Level. (92%)
Learned Systems Security. (81%)
Hidden Poison: Machine Unlearning Enables Camouflaged Poisoning Attacks. (22%)
ReCode: Robustness Evaluation of Code Generation Models. (10%)
Defending Against Poisoning Attacks in Open-Domain Question Answering. (8%)
SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations. (5%)
Walking Noise: On Layer-Specific Robustness of Neural Architectures against Noisy Computations and Associated Characteristic Learning Dynamics. (1%)
DISCO: Distilling Phrasal Counterfactuals with Large Language Models. (1%)
2022-12-19
TextGrad: Advancing Robustness Evaluation in NLP by Gradient-Driven Optimization. (99%)
Towards Robustness of Text-to-SQL Models Against Natural and Realistic Adversarial Table Perturbation. (75%)
AI Security for Geoscience and Remote Sensing: Challenges and Future Trends. (50%)
Task-Oriented Communications for NextG: End-to-End Deep Learning and AI Security Aspects. (26%)
Flareon: Stealthy any2any Backdoor Injection via Poisoned Augmentation. (2%)
Exploring Optimal Substructure for Out-of-distribution Generalization via Feature-targeted Model Pruning. (1%)
2022-12-18
Estimating the Adversarial Robustness of Attributions in Text with Transformers. (99%)
Minimizing Maximum Model Discrepancy for Transferable Black-box Targeted Attacks. (99%)
Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition. (99%)
Fine-Tuning Is All You Need to Mitigate Backdoor Attacks. (4%)
2022-12-17
Confidence-aware Training of Smoothed Classifiers for Certified Robustness. (86%)
A Review of Speech-centric Trustworthy Machine Learning: Privacy, Safety, and Fairness. (2%)
HyPe: Better Pre-trained Language Model Fine-tuning with Hidden Representation Perturbation. (1%)
2022-12-16
Adversarial Example Defense via Perturbation Grading Strategy. (99%)
WebAssembly Diversification for Malware Evasion. (5%)
Biomedical image analysis competitions: The state of current participation practice. (4%)
Better May Not Be Fairer: Can Data Augmentation Mitigate Subgroup Degradation? (1%)
On Human Visual Contrast Sensitivity and Machine Vision Robustness: A Comparative Study. (1%)
2022-12-15
Alternating Objectives Generates Stronger PGD-Based Adversarial Attacks. (98%)
On Evaluating Adversarial Robustness of Chest X-ray Classification: Pitfalls and Best Practices. (84%)
Are Multimodal Models Robust to Image and Text Perturbations? (5%)
Holistic risk assessment of inference attacks in machine learning. (4%)
Defending against cybersecurity threats to the payments and banking system. (2%)
White-box Inference Attacks against Centralized Machine Learning and Federated Learning. (1%)
2022-12-14
SAIF: Sparse Adversarial and Interpretable Attack Framework. (99%)
Dissecting Distribution Inference. (88%)
Generative Robust Classification. (11%)
Synthesis of Adversarial DDOS Attacks Using Tabular Generative Adversarial Networks. (8%)
DOC-NAD: A Hybrid Deep One-class Classifier for Network Anomaly Detection. (1%)
2022-12-13
Object-fabrication Targeted Attack for Object Detection. (99%)
Adversarial Attacks and Defences for Skin Cancer Classification. (99%)
Unfolding Local Growth Rate Estimates for (Almost) Perfect Adversarial Detection. (99%)
Towards Efficient and Domain-Agnostic Evasion Attack with High-dimensional Categorical Inputs. (80%)
Understanding Zero-Shot Adversarial Robustness for Large-Scale Models. (73%)
Pixel is All You Need: Adversarial Trajectory-Ensemble Active Learning for Salient Object Detection. (56%)
AdvCat: Domain-Agnostic Robustness Assessment for Cybersecurity-Critical Applications with Categorical Inputs. (56%)
Privacy-preserving Security Inference Towards Cloud-Edge Collaborative Using Differential Privacy. (1%)
Boosting Semi-Supervised Learning with Contrastive Complementary Labeling. (1%)
2022-12-12
SRoUDA: Meta Self-training for Robust Unsupervised Domain Adaptation. (98%)
Adversarially Robust Video Perception by Seeing Motion. (98%)
A Survey on Reinforcement Learning Security with Application to Autonomous Driving. (96%)
HOTCOLD Block: Fooling Thermal Infrared Detectors with a Novel Wearable Design. (96%)
Robust Perception through Equivariance. (96%)
Despite "super-human" performance, current LLMs are unsuited for decisions about ethics and safety. (75%)
AFLGuard: Byzantine-robust Asynchronous Federated Learning. (15%)
Carpet-bombing patch: attacking a deep network without usual requirements. (2%)
Numerical Stability of DeepGOPlus Inference. (1%)
2022-12-11
DISCO: Adversarial Defense with Local Implicit Functions. (99%)
REAP: A Large-Scale Realistic Adversarial Patch Benchmark. (98%)
2022-12-10
General Adversarial Defense Against Black-box Attacks via Pixel Level and Feature Level Distribution Alignments. (99%)
Untargeted Attack against Federated Recommendation Systems via Poisonous Item Embeddings and the Defense. (93%)
Targeted Adversarial Attacks on Deep Reinforcement Learning Policies via Model Checking. (93%)
Mitigating Adversarial Gray-Box Attacks Against Phishing Detectors. (54%)
How to Backdoor Diffusion Models? (12%)
Identifying the Source of Vulnerability in Explanation Discrepancy: A Case Study in Neural Text Classification. (1%)
2022-12-09
Understanding and Combating Robust Overfitting via Input Loss Landscape Analysis and Regularization. (98%)
Expeditious Saliency-guided Mix-up through Random Gradient Thresholding. (2%)
Dynamic Test-Time Augmentation via Differentiable Functions. (2%)
Spurious Features Everywhere -- Large-Scale Detection of Harmful Spurious Features in ImageNet. (1%)
Robustness Implies Privacy in Statistical Estimation. (1%)
Selective Amnesia: On Efficient, High-Fidelity and Blind Suppression of Backdoor Effects in Trojaned Machine Learning Models. (1%)
QVIP: An ILP-based Formal Verification Approach for Quantized Neural Networks. (1%)
2022-12-08
Targeted Adversarial Attacks against Neural Network Trajectory Predictors. (99%)
XRand: Differentially Private Defense against Explanation-Guided Attacks. (68%)
Robust Graph Representation Learning via Predictive Coding. (22%)
2022-12-07
Multi-Objective Linear Ensembles for Robust and Sparse Training of Few-Bit Neural Networks. (2%)
Use of Cryptography in Malware Obfuscation. (1%)
2022-12-06
Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning. (96%)
2022-12-05
Enhancing Quantum Adversarial Robustness by Randomized Encodings. (99%)
Multiple Perturbation Attack: Attack Pixelwise Under Different $\ell_p$-norms For Better Adversarial Performance. (99%)
FaceQAN: Face Image Quality Assessment Through Adversarial Noise Exploration. (92%)
Refiner: Data Refining against Gradient Leakage Attacks in Federated Learning. (76%)
Blessings and Curses of Covariate Shifts: Adversarial Learning Dynamics, Directional Convergence, and Equilibria. (8%)
What is the Solution for State-Adversarial Multi-Agent Reinforcement Learning? (3%)
Spuriosity Rankings: Sorting Data for Spurious Correlation Robustness. (1%)
Efficient Malware Analysis Using Metric Embeddings. (1%)
2022-12-04
Bayesian Learning with Information Gain Provably Bounds Risk for a Robust Adversarial Defense. (98%)
Recognizing Object by Components with Human Prior Knowledge Enhances Adversarial Robustness of Deep Neural Networks. (88%)
CSTAR: Towards Compact and STructured Deep Neural Networks with Adversarial Robustness. (82%)
FedCC: Robust Federated Learning against Model Poisoning Attacks. (45%)
ConfounderGAN: Protecting Image Data Privacy with Causal Confounder. (8%)
2022-12-03
LDL: A Defense for Label-Based Membership Inference Attacks. (83%)
Security Analysis of SplitFed Learning. (8%)
2022-12-02
Membership Inference Attacks Against Semantic Segmentation Models. (45%)
Guaranteed Conformance of Neurosymbolic Models to Natural Constraints. (1%)
2022-12-01
Purifier: Defending Data Inference Attacks via Transforming Confidence Scores. (89%)
Pareto Regret Analyses in Multi-objective Multi-armed Bandit. (41%)
All You Need Is Hashing: Defending Against Data Reconstruction Attack in Vertical Federated Learning. (3%)
Generalizing and Improving Jacobian and Hessian Regularization. (1%)
On the Limit of Explaining Black-box Temporal Graph Neural Networks. (1%)
SimpleMind adds thinking to deep neural networks. (1%)
2022-11-30
Towards Interpreting Vulnerability of Multi-Instance Learning via Customized and Universal Adversarial Perturbations. (97%)
Interpretation of Neural Networks is Susceptible to Universal Adversarial Perturbations. (84%)
Efficient Adversarial Input Generation via Neural Net Patching. (75%)
Toward Robust Diagnosis: A Contour Attention Preserving Adversarial Defense for COVID-19 Detection. (69%)
Tight Certification of Adversarially Trained Neural Networks via Nonconvex Low-Rank Semidefinite Relaxations. (38%)
Improved Smoothed Analysis of 2-Opt for the Euclidean TSP. (8%)
2022-11-29
Understanding and Enhancing Robustness of Concept-based Models. (99%)
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion. (99%)
Advancing Deep Metric Learning Through Multiple Batch Norms And Multi-Targeted Adversarial Examples. (88%)
Penalizing Confident Predictions on Largely Perturbed Inputs Does Not Improve Out-of-Distribution Generalization in Question Answering. (83%)
Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks. (73%)
AdvMask: A Sparse Adversarial Attack Based Data Augmentation Method for Image Classification. (54%)
A3T: Accuracy Aware Adversarial Training. (10%)
Building Resilience to Out-of-Distribution Visual Data via Input Optimization and Model Finetuning. (1%)
2022-11-28
Adversarial Artifact Detection in EEG-Based Brain-Computer Interfaces. (99%)
Interpretations Cannot Be Trusted: Stealthy and Effective Adversarial Perturbations against Interpretable Deep Learning. (95%)
Training Time Adversarial Attack Aiming the Vulnerability of Continual Learning. (83%)
Towards More Robust Interpretation via Local Gradient Alignment. (76%)
Understanding the Impact of Adversarial Robustness on Accuracy Disparity. (31%)
How Important are Good Method Names in Neural Code Generation? A Model Robustness Perspective. (13%)
Rethinking the Number of Shots in Robust Model-Agnostic Meta-Learning. (8%)
Attack on Unfair ToS Clause Detection: A Case Study using Universal Adversarial Triggers. (8%)
Gamma-convergence of a nonlocal perimeter arising in adversarial machine learning. (3%)
CoNAL: Anticipating Outliers with Large Language Models. (1%)
Learning Antidote Data to Individual Unfairness. (1%)
2022-11-27
Imperceptible Adversarial Attack via Invertible Neural Networks. (99%)
Foiling Explanations in Deep Neural Networks. (98%)
Navigation as the Attacker Wishes? Towards Building Byzantine-Robust Embodied Agents under Federated Learning. (84%)
Traditional Classification Neural Networks are Good Generators: They are Competitive with DDPMs and GANs. (50%)
Federated Learning Attacks and Defenses: A Survey. (47%)
Adversarial Rademacher Complexity of Deep Neural Networks. (47%)
2022-11-26
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning. (99%)
2022-11-25
Boundary Adversarial Examples Against Adversarial Overfitting. (99%)
Supervised Contrastive Prototype Learning: Augmentation Free Robust Neural Network. (98%)
Beyond Smoothing: Unsupervised Graph Representation Learning with Edge Heterophily Discriminating. (3%)
TrustGAN: Training safe and trustworthy deep learning models through generative adversarial networks. (1%)
2022-11-24
SAGA: Spectral Adversarial Geometric Attack on 3D Meshes. (98%)
Tracking Dataset IP Use in Deep Neural Networks. (96%)
Explainable and Safe Reinforcement Learning for Autonomous Air Mobility. (92%)
Neural Network Complexity of Chaos and Turbulence. (41%)
Seeds Don't Lie: An Adaptive Watermarking Framework for Computer Vision Models. (8%)
Generative Joint Source-Channel Coding for Semantic Image Transmission. (1%)
CycleGANWM: A CycleGAN watermarking method for ownership verification. (1%)
2022-11-23
Query Efficient Cross-Dataset Transferable Black-Box Attack on Action Recognition. (99%)
Adversarial Attacks are a Surprisingly Strong Baseline for Poisoning Few-Shot Meta-Learners. (99%)
Reliable Robustness Evaluation via Automatically Constructed Attack Ensembles. (76%)
Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. (62%)
Privacy-Enhancing Optical Embeddings for Lensless Classification. (11%)
Principled Data-Driven Decision Support for Cyber-Forensic Investigations. (1%)
Data Provenance Inference in Machine Learning. (1%)
2022-11-22
Benchmarking Adversarially Robust Quantum Machine Learning at Scale. (99%)
PointCA: Evaluating the Robustness of 3D Point Cloud Completion Models Against Adversarial Examples. (99%)
Attacking Image Splicing Detection and Localization Algorithms Using Synthetic Traces. (98%)
Backdoor Cleansing with Unlabeled Data. (75%)
Improving Robust Generalization by Direct PAC-Bayesian Bound Minimization. (70%)
SoK: Inference Attacks and Defenses in Human-Centered Wireless Sensing. (69%)
2022-11-21
Understanding the Vulnerability of Skeleton-based Human Activity Recognition via Black-box Attack. (99%)
Self-Ensemble Protection: Training Checkpoints Are Good Data Protectors. (99%)
Boosting the Transferability of Adversarial Attacks with Global Momentum Initialization. (99%)
Addressing Mistake Severity in Neural Networks with Semantic Knowledge. (92%)
Efficient Generalization Improvement Guided by Random Weight Perturbation. (68%)
CLAWSAT: Towards Both Robust and Accurate Code Models. (56%)
Fairness Increases Adversarial Vulnerability. (54%)
Don't Watch Me: A Spatio-Temporal Trojan Attack on Deep-Reinforcement-Learning-Augment Autonomous Driving. (10%)
SPIN: Simulated Poisoning and Inversion Network for Federated Learning-Based 6G Vehicular Networks. (8%)
A Survey on Backdoor Attack and Defense in Natural Language Processing. (2%)
Understanding and Improving Visual Prompting: A Label-Mapping Perspective. (2%)
Multi-Level Knowledge Distillation for Out-of-Distribution Detection in Text. (1%)
Privacy in Practice: Private COVID-19 Detection in X-Ray Images. (1%)
A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers. (1%)
2022-11-20
Spectral Adversarial Training for Robust Graph Neural Network. (99%)
Invisible Backdoor Attack with Dynamic Triggers against Person Re-identification. (81%)
Taming Reachability Analysis of DNN-Controlled Systems via Abstraction-Based Training. (47%)
Adversarial Cheap Talk. (8%)
Deep Composite Face Image Attacks: Generation, Vulnerability and Detection. (2%)
AI-KD: Adversarial learning and Implicit regularization for self-Knowledge Distillation. (2%)
Multi-head Ensemble of Smoothed Classifiers for Certified Robustness. (1%)
2022-11-19
Towards Adversarial Robustness of Deep Vision Algorithms. (92%)
Phonemic Adversarial Attack against Audio Recognition in Real World. (87%)
Towards Robust Dataset Learning. (82%)
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning. (80%)
Exploring validation metrics for offline model-based optimisation with diffusion models. (75%)
Mask Off: Analytic-based Malware Detection By Transfer Learning and Model Personalization. (9%)
Investigating the Security of EV Charging Mobile Applications As an Attack Surface. (1%)
2022-11-18
Adversarial Detection by Approximation of Ensemble Boundary. (99%)
Adversarial Stimuli: Attacking Brain-Computer Interfaces via Perturbed Sensory Events. (98%)
Leveraging Algorithmic Fairness to Mitigate Blackbox Attribute Inference Attacks. (68%)
Invariant Learning via Diffusion Dreamed Distribution Shifts. (10%)
Intrusion Detection in Internet of Things using Convolutional Neural Networks. (1%)
Improving Robustness of TCM-based Robust Steganography with Variable Robustness. (1%)
Provable Defense against Backdoor Policies in Reinforcement Learning. (1%)
Scaling Up Dataset Distillation to ImageNet-1K with Constant Memory. (1%)
2022-11-17
Diagnostics for Deep Neural Networks with Automated Copy/Paste Attacks. (99%)
Towards Good Practices in Evaluating Transfer Adversarial Attacks. (93%)
Assessing Neural Network Robustness via Adversarial Pivotal Tuning. (92%)
UPTON: Unattributable Authorship Text via Data Poisoning. (86%)
Generalizable Deepfake Detection with Phase-Based Motion Analysis. (50%)
More Effective Centrality-Based Attacks on Weighted Networks. (15%)
Potential Auto-driving Threat: Universal Rain-removal Attack. (2%)
Data-Centric Debugging: mitigating model failures via targeted data collection. (1%)
A Tale of Two Cities: Data and Configuration Variances in Robust Deep Learning. (1%)
VeriSparse: Training Verified Locally Robust Sparse Neural Networks from Scratch. (1%)
2022-11-16
T-SEA: Transfer-based Self-Ensemble Attack on Object Detection. (99%)
Efficiently Finding Adversarial Examples with DNN Preprocessing. (99%)
Improving Interpretability via Regularization of Neural Activation Sensitivity. (92%)
Attacking Object Detector Using A Universal Targeted Label-Switch Patch. (86%)
Differentially Private Optimizers Can Learn Adversarially Robust Models. (83%)
Interpretable Dimensionality Reduction by Feature Preserving Manifold Approximation and Projection. (56%)
Privacy against Real-Time Speech Emotion Detection via Acoustic Adversarial Evasion of Machine Learning. (38%)
Holistic Evaluation of Language Models. (2%)
Analysis and Detectability of Offline Data Poisoning Attacks on Linear Systems. (1%)
2022-11-15
Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation. (99%)
Universal Distributional Decision-based Black-box Adversarial Attack with Reinforcement Learning. (99%)
MORA: Improving Ensemble Robustness Evaluation with Model-Reweighing Attack. (99%)
Person Text-Image Matching via Text-Featur Interpretability Embedding and External Attack Node Implantation. (92%)
Backdoor Attacks on Time Series: A Generative Approach. (70%)
CorruptEncoder: Data Poisoning based Backdoor Attacks to Contrastive Learning. (61%)
Improved techniques for deterministic l2 robustness. (22%)
Backdoor Attacks for Remote Sensing Data with Wavelet Transform. (12%)
2022-11-14
Efficient Adversarial Training with Robust Early-Bird Tickets. (92%)
Attacking Face Recognition with T-shirts: Database, Vulnerability Assessment and Detection. (13%)
Towards Robust Numerical Question Answering: Diagnosing Numerical Capabilities of NLP Systems. (5%)
Explainer Divergence Scores (EDS): Some Post-Hoc Explanations May be Effective for Detecting Unknown Spurious Correlations. (5%)
Robustifying Deep Vision Models Through Shape Sensitization. (2%)
2022-11-13
Tightening Robustness Verification of MaxPool-based Neural Networks via Minimizing the Over-Approximation Zone. (26%)
2022-11-12
Adversarial and Random Transformations for Robust Domain Adaptation and Generalization. (75%)
DriftRec: Adapting diffusion models to blind JPEG restoration. (1%)
2022-11-11
Generating Textual Adversaries with Minimal Perturbation. (98%)
On the robustness of non-intrusive speech quality model by adversarial examples. (98%)
An investigation of security controls and MITRE ATT\&CK techniques. (47%)
Investigating co-occurrences of MITRE ATT\&CK Techniques. (12%)
Remapped Cache Layout: Thwarting Cache-Based Side-Channel Attacks with a Hardware Defense. (9%)
2022-11-10
Test-time adversarial detection and robustness for localizing humans using ultra wide band channel impulse responses. (99%)
Impact of Adversarial Training on Robustness and Generalizability of Language Models. (99%)
Privacy-Utility Balanced Voice De-Identification Using Adversarial Examples. (98%)
Stay Home Safe with Starving Federated Data. (80%)
MSDT: Masked Language Model Scoring Defense in Text Domain. (38%)
Robust DNN Surrogate Models with Uncertainty Quantification via Adversarial Training. (3%)
Mitigating Forgetting in Online Continual Learning via Contrasting Semantically Distinct Augmentations. (1%)
2022-11-09
On the Robustness of Explanations of Deep Neural Network Models: A Survey. (50%)
Are All Edges Necessary? A Unified Framework for Graph Purification. (5%)
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. (3%)
Accountable and Explainable Methods for Complex Reasoning over Text. (2%)
Directional Privacy for Deep Learning. (1%)
2022-11-08
Preserving Semantics in Textual Adversarial Attacks. (99%)
NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries? (98%)
How Fraudster Detection Contributes to Robust Recommendation. (67%)
Lipschitz Continuous Algorithms for Graph Problems. (16%)
Learning advisor networks for noisy image classification. (1%)
2022-11-07
Are AlphaZero-like Agents Robust to Adversarial Perturbations? (99%)
Black-Box Attack against GAN-Generated Image Detector with Contrastive Perturbation. (82%)
Deviations in Representations Induced by Adversarial Attacks. (70%)
Interpreting deep learning output for out-of-distribution detection. (1%)
Resilience of Wireless Ad Hoc Federated Learning against Model Poisoning Attacks. (1%)
A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System. (1%)
2022-11-06
Contrastive Weighted Learning for Near-Infrared Gaze Estimation. (31%)
2022-11-05
Textual Manifold-based Defense Against Natural Language Adversarial Examples. (99%)
Stateful Detection of Adversarial Reprogramming. (96%)
Robust Lottery Tickets for Pre-trained Language Models. (83%)
2022-11-04
Improving Adversarial Robustness to Sensitivity and Invariance Attacks with Deep Metric Learning. (99%)
Logits are predictive of network type. (68%)
An Adversarial Robustness Perspective on the Topology of Neural Networks. (64%)
Fairness-aware Regression Robust to Adversarial Attacks. (38%)
Extension of Simple Algorithms to the Matroid Secretary Problem. (9%)
Robustness of Fusion-based Multimodal Classifiers to Cross-Modal Content Dilutions. (3%)
Data Models for Dataset Drift Controls in Machine Learning With Images. (1%)
2022-11-03
Physically Adversarial Attacks and Defenses in Computer Vision: A Survey. (99%)
Adversarial Defense via Neural Oscillation inspired Gradient Masking. (98%)
M-to-N Backdoor Paradigm: A Multi-Trigger and Multi-Target Attack to Deep Learning Models. (98%)
Robust Few-shot Learning Without Using any Adversarial Samples. (89%)
Data-free Defense of Black Box Models Against Adversarial Attacks. (84%)
Leveraging Domain Features for Detecting Adversarial Attacks Against Deep Speech Recognition in Noise. (38%)
Try to Avoid Attacks: A Federated Data Sanitization Defense for Healthcare IoMT Systems. (33%)
Unintended Memorization and Timing Attacks in Named Entity Recognition Models. (12%)
2022-11-02
Defending with Errors: Approximate Computing for Robustness of Deep Neural Networks. (99%)
Improving transferability of 3D adversarial attacks with scale and shear transformations. (99%)
Certified Robustness of Quantum Classifiers against Adversarial Examples through Quantum Noise. (99%)
Adversarial Attack on Radar-based Environment Perception Systems. (99%)
Isometric Representations in Neural Networks Improve Robustness. (62%)
BATT: Backdoor Attack with Transformation-based Triggers. (56%)
Untargeted Backdoor Attack against Object Detection. (50%)
Generative Adversarial Training Can Improve Neural Language Models. (33%)
Backdoor Defense via Suppressing Model Shortcuts. (3%)
Human-in-the-Loop Mixup. (1%)
2022-11-01
The Enemy of My Enemy is My Friend: Exploring Inverse Adversaries for Improving Adversarial Training. (99%)
LMD: A Learnable Mask Network to Detect Adversarial Examples for Speaker Verification. (99%)
DensePure: Understanding Diffusion Models towards Adversarial Robustness. (98%)
Adversarial Training with Complementary Labels: On the Benefit of Gradually Informative Attacks. (87%)
Universal Perturbation Attack on Differentiable No-Reference Image- and Video-Quality Metrics. (82%)
The Perils of Learning From Unlabeled Data: Backdoor Attacks on Semi-supervised Learning. (80%)
Maximum Likelihood Distillation for Robust Modulation Classification. (69%)
FRSUM: Towards Faithful Abstractive Summarization via Enhancing Factual Robustness. (45%)
Amplifying Membership Exposure via Data Poisoning. (22%)
ActGraph: Prioritization of Test Cases Based on Deep Neural Network Activation Graph. (13%)
2022-10-31
Scoring Black-Box Models for Adversarial Robustness. (98%)
ARDIR: Improving Robustness using Knowledge Distillation of Internal Representation. (88%)
SoK: Modeling Explainability in Security Analytics for Interpretability, Trustworthiness, and Usability. (33%)
Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy. (16%)
2022-10-30
Poison Attack and Defense on Deep Source Code Processing Models. (99%)
Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution. (99%)
Benchmarking Adversarial Patch Against Aerial Detection. (99%)
Symmetric Saliency-based Adversarial Attack To Speaker Identification. (92%)
FI-ODE: Certified and Robust Forward Invariance in Neural ODEs. (61%)
Imitating Opponent to Win: Adversarial Policy Imitation Learning in Two-player Competitive Games. (9%)
2022-10-29
On the Need of Neuromorphic Twins to Detect Denial-of-Service Attacks on Communication Networks. (10%)
2022-10-28
Universal Adversarial Directions. (99%)
Improving the Transferability of Adversarial Attacks on Face Recognition with Beneficial Perturbation Feature Augmentation. (99%)
Improving Hyperspectral Adversarial Robustness Under Multiple Attacks. (98%)
Distributed Black-box Attack against Image Classification Cloud Services. (95%)
RoChBert: Towards Robust BERT Fine-tuning for Chinese. (75%)
Robust Boosting Forests with Richer Deep Feature Hierarchy. (56%)
Localized Randomized Smoothing for Collective Robustness Certification. (26%)
Towards Reliable Neural Specifications. (11%)
On the Vulnerability of Data Points under Multiple Membership Inference Attacks and Target Models. (1%)
2022-10-27
TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems. (99%)
Isometric 3D Adversarial Examples in the Physical World. (99%)
LeNo: Adversarial Robust Salient Object Detection Networks with Learnable Noise. (92%)
TASA: Deceiving Question Answering Models by Twin Answer Sentences Attack. (92%)
Efficient and Effective Augmentation Strategy for Adversarial Training. (56%)
Noise Injection Node Regularization for Robust Learning. (2%)
Domain Adaptive Object Detection for Autonomous Driving under Foggy Weather. (1%)
2022-10-26
Improving Adversarial Robustness with Self-Paced Hard-Class Pair Reweighting. (99%)
There is more than one kind of robustness: Fooling Whisper with adversarial examples. (98%)
Disentangled Text Representation Learning with Information-Theoretic Perspective for Adversarial Robustness. (86%)
BioNLI: Generating a Biomedical NLI Dataset Using Lexico-semantic Constraints for Adversarial Examples. (75%)
Secure IP Address Allocation at Cloud Scale. (47%)
V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization. (10%)
Rethinking the Reverse-engineering of Trojan Triggers. (5%)
Cover Reproducible Steganography via Deep Generative Models. (1%)
DEMIS: A Threat Model for Selectively Encrypted Visual Surveillance Data. (1%)
Privately Fine-Tuning Large Language Models with Differential Privacy. (1%)
2022-10-25
LP-BFGS attack: An adversarial attack based on the Hessian with limited pixels. (99%)
Adversarially Robust Medical Classification via Attentive Convolutional Neural Networks. (99%)
A White-Box Adversarial Attack Against a Digital Twin. (99%)
Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. (98%)
Adversarial Purification with the Manifold Hypothesis. (98%)
Improving Adversarial Robustness via Joint Classification and Multiple Explicit Detection Classes. (98%)
Accelerating Certified Robustness Training via Knowledge Transfer. (73%)
Causal Information Bottleneck Boosts Adversarial Robustness of Deep Neural Network. (64%)
Towards Robust Recommender Systems via Triple Cooperative Defense. (61%)
Towards Formal Approximated Minimal Explanations of Neural Networks. (13%)
FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification. (13%)
A Streamlit-based Artificial Intelligence Trust Platform for Next-Generation Wireless Networks. (3%)
Robustness of Locally Differentially Private Graph Analysis Against Poisoning. (1%)
2022-10-24
Ares: A System-Oriented Wargame Framework for Adversarial ML. (99%)
SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning. (99%)
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs. (96%)
On the Robustness of Dataset Inference. (88%)
Flexible Android Malware Detection Model based on Generative Adversarial Networks with Code Tensor. (16%)
Revisiting Sparse Convolutional Model for Visual Recognition. (11%)
2022-10-23
FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning. (68%)
Adversarial Pretraining of Self-Supervised Deep Networks: Past, Present and Future. (45%)
2022-10-22
ADDMU: Detection of Far-Boundary Adversarial Examples with Data and Model Uncertainty Estimation. (99%)
Hindering Adversarial Attacks with Implicit Neural Representations. (92%)
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections. (81%)
Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games. (26%)
Precisely the Point: Adversarial Augmentations for Faithful and Informative Text Generation. (4%)
2022-10-21
Evolution of Neural Tangent Kernels under Benign and Adversarial Training. (99%)
The Dark Side of AutoML: Towards Architectural Backdoor Search. (68%)
Diffusion Visual Counterfactual Explanations. (10%)
TCAB: A Large-Scale Text Classification Attack Benchmark. (10%)
A critical review of cyber-physical security for building automation systems. (2%)
Extracted BERT Model Leaks More Information than You Think! (1%)
2022-10-20
Identifying Human Strategies for Generating Word-Level Adversarial Examples. (98%)
Are You Stealing My Model? Sample Correlation for Fingerprinting Deep Neural Networks. (98%)
Balanced Adversarial Training: Balancing Tradeoffs between Fickleness and Obstinacy in NLP Models. (98%)
Learning Sample Reweighting for Accuracy and Adversarial Robustness. (93%)
Similarity of Neural Architectures using Adversarial Attack Transferability. (86%)
New data poison attacks on machine learning classifiers for mobile exfiltration. (80%)
Attacking Motion Estimation with Adversarial Snow. (16%)
How Does a Deep Learning Model Architecture Impact Its Privacy? A Comprehensive Study of Privacy Attacks on CNNs and Transformers. (13%)
Analyzing the Robustness of Decentralized Horizontal and Vertical Federated Learning Architectures in a Non-IID Scenario. (4%)
Apple of Sodom: Hidden Backdoors in Superior Sentence Embeddings via Contrastive Learning. (3%)
LOT: Layer-wise Orthogonal Training on Improving $\ell_2$ Certified Robustness. (3%)
2022-10-19
Learning Transferable Adversarial Robust Representations via Multi-view Consistency. (99%)
Effective Targeted Attacks for Adversarial Self-Supervised Learning. (99%)
No-Box Attacks on 3D Point Cloud Classification. (93%)
Backdoor Attack and Defense in Federated Generative Adversarial Network-based Medical Image Synthesis. (83%)
Chaos Theory and Adversarial Robustness. (73%)
Emerging Threats in Deep Learning-Based Autonomous Driving: A Comprehensive Survey. (69%)
Why Should Adversarial Perturbations be Imperceptible? Rethink the Research Paradigm in Adversarial NLP. (64%)
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information. (41%)
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning. (16%)
Variational Model Perturbation for Source-Free Domain Adaptation. (1%)
2022-10-18
Scaling Adversarial Training to Large Perturbation Bounds. (98%)
Not All Poisons are Created Equal: Robust Training against Data Poisoning. (97%)
ROSE: Robust Selective Fine-tuning for Pre-trained Language Models. (73%)
Analysis of Master Vein Attacks on Finger Vein Recognition Systems. (56%)
Training set cleansing of backdoor poisoning by self-supervised representation learning. (56%)
On the Adversarial Robustness of Mixture of Experts. (13%)
Transferable Unlearnable Examples. (8%)
Automatic Detection of Fake Key Attacks in Secure Messaging. (8%)
Improving Adversarial Robustness by Contrastive Guided Diffusion Process. (2%)
2022-10-17
Towards Generating Adversarial Examples on Mixed-type Data. (99%)
Differential Evolution based Dual Adversarial Camouflage: Fooling Human Eyes and Object Detectors. (99%)
Probabilistic Categorical Adversarial Attack & Adversarial Training. (99%)
Marksman Backdoor: Backdoor Attacks with Arbitrary Target Class. (96%)
DE-CROP: Data-efficient Certified Robustness for Pretrained Classifiers. (87%)
Beyond Model Interpretability: On the Faithfulness and Adversarial Robustness of Contrastive Textual Explanations. (78%)
Towards Fair Classification against Poisoning Attacks. (76%)
Deepfake Text Detection: Limitations and Opportunities. (41%)
You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks. (15%)
Fine-mixing: Mitigating Backdoors in Fine-tuned Language Models. (9%)
Understanding CNN Fragility When Learning With Imbalanced Data. (1%)
2022-10-16
Object-Attentional Untargeted Adversarial Attack. (99%)
Nowhere to Hide: A Lightweight Unsupervised Detector against Adversarial Examples. (99%)
ODG-Q: Robust Quantization via Online Domain Generalization. (83%)
Interpretable Machine Learning for Detection and Classification of Ransomware Families Based on API Calls. (1%)
2022-10-15
RoS-KD: A Robust Stochastic Knowledge Distillation Approach for Noisy Medical Imaging. (2%)
2022-10-14
Dynamics-aware Adversarial Attack of Adaptive Neural Networks. (89%)
When Adversarial Training Meets Vision Transformers: Recipes from Training to Architecture. (87%)
Is Face Recognition Safe from Realizable Attacks? (84%)
Expose Backdoors on the Way: A Feature-Based Efficient Defense against Textual Backdoor Attacks. (76%)
Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. (67%)
2022-10-13
Adv-Attribute: Inconspicuous and Transferable Adversarial Attack on Face Recognition. (99%)
AccelAT: A Framework for Accelerating the Adversarial Training of Deep Neural Networks through Accuracy Gradient. (99%)
Demystifying Self-supervised Trojan Attacks. (95%)
Improving Out-of-Distribution Generalization by Adversarial Training with Structured Priors. (81%)
Efficiently Computing Local Lipschitz Constants of Neural Networks via Bound Propagation. (13%)
Large-Scale Open-Set Classification Protocols for ImageNet. (2%)
SoK: How Not to Architect Your Next-Generation TEE Malware? (1%)
Feature Reconstruction Attacks and Countermeasures of DNN training in Vertical Federated Learning. (1%)
Characterizing the Influence of Graph Elements. (1%)
2022-10-12
A Game Theoretical vulnerability analysis of Adversarial Attack. (99%)
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation. (99%)
Visual Prompting for Adversarial Robustness. (99%)
Robust Models are less Over-Confident. (96%)
Double Bubble, Toil and Trouble: Enhancing Certified Robustness through Transitivity. (86%)
Efficient Adversarial Training without Attacking: Worst-Case-Aware Robust Reinforcement Learning. (82%)
COLLIDER: A Robust Training Framework for Backdoor Data. (81%)
Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork. (76%)
Few-shot Backdoor Attacks via Neural Tangent Kernels. (62%)
How to Sift Out a Clean Data Subset in the Presence of Data Poisoning? (9%)
Understanding Impacts of Task Similarity on Backdoor Attack and Detection. (2%)
When are Local Queries Useful for Robust Learning? (1%)
2022-10-11
What Can the Neural Tangent Kernel Tell Us About Adversarial Robustness? (99%)
Stable and Efficient Adversarial Training through Local Linearization. (91%)
RoHNAS: A Neural Architecture Search Framework with Conjoint Optimization for Adversarial Robustness and Hardware Efficiency of Convolutional and Capsule Networks. (86%)
Adversarial Attack Against Image-Based Localization Neural Networks. (78%)
Detecting Backdoors in Deep Text Classifiers. (76%)
Human Body Measurement Estimation with Adversarial Augmentation. (33%)
Curved Representation Space of Vision Transformers. (10%)
Zeroth-Order Hard-Thresholding: Gradient Error vs. Expansivity. (1%)
Make Sharpness-Aware Minimization Stronger: A Sparsified Perturbation Approach. (1%)
2022-10-10
Boosting Adversarial Robustness From The Perspective of Effective Margin Regularization. (92%)
Revisiting adapters with adversarial training. (88%)
Universal Adversarial Perturbations: Efficiency on a small image dataset. (81%)
Certified Training: Small Boxes are All You Need. (22%)
Denoising Masked AutoEncoders Help Robust Classification. (1%)
2022-10-09
Pruning Adversarially Robust Neural Networks without Adversarial Examples. (99%)
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective. (99%)
Online Training Through Time for Spiking Neural Networks. (1%)
2022-10-08
FedDef: Defense Against Gradient Leakage in Federated Learning-based Network Intrusion Detection Systems. (99%)
Symmetry Defense Against CNN Adversarial Perturbation Attacks. (99%)
Robustness of Unsupervised Representation Learning without Labels. (54%)
2022-10-07
Adversarially Robust Prototypical Few-shot Segmentation with Neural-ODEs. (99%)
Pre-trained Adversarial Perturbations. (99%)
NMTSloth: Understanding and Testing Efficiency Degradation of Neural Machine Translation Systems. (97%)
ViewFool: Evaluating the Robustness of Visual Recognition to Adversarial Viewpoints. (93%)
Game-Theoretic Understanding of Misclassification. (47%)
A2: Efficient Automated Attacker for Boosting Adversarial Training. (41%)
BAFFLE: Hiding Backdoors in Offline Reinforcement Learning Datasets. (9%)
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. (2%)
Improving Fine-Grain Segmentation via Interpretable Modifications: A Case Study in Fossil Segmentation. (1%)
2022-10-06
Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems. (99%)
Enhancing Code Classification by Mixup-Based Data Augmentation. (96%)
Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection. (92%)
On Optimal Learning Under Targeted Data Poisoning. (82%)
Towards Out-of-Distribution Adversarial Robustness. (73%)
InferES : A Natural Language Inference Corpus for Spanish Featuring Negation-Based Contrastive and Adversarial Examples. (61%)
Unsupervised Domain Adaptation for COVID-19 Information Service with Contrastive Adversarial Domain Mixup. (41%)
Synthetic Dataset Generation for Privacy-Preserving Machine Learning. (2%)
Enhancing Mixup-Based Graph Learning for Language Processing via Hybrid Pooling. (1%)
Bad Citrus: Reducing Adversarial Costs with Model Distances. (1%)
2022-10-05
Natural Color Fool: Towards Boosting Black-box Unrestricted Attacks. (99%)
Dynamic Stochastic Ensemble with Adversarial Robust Lottery Ticket Subnetworks. (98%)
On Adversarial Robustness of Deep Image Deblurring. (83%)
A Closer Look at Robustness to L-infinity and Spatial Perturbations and their Composition. (81%)
Jitter Does Matter: Adapting Gaze Estimation to New Domains. (78%)
Image Masking for Robust Self-Supervised Monocular Depth Estimation. (38%)
Over-the-Air Federated Learning with Privacy Protection via Correlated Additive Perturbations. (38%)
2022-10-04
Rethinking Lipschitz Neural Networks and Certified Robustness: A Boolean Function Perspective. (97%)
Robust Fair Clustering: A Novel Fairness Attack and Defense Framework. (93%)
A Study on the Efficiency and Generalization of Light Hybrid Retrievers. (86%)
Practical Adversarial Attacks on Spatiotemporal Traffic Forecasting Models. (81%)
Invariant Aggregator for Defending against Federated Backdoor Attacks. (80%)
On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses. (75%)
Robustness Certification of Visual Perception Models via Camera Motion Smoothing. (70%)
Backdoor Attacks in the Supply Chain of Masked Image Modeling. (68%)
CADet: Fully Self-Supervised Anomaly Detection With Contrastive Learning. (67%)
2022-10-03
MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples. (99%)
Push-Pull: Characterizing the Adversarial Robustness for Audio-Visual Active Speaker Detection. (97%)
Stability Analysis and Generalization Bounds of Adversarial Training. (96%)
On Attacking Out-Domain Uncertainty Estimation in Deep Neural Networks. (92%)
Decompiling x86 Deep Neural Network Executables. (83%)
Strength-Adaptive Adversarial Training. (80%)
ASGNN: Graph Neural Networks with Adaptive Structure. (68%)
UnGANable: Defending Against GAN-based Face Manipulation. (2%)
2022-10-02
Adaptive Smoothness-weighted Adversarial Training for Multiple Perturbations with Its Stability Analysis. (99%)
Understanding Adversarial Robustness Against On-manifold Adversarial Examples. (99%)
FLCert: Provably Secure Federated Learning against Poisoning Attacks. (74%)
Optimization for Robustness Evaluation beyond $\ell_p$ Metrics. (16%)
Automated Security Analysis of Exposure Notification Systems. (1%)
2022-10-01
DeltaBound Attack: Efficient decision-based attack in low queries regime. (96%)
Adversarial Attacks on Transformers-Based Malware Detectors. (91%)
Voice Spoofing Countermeasures: Taxonomy, State-of-the-art, experimental analysis of generalizability, open challenges, and the way forward. (5%)
2022-09-30
Your Out-of-Distribution Detection Method is Not Robust! (99%)
Learning Robust Kernel Ensembles with Kernel Average Pooling. (99%)
Adversarial Robustness of Representation Learning for Knowledge Graphs. (95%)
Hiding Visual Information via Obfuscating Adversarial Perturbations. (92%)
On the tightness of linear relaxation based robustness certification methods. (78%)
Data Poisoning Attacks Against Multimodal Encoders. (73%)
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. (73%)
2022-09-29
Physical Adversarial Attack meets Computer Vision: A Decade Survey. (99%)
Towards Lightweight Black-Box Attacks against Deep Neural Networks. (99%)
Generalizability of Adversarial Robustness Under Distribution Shifts. (83%)
Digital and Physical Face Attacks: Reviewing and One Step Further. (2%)
Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks. (1%)
2022-09-28
A Survey on Physical Adversarial Attack in Computer Vision. (99%)
Exploring the Relationship between Architecture and Adversarially Robust Generalization. (99%)
A Closer Look at Evaluating the Bit-Flip Attack Against Deep Neural Networks. (67%)
Supervised Contrastive Learning as Multi-Objective Optimization for Fine-Tuning Large Pre-trained Language Models. (47%)
On the Robustness of Random Forest Against Untargeted Data Poisoning: An Ensemble-Based Approach. (31%)
CALIP: Zero-Shot Enhancement of CLIP with Parameter-free Attention. (1%)
Improving alignment of dialogue agents via targeted human judgements. (1%)
2022-09-27
Suppress with a Patch: Revisiting Universal Adversarial Patch Attacks against Object Detection. (74%)
Inducing Data Amplification Using Auxiliary Datasets in Adversarial Training. (33%)
Attacking Compressed Vision Transformers. (33%)
Mitigating Attacks on Artificial Intelligence-based Spectrum Sensing for Cellular Network Signals. (8%)
Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection. (5%)
Reconstruction-guided attention improves the robustness and shape processing of neural networks. (2%)
A Learning-based Honeypot Game for Collaborative Defense in UAV Networks. (1%)
Stability Via Adversarial Training of Neural Network Stochastic Control of Mean-Field Type. (1%)
Measuring Overfitting in Convolutional Neural Networks using Adversarial Perturbations and Label Noise. (1%)
2022-09-26
FG-UAP: Feature-Gathering Universal Adversarial Perturbation. (99%)
Activation Learning by Local Competitions. (64%)
Multi-Task Adversarial Training Algorithm for Multi-Speaker Neural Text-to-Speech. (1%)
Greybox XAI: a Neural-Symbolic learning framework to produce interpretable predictions for image classification. (1%)
2022-09-25
SPRITZ-1.5C: Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks. (81%)
2022-09-24
Strong Transferable Adversarial Attacks via Ensembled Asymptotically Normal Distribution Learning. (99%)
2022-09-23
The "Beatrix'' Resurrections: Robust Backdoor Detection via Gram Matrices. (13%)
2022-09-22
Privacy Attacks Against Biometric Models with Fewer Samples: Incorporating the Output of Multiple Models. (50%)
2022-09-21
Fair Robust Active Learning by Joint Inconsistency. (99%)
Toy Models of Superposition. (45%)
DARTSRepair: Core-failure-set Guided DARTS for Network Robustness to Common Corruptions. (13%)
Fairness Reprogramming. (1%)
2022-09-20
Understanding Real-world Threats to Deep Learning Models in Android Apps. (99%)
Audit and Improve Robustness of Private Neural Networks on Encrypted Data. (99%)
GAMA: Generative Adversarial Multi-Object Scene Attacks. (99%)
Sparse Vicious Attacks on Graph Neural Networks. (98%)
Leveraging Local Patch Differences in Multi-Object Scenes for Generative Adversarial Attacks. (98%)
Rethinking Data Augmentation in Knowledge Distillation for Object Detection. (68%)
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. (1%)
EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware. (1%)
2022-09-19
Adversarial Catoptric Light: An Effective, Stealthy and Robust Physical-World Attack to DNNs. (99%)
Adversarial Color Projection: A Projector-Based Physical Attack to DNNs. (99%)
2022-09-18
On the Adversarial Transferability of ConvMixer Models. (99%)
AdvDO: Realistic Adversarial Attacks for Trajectory Prediction. (96%)
Distribution inference risks: Identifying and mitigating sources of leakage. (1%)
2022-09-17
Watch What You Pretrain For: Targeted, Transferable Adversarial Examples on Self-Supervised Speech Recognition models. (99%)
Characterizing Internal Evasion Attacks in Federated Learning. (98%)
A study on the deviations in performance of FNNs and CNNs in the realm of grayscale adversarial images. (4%)
2022-09-16
Robust Ensemble Morph Detection with Domain Generalization. (99%)
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection. (99%)
Enhance the Visual Representation via Discrete Adversarial Training. (97%)
Model Inversion Attacks against Graph Neural Networks. (92%)
PointCAT: Contrastive Adversarial Training for Robust Point Cloud Recognition. (62%)
Cascading Failures in Power Grids. (33%)
Dataset Inference for Self-Supervised Models. (16%)
On the Robustness of Graph Neural Diffusion to Topology Perturbations. (15%)
A Systematic Evaluation of Node Embedding Robustness. (11%)
PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot. (1%)
2022-09-15
Improving Robust Fairness via Balance Adversarial Training. (99%)
A Light Recipe to Train Robust Vision Transformers. (98%)
Part-Based Models Improve Adversarial Robustness. (92%)
Explicit Tradeoffs between Adversarial and Natural Distributional Robustness. (80%)
Adversarially Robust Learning: A Generic Minimax Optimal Learner and Characterization. (80%)
Defending Root DNS Servers Against DDoS Using Layered Defenses. (15%)
BadRes: Reveal the Backdoors through Residual Connection. (2%)
Adversarial Cross-View Disentangled Graph Contrastive Learning. (1%)
Towards Improving Calibration in Object Detection Under Domain Shift. (1%)
2022-09-14
Robust Transferable Feature Extractors: Learning to Defend Pre-Trained Networks Against White Box Adversaries. (99%)
PointACL:Adversarial Contrastive Learning for Robust Point Clouds Representation under Adversarial Attack. (99%)
Certified Robustness to Word Substitution Ranking Attack for Neural Ranking Models. (99%)
Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models. (97%)
On the interplay of adversarial robustness and architecture components: patches, convolution and attention. (67%)
M^4I: Multi-modal Models Membership Inference. (54%)
Finetuning Pretrained Vision-Language Models with Correlation Information Bottleneck for Robust Visual Question Answering. (12%)
Robust Constrained Reinforcement Learning. (9%)
2022-09-13
Adversarial Coreset Selection for Efficient Robust Training. (99%)
TSFool: Crafting Highly-Imperceptible Adversarial Time Series through Multi-Objective Attack. (99%)
PINCH: An Adversarial Extraction Attack Framework for Deep Learning Models. (92%)
Certified Defences Against Adversarial Patch Attacks on Semantic Segmentation. (78%)
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks. (68%)
ADMM based Distributed State Observer Design under Sparse Sensor Attacks. (22%)
A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation Is the Fixed Point of Adversarial Game. (15%)
Defense against Privacy Leakage in Federated Learning. (12%)
Federated Learning based on Defending Against Data Poisoning Attacks in IoT. (1%)
2022-09-12
Adaptive Perturbation Generation for Multiple Backdoors Detection. (95%)
CARE: Certifiably Robust Learning with Reasoning via Variational Inference. (75%)
Sample Complexity of an Adversarial Attack on UCB-based Best-arm Identification Policy. (69%)
Boosting Robustness Verification of Semantic Feature Neighborhoods. (54%)
Semantic-Preserving Adversarial Code Comprehension. (1%)
Holistic Segmentation. (1%)
Class-Level Logit Perturbation. (1%)
2022-09-11
Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization. (99%)
Generate novel and robust samples from data: accessible sharing without privacy concerns. (5%)
2022-09-10
Scattering Model Guided Adversarial Examples for SAR Target Recognition: Attack and Defense. (99%)
2022-09-09
The Space of Adversarial Strategies. (99%)
Defend Data Poisoning Attacks on Voice Authentication. (54%)
Robust-by-Design Classification via Unitary-Gradient Neural Networks. (41%)
Robust and Lossless Fingerprinting of Deep Neural Networks via Pooled Membership Inference. (10%)
Saliency Guided Adversarial Training for Learning Generalizable Features with Applications to Medical Imaging Classification System. (1%)
2022-09-08
Incorporating Locality of Images to Generate Targeted Transferable Adversarial Examples. (99%)
Evaluating the Security of Aircraft Systems. (92%)
Unraveling the Connections between Privacy and Certified Robustness in Federated Learning Against Poisoning Attacks. (64%)
A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms. (1%)
FADE: Enabling Large-Scale Federated Adversarial Training on Resource-Constrained Edge Devices. (1%)
2022-09-07
On the Transferability of Adversarial Examples between Encrypted Models. (99%)
Securing the Spike: On the Transferabilty and Security of Spiking Neural Networks to Adversarial Examples. (99%)
Reward Delay Attacks on Deep Reinforcement Learning. (70%)
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems. (47%)
Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. (15%)
Physics-Guided Adversarial Machine Learning for Aircraft Systems Simulation. (1%)
Hardware faults that matter: Understanding and Estimating the safety impact of hardware faults on object detection DNNs. (1%)
MalDetConv: Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques. (1%)
2022-09-06
Instance Attack:An Explanation-based Vulnerability Analysis Framework Against DNNs for Malware Detection. (99%)
Bag of Tricks for FGSM Adversarial Training. (96%)
Improving Robustness to Out-of-Distribution Data by Frequency-based Augmentation. (82%)
Defending Against Backdoor Attack on Graph Nerual Network by Explainability. (80%)
MACAB: Model-Agnostic Clean-Annotation Backdoor to Object Detection with Natural Trigger in Real-World. (56%)
Multimodal contrastive learning for remote sensing tasks. (1%)
Annealing Optimization for Progressive Learning with Stochastic Approximation. (1%)
Interpretations Steered Network Pruning via Amortized Inferred Saliency Maps. (1%)
A Survey of Machine Unlearning. (1%)
2022-09-05
Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples. (98%)
White-Box Adversarial Policies in Deep Reinforcement Learning. (98%)
"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. (69%)
Adversarial Detection: Attacking Object Detection in Real Time. (64%)
PromptAttack: Prompt-based Attack for Language Models via Gradient Search. (16%)
Federated Zero-Shot Learning for Visual Recognition. (2%)
Improving Out-of-Distribution Detection via Epistemic Uncertainty Adversarial Training. (2%)
2022-09-04
An Adaptive Black-box Defense against Trojan Attacks (TrojDef). (98%)
Hide & Seek: Seeking the (Un)-Hidden key in Provably-Secure Logic Locking Techniques. (11%)
Synergistic Redundancy: Towards Verifiable Safety for Autonomous Vehicles. (1%)
2022-09-02
Adversarial Color Film: Effective Physical-World Attack to DNNs. (98%)
Impact of Scaled Image on Robustness of Deep Neural Networks. (98%)
Property inference attack; Graph neural networks; Privacy attacks and defense; Trustworthy machine learning. (95%)
Impact of Colour Variation on Robustness of Deep Neural Networks. (92%)
Scalable Adversarial Attack Algorithms on Influence Maximization. (68%)
Are Attribute Inference Attacks Just Imputation? (31%)
Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well? (9%)
Revisiting Outer Optimization in Adversarial Training. (5%)
2022-09-01
Adversarial for Social Privacy: A Poisoning Strategy to Degrade User Identity Linkage. (98%)
Universal Fourier Attack for Time Series. (12%)
2022-08-31
Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning. (99%)
Unrestricted Adversarial Samples Based on Non-semantic Feature Clusters Substitution. (99%)
Membership Inference Attacks by Exploiting Loss Trajectory. (70%)
Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. (13%)
Feature Alignment by Uncertainty and Self-Training for Source-Free Unsupervised Domain Adaptation. (1%)
Vulnerability of Distributed Inverter VAR Control in PV Distributed Energy System. (1%)
MA-RECON: Mask-aware deep-neural-network for robust fast MRI k-space interpolation. (1%)
2022-08-30
A Black-Box Attack on Optical Character Recognition Systems. (99%)
Robustness and invariance properties of image classifiers. (99%)
Solving the Capsulation Attack against Backdoor-based Deep Neural Network Watermarks by Reversing Triggers. (1%)
Constraining Representations Yields Models That Know What They Don't Know. (1%)
2022-08-29
Towards Adversarial Purification using Denoising AutoEncoders. (99%)
Reducing Certified Regression to Certified Classification for General Poisoning Attacks. (54%)
Interpreting Black-box Machine Learning Models for High Dimensional Datasets. (1%)
2022-08-28
Cross-domain Cross-architecture Black-box Attacks on Fine-tuned Models with Transferred Evolutionary Strategies. (99%)
2022-08-27
Adversarial Robustness for Tabular Data through Cost and Utility Awareness. (99%)
SA: Sliding attack for synthetic speech detection with resistance to clipping and self-splicing. (99%)
TrojViT: Trojan Insertion in Vision Transformers. (15%)
Overparameterized (robust) models from computational constraints. (13%)
RL-DistPrivacy: Privacy-Aware Distributed Deep Inference for low latency IoT systems. (1%)
2022-08-26
What Does the Gradient Tell When Attacking the Graph Structure. (69%)
Network-Level Adversaries in Federated Learning. (54%)
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. (45%)
Lower Difficulty and Better Robustness: A Bregman Divergence Perspective for Adversarial Training. (4%)
2022-08-25
Semantic Preserving Adversarial Attack Generation with Autoencoder and Genetic Algorithm. (99%)
SNAP: Efficient Extraction of Private Properties with Poisoning. (89%)
FuncFooler: A Practical Black-box Attack Against Learning-based Binary Code Similarity Detection Methods. (78%)
Robust Prototypical Few-Shot Organ Segmentation with Regularized Neural-ODEs. (31%)
Calibrated Selective Classification. (15%)
XDRI Attacks - and - How to Enhance Resilience of Residential Routers. (4%)
FedPrompt: Communication-Efficient and Privacy Preserving Prompt Tuning in Federated Learning. (1%)
2022-08-24
Attacking Neural Binary Function Detection. (99%)
Unrestricted Black-box Adversarial Attack Using GAN with Limited Queries. (99%)
Trace and Detect Adversarial Attacks on CNNs using Feature Response Maps. (98%)
A Perturbation Resistant Transformation and Classification System for Deep Neural Networks. (98%)
Rethinking Cost-sensitive Classification in Deep Learning via Adversarial Data Augmentation. (92%)
Bidirectional Contrastive Split Learning for Visual Question Answering. (38%)
2022-08-23
Towards an Awareness of Time Series Anomaly Detection Models' Adversarial Vulnerability. (99%)
Adversarial Vulnerability of Temporal Feature Networks for Object Detection. (99%)
Transferability Ranking of Adversarial Examples. (99%)
Auditing Membership Leakages of Multi-Exit Networks. (76%)
A Comprehensive Study of Real-Time Object Detection Networks Across Multiple Domains: A Survey. (13%)
Robust DNN Watermarking via Fixed Embedding Weights with Optimized Distribution. (10%)
2022-08-22
Fight Fire With Fire: Reversing Skin Adversarial Examples by Multiscale Diffusive and Denoising Aggregation Mechanism. (99%)
Hierarchical Perceptual Noise Injection for Social Media Fingerprint Privacy Protection. (98%)
Different Spectral Representations in Optimized Artificial Neural Networks and Brains. (93%)
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models. (87%)
BARReL: Bottleneck Attention for Adversarial Robustness in Vision-Based Reinforcement Learning. (86%)
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN. (62%)
Toward Better Target Representation for Source-Free and Black-Box Domain Adaptation. (31%)
Optimal Bootstrapping of PoW Blockchains. (1%)
2022-08-21
PointDP: Diffusion-driven Purification against Adversarial Attacks on 3D Point Cloud Recognition. (99%)
Inferring Sensitive Attributes from Model Explanations. (56%)
Byzantines can also Learn from History: Fall of Centered Clipping in Federated Learning. (10%)
MockingBERT: A Method for Retroactively Adding Resilience to NLP Models. (4%)
NOSMOG: Learning Noise-robust and Structure-aware MLPs on Graphs. (1%)
A Unified Analysis of Mixed Sample Data Augmentation: A Loss Function Perspective. (1%)
2022-08-20
Analyzing Adversarial Robustness of Vision Transformers against Spatial and Spectral Attacks. (86%)
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes. (33%)
Sensor Security: Current Progress, Research Challenges, and Future Roadmap. (10%)
Evaluating Out-of-Distribution Detectors Through Adversarial Generation of Outliers. (5%)
Adversarial contamination of networks in the setting of vertex nomination: a new trimming method. (1%)
2022-08-19
Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks. (99%)
Gender Bias and Universal Substitution Adversarial Attacks on Grammatical Error Correction Systems for Automated Assessment. (92%)
Dispersed Pixel Perturbation-based Imperceptible Backdoor Trigger for Image Classifier Models. (76%)
A Novel Plug-and-Play Approach for Adversarially Robust Generalization. (61%)
SAFARI: Versatile and Efficient Evaluations for Robustness of Interpretability. (8%)
UKP-SQuARE v2 Explainability and Adversarial Attacks for Trustworthy QA. (1%)
2022-08-18
Resisting Adversarial Attacks in Deep Neural Networks using Diverse Decision Boundaries. (99%)
Enhancing Targeted Attack Transferability via Diversified Weight Pruning. (99%)
Enhancing Diffusion-Based Image Synthesis with Robust Classifier Guidance. (45%)
Reverse Engineering of Integrated Circuits: Tools and Techniques. (33%)
DAFT: Distilling Adversarially Fine-tuned Models for Better OOD Generalization. (10%)
Discovering Bugs in Vision Models using Off-the-shelf Image Generation and Captioning. (3%)
Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy. (2%)
Profiler: Profile-Based Model to Detect Phishing Emails. (1%)
2022-08-17
Two Heads are Better than One: Robust Learning Meets Multi-branch Models. (99%)
An Evolutionary, Gradient-Free, Query-Efficient, Black-Box Algorithm for Generating Adversarial Instances in Deep Networks. (99%)
Shadows Aren't So Dangerous After All: A Fast and Robust Defense Against Shadow-Based Adversarial Attacks. (98%)
Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System. (70%)
An Efficient Multi-Step Framework for Malware Packing Identification. (41%)
On the Privacy Effect of Data Enhancement via the Lens of Memorization. (31%)
An Empirical Study on the Membership Inference Attack against Tabular Data Synthesis Models. (26%)
Efficient Detection and Filtering Systems for Distributed Training. (26%)
ObfuNAS: A Neural Architecture Search-based DNN Obfuscation Approach. (2%)
DF-Captcha: A Deepfake Captcha for Preventing Fake Calls. (1%)
Analyzing Robustness of End-to-End Neural Models for Automatic Speech Recognition. (1%)
2022-08-16
A Context-Aware Approach for Textual Adversarial Attack through Probability Difference Guided Beam Search. (82%)
Imperceptible and Robust Backdoor Attack in 3D Point Cloud. (68%)
AutoCAT: Reinforcement Learning for Automated Exploration of Cache-Timing Attacks. (13%)
Investigating the Impact of Model Width and Density on Generalization in Presence of Label Noise. (1%)
2022-08-15
Man-in-the-Middle Attack against Object Detection Systems. (96%)
MENLI: Robust Evaluation Metrics from Natural Language Inference. (92%)
Training-Time Attacks against k-Nearest Neighbors. (2%)
CTI4AI: Threat Intelligence Generation and Sharing after Red Teaming AI Models. (1%)
2022-08-14
A Multi-objective Memetic Algorithm for Auto Adversarial Attack Optimization Design. (99%)
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection. (92%)
InvisibiliTee: Angle-agnostic Cloaking from Person-Tracking Systems with a Tee. (92%)
Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning. (67%)
2022-08-13
Revisiting Adversarial Attacks on Graph Neural Networks for Graph Classification. (99%)
Friendly Noise against Adversarial Noise: A Powerful Defense against Data Poisoning Attacks. (99%)
Confidence Matters: Inspecting Backdoors in Deep Neural Networks via Distribution Transfer. (62%)
2022-08-12
Transferable Adversarial Examples with Bayes Approach. (99%)
Scale-free and Task-agnostic Attack: Generating Photo-realistic Adversarial Patterns with Patch Quilting Generator. (99%)
Defensive Distillation based Adversarial Attacks Mitigation Method for Channel Estimation using Deep Learning Models in Next-Generation Wireless Networks. (98%)
Unifying Gradients to Improve Real-world Robustness for Deep Networks. (96%)
A Knowledge Distillation-Based Backdoor Attack in Federated Learning. (93%)
Dropout is NOT All You Need to Prevent Gradient Leakage. (62%)
Defense against Backdoor Attacks via Identifying and Purifying Bad Neurons. (2%)
PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data. (2%)
2022-08-11
Diverse Generative Perturbations on Attention Space for Transferable Adversarial Attacks. (99%)
General Cutting Planes for Bound-Propagation-Based Neural Network Verification. (68%)
On deceiving malware classification with section injection. (5%)
A Probabilistic Framework for Mutation Testing in Deep Neural Networks. (1%)
Safety and Performance, Why not Both? Bi-Objective Optimized Model Compression toward AI Software Deployment. (1%)
Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone. (1%)
2022-08-10
Explaining Machine Learning DGA Detectors from DNS Traffic Data. (13%)
A Sublinear Adversarial Training Algorithm. (3%)
DVR: Micro-Video Recommendation Optimizing Watch-Time-Gain under Duration Bias. (1%)
2022-08-09
Adversarial Machine Learning-Based Anticipation of Threats Against Vehicle-to-Microgrid Services. (98%)
Reducing Exploitability with Population Based Training. (67%)
Combining Stochastic Defenses to Resist Gradient Inversion: An Ablation Study. (50%)
Robust Machine Learning for Malware Detection over Time. (9%)
2022-08-08
Robust and Imperceptible Black-box DNN Watermarking Based on Fourier Perturbation Analysis and Frequency Sensitivity Clustering. (75%)
PerD: Perturbation Sensitivity-based Neural Trojan Detection Framework on NLP Applications. (67%)
Adversarial robustness of VAEs through the lens of local geometry. (47%)
AWEncoder: Adversarial Watermarking Pre-trained Encoders in Contrastive Learning. (26%)
Abutting Grating Illusion: Cognitive Challenge to Neural Network Models. (1%)
Testing of Machine Learning Models with Limited Samples: An Industrial Vacuum Pumping Application. (1%)
2022-08-07
Federated Adversarial Learning: A Framework with Convergence Analysis. (80%)
Are Gradients on Graph Structure Reliable in Gray-box Attacks? (13%)
2022-08-06
Blackbox Attacks via Surrogate Ensemble Search. (99%)
On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning. (22%)
Preventing or Mitigating Adversarial Supply Chain Attacks; a legal analysis. (3%)
2022-08-05
Adversarial Robustness of MR Image Reconstruction under Realistic Perturbations. (73%)
Data-free Backdoor Removal based on Channel Lipschitzness. (64%)
Lethal Dose Conjecture on Data Poisoning. (2%)
LCCDE: A Decision-Based Ensemble Framework for Intrusion Detection in The Internet of Vehicles. (1%)
Almost-Orthogonal Layers for Efficient General-Purpose Lipschitz Networks. (1%)
2022-08-04
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image Classification. (99%)
2022-08-03
Spectrum Focused Frequency Adversarial Attacks for Automatic Modulation Classification. (99%)
Design of secure and robust cognitive system for malware detection. (99%)
A New Kind of Adversarial Example. (99%)
Adversarial Attacks on ASR Systems: An Overview. (98%)
Multiclass ASMA vs Targeted PGD Attack in Image Segmentation. (96%)
MOVE: Effective and Harmless Ownership Verification via Embedded External Features. (89%)
Robust Graph Neural Networks using Weighted Graph Laplacian. (13%)
2022-08-02
Adversarial Camouflage for Node Injection Attack on Graphs. (81%)
Success of Uncertainty-Aware Deep Models Depends on Data Manifold Geometry. (2%)
SCFI: State Machine Control-Flow Hardening Against Fault Attacks. (1%)
2022-08-01
GeoECG: Data Augmentation via Wasserstein Geodesic Perturbation for Robust Electrocardiogram Prediction. (98%)
Understanding Adversarial Robustness of Vision Transformers via Cauchy Problem. (81%)
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel. (75%)
Attacking Adversarial Defences by Smoothing the Loss Landscape. (26%)
2022-07-31
DNNShield: Dynamic Randomized Model Sparsification, A Defense Against Adversarial Machine Learning. (99%)
Robust Real-World Image Super-Resolution against Adversarial Attacks. (99%)
Is current research on adversarial robustness addressing the right problem? (97%)
2022-07-30
enpheeph: A Fault Injection Framework for Spiking and Compressed Deep Neural Networks. (5%)
CoNLoCNN: Exploiting Correlation and Non-Uniform Quantization for Energy-Efficient Low-precision Deep Convolutional Neural Networks. (2%)
2022-07-29
Robust Trajectory Prediction against Adversarial Attacks. (99%)
Sampling Attacks on Meta Reinforcement Learning: A Minimax Formulation and Complexity Analysis. (56%)
2022-07-28
Pro-tuning: Unified Prompt Tuning for Vision Tasks. (1%)
2022-07-27
Look Closer to Your Enemy: Learning to Attack via Teacher-student Mimicking. (99%)
Point Cloud Attacks in Graph Spectral Domain: When 3D Geometry Meets Graph Signal Processing. (96%)
Membership Inference Attacks via Adversarial Examples. (73%)
Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips. (69%)
DynaMarks: Defending Against Deep Learning Model Extraction Using Dynamic Watermarking. (47%)
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks. (22%)
Generative Steganography Network. (1%)
2022-07-26
LGV: Boosting Adversarial Example Transferability from Large Geometric Vicinity. (99%)
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. (99%)
Generative Extraction of Audio Classifiers for Speaker Identification. (73%)
Toward Transparent AI: A Survey on Interpreting the Inner Structures of Deep Neural Networks. (8%)
2022-07-25
$p$-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations. (99%)
Improving Adversarial Robustness via Mutual Information Estimation. (99%)
SegPGD: An Effective and Efficient Adversarial Attack for Evaluating and Boosting Segmentation Robustness. (99%)
Jigsaw-ViT: Learning Jigsaw Puzzles in Vision Transformer. (75%)
Technical Report: Assisting Backdoor Federated Learning with Whole Population Knowledge Alignment. (9%)
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning. (2%)
2022-07-24
Versatile Weight Attack via Flipping Limited Bits. (86%)
Can we achieve robustness from data alone? (82%)
Proving Common Mechanisms Shared by Twelve Methods of Boosting Adversarial Transferability. (69%)
Privacy Against Inference Attacks in Vertical Federated Learning. (2%)
Semantic-guided Multi-Mask Image Harmonization. (1%)
2022-07-22
Do Perceptually Aligned Gradients Imply Adversarial Robustness? (99%)
Provable Defense Against Geometric Transformations. (47%)
Aries: Efficient Testing of Deep Neural Networks via Labeling-Free Accuracy Estimation. (41%)
Learning from Multiple Annotator Noisy Labels via Sample-wise Label Fusion. (1%)
2022-07-21
Synthetic Dataset Generation for Adversarial Machine Learning Research. (99%)
Careful What You Wish For: on the Extraction of Adversarially Trained Models. (99%)
Rethinking Textual Adversarial Defense for Pre-trained Language Models. (99%)
AugRmixAT: A Data Processing and Training Method for Improving Multiple Robustness and Generalization Performance. (98%)
Knowledge-enhanced Black-box Attacks for Recommendations. (92%)
Towards Efficient Adversarial Training on Vision Transformers. (92%)
Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation. (87%)
Contrastive Self-Supervised Learning Leads to Higher Adversarial Susceptibility. (83%)
Generating and Detecting True Ambiguity: A Forgotten Danger in DNN Supervision Testing. (22%)
2022-07-20
Switching One-Versus-the-Rest Loss to Increase the Margin of Logits for Adversarial Robustness. (99%)
Illusory Attacks: Detectability Matters in Adversarial Attacks on Sequential Decision-Makers. (98%)
Test-Time Adaptation via Conjugate Pseudo-labels. (10%)
Malware Triage Approach using a Task Memory based on Meta-Transfer Learning Framework. (9%)
A temporally and spatially local spike-based backpropagation algorithm to enable training in hardware. (1%)
2022-07-19
Robust Multivariate Time-Series Forecasting: Adversarial Attacks and Defense Mechanisms. (99%)
FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients. (41%)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond. (26%)
Assaying Out-Of-Distribution Generalization in Transfer Learning. (1%)
2022-07-18
Defending Substitution-Based Profile Pollution Attacks on Sequential Recommenders. (99%)
Prior-Guided Adversarial Initialization for Fast Adversarial Training. (99%)
Decorrelative Network Architecture for Robust Electrocardiogram Classification. (99%)
Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence. (96%)
Adversarial Pixel Restoration as a Pretext Task for Transferable Perturbations. (91%)
Easy Batch Normalization. (69%)
Adversarial Contrastive Learning via Asymmetric InfoNCE. (61%)
Using Anomaly Detection to Detect Poisoning Attacks in Federated Learning Applications. (22%)
A Certifiable Security Patch for Object Tracking in Self-Driving Systems via Historical Deviation Modeling. (10%)
Benchmarking Machine Learning Robustness in Covid-19 Genome Sequence Classification. (2%)
2022-07-17
Watermark Vaccine: Adversarial Attacks to Prevent Watermark Removal. (99%)
Threat Model-Agnostic Adversarial Defense using Diffusion Models. (99%)
Achieve Optimal Adversarial Accuracy for Adversarial Deep Learning using Stackelberg Game. (96%)
Automated Repair of Neural Networks. (16%)
2022-07-16
DIMBA: Discretely Masked Black-Box Attack in Single Object Tracking. (99%)
Certified Neural Network Watermarks with Randomized Smoothing. (1%)
Progress and limitations of deep networks to recognize objects in unusual poses. (1%)
MixTailor: Mixed Gradient Aggregation for Robust Learning Against Tailored Attacks. (1%)
Exploring The Resilience of Control Execution Skips against False Data Injection Attacks. (1%)
2022-07-15
Towards the Desirable Decision Boundary by Moderate-Margin Adversarial Training. (99%)
CARBEN: Composite Adversarial Robustness Benchmark. (98%)
Masked Spatial-Spectral Autoencoders Are Excellent Hyperspectral Defenders. (68%)
Feasibility of Inconspicuous GAN-generated Adversarial Patches against Object Detection. (10%)
PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. (5%)
3DVerifier: Efficient Robustness Verification for 3D Point Cloud Models. (1%)
2022-07-14
Adversarial Examples for Model-Based Control: A Sensitivity Analysis. (98%)
Adversarial Attacks on Monocular Pose Estimation. (98%)
Provably Adversarially Robust Nearest Prototype Classifiers. (83%)
Improving Task-free Continual Learning by Distributionally Robust Memory Evolution. (70%)
RSD-GAN: Regularized Sobolev Defense GAN Against Speech-to-Text Adversarial Attacks. (67%)
Sound Randomized Smoothing in Floating-Point Arithmetics. (50%)
Audio-guided Album Cover Art Generation with Genetic Algorithms. (38%)
Distance Learner: Incorporating Manifold Prior to Model Training. (16%)
Active Data Pattern Extraction Attacks on Generative Language Models. (11%)
Contrastive Adapters for Foundation Model Group Robustness. (1%)
Lipschitz Bound Analysis of Neural Networks. (1%)
2022-07-13
Perturbation Inactivation Based Adversarial Defense for Face Recognition. (99%)
On the Robustness of Bayesian Neural Networks to Adversarial Attacks. (93%)
Adversarially-Aware Robust Object Detector. (91%)
PIAT: Physics Informed Adversarial Training for Solving Partial Differential Equations. (15%)
Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities. (10%)
Interactive Machine Learning: A State of the Art Review. (4%)
Sample-dependent Adaptive Temperature Scaling for Improved Calibration. (2%)
DiverGet: A Search-Based Software Testing Approach for Deep Neural Network Quantization Assessment. (1%)
2022-07-12
Exploring Adversarial Examples and Adversarial Robustness of Convolutional Neural Networks by Mutual Information. (99%)
Adversarial Robustness Assessment of NeuroEvolution Approaches. (99%)
Frequency Domain Model Augmentation for Adversarial Attack. (99%)
Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware. (92%)
Game of Trojans: A Submodular Byzantine Approach. (87%)
Bi-fidelity Evolutionary Multiobjective Search for Adversarially Robust Deep Neural Architectures. (84%)
Certified Adversarial Robustness via Anisotropic Randomized Smoothing. (76%)
RelaxLoss: Defending Membership Inference Attacks without Losing Utility. (26%)
Verifying Attention Robustness of Deep Neural Networks against Semantic Perturbations. (5%)
Markov Decision Process For Automatic Cyber Defense. (4%)
Estimating Test Performance for AI Medical Devices under Distribution Shift with Conformal Prediction. (1%)
Backdoor Attacks on Crowd Counting. (1%)
2022-07-11
Statistical Detection of Adversarial examples in Blockchain-based Federated Forest In-vehicle Network Intrusion Detection Systems. (99%)
RUSH: Robust Contrastive Learning via Randomized Smoothing. (98%)
Physical Passive Patch Adversarial Attacks on Visual Odometry Systems. (98%)
Towards Effective Multi-Label Recognition Attacks via Knowledge Graph Consistency. (83%)
Susceptibility of Continual Learning Against Adversarial Attacks. (75%)
"Why do so?" -- A Practical Perspective on Machine Learning Security. (64%)
Physical Attack on Monocular Depth Estimation with Optimal Adversarial Patches. (22%)
Adversarial Style Augmentation for Domain Generalized Urban-Scene Segmentation. (1%)
2022-07-10
One-shot Neural Backdoor Erasing via Adversarial Weight Masking. (33%)
Hiding Your Signals: A Security Analysis of PPG-based Biometric Authentication. (4%)
2022-07-09
Adversarial Framework with Certified Robustness for Time-Series Domain via Statistical Features. (98%)
Invisible Backdoor Attacks Using Data Poisoning in the Frequency Domain. (98%)
Dynamic Time Warping based Adversarial Framework for Time-Series Domain. (97%)
Training Robust Deep Models for Time-Series Domain: Novel Algorithms and Theoretical Analysis. (67%)
2022-07-08
Not all broken defenses are equal: The dead angles of adversarial accuracy. (99%)
Improved and Interpretable Defense to Transferred Adversarial Examples by Jacobian Norm with Selective Input Gradient Regularization. (99%)
Defense Against Multi-target Trojan Attacks. (80%)
Guiding the retraining of convolutional neural networks against adversarial inputs. (80%)
Online Evasion Attacks on Recurrent Models:The Power of Hallucinating the Future. (68%)
Models Out of Line: A Fourier Lens on Distribution Shift Robustness. (10%)
A law of adversarial risk, interpolation, and label noise. (1%)
2022-07-07
On the Relationship Between Adversarial Robustness and Decision Region in Deep Neural Network. (99%)
Harnessing Out-Of-Distribution Examples via Augmenting Content and Style. (11%)
CausalAgents: A Robustness Benchmark for Motion Forecasting using Causal Relationships. (5%)
2022-07-06
The Weaknesses of Adversarial Camouflage in Overhead Imagery. (83%)
Adversarial Robustness of Visual Dialog. (64%)
Enhancing Adversarial Attacks on Single-Layer NVM Crossbar-Based Neural Networks with Power Consumption Information. (54%)
When does Bias Transfer in Transfer Learning? (10%)
Privacy-preserving Reflection Rendering for Augmented Reality. (2%)
Not All Models Are Equal: Predicting Model Transferability in a Self-challenging Fisher Space. (1%)
2022-07-05
Query-Efficient Adversarial Attack Based on Latin Hypercube Sampling. (99%)
Defending against the Label-flipping Attack in Federated Learning. (98%)
UniCR: Universally Approximated Certified Robustness via Randomized Smoothing. (93%)
PRoA: A Probabilistic Robustness Assessment against Functional Perturbations. (92%)
Learning to Accelerate Approximate Methods for Solving Integer Programming via Early Fixing. (38%)
Robustness Analysis of Video-Language Models Against Visual and Language Perturbations. (1%)
Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. (1%)
PoF: Post-Training of Feature Extractor for Improving Generalization. (1%)
Class-Specific Semantic Reconstruction for Open Set Recognition. (1%)
2022-07-04
Hessian-Free Second-Order Adversarial Examples for Adversarial Learning. (99%)
Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples. (98%)
Task-agnostic Defense against Adversarial Patch Attacks. (98%)
Large-scale Robustness Analysis of Video Action Recognition Models. (70%)
Counterbalancing Teacher: Regularizing Batch Normalized Models for Robustness. (1%)
2022-07-03
RAF: Recursive Adversarial Attacks on Face Recognition Using Extremely Limited Queries. (99%)
Removing Batch Normalization Boosts Adversarial Training. (98%)
Anomaly Detection with Adversarially Learned Perturbations of Latent Space. (13%)
Identifying the Context Shift between Test Benchmarks and Production Data. (1%)
2022-07-02
FL-Defender: Combating Targeted Attacks in Federated Learning. (80%)
Backdoor Attack is a Devil in Federated GAN-based Medical Image Synthesis. (11%)
PhilaeX: Explaining the Failure and Success of AI Models in Malware Detection. (1%)
2022-07-01
Efficient Adversarial Training With Data Pruning. (99%)
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label. (99%)
2022-06-30
Detecting and Recovering Adversarial Examples from Extracting Non-robust and Highly Predictive Adversarial Perturbations. (99%)
Measuring Forgetting of Memorized Training Examples. (83%)
MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. (80%)
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN. (16%)
Threat Assessment in Machine Learning based Systems. (13%)
Robustness of Epinets against Distributional Shifts. (1%)
ProSelfLC: Progressive Self Label Correction Towards A Low-Temperature Entropy State. (1%)
No Reason for No Supervision: Improved Generalization in Supervised Models. (1%)
Augment like there's no tomorrow: Consistently performing neural networks for medical imaging. (1%)
2022-06-29
IBP Regularization for Verified Adversarial Robustness via Branch-and-Bound. (92%)
Adversarial Ensemble Training by Jointly Learning Label Dependencies and Member Models. (33%)
longhorns at DADC 2022: How many linguists does it take to fool a Question Answering model? A systematic approach to adversarial attacks. (10%)
Private Graph Extraction via Feature Explanations. (10%)
RegMixup: Mixup as a Regularizer Can Surprisingly Improve Accuracy and Out Distribution Robustness. (2%)
2022-06-28
Increasing Confidence in Adversarial Robustness Evaluations. (99%)
Rethinking Adversarial Examples for Location Privacy Protection. (93%)
A Deep Learning Approach to Create DNS Amplification Attacks. (92%)
On the amplification of security and privacy risks by post-hoc explanations in machine learning models. (31%)
How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection. (12%)
An Empirical Study of Challenges in Converting Deep Learning Models. (5%)
Reasoning about Moving Target Defense in Attack Modeling Formalisms. (2%)
AS-IntroVAE: Adversarial Similarity Distance Makes Robust IntroVAE. (1%)
2022-06-27
Adversarial Example Detection in Deployed Tree Ensembles. (99%)
Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs. (38%)
Utilizing Class Separation Distance for the Evaluation of Corruption Robustness of Machine Learning Classifiers. (15%)
Cyber Network Resilience against Self-Propagating Malware Attacks. (13%)
Quantification of Deep Neural Network Prediction Uncertainties for VVUQ of Machine Learning Models. (4%)
2022-06-26
Self-Healing Robust Neural Networks via Closed-Loop Control. (45%)
De-END: Decoder-driven Watermarking Network. (1%)
2022-06-25
Empirical Evaluation of Physical Adversarial Patch Attacks Against Overhead Object Detection Models. (99%)
Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising. (99%)
RSTAM: An Effective Black-Box Impersonation Attack on Face Recognition using a Mobile and Compact Printer. (99%)
Defending Multimodal Fusion Models against Single-Source Adversaries. (81%)
BackdoorBench: A Comprehensive Benchmark of Backdoor Learning. (12%)
Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks. (1%)
2022-06-24
Defending Backdoor Attacks on Vision Transformer via Patch Processing. (99%)
AdAUC: End-to-end Adversarial AUC Optimization Against Long-tail Problems. (96%)
Adversarial Robustness of Deep Neural Networks: A Survey from a Formal Verification Perspective. (92%)
Robustness of Explanation Methods for NLP Models. (82%)
zPROBE: Zero Peek Robustness Checks for Federated Learning. (4%)
Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems. (2%)
2022-06-23
Adversarial Zoom Lens: A Novel Physical-World Attack to DNNs. (99%)
A Framework for Understanding Model Extraction Attack and Defense. (98%)
Towards End-to-End Private Automatic Speaker Recognition. (76%)
BERT Rankers are Brittle: a Study using Adversarial Document Perturbations. (75%)
Never trust, always verify : a roadmap for Trustworthy AI? (1%)
Measuring Representational Robustness of Neural Networks Through Shared Invariances. (1%)
2022-06-22
AdvSmo: Black-box Adversarial Attack by Smoothing Linear Structure of Texture. (99%)
InfoAT: Improving Adversarial Training Using the Information Bottleneck Principle. (98%)
Robust Universal Adversarial Perturbations. (97%)
Guided Diffusion Model for Adversarial Purification from Random Noise. (68%)
Understanding the effect of sparsity on neural networks robustness. (61%)
Shilling Black-box Recommender Systems by Learning to Generate Fake User Profiles. (41%)
2022-06-21
SSMI: How to Make Objects of Interest Disappear without Accessing Object Detectors? (99%)
Transferable Graph Backdoor Attack. (99%)
(Certified!!) Adversarial Robustness for Free! (84%)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems. (81%)
FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. (68%)
Natural Backdoor Datasets. (33%)
The Privacy Onion Effect: Memorization is Relative. (22%)
ProML: A Decentralised Platform for Provenance Management of Machine Learning Software Systems. (1%)
2022-06-20
Understanding Robust Learning through the Lens of Representation Similarities. (99%)
Diversified Adversarial Attacks based on Conjugate Gradient Method. (98%)
Robust Deep Reinforcement Learning through Bootstrapped Opportunistic Curriculum. (76%)
SafeBench: A Benchmarking Platform for Safety Evaluation of Autonomous Vehicles. (5%)
Breaking Down Out-of-Distribution Detection: Many Methods Based on OOD Training Data Estimate a Combination of the Same Core Quantities. (1%)
2022-06-19
On the Limitations of Stochastic Pre-processing Defenses. (99%)
Towards Adversarial Attack on Vision-Language Pre-training Models. (98%)
A Universal Adversarial Policy for Text Classifiers. (98%)
JPEG Compression-Resistant Low-Mid Adversarial Perturbation against Unauthorized Face Recognition System. (68%)
Adversarially trained neural representations may already be as robust as corresponding biological neural representations. (31%)
2022-06-18
Demystifying the Adversarial Robustness of Random Transformation Defenses. (99%)
On the Role of Generalization in Transferability of Adversarial Examples. (99%)
DECK: Model Hardening for Defending Pervasive Backdoors. (98%)
Measuring Lower Bounds of Local Differential Privacy via Adversary Instantiations in Federated Learning. (10%)
Adversarial Scrutiny of Evidentiary Statistical Software. (2%)
2022-06-17
Detecting Adversarial Examples in Batches -- a geometrical approach. (99%)
Minimum Noticeable Difference based Adversarial Privacy Preserving Image Generation. (99%)
Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization. (99%)
Comment on Transferability and Input Transformation with Additive Noise. (99%)
Adversarial Robustness is at Odds with Lazy Training. (98%)
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection. (83%)
RetrievalGuard: Provably Robust 1-Nearest Neighbor Image Retrieval. (81%)
The Consistency of Adversarial Training for Binary Classification. (26%)
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification. (15%)
Understanding Robust Overfitting of Adversarial Training and Beyond. (8%)
2022-06-16
Adversarial Privacy Protection on Speech Enhancement. (99%)
Boosting the Adversarial Transferability of Surrogate Model with Dark Knowledge. (99%)
Analysis and Extensions of Adversarial Training for Video Classification. (93%)
Double Sampling Randomized Smoothing. (89%)
Adversarial Robustness of Graph-based Anomaly Detection. (76%)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks. (68%)
Backdoor Attacks on Vision Transformers. (31%)
Adversarial Patch Attacks and Defences in Vision-Based Tasks: A Survey. (22%)
Catastrophic overfitting is a bug but also a feature. (16%)
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences. (5%)
Gradient-Based Adversarial and Out-of-Distribution Detection. (2%)
"Understanding Robustness Lottery": A Comparative Visual Analysis of Neural Network Pruning Approaches. (1%)
2022-06-15
Fast and Reliable Evaluation of Adversarial Robustness with Minimum-Margin Attack. (99%)
Morphence-2.0: Evasion-Resilient Moving Target Defense Powered by Out-of-Distribution Detection. (99%)
Architectural Backdoors in Neural Networks. (83%)
Hardening DNNs against Transfer Attacks during Network Compression using Greedy Adversarial Pruning. (75%)
Linearity Grafting: Relaxed Neuron Pruning Helps Certifiable Robustness. (74%)
A Search-Based Testing Approach for Deep Reinforcement Learning Agents. (62%)
Can pruning improve certified robustness of neural networks? (56%)
Improving Diversity with Adversarially Learned Transformations for Domain Generalization. (33%)
Queried Unlabeled Data Improves and Robustifies Class-Incremental Learning. (11%)
The Manifold Hypothesis for Gradient-Based Explanations. (2%)
READ: Aggregating Reconstruction Error into Out-of-distribution Detection. (1%)
2022-06-14
Adversarial Vulnerability of Randomized Ensembles. (99%)
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training. (99%)
Efficiently Training Low-Curvature Neural Networks. (92%)
Proximal Splitting Adversarial Attacks for Semantic Segmentation. (92%)
On the explainable properties of 1-Lipschitz Neural Networks: An Optimal Transport Perspective. (89%)
Defending Observation Attacks in Deep Reinforcement Learning via Detection and Denoising. (88%)
Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO. (86%)
Turning a Curse Into a Blessing: Enabling Clean-Data-Free Defenses by Model Inversion. (68%)
Human Eyes Inspired Recurrent Neural Networks are More Robust Against Adversarial Noises. (67%)
Attacks on Perception-Based Control Systems: Modeling and Fundamental Limits. (2%)
A Gift from Label Smoothing: Robust Training with Adaptive Label Smoothing via Auxiliary Classifier under Label Noise. (1%)
A Survey on Gradient Inversion: Attacks, Defenses and Future Directions. (1%)
2022-06-13
Towards Alternative Techniques for Improving Adversarial Robustness: Analysis of Adversarial Training at a Spectrum of Perturbations. (99%)
Distributed Adversarial Training to Robustify Deep Neural Networks at Scale. (99%)
Pixel to Binary Embedding Towards Robustness for CNNs. (47%)
Towards Understanding Sharpness-Aware Minimization. (1%)
Efficient Human-in-the-loop System for Guiding DNNs Attention. (1%)
An adversarially robust data-market for spatial, crowd-sourced data. (1%)
2022-06-12
Consistent Attack: Universal Adversarial Perturbation on Embodied Vision Navigation. (98%)
Security of Machine Learning-Based Anomaly Detection in Cyber Physical Systems. (92%)
Darknet Traffic Classification and Adversarial Attacks. (81%)
InBiaseD: Inductive Bias Distillation to Improve Generalization and Robustness through Shape-awareness. (26%)
RSSD: Defend against Ransomware with Hardware-Isolated Network-Storage Codesign and Post-Attack Analysis. (9%)
Neurotoxin: Durable Backdoors in Federated Learning. (5%)
An Efficient Method for Sample Adversarial Perturbations against Nonlinear Support Vector Machines. (4%)
2022-06-11
Improving the Adversarial Robustness of NLP Models by Information Bottleneck. (99%)
Defending Adversarial Examples by Negative Correlation Ensemble. (99%)
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks. (81%)
Bilateral Dependency Optimization: Defending Against Model-inversion Attacks. (69%)
2022-06-10
Localized adversarial artifacts for compressed sensing MRI. (76%)
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency. (70%)
Blades: A Unified Benchmark Suite for Byzantine Attacks and Defenses in Federated Learning. (33%)
Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers. (9%)
Deep Leakage from Model in Federated Learning. (3%)
Adversarial Counterfactual Environment Model Learning. (1%)
2022-06-09
CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models. (99%)
ReFace: Real-time Adversarial Attacks on Face Recognition Systems. (99%)
Adversarial Noises Are Linearly Separable for (Nearly) Random Neural Networks. (98%)
Meet You Halfway: Explaining Deep Learning Mysteries. (92%)
Early Transferability of Adversarial Examples in Deep Neural Networks. (86%)
GSmooth: Certified Robustness against Semantic Transformations via Generalized Randomized Smoothing. (86%)
Beyond the Imitation Game: Quantifying and extrapolating the capabilities of language models. (84%)
Data-Efficient Double-Win Lottery Tickets from Robust Pre-training. (41%)
DORA: Exploring outlier representations in Deep Neural Networks. (1%)
Membership Inference via Backdooring. (1%)
2022-06-08
Wavelet Regularization Benefits Adversarial Training. (99%)
Latent Boundary-guided Adversarial Training. (99%)
Adversarial Text Normalization. (73%)
Autoregressive Perturbations for Data Poisoning. (70%)
Toward Certified Robustness Against Real-World Distribution Shifts. (5%)
Generative Adversarial Networks and Image-Based Malware Classification. (1%)
Robust Deep Ensemble Method for Real-world Image Denoising. (1%)
2022-06-07
Fooling Explanations in Text Classifiers. (99%)
AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems. (99%)
Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition. (99%)
Adaptive Regularization for Adversarial Training. (98%)
Building Robust Ensembles via Margin Boosting. (83%)
On the Permanence of Backdoors in Evolving Models. (67%)
Subject Membership Inference Attacks in Federated Learning. (4%)
Adversarial Reprogramming Revisited. (3%)
Certifying Data-Bias Robustness in Linear Regression. (1%)
Parametric Chordal Sparsity for SDP-based Neural Network Verification. (1%)
Can CNNs Be More Robust Than Transformers? (1%)
2022-06-06
Robust Adversarial Attacks Detection based on Explainable Deep Reinforcement Learning For UAV Guidance and Planning. (99%)
Fast Adversarial Training with Adaptive Step Size. (98%)
Certified Robustness in Federated Learning. (87%)
Robust Image Protection Countering Cropping Manipulation. (12%)
PCPT and ACPT: Copyright Protection and Traceability Scheme for DNN Model. (3%)
Tackling covariate shift with node-based Bayesian neural networks. (1%)
Anomaly Detection with Test Time Augmentation and Consistency Evaluation. (1%)
2022-06-05
Federated Adversarial Training with Transformers. (98%)
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training. (98%)
Which models are innately best at uncertainty estimation? (1%)
2022-06-04
Soft Adversarial Training Can Retain Natural Accuracy. (76%)
2022-06-03
Saliency Attack: Towards Imperceptible Black-box Adversarial Attack. (99%)
Towards Evading the Limits of Randomized Smoothing: A Theoretical Analysis. (96%)
Evaluating Transfer-based Targeted Adversarial Perturbations against Real-World Computer Vision Systems based on Human Judgments. (92%)
A Robust Backpropagation-Free Framework for Images. (80%)
Gradient Obfuscation Checklist Test Gives a False Sense of Security. (73%)
Kallima: A Clean-label Framework for Textual Backdoor Attacks. (26%)
2022-06-02
Improving the Robustness and Generalization of Deep Neural Network with Confidence Threshold Reduction. (99%)
FACM: Intermediate Layer Still Retain Effective Features against Adversarial Examples. (99%)
Adaptive Adversarial Training to Improve Adversarial Robustness of DNNs for Medical Image Segmentation and Detection. (99%)
Adversarial RAW: Image-Scaling Attack Against Imaging Pipeline. (99%)
Adversarial Laser Spot: Robust and Covert Physical Adversarial Attack to DNNs. (98%)
Adversarial Unlearning: Reducing Confidence Along Adversarial Directions. (31%)
MaxStyle: Adversarial Style Composition for Robust Medical Image Segmentation. (8%)
A temporal chrominance trigger for clean-label backdoor attack against anti-spoof rebroadcast detection. (4%)
Learning Unbiased Transferability for Domain Adaptation by Uncertainty Modeling. (1%)
2022-06-01
On the reversibility of adversarial attacks. (99%)
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks. (99%)
Attack-Agnostic Adversarial Detection. (99%)
On the Perils of Cascading Robust Classifiers. (98%)
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations. (98%)
Support Vector Machines under Adversarial Label Contamination. (97%)
Defense Against Gradient Leakage Attacks via Learning to Obscure Data. (80%)
The robust way to stack and bag: the local Lipschitz way. (70%)
Robustness Evaluation and Adversarial Training of an Instance Segmentation Model. (54%)
Sequential Bayesian Neural Subnetwork Ensembles. (2%)
RoCourseNet: Distributionally Robust Training of a Prediction Aware Recourse Model. (1%)
2022-05-31
Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems. (99%)
Exact Feature Collisions in Neural Networks. (95%)
CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. (93%)
CASSOCK: Viable Backdoor Attacks against DNN in The Wall of Source-Specific Backdoor Defences. (83%)
Semantic Autoencoder and Its Potential Usage for Adversarial Attack. (81%)
An Effective Fusion Method to Enhance the Robustness of CNN. (80%)
Order-sensitive Shapley Values for Evaluating Conceptual Soundness of NLP Models. (64%)
Generative Models with Information-Theoretic Protection Against Membership Inference Attacks. (10%)
Likelihood-Free Inference with Generative Neural Networks via Scoring Rule Minimization. (1%)
2022-05-30
Level Up with ML Vulnerability Identification: Leveraging Domain Constraints in Feature Space for Robust Android Malware Detection. (99%)
Searching for the Essence of Adversarial Perturbations. (99%)
Exposing Fine-Grained Adversarial Vulnerability of Face Anti-Spoofing Models. (99%)
Guided Diffusion Model for Adversarial Purification. (99%)
Why Adversarial Training of ReLU Networks Is Difficult? (68%)
CalFAT: Calibrated Federated Adversarial Training with Label Skewness. (67%)
Securing AI-based Healthcare Systems using Blockchain Technology: A State-of-the-Art Systematic Literature Review and Future Research Directions. (15%)
Efficient Reward Poisoning Attacks on Online Deep Reinforcement Learning. (13%)
White-box Membership Attack Against Machine Learning Based Retinopathy Classification. (10%)
Fool SHAP with Stealthily Biased Sampling. (2%)
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance. (2%)
2022-05-29
Robust Weight Perturbation for Adversarial Training. (99%)
Mixture GAN For Modulation Classification Resiliency Against Adversarial Attacks. (99%)
Unfooling Perturbation-Based Post Hoc Explainers. (98%)
On the Robustness of Safe Reinforcement Learning under Observational Perturbations. (93%)
Superclass Adversarial Attack. (80%)
Problem-Space Evasion Attacks in the Android OS: a Survey. (50%)
Context-based Virtual Adversarial Training for Text Classification with Noisy Labels. (11%)
A General Multiple Data Augmentation Based Framework for Training Deep Neural Networks. (1%)
2022-05-28
Contributor-Aware Defenses Against Adversarial Backdoor Attacks. (98%)
BadDet: Backdoor Attacks on Object Detection. (92%)
Syntax-Guided Program Reduction for Understanding Neural Code Intelligence Models. (62%)
2022-05-27
fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems. (96%)
Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power. (95%)
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction. (93%)
Defending Against Stealthy Backdoor Attacks. (73%)
EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks. (13%)
2022-05-26
A Physical-World Adversarial Attack Against 3D Face Recognition. (99%)
Transferable Adversarial Attack based on Integrated Gradients. (99%)
MALICE: Manipulation Attacks on Learned Image ComprEssion. (99%)
Phantom Sponges: Exploiting Non-Maximum Suppression to Attack Deep Object Detectors. (98%)
Circumventing Backdoor Defenses That Are Based on Latent Separability. (96%)
An Analytic Framework for Robust Training of Artificial Neural Networks. (93%)
Adversarial attacks and defenses in Speaker Recognition Systems: A survey. (81%)
PerDoor: Persistent Non-Uniform Backdoors in Federated Learning using Adversarial Perturbations. (81%)
BppAttack: Stealthy and Efficient Trojan Attacks against Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning. (81%)
R-HTDetector: Robust Hardware-Trojan Detection Based on Adversarial Training. (80%)
BagFlip: A Certified Defense against Data Poisoning. (75%)
Towards A Proactive ML Approach for Detecting Backdoor Poison Samples. (67%)
Membership Inference Attack Using Self Influence Functions. (45%)
MemeTector: Enforcing deep focus for meme detection. (1%)
ES-GNN: Generalizing Graph Neural Networks Beyond Homophily with Edge Splitting. (1%)
2022-05-25
Surprises in adversarially-trained linear regression. (87%)
BITE: Textual Backdoor Attacks with Iterative Trigger Injection. (75%)
Impartial Games: A Challenge for Reinforcement Learning. (13%)
How explainable are adversarially-robust CNNs? (8%)
2022-05-24
Defending a Music Recommender Against Hubness-Based Adversarial Attacks. (99%)
Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks. (99%)
Certified Robustness Against Natural Language Attacks by Causal Intervention. (98%)
One-Pixel Shortcut: on the Learning Preference of Deep Neural Networks. (92%)
Fine-grained Poisoning Attacks to Local Differential Privacy Protocols for Mean and Variance Estimation. (64%)
WeDef: Weakly Supervised Backdoor Defense for Text Classification. (56%)
Recipe2Vec: Multi-modal Recipe Representation Learning with Graph Neural Networks. (50%)
EBM Life Cycle: MCMC Strategies for Synthesis, Defense, and Density Modeling. (10%)
Comprehensive Privacy Analysis on Federated Recommender System against Attribute Inference Attacks. (9%)
Fast & Furious: Modelling Malware Detection as Evolving Data Streams. (2%)
Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free. (2%)
CDFKD-MFS: Collaborative Data-free Knowledge Distillation via Multi-level Feature Sharing. (1%)
2022-05-23
Collaborative Adversarial Training. (98%)
Alleviating Robust Overfitting of Adversarial Training With Consistency Regularization. (98%)
Learning to Ignore Adversarial Attacks. (95%)
Towards a Defense against Backdoor Attacks in Continual Federated Learning. (50%)
Compressing Deep Graph Neural Networks via Adversarial Knowledge Distillation. (10%)
RCC-GAN: Regularized Compound Conditional GAN for Large-Scale Tabular Data Synthesis. (1%)
2022-05-22
AutoJoin: Efficient Adversarial Training for Robust Maneuvering via Denoising Autoencoder and Joint Learning. (26%)
Robust Quantity-Aware Aggregation for Federated Learning. (13%)
Generalization ability and Vulnerabilities to adversarial perturbations: Two sides of the same coin. (10%)
2022-05-21
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. (99%)
Gradient Concealment: Free Lunch for Defending Adversarial Attacks. (99%)
Phrase-level Textual Adversarial Attack with Label Preservation. (99%)
On the Feasibility and Generality of Patch-based Adversarial Attacks on Semantic Segmentation Problems. (16%)
2022-05-20
Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness. (99%)
Robust Sensible Adversarial Learning of Deep Neural Networks for Image Classification. (98%)
Adversarial joint attacks on legged robots. (86%)
Towards Consistency in Adversarial Classification. (82%)
Adversarial Body Shape Search for Legged Robots. (80%)
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning. (64%)
The developmental trajectory of object recognition robustness: children are like small adults but unlike big deep neural networks. (11%)
Vulnerability Analysis and Performance Enhancement of Authentication Protocol in Dynamic Wireless Power Transfer Systems. (10%)
Exploring the Trade-off between Plausibility, Change Intensity and Adversarial Power in Counterfactual Explanations using Multi-objective Optimization. (4%)
2022-05-19
Focused Adversarial Attacks. (99%)
Transferable Physical Attack against Object Detection with Separable Attention. (99%)
Gradient Aligned Attacks via a Few Queries. (99%)
On Trace of PGD-Like Adversarial Attacks. (99%)
Improving Robustness against Real-World and Worst-Case Distribution Shifts through Decision Region Quantification. (98%)
Defending Against Adversarial Attacks by Energy Storage Facility. (96%)
Sparse Adversarial Attack in Multi-agent Reinforcement Learning. (82%)
Data Valuation for Offline Reinforcement Learning. (1%)
2022-05-18
Passive Defense Against 3D Adversarial Point Clouds Through the Lens of 3D Steganalysis. (99%)
Property Unlearning: A Defense Strategy Against Property Inference Attacks. (84%)
Constraining the Attack Space of Machine Learning Models with Distribution Clamping Preprocessing. (81%)
Backdoor Attacks on Bayesian Neural Networks using Reverse Distribution. (56%)
Empirical Advocacy of Bio-inspired Models for Robust Image Recognition. (38%)
Mitigating Neural Network Overconfidence with Logit Normalization. (1%)
RandoMix: A mixed sample data augmentation method with multiple mixed modes. (1%)
2022-05-17
Hierarchical Distribution-Aware Testing of Deep Learning. (99%)
Bankrupting DoS Attackers Despite Uncertainty. (12%)
A two-steps approach to improve the performance of Android malware detectors. (10%)
Policy Distillation with Selective Input Gradient Regularization for Efficient Interpretability. (2%)
Recovering Private Text in Federated Learning of Language Models. (2%)
Semi-Supervised Building Footprint Generation with Feature and Output Consistency Training. (1%)
2022-05-16
Attacking and Defending Deep Reinforcement Learning Policies. (99%)
Diffusion Models for Adversarial Purification. (99%)
Robust Representation via Dynamic Feature Aggregation. (84%)
Sparse Visual Counterfactual Explanations in Image Space. (83%)
On the Difficulty of Defending Self-Supervised Learning against Model Extraction. (67%)
Transferability of Adversarial Attacks on Synthetic Speech Detection. (47%)
2022-05-15
Learn2Weight: Parameter Adaptation against Similar-domain Adversarial Attacks. (99%)
Exploiting the Relationship Between Kendall's Rank Correlation and Cosine Similarity for Attribution Protection. (64%)
RoMFAC: A robust mean-field actor-critic reinforcement learning against adversarial perturbations on states. (62%)
Automation Slicing and Testing for in-App Deep Learning Models. (1%)
2022-05-14
Evaluating Membership Inference Through Adversarial Robustness. (98%)
Verifying Neural Networks Against Backdoor Attacks. (2%)
2022-05-13
MM-BD: Post-Training Detection of Backdoor Attacks with Arbitrary Backdoor Pattern Types Using a Maximum Margin Statistic. (98%)
l-Leaks: Membership Inference Attacks with Logits. (41%)
DualCF: Efficient Model Extraction Attack from Counterfactual Explanations. (26%)
Millimeter-Wave Automotive Radar Spoofing. (2%)
2022-05-12
Sample Complexity Bounds for Robustly Learning Decision Lists against Evasion Attacks. (75%)
PoisonedEncoder: Poisoning the Unlabeled Pre-training Data in Contrastive Learning. (61%)
How to Combine Membership-Inference Attacks on Multiple Updated Models. (11%)
Infrared Invisible Clothing:Hiding from Infrared Detectors at Multiple Angles in Real World. (4%)
Smooth-Reduce: Leveraging Patches for Improved Certified Robustness. (2%)
Stalloris: RPKI Downgrade Attack. (1%)
2022-05-11
Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. (1%)
The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. (1%)
A Longitudinal Study of Cryptographic API: a Decade of Android Malware. (1%)
2022-05-10
Robust Medical Image Classification from Noisy Labeled Data with Global and Local Representation Guided Co-training. (1%)
White-box Testing of NLP models with Mask Neuron Coverage. (1%)
2022-05-09
Btech thesis report on adversarial attack detection and purification of adverserially attacked images. (99%)
Using Frequency Attention to Make Adversarial Patch Powerful Against Person Detector. (98%)
Do You Think You Can Hold Me? The Real Challenge of Problem-Space Evasion Attacks. (97%)
Model-Contrastive Learning for Backdoor Defense. (87%)
How Does Frequency Bias Affect the Robustness of Neural Image Classifiers against Common Corruption and Adversarial Perturbations? (61%)
Federated Multi-Armed Bandits Under Byzantine Attacks. (2%)
Verifying Integrity of Deep Ensemble Models by Lossless Black-box Watermarking with Sensitive Samples. (2%)
2022-05-08
Fingerprint Template Invertibility: Minutiae vs. Deep Templates. (68%)
ResSFL: A Resistance Transfer Framework for Defending Model Inversion Attack in Split Federated Learning. (22%)
VPN: Verification of Poisoning in Neural Networks. (9%)
FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks. (4%)
PGADA: Perturbation-Guided Adversarial Alignment for Few-shot Learning Under the Support-Query Shift. (1%)
2022-05-07
A Simple Yet Efficient Method for Adversarial Word-Substitute Attack. (99%)
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees. (92%)
2022-05-06
Imperceptible Backdoor Attack: From Input Space to Feature Representation. (68%)
Defending against Reconstruction Attacks through Differentially Private Federated Learning for Classification of Heterogeneous Chest X-Ray Data. (26%)
LPGNet: Link Private Graph Networks for Node Classification. (1%)
Unlimited Lives: Secure In-Process Rollback with Isolated Domains. (1%)
2022-05-05
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems. (99%)
Structural Extensions of Basis Pursuit: Guarantees on Adversarial Robustness. (78%)
Can collaborative learning be private, robust and scalable? (61%)
Large Scale Transfer Learning for Differentially Private Image Classification. (2%)
Are GAN-based Morphs Threatening Face Recognition? (1%)
Heterogeneous Domain Adaptation with Adversarial Neural Representation Learning: Experiments on E-Commerce and Cybersecurity. (1%)
2022-05-04
Based-CE white-box adversarial attack will not work using super-fitting. (99%)
Rethinking Classifier And Adversarial Attack. (98%)
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. (98%)
Robust Conversational Agents against Imperceptible Toxicity Triggers. (92%)
Subverting Fair Image Search with Generative Adversarial Perturbations. (83%)
2022-05-03
Adversarial Training for High-Stakes Reliability. (98%)
Don't sweat the small stuff, classify the rest: Sample Shielding to protect text classifiers against adversarial attacks. (96%)
On the uncertainty principle of neural networks. (10%)
Meta-Cognition. An Inverse-Inverse Reinforcement Learning Approach for Cognitive Radars. (1%)
2022-05-02
SemAttack: Natural Textual Attacks via Different Semantic Spaces. (96%)
Deep-Attack over the Deep Reinforcement Learning. (93%)
Enhancing Adversarial Training with Feature Separability. (92%)
BERTops: Studying BERT Representations under a Topological Lens. (92%)
MIRST-DM: Multi-Instance RST with Drop-Max Layer for Robust Classification of Breast Cancer. (83%)
Revisiting Gaussian Neurons for Online Clustering with Unknown Number of Clusters. (1%)
2022-05-01
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction. (98%)
DDDM: a Brain-Inspired Framework for Robust Classification. (76%)
Robust Fine-tuning via Perturbation and Interpolation from In-batch Instances. (9%)
A Simple Approach to Improve Single-Model Deep Uncertainty via Distance-Awareness. (3%)
Adversarial Plannning. (2%)
2022-04-30
Optimizing One-pixel Black-box Adversarial Attacks. (82%)
Cracking White-box DNN Watermarks via Invariant Neuron Transforms. (26%)
Loss Function Entropy Regularization for Diverse Decision Boundaries. (1%)
Adapting and Evaluating Influence-Estimation Methods for Gradient-Boosted Decision Trees. (1%)
2022-04-29
Adversarial attacks on an optical neural network. (92%)
Logically Consistent Adversarial Attacks for Soft Theorem Provers. (2%)
Bridging Differential Privacy and Byzantine-Robustness via Model Aggregation. (1%)
2022-04-28
Detecting Textual Adversarial Examples Based on Distributional Characteristics of Data Representations. (99%)
Formulating Robustness Against Unforeseen Attacks. (99%)
Randomized Smoothing under Attack: How Good is it in Pratice? (84%)
Improving robustness of language models from a geometry-aware perspective. (68%)
Mixup-based Deep Metric Learning Approaches for Incomplete Supervision. (50%)
AGIC: Approximate Gradient Inversion Attack on Federated Learning. (16%)
An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks. (1%)
2022-04-27
Adversarial Fine-tune with Dynamically Regulated Adversary. (99%)
Defending Against Person Hiding Adversarial Patch Attack with a Universal White Frame. (98%)
An Adversarial Attack Analysis on Malicious Advertisement URL Detection Framework. (81%)
2022-04-26
Boosting Adversarial Transferability of MLP-Mixer. (99%)
Restricted Black-box Adversarial Attack Against DeepFake Face Swapping. (99%)
Improving the Transferability of Adversarial Examples with Restructure Embedded Patches. (99%)
On Fragile Features and Batch Normalization in Adversarial Training. (97%)
Mixed Strategies for Security Games with General Defending Requirements. (75%)
Poisoning Deep Learning based Recommender Model in Federated Learning Scenarios. (26%)
Designing Perceptual Puzzles by Differentiating Probabilistic Programs. (13%)
Enhancing Privacy against Inversion Attacks in Federated Learning by using Mixing Gradients Strategies. (8%)
Performance Analysis of Out-of-Distribution Detection on Trained Neural Networks. (4%)
2022-04-25
Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks. (99%)
When adversarial examples are excusable. (89%)
A Simple Structure For Building A Robust Model. (81%)
Real or Virtual: A Video Conferencing Background Manipulation-Detection System. (67%)
Can Rationalization Improve Robustness? (12%)
PhysioGAN: Training High Fidelity Generative Model for Physiological Sensor Readings. (1%)
VITA: A Multi-Source Vicinal Transfer Augmentation Method for Out-of-Distribution Generalization. (1%)
Enable Deep Learning on Mobile Devices: Methods, Systems, and Applications. (1%)
2022-04-24
A Hybrid Defense Method against Adversarial Attacks on Traffic Sign Classifiers in Autonomous Vehicles. (99%)
Improving Deep Learning Model Robustness Against Adversarial Attack by Increasing the Network Capacity. (81%)
2022-04-23
Smart App Attack: Hacking Deep Learning Models in Android Apps. (98%)
Towards Data-Free Model Stealing in a Hard Label Setting. (13%)
Reinforced Causal Explainer for Graph Neural Networks. (1%)
2022-04-22
How Sampling Impacts the Robustness of Stochastic Neural Networks. (99%)
A Tale of Two Models: Constructing Evasive Attacks on Edge Models. (83%)
Enhancing the Transferability via Feature-Momentum Adversarial Attack. (82%)
Data-Efficient Backdoor Attacks. (76%)
2022-04-21
A Mask-Based Adversarial Defense Scheme. (99%)
Is Neuron Coverage Needed to Make Person Detection More Robust? (98%)
Testing robustness of predictions of trained classifiers against naturally occurring perturbations. (98%)
Adversarial Contrastive Learning by Permuting Cluster Assignments. (15%)
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation. (4%)
Detecting Topology Attacks against Graph Neural Networks. (1%)
2022-04-20
Adversarial Scratches: Deployable Attacks to CNN Classifiers. (99%)
GUARD: Graph Universal Adversarial Defense. (99%)
Fast AdvProp. (98%)
Case-Aware Adversarial Training. (98%)
Improved Worst-Group Robustness via Classifier Retraining on Independent Splits. (1%)
2022-04-19
Jacobian Ensembles Improve Robustness Trade-offs to Adversarial Attacks. (99%)
Robustness Testing of Data and Knowledge Driven Anomaly Detection in Cyber-Physical Systems. (86%)
Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation. (83%)
2022-04-18
UNBUS: Uncertainty-aware Deep Botnet Detection System in Presence of Perturbed Samples. (99%)
Sardino: Ultra-Fast Dynamic Ensemble for Secure Visual Sensing at Mobile Edge. (99%)
CgAT: Center-Guided Adversarial Training for Deep Hashing-Based Retrieval. (99%)
Metamorphic Testing-based Adversarial Attack to Fool Deepfake Detectors. (98%)
A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability. (75%)
CorrGAN: Input Transformation Technique Against Natural Corruptions. (70%)
Poisons that are learned faster are more effective. (64%)
2022-04-17
Residue-Based Natural Language Adversarial Attack Detection. (99%)
Towards Comprehensive Testing on the Robustness of Cooperative Multi-agent Reinforcement Learning. (95%)
2022-04-16
SETTI: A Self-supervised Adversarial Malware Detection Architecture in an IoT Environment. (95%)
Homomorphic Encryption and Federated Learning based Privacy-Preserving CNN Training: COVID-19 Detection Use-Case. (67%)
2022-04-15
Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning. (92%)
2022-04-14
From Environmental Sound Representation to Robustness of 2D CNN Models Against Adversarial Attacks. (99%)
Planting Undetectable Backdoors in Machine Learning Models. (99%)
Q-TART: Quickly Training for Adversarial Robustness and in-Transferability. (50%)
Robotic and Generative Adversarial Attacks in Offline Writer-independent Signature Verification. (41%)
2022-04-13
Task-Driven Data Augmentation for Vision-Based Robotic Control. (96%)
Stealing and Evading Malware Classifiers and Antivirus at Low False Positive Conditions. (87%)
Defensive Patches for Robust Recognition in the Physical World. (80%)
A Novel Approach to Train Diverse Types of Language Models for Health Mention Classification of Tweets. (78%)
Overparameterized Linear Regression under Adversarial Attacks. (76%)
Towards A Critical Evaluation of Robustness for Deep Learning Backdoor Countermeasures. (38%)
A Natural Language Processing Approach for Instruction Set Architecture Identification. (1%)
2022-04-12
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS. (99%)
Examining the Proximity of Adversarial Examples to Class Manifolds in Deep Networks. (98%)
Toward Robust Spiking Neural Network Against Adversarial Perturbation. (98%)
Machine Learning Security against Data Poisoning: Are We There Yet? (92%)
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms. (11%)
3DeformRS: Certifying Spatial Deformations on Point Clouds. (9%)
2022-04-11
A Simple Approach to Adversarial Robustness in Few-shot Image Classification. (98%)
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. (92%)
Generalizing Adversarial Explanations with Grad-CAM. (84%)
Anti-Adversarially Manipulated Attributions for Weakly Supervised Semantic Segmentation and Object Localization. (83%)
Exploring the Universal Vulnerability of Prompt-based Learning Paradigm. (47%)
medXGAN: Visual Explanations for Medical Classifiers through a Generative Latent Space. (1%)
2022-04-10
"That Is a Suspicious Reaction!": Interpreting Logits Variation to Detect NLP Adversarial Attacks. (88%)
Analysis of Power-Oriented Fault Injection Attacks on Spiking Neural Networks. (54%)
Measuring the False Sense of Security. (26%)
2022-04-08
Defense against Adversarial Attacks on Hybrid Speech Recognition using Joint Adversarial Fine-tuning with Denoiser. (99%)
AdvEst: Adversarial Perturbation Estimation to Classify and Detect Adversarial Attacks against Speaker Identification. (99%)
Evaluating the Adversarial Robustness for Fourier Neural Operators. (92%)
Backdoor Attack against NLP models with Robustness-Aware Perturbation defense. (87%)
An Adaptive Black-box Backdoor Detection Method for Deep Neural Networks. (45%)
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment. (13%)
Neural Tangent Generalization Attacks. (12%)
Labeling-Free Comparison Testing of Deep Learning Models. (11%)
Does Robustness on ImageNet Transfer to Downstream Tasks? (2%)
The self-learning AI controller for adaptive power beaming with fiber-array laser transmitter system. (1%)
2022-04-07
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. (99%)
Adaptive-Gravity: A Defense Against Adversarial Samples. (99%)
Using Multiple Self-Supervised Tasks Improves Model Robustness. (81%)
Transformer-Based Language Models for Software Vulnerability Detection: Performance, Model's Security and Platforms. (69%)
Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation. (1%)
2022-04-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
Masking Adversarial Damage: Finding Adversarial Saliency for Robust and Sparse Network. (95%)
Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck. (93%)
Optimization Models and Interpretations for Three Types of Adversarial Perturbations against Support Vector Machines. (68%)
Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems. (62%)
Adversarial Analysis of the Differentially-Private Federated Learning in Cyber-Physical Critical Infrastructures. (33%)
Control Barrier Function based Attack-Recovery with Provable Guarantees. (1%)
2022-04-05
Hear No Evil: Towards Adversarial Robustness of Automatic Speech Recognition via Multi-Task Learning. (98%)
Adversarial Robustness through the Lens of Convolutional Filters. (87%)
User-Level Differential Privacy against Attribute Inference Attack of Speech Emotion Recognition in Federated Learning. (2%)
SwapMix: Diagnosing and Regularizing the Over-Reliance on Visual Context in Visual Question Answering. (1%)
GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning. (1%)
2022-04-04
DAD: Data-free Adversarial Defense at Test Time. (99%)
SecureSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition. (99%)
Experimental quantum adversarial learning with programmable superconducting qubits. (99%)
PRADA: Practical Black-Box Adversarial Attacks against Neural Ranking Models. (99%)
FaceSigns: Semi-Fragile Neural Watermarks for Media Authentication and Countering Deepfakes. (98%)
2022-04-03
Breaking the De-Pois Poisoning Defense. (98%)
Adversarially robust segmentation models learn perceptually-aligned gradients. (16%)
Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders. (1%)
Improving Vision Transformers by Revisiting High-frequency Components. (1%)
2022-04-02
DST: Dynamic Substitute Training for Data-free Black-box Attack. (98%)
Adversarial Neon Beam: Robust Physical-World Adversarial Attack to DNNs. (98%)
2022-04-01
SkeleVision: Towards Adversarial Resiliency of Person Tracking with Multi-Task Learning. (47%)
Robust and Accurate -- Compositional Architectures for Randomized Smoothing. (31%)
FrequencyLowCut Pooling -- Plug & Play against Catastrophic Overfitting. (16%)
Preventing Distillation-based Attacks on Neural Network IP. (2%)
FedRecAttack: Model Poisoning Attack to Federated Recommendation. (1%)
2022-03-31
Improving Adversarial Transferability via Neuron Attribution-Based Attacks. (99%)
Adversarial Examples in Random Neural Networks with General Activations. (98%)
Scalable Whitebox Attacks on Tree-based Models. (96%)
Towards Robust Rain Removal Against Adversarial Attacks: A Comprehensive Benchmark Analysis and Beyond. (86%)
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. (81%)
2022-03-30
Investigating Top-$k$ White-Box and Transferable Black-box Attack. (87%)
Sensor Data Validation and Driving Safety in Autonomous Driving Systems. (83%)
Example-based Explanations with Adversarial Attacks for Respiratory Sound Analysis. (56%)
2022-03-29
Mel Frequency Spectral Domain Defenses against Adversarial Attacks on Speech Recognition Systems. (99%)
Zero-Query Transfer Attacks on Context-Aware Object Detectors. (99%)
Exploring Frequency Adversarial Attacks for Face Forgery Detection. (99%)
StyleFool: Fooling Video Classification Systems via Style Transfer. (99%)
Recent improvements of ASR models in the face of adversarial attacks. (98%)
Robust Structured Declarative Classifiers for 3D Point Clouds: Defending Adversarial Attacks with Implicit Gradients. (83%)
Treatment Learning Causal Transformer for Noisy Image Classification. (26%)
Can NMT Understand Me? Towards Perturbation-based Evaluation of NMT Models for Code Generation. (11%)
2022-03-28
Boosting Black-Box Adversarial Attacks with Meta Learning. (99%)
A Fast and Efficient Conditional Learning for Tunable Trade-Off between Accuracy and Robustness. (62%)
Robust Unlearnable Examples: Protecting Data Against Adversarial Learning. (16%)
Neurosymbolic hybrid approach to driver collision warning. (15%)
Attacker Attribution of Audio Deepfakes. (1%)
2022-03-27
Text Adversarial Purification as Defense against Adversarial Attacks. (99%)
Adversarial Representation Sharing: A Quantitative and Secure Collaborative Learning Framework. (8%)
2022-03-26
How to Robustify Black-Box ML Models? A Zeroth-Order Optimization Perspective. (99%)
A Survey of Robust Adversarial Training in Pattern Recognition: Fundamental, Theory, and Methodologies. (99%)
Reverse Engineering of Imperceptible Adversarial Image Perturbations. (99%)
Efficient Global Robustness Certification of Neural Networks via Interleaving Twin-Network Encoding. (33%)
A Systematic Survey of Attack Detection and Prevention in Connected and Autonomous Vehicles. (1%)
A Roadmap for Big Model. (1%)
2022-03-25
Enhancing Transferability of Adversarial Examples with Spatial Momentum. (99%)
Origins of Low-dimensional Adversarial Perturbations. (98%)
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch Robustness. (89%)
Improving Robustness of Jet Tagging Algorithms with Adversarial Training. (10%)
A Unified Contrastive Energy-based Model for Understanding the Generative Ability of Adversarial Training. (5%)
A Stitch in Time Saves Nine: A Train-Time Regularizing Loss for Improved Neural Network Calibration. (1%)
2022-03-24
Trojan Horse Training for Breaking Defenses against Backdoor Attacks in Deep Learning. (99%)
A Perturbation Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow. (99%)
NPC: Neuron Path Coverage via Characterizing Decision Logic of Deep Neural Networks. (93%)
MERLIN -- Malware Evasion with Reinforcement LearnINg. (56%)
Repairing Group-Level Errors for DNNs Using Weighted Regularization. (13%)
A Manifold View of Adversarial Risk. (11%)
2022-03-23
Powerful Physical Adversarial Examples Against Practical Face Recognition Systems. (99%)
Adversarial Training for Improving Model Robustness? Look at Both Prediction and Interpretation. (99%)
Input-specific Attention Subnetworks for Adversarial Detection. (99%)
Self-supervised Learning of Adversarial Example: Towards Good Generalizations for Deepfake Detection. (69%)
Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion. (3%)
On the (Limited) Generalization of MasterFace Attacks and Its Relation to the Capacity of Face Representations. (3%)
2022-03-22
Exploring High-Order Structure for Robust Graph Structure Learning. (99%)
On Adversarial Robustness of Large-scale Audio Visual Learning. (93%)
On the (Non-)Robustness of Two-Layer Neural Networks in Different Learning Regimes. (86%)
Semi-Targeted Model Poisoning Attack on Federated Learning via Backward Error Analysis. (78%)
A Girl Has A Name, And It's ... Adversarial Authorship Attribution for Deobfuscation. (2%)
GradViT: Gradient Inversion of Vision Transformers. (1%)
On Robust Classification using Contractive Hamiltonian Neural ODEs. (1%)
2022-03-21
Making DeepFakes more spurious: evading deep face forgery detection via trace removal attack. (92%)
Integrity Fingerprinting of DNN with Double Black-box Design and Verification. (10%)
On The Robustness of Offensive Language Classifiers. (2%)
Defending against Co-residence Attack in Energy-Efficient Cloud: An Optimization based Real-time Secure VM Allocation Strategy. (1%)
2022-03-20
An Intermediate-level Attack Framework on The Basis of Linear Regression. (99%)
A Prompting-based Approach for Adversarial Example Generation and Robustness Enhancement. (99%)
Leveraging Expert Guided Adversarial Augmentation For Improving Generalization in Named Entity Recognition. (82%)
Adversarial Parameter Attack on Deep Neural Networks. (62%)
2022-03-19
Adversarial Defense via Image Denoising with Chaotic Encryption. (99%)
Perturbations in the Wild: Leveraging Human-Written Text Perturbations for Realistic Adversarial Attack and Defense. (98%)
Distinguishing Non-natural from Natural Adversarial Samples for More Robust Pre-trained Language Model. (84%)
Efficient Neural Network Analysis with Sum-of-Infeasibilities. (74%)
Deep Learning Generalization, Extrapolation, and Over-parameterization. (68%)
On Robust Prefix-Tuning for Text Classification. (10%)
2022-03-18
Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike. (99%)
Adversarial Attacks on Deep Learning-based Video Compression and Classification Systems. (99%)
Neural Predictor for Black-Box Adversarial Attacks on Speech Recognition. (99%)
AutoAdversary: A Pixel Pruning Method for Sparse Adversarial Attack. (99%)
Alleviating Adversarial Attacks on Variational Autoencoders with MCMC. (96%)
DTA: Physical Camouflage Attacks using Differentiable Transformation Network. (83%)
AdIoTack: Quantifying and Refining Resilience of Decision Tree Ensemble Inference Models against Adversarial Volumetric Attacks on IoT Networks. (78%)
Towards Robust 2D Convolution for Reliable Visual Recognition. (9%)
2022-03-17
Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input. (99%)
Self-Ensemble Adversarial Training for Improved Robustness. (99%)
Leveraging Adversarial Examples to Quantify Membership Information Leakage. (98%)
On the Properties of Adversarially-Trained CNNs. (93%)
PiDAn: A Coherence Optimization Approach for Backdoor Attack Detection and Mitigation in Deep Neural Networks. (89%)
HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing. (1%)
2022-03-16
Robustness through Cognitive Dissociation Mitigation in Contrastive Adversarial Training. (99%)
Towards Practical Certifiable Patch Defense with Vision Transformer. (98%)
Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations? (97%)
Provable Adversarial Robustness for Fractional Lp Threat Models. (87%)
What Do Adversarially trained Neural Networks Focus: A Fourier Domain-based Study. (83%)
COPA: Certifying Robust Policies for Offline Reinforcement Learning against Poisoning Attacks. (82%)
Sniper Backdoor: Single Client Targeted Backdoor Attack in Federated Learning. (70%)
Reducing Flipping Errors in Deep Neural Networks. (68%)
Attacking deep networks with surrogate-based adversarial black-box methods is easy. (45%)
On the Convergence of Certified Robust Training with Interval Bound Propagation. (15%)
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. (15%)
Understanding robustness and generalization of artificial neural networks through Fourier masks. (2%)
2022-03-15
Generalized but not Robust? Comparing the Effects of Data Modification Methods on Out-of-Domain Generalization and Adversarial Robustness. (76%)
Internet-based Social Engineering Attacks, Defenses and Psychology: A Survey. (13%)
Towards Adversarial Control Loops in Sensor Attacks: A Case Study to Control the Kinematics and Actuation of Embedded Systems. (10%)
LDP: Learnable Dynamic Precision for Efficient Deep Neural Network Training and Inference. (1%)
Adversarial Counterfactual Augmentation: Application in Alzheimer's Disease Classification. (1%)
2022-03-14
Efficient universal shuffle attack for visual object tracking. (99%)
Defending Against Adversarial Attack in ECG Classification with Adversarial Distillation Training. (99%)
Task-Agnostic Robust Representation Learning. (98%)
Energy-Latency Attacks via Sponge Poisoning. (91%)
Adversarial amplitude swap towards robust image classifiers. (83%)
On the benefits of knowledge distillation for adversarial robustness. (82%)
RES-HD: Resilient Intelligent Fault Diagnosis Against Adversarial Attacks Using Hyper-Dimensional Computing. (82%)
Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis. (54%)
2022-03-13
LAS-AT: Adversarial Training with Learnable Attack Strategy. (99%)
Generating Practical Adversarial Network Traffic Flows Using NIDSGAN. (99%)
Model Inversion Attack against Transfer Learning: Inverting a Model without Accessing It. (92%)
One Parameter Defense -- Defending against Data Inference Attacks via Differential Privacy. (67%)
Policy Learning for Robust Markov Decision Process with a Mismatched Generative Model. (3%)
2022-03-12
Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior. (99%)
A Survey of Adversarial Defences and Robustness in NLP. (99%)
Label-only Model Inversion Attack: The Attack that Requires the Least Information. (47%)
2022-03-11
Block-Sparse Adversarial Attack to Fool Transformer-Based Text Classifiers. (99%)
Learning from Attacks: Attacking Variational Autoencoder for Improving Image Classification. (98%)
An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks. (96%)
Enhancing Adversarial Training with Second-Order Statistics of Weights. (38%)
ROOD-MRI: Benchmarking the robustness of deep learning segmentation models to out-of-distribution and corrupted data in MRI. (33%)
Perception Over Time: Temporal Dynamics for Robust Image Understanding. (16%)
Reinforcement Learning for Linear Quadratic Control is Vulnerable Under Cost Manipulation. (15%)
2022-03-10
Exploiting the Potential of Datasets: A Data-Centric Approach for Model Robustness. (92%)
Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation. (75%)
Attack Analysis of Face Recognition Authentication Systems Using Fast Gradient Sign Method. (69%)
Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition Systems. (64%)
SoK: On the Semantic AI Security in Autonomous Driving. (10%)
2022-03-09
Practical No-box Adversarial Attacks with Training-free Hybrid Image Transformation. (99%)
Practical Evaluation of Adversarial Robustness via Adaptive Auto Attack. (99%)
Frequency-driven Imperceptible Adversarial Attack on Semantic Similarity. (99%)
Binary Classification Under $\ell_0$ Attacks for General Noise Distribution. (98%)
Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition. (97%)
Reverse Engineering $\ell_p$ attacks: A block-sparse optimization approach with recovery guarantees. (92%)
Defending Black-box Skeleton-based Human Activity Classifiers. (92%)
Robust Federated Learning Against Adversarial Attacks for Speech Emotion Recognition. (81%)
Improving Neural ODEs via Knowledge Distillation. (80%)
Physics-aware Complex-valued Adversarial Machine Learning in Reconfigurable Diffractive All-optical Neural Network. (22%)
On the surprising tradeoff between ImageNet accuracy and perceptual similarity. (1%)
2022-03-08
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust NIDS. (99%)
Shape-invariant 3D Adversarial Point Clouds. (99%)
ART-Point: Improving Rotation Robustness of Point Cloud Classifiers via Adversarial Rotation. (92%)
Robustly-reliable learners under poisoning attacks. (13%)
DeepSE-WF: Unified Security Estimation for Website Fingerprinting Defenses. (2%)
Joint rotational invariance and adversarial training of a dual-stream Transformer yields state of the art Brain-Score for Area V4. (1%)
Harmonicity Plays a Critical Role in DNN Based Versus in Biologically-Inspired Monaural Speech Segregation Systems. (1%)
2022-03-07
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches. (99%)
Art-Attack: Black-Box Adversarial Attack via Evolutionary Art. (99%)
Shadows can be Dangerous: Stealthy and Effective Physical-world Adversarial Attack by Natural Phenomenon. (99%)
Adversarial Texture for Fooling Person Detectors in the Physical World. (98%)
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision. (83%)
Towards Efficient Data-Centric Robust Machine Learning with Noise-based Augmentation. (31%)
2022-03-06
$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks. (99%)
Protecting Facial Privacy: Generating Adversarial Identity Masks via Style-robust Makeup Transfer. (98%)
Scalable Uncertainty Quantification for Deep Operator Networks using Randomized Priors. (45%)
Evaluation of Interpretability Methods and Perturbation Artifacts in Deep Neural Networks. (2%)
2022-03-05
aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA. (92%)
2022-03-04
Targeted Data Poisoning Attack on News Recommendation System by Content Perturbation. (82%)
Concept-based Explanations for Out-Of-Distribution Detectors. (1%)
2022-03-03
Ad2Attack: Adaptive Adversarial Attack on Real-Time UAV Tracking. (99%)
Detection of Word Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation. (98%)
Adversarial Patterns: Building Robust Android Malware Classifiers. (98%)
Improving Health Mentioning Classification of Tweets using Contrastive Adversarial Training. (84%)
Label-Only Model Inversion Attacks via Boundary Repulsion. (74%)
Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models. (56%)
Why adversarial training can hurt robust accuracy. (22%)
Understanding Failure Modes of Self-Supervised Learning. (4%)
Ensemble Methods for Robust Support Vector Machines using Integer Programming. (2%)
Autonomous and Resilient Control for Optimal LEO Satellite Constellation Coverage Against Space Threats. (1%)
2022-03-02
Enhancing Adversarial Robustness for Deep Metric Learning. (99%)
Adversarial attacks on neural networks through canonical Riemannian foliations. (99%)
Detecting Adversarial Perturbations in Multi-Task Perception. (98%)
Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers. (69%)
Video is All You Need: Attacking PPG-based Biometric Authentication. (13%)
MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members. (2%)
A Quantitative Geometric Approach to Neural-Network Smoothness. (2%)
2022-03-01
Adversarial samples for deep monocular 6D object pose estimation. (99%)
Physical Backdoor Attacks to Lane Detection Systems in Autonomous Driving. (87%)
Global-Local Regularization Via Distributional Robustness. (86%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (11%)
Signature Correction Attack on Dilithium Signature Scheme. (1%)
2022-02-28
Enhance transferability of adversarial examples with model architecture. (99%)
Towards Robust Stacked Capsule Autoencoder with Hybrid Adversarial Training. (99%)
Evaluating the Adversarial Robustness of Adaptive Test-time Defenses. (98%)
MaMaDroid2.0 -- The Holes of Control Flow Graphs. (88%)
Improving Lexical Embeddings for Robust Question Answering. (67%)
Robust Textual Embedding against Word-level Adversarial Attacks. (26%)
Artificial Intelligence for Cyber Security (AICS). (1%)
Explaining RADAR features for detecting spoofing attacks in Connected Autonomous Vehicles. (1%)
2022-02-27
A Unified Wasserstein Distributional Robustness Framework for Adversarial Training. (99%)
Robust Control of Partially Specified Boolean Networks. (1%)
2022-02-26
Adversarial robustness of sparse local Lipschitz predictors. (87%)
Neuro-Inspired Deep Neural Networks with Sparse, Strong Activations. (45%)
Automation of reversible steganographic coding with nonlinear discrete optimisation. (1%)
2022-02-25
ARIA: Adversarially Robust Image Attribution for Content Provenance. (99%)
Projective Ranking-based GNN Evasion Attacks. (97%)
On the Effectiveness of Dataset Watermarking in Adversarial Settings. (56%)
2022-02-24
Towards Effective and Robust Neural Trojan Defenses via Input Filtering. (92%)
Robust Probabilistic Time Series Forecasting. (76%)
Understanding Adversarial Robustness from Feature Maps of Convolutional Layers. (70%)
Measuring CLEVRness: Blackbox testing of Visual Reasoning Models. (16%)
Bounding Membership Inference. (11%)
Fourier-Based Augmentations for Improved Robustness and Uncertainty Calibration. (3%)
Threading the Needle of On and Off-Manifold Value Functions for Shapley Explanations. (2%)
Interpolation-based Contrastive Learning for Few-Label Semi-Supervised Learning. (1%)
2022-02-23
Improving Robustness of Convolutional Neural Networks Using Element-Wise Activation Scaling. (96%)
Using calibrator to improve robustness in Machine Reading Comprehension. (13%)
2022-02-22
LPF-Defense: 3D Adversarial Defense based on Frequency Analysis. (99%)
Universal adversarial perturbation for remote sensing images. (95%)
Seeing is Living? Rethinking the Security of Facial Liveness Verification in the Deepfake Era. (84%)
Indiscriminate Poisoning Attacks on Unsupervised Contrastive Learning. (1%)
2022-02-21
Adversarial Attacks on Speech Recognition Systems for Mission-Critical Applications: A Survey. (99%)
Semi-Implicit Hybrid Gradient Methods with Application to Adversarial Robustness. (99%)
HoneyModels: Machine Learning Honeypots. (99%)
Transferring Adversarial Robustness Through Robust Representation Matching. (99%)
On the Effectiveness of Adversarial Training against Backdoor Attacks. (96%)
Poisoning Attacks and Defenses on Artificial Intelligence: A Survey. (83%)
A Tutorial on Adversarial Learning Attacks and Countermeasures. (75%)
Backdoor Defense in Federated Learning Using Differential Testing and Outlier Detection. (41%)
Privacy Leakage of Adversarial Training Models in Federated Learning Systems. (38%)
Robustness and Accuracy Could Be Reconcilable by (Proper) Definition. (11%)
Cyber-Physical Defense in the Quantum Era. (2%)
2022-02-20
Real-time Over-the-air Adversarial Perturbations for Digital Communications using Deep Neural Networks. (93%)
Sparsity Winning Twice: Better Robust Generaliztion from More Efficient Training. (26%)
Overparametrization improves robustness against adversarial attacks: A replication study. (3%)
2022-02-18
Exploring Adversarially Robust Training for Unsupervised Domain Adaptation. (99%)
Learning Representations Robust to Group Shifts and Adversarial Examples. (93%)
Critical Checkpoints for Evaluating Defence Models Against Adversarial Attack and Robustness. (92%)
Resurrecting Trust in Facial Recognition: Mitigating Backdoor Attacks in Face Recognition to Prevent Potential Privacy Breaches. (80%)
Data-Driven Mitigation of Adversarial Text Perturbation. (75%)
Debiasing Backdoor Attack: A Benign Application of Backdoor Attack in Eliminating Data Bias. (68%)
Label-Smoothed Backdoor Attack. (38%)
Stochastic Perturbations of Tabular Features for Non-Deterministic Inference with Automunge. (38%)
Black-box Node Injection Attack for Graph Neural Networks. (33%)
Robust Reinforcement Learning as a Stackelberg Game via Adaptively-Regularized Adversarial Training. (9%)
Attacks, Defenses, And Tools: A Framework To Facilitate Robust AI/ML Systems. (4%)
Synthetic Disinformation Attacks on Automated Fact Verification Systems. (1%)
2022-02-17
Rethinking Machine Learning Robustness via its Link with the Out-of-Distribution Problem. (99%)
Mitigating Closed-model Adversarial Examples with Bayesian Neural Modeling for Enhanced End-to-End Speech Recognition. (98%)
Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies. (98%)
Fingerprinting Deep Neural Networks Globally via Universal Adversarial Perturbations. (78%)
2022-02-16
The Adversarial Security Mitigations of mmWave Beamforming Prediction Models using Defensive Distillation and Adversarial Retraining. (99%)
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability. (10%)
Gradient Based Activations for Accurate Bias-Free Learning. (1%)
2022-02-15
Unreasonable Effectiveness of Last Hidden Layer Activations. (99%)
Exploring the Devil in Graph Spectral Domain for 3D Point Cloud Attacks. (99%)
StratDef: Strategic Defense Against Adversarial Attacks in ML-based Malware Detection. (99%)
Random Walks for Adversarial Meshes. (97%)
Generative Adversarial Network-Driven Detection of Adversarial Tasks in Mobile Crowdsensing. (93%)
Applying adversarial networks to increase the data efficiency and reliability of Self-Driving Cars. (89%)
Improving the repeatability of deep learning models with Monte Carlo dropout. (1%)
Holistic Adversarial Robustness of Deep Learning Models. (1%)
Taking a Step Back with KCal: Multi-Class Kernel-Based Calibration for Deep Neural Networks. (1%)
2022-02-14
Universal Adversarial Examples in Remote Sensing: Methodology and Benchmark. (99%)
Finding Dynamics Preserving Adversarial Winning Tickets. (86%)
Recent Advances in Reliable Deep Graph Learning: Inherent Noise, Distribution Shift, and Adversarial Attack. (83%)
PFGE: Parsimonious Fast Geometric Ensembling of DNNs. (1%)
UA-FedRec: Untargeted Attack on Federated News Recommendation. (1%)
2022-02-13
Progressive Backdoor Erasing via connecting Backdoor and Adversarial Attacks. (99%)
Training with More Confidence: Mitigating Injected and Natural Backdoors During Training. (92%)
Extracting Label-specific Key Input Features for Neural Code Intelligence Models. (9%)
Defense Strategies Toward Model Poisoning Attacks in Federated Learning: A Survey. (2%)
SQuant: On-the-Fly Data-Free Quantization via Diagonal Hessian Approximation. (1%)
2022-02-12
RoPGen: Towards Robust Code Authorship Attribution via Automatic Coding Style Transformation. (98%)
Excitement Surfeited Turns to Errors: Deep Learning Testing Framework Based on Excitable Neurons. (98%)
2022-02-11
Adversarial Attacks and Defense Methods for Power Quality Recognition. (99%)
Towards Adversarially Robust Deepfake Detection: An Ensemble Approach. (99%)
Open-set Adversarial Defense with Clean-Adversarial Mutual Learning. (98%)
Using Random Perturbations to Mitigate Adversarial Attacks on Sentiment Analysis Models. (92%)
Fast Adversarial Training with Noise Augmentation: A Unified Perspective on RandStart and GradAlign. (74%)
Predicting Out-of-Distribution Error with the Projection Norm. (62%)
Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. (62%)
White-Box Attacks on Hate-speech BERT Classifiers in German with Explicit and Implicit Character Level Defense. (12%)
On the Detection of Adaptive Adversarial Attacks in Speaker Verification Systems. (10%)
Improving Generalization via Uncertainty Driven Perturbations. (2%)
CMW-Net: Learning a Class-Aware Sample Weighting Mapping for Robust Deep Learning. (1%)
2022-02-10
FAAG: Fast Adversarial Audio Generation through Interactive Attack Optimisation. (99%)
Towards Assessing and Characterizing the Semantic Robustness of Face Recognition. (76%)
Controlling the Complexity and Lipschitz Constant improves polynomial nets. (12%)
FedAttack: Effective and Covert Poisoning Attack on Federated Recommendation via Hard Sampling. (8%)
A Field of Experts Prior for Adapting Neural Networks at Test Time. (1%)
2022-02-09
Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios. (99%)
Gradient Methods Provably Converge to Non-Robust Networks. (82%)
False Memory Formation in Continual Learners Through Imperceptible Backdoor Trigger. (22%)
ARIBA: Towards Accurate and Robust Identification of Backdoor Attacks in Federated Learning. (10%)
L2B: Learning to Bootstrap Robust Models for Combating Label Noise. (2%)
Model Architecture Adaption for Bayesian Neural Networks. (1%)
2022-02-08
Towards Compositional Adversarial Robustness: Generalizing Adversarial Training to Composite Semantic Perturbations. (99%)
Verification-Aided Deep Ensemble Selection. (96%)
Adversarial Detection without Model Information. (87%)
Towards Making a Trojan-horse Attack on Text-to-Image Retrieval. (68%)
Robust, Deep, and Reinforcement Learning for Management of Communication and Power Networks. (1%)
2022-02-07
Blind leads Blind: A Zero-Knowledge Attack on Federated Learning. (99%)
On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attacks. (99%)
Adversarial Attacks and Defense for Non-Parametric Two-Sample Tests. (98%)
Evaluating Robustness of Cooperative MARL: A Model-based Approach. (98%)
More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks. (68%)
Membership Inference Attacks and Defenses in Neural Network Pruning. (50%)
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation. (4%)
Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning. (3%)
2022-02-06
Tubes Among Us: Analog Attack on Automatic Speaker Identification. (99%)
Redactor: A Data-centric and Individualized Defense Against Inference Attacks. (8%)
2022-02-05
Layer-wise Regularized Adversarial Training using Layers Sustainability Analysis (LSA) framework. (99%)
Adversarial Detector with Robust Classifier. (93%)
Memory Defense: More Robust Classification via a Memory-Masking Autoencoder. (76%)
Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation. (75%)
2022-02-04
Pixle: a fast and effective black-box attack based on rearranging pixels. (98%)
Backdoor Defense via Decoupling the Training Process. (80%)
LTU Attacker for Membership Inference. (67%)
A Survey on Safety-Critical Driving Scenario Generation -- A Methodological Perspective. (1%)
2022-02-03
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking. (93%)
Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization. (75%)
2022-02-02
An Eye for an Eye: Defending against Gradient-based Attacks with Gradients. (99%)
Smoothed Embeddings for Certified Few-Shot Learning. (76%)
Probabilistically Robust Learning: Balancing Average- and Worst-case Performance. (75%)
Make Some Noise: Reliable and Efficient Single-Step Adversarial Training. (70%)
Robust Binary Models by Pruning Randomly-initialized Networks. (10%)
NoisyMix: Boosting Robustness by Combining Data Augmentations, Stability Training, and Noise Injections. (10%)
2022-02-01
Language Dependencies in Adversarial Attacks on Speech Recognition Systems. (98%)
Finding Biological Plausibility for Adversarially Robust Features via Metameric Tasks. (80%)
Visualizing Automatic Speech Recognition -- Means for a Better Understanding? (64%)
Datamodels: Predicting Predictions from Training Data. (2%)
2022-01-31
Adversarial Robustness in Deep Learning: Attacks on Fragile Neurons. (99%)
Boundary Defense Against Black-box Adversarial Attacks. (99%)
Query Efficient Decision Based Sparse Attacks Against Black-Box Deep Learning Models. (99%)
Can Adversarial Training Be Manipulated By Non-Robust Features? (98%)
GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection. (96%)
Rate Coding or Direct Coding: Which One is Better for Accurate, Robust, and Energy-efficient Spiking Neural Networks? (93%)
AntidoteRT: Run-time Detection and Correction of Poison Attacks on Neural Networks. (89%)
Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks. (81%)
On the Robustness of Quality Measures for GANs. (80%)
MEGA: Model Stealing via Collaborative Generator-Substitute Networks. (76%)
Learning Robust Representation through Graph Adversarial Contrastive Learning. (26%)
UQGAN: A Unified Model for Uncertainty Quantification of Deep Classifiers trained via Conditional GANs. (16%)
Few-Shot Backdoor Attacks on Visual Object Tracking. (10%)
Studying the Robustness of Anti-adversarial Federated Learning Models Detecting Cyberattacks in IoT Spectrum Sensors. (5%)
Securing Federated Sensitive Topic Classification against Poisoning Attacks. (1%)
2022-01-30
Improving Corruption and Adversarial Robustness by Enhancing Weak Subnets. (92%)
GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks. (84%)
TPC: Transformation-Specific Smoothing for Point Cloud Models. (75%)
2022-01-29
Scale-Invariant Adversarial Attack for Evaluating and Enhancing Adversarial Defenses. (99%)
Robustness of Deep Recommendation Systems to Untargeted Interaction Perturbations. (82%)
Coordinated Attacks against Contextual Bandits: Fundamental Limits and Defense Mechanisms. (1%)
2022-01-28
Adversarial Examples for Good: Adversarial Examples Guided Imbalanced Learning. (87%)
Feature Visualization within an Automated Design Assessment leveraging Explainable Artificial Intelligence Methods. (81%)
Certifying Model Accuracy under Distribution Shifts. (74%)
Benchmarking Robustness of 3D Point Cloud Recognition Against Common Corruptions. (13%)
Plug & Play Attacks: Towards Robust and Flexible Model Inversion Attacks. (8%)
Backdoors Stuck At The Frontdoor: Multi-Agent Backdoor Attacks That Backfire. (3%)
Toward Training at ImageNet Scale with Differential Privacy. (1%)
2022-01-27
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains. (99%)
Vision Checklist: Towards Testable Error Analysis of Image Models to Help System Designers Interrogate Model Capabilities. (10%)
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. (2%)
CacheFX: A Framework for Evaluating Cache Security. (1%)
2022-01-26
Boosting 3D Adversarial Attacks with Attacking On Frequency. (98%)
How Robust are Discriminatively Trained Zero-Shot Learning Models? (98%)
Autonomous Cyber Defense Introduces Risk: Can We Manage the Risk? (2%)
Automatic detection of access control vulnerabilities via API specification processing. (1%)
2022-01-25
Virtual Adversarial Training for Semi-supervised Breast Mass Classification. (3%)
Class-Aware Adversarial Transformers for Medical Image Segmentation. (1%)
SPIRAL: Self-supervised Perturbation-Invariant Representation Learning for Speech Pre-Training. (1%)
2022-01-24
What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction. (99%)
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. (95%)
Attacks and Defenses for Free-Riders in Multi-Discriminator GAN. (76%)
Backdoor Defense with Machine Unlearning. (33%)
On the Complexity of Attacking Elliptic Curve Based Authentication Chips. (1%)
2022-01-23
Efficient and Robust Classification for Sparse Attacks. (83%)
Gradient-guided Unsupervised Text Style Transfer via Contrastive Learning. (78%)
Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models. (56%)
Increasing the Cost of Model Extraction with Calibrated Proof of Work. (22%)
2022-01-22
Parallel Rectangle Flip Attack: A Query-based Black-box Attack against Object Detection. (99%)
Robust Unpaired Single Image Super-Resolution of Faces. (98%)
On the Robustness of Counterfactual Explanations to Adverse Perturbations. (10%)
2022-01-21
Natural Attack for Pre-trained Models of Code. (99%)
Toward Enhanced Robustness in Unsupervised Graph Representation Learning: A Graph Information Bottleneck Perspective. (99%)
The Security of Deep Learning Defences for Medical Imaging. (80%)
Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. (75%)
Identifying Adversarial Attacks on Text Classifiers. (73%)
The Many Faces of Adversarial Risk. (47%)
2022-01-20
TextHacker: Learning based Hybrid Local Search Algorithm for Text Hard-label Adversarial Attack. (99%)
Cheating Automatic Short Answer Grading: On the Adversarial Usage of Adjectives and Adverbs. (95%)
Survey on Federated Learning Threats: concepts, taxonomy on attacks and defences, experimental study and challenges. (93%)
Low-Interception Waveform: To Prevent the Recognition of Spectrum Waveform Modulation via Adversarial Examples. (83%)
Post-Training Detection of Backdoor Attacks for Two-Class and Multi-Attack Scenarios. (70%)
Adversarial Jamming for a More Effective Constellation Attack. (56%)
Steerable Pyramid Transform Enables Robust Left Ventricle Quantification. (38%)
Black-box Prompt Learning for Pre-trained Language Models. (13%)
DeepGalaxy: Testing Neural Network Verifiers via Two-Dimensional Input Space Exploration. (1%)
2022-01-19
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation. (96%)
Can't Steal? Cont-Steal! Contrastive Stealing Attacks Against Image Encoders. (8%)
2022-01-18
MetaV: A Meta-Verifier Approach to Task-Agnostic Model Fingerprinting. (99%)
Adversarial vulnerability of powerful near out-of-distribution detection. (78%)
How to Backdoor HyperNetwork in Personalized Federated Learning? (13%)
Secure IoT Routing: Selective Forwarding Attacks and Trust-based Defenses in RPL Network. (2%)
Unveiling Project-Specific Bias in Neural Code Models. (1%)
Lung Swapping Autoencoder: Learning a Disentangled Structure-texture Representation of Chest Radiographs. (1%)
2022-01-17
Masked Faces with Faced Masks. (81%)
Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbations. (56%)
AugLy: Data Augmentations for Robustness. (3%)
2022-01-16
Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems. (99%)
ALA: Naturalness-aware Adversarial Lightness Attack. (99%)
Adversarial Machine Learning Threat Analysis in Open Radio Access Networks. (64%)
Neighboring Backdoor Attacks on Graph Convolutional Network. (22%)
2022-01-15
Interpretable and Effective Reinforcement Learning for Attacking against Graph-based Rumor Detection. (26%)
StolenEncoder: Stealing Pre-trained Encoders. (13%)
2022-01-14
CommonsenseQA 2.0: Exposing the Limits of AI through Gamification. (56%)
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots. (1%)
2022-01-13
Evaluation of Four Black-box Adversarial Attacks and Some Query-efficient Improvement Analysis. (96%)
The curse of overparametrization in adversarial training: Precise analysis of robust generalization for random features regression. (93%)
On Adversarial Robustness of Trajectory Prediction for Autonomous Vehicles. (83%)
Reconstructing Training Data with Informed Adversaries. (54%)
Jamming Attacks on Federated Learning in Wireless Networks. (2%)
2022-01-12
Adversarially Robust Classification by Conditional Generative Model Inversion. (99%)
Towards Adversarially Robust Deep Image Denoising. (99%)
Get your Foes Fooled: Proximal Gradient Split Learning for Defense against Model Inversion Attacks on IoMT data. (70%)
Security for Machine Learning-based Software Systems: a survey of threats, practices and challenges. (1%)
2022-01-11
Quantifying Robustness to Adversarial Word Substitutions. (99%)
Similarity-based Gray-box Adversarial Attack Against Deep Face Recognition. (99%)
2022-01-10
Evaluation of Neural Networks Defenses and Attacks using NDCG and Reciprocal Rank Metrics. (98%)
IoTGAN: GAN Powered Camouflage Against Machine Learning Based IoT Device Identification. (89%)
Reciprocal Adversarial Learning for Brain Tumor Segmentation: A Solution to BraTS Challenge 2021 Segmentation Task. (73%)
GMFIM: A Generative Mask-guided Facial Image Manipulation Model for Privacy Preservation. (3%)
Towards Group Robustness in the presence of Partial Group Labels. (1%)
2022-01-09
Rethink Stealthy Backdoor Attacks in Natural Language Processing. (89%)
A Retrospective and Futurespective of Rowhammer Attacks and Defenses on DRAM. (76%)
Privacy-aware Early Detection of COVID-19 through Adversarial Training. (10%)
2022-01-08
LoMar: A Local Defense Against Poisoning Attack on Federated Learning. (9%)
PocketNN: Integer-only Training and Inference of Neural Networks via Direct Feedback Alignment and Pocket Activations in Pure C++. (1%)
2022-01-07
iDECODe: In-distribution Equivariance for Conformal Out-of-distribution Detection. (93%)
Asymptotic Security using Bayesian Defense Mechanisms with Application to Cyber Deception. (11%)
Negative Evidence Matters in Interpretable Histology Image Classification. (1%)
2022-01-06
PAEG: Phrase-level Adversarial Example Generation for Neural Machine Translation. (98%)
Learning to be adversarially robust and differentially private. (31%)
Efficient Global Optimization of Two-Layer ReLU Networks: Quadratic-Time Algorithms and Adversarial Training. (2%)
2022-01-05
On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving. (99%)
ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints. (99%)
Adversarial Robustness in Cognitive Radio Networks. (1%)
2022-01-04
Towards Transferable Unrestricted Adversarial Examples with Minimum Changes. (99%)
Towards Understanding and Harnessing the Effect of Image Transformation in Adversarial Detection. (99%)
On the Minimal Adversarial Perturbation for Deep Neural Networks with Provable Estimation Error. (86%)
Towards Understanding Quality Challenges of the Federated Learning for Neural Networks: A First Look from the Lens of Robustness. (31%)
Corrupting Data to Remove Deceptive Perturbation: Using Preprocessing Method to Improve System Robustness. (10%)
2022-01-03
Compression-Resistant Backdoor Attack against Deep Neural Networks. (75%)
DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. (68%)
Revisiting PGD Attacks for Stability Analysis of Large-Scale Nonlinear Systems and Perception-Based Control. (11%)
2022-01-02
Actor-Critic Network for Q&A in an Adversarial Environment. (33%)
On Sensitivity of Deep Learning Based Text Classification Algorithms to Practical Input Perturbations. (12%)
2022-01-01
Rethinking Feature Uncertainty in Stochastic Neural Networks for Adversarial Robustness. (87%)
Revisiting Neuron Coverage Metrics and Quality of Deep Neural Networks. (41%)
Generating Adversarial Samples For Training Wake-up Word Detection Systems Against Confusing Words. (1%)
2021-12-31
Adversarial Attack via Dual-Stage Network Erosion. (99%)
On Distinctive Properties of Universal Perturbations. (83%)
2021-12-30
Benign Overfitting in Adversarially Robust Linear Classification. (99%)
Causal Attention for Interpretable and Generalizable Graph Classification. (1%)
2021-12-29
Invertible Image Dataset Protection. (92%)
Challenges and Approaches for Mitigating Byzantine Attacks in Federated Learning. (4%)
2021-12-28
Constrained Gradient Descent: A Powerful and Principled Evasion Attack Against Neural Networks. (99%)
Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently. (99%)
Repairing Adversarial Texts through Perturbation. (99%)
DeepAdversaries: Examining the Robustness of Deep Learning Models for Galaxy Morphology Classification. (91%)
Super-Efficient Super Resolution for Fast Adversarial Defense at the Edge. (88%)
A General Framework for Evaluating Robustness of Combinatorial Optimization Solvers on Graphs. (86%)
Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities. (1%)
2021-12-27
Adversarial Attack for Asynchronous Event-based Data. (99%)
PRIME: A Few Primitives Can Boost Robustness to Common Corruptions. (81%)
Associative Adversarial Learning Based on Selective Attack. (26%)
Learning Robust and Lightweight Model through Separable Structured Transformations. (8%)
2021-12-26
Perlin Noise Improve Adversarial Robustness. (99%)
2021-12-25
Task and Model Agnostic Adversarial Attack on Graph Neural Networks. (99%)
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification. (50%)
2021-12-24
Stealthy Attack on Algorithmic-Protected DNNs via Smart Bit Flipping. (99%)
Fight Perturbations with Perturbations: Defending Adversarial Attacks via Neuron Influence. (99%)
CatchBackdoor: Backdoor Testing by Critical Trojan Neural Path Identification via Differential Fuzzing. (86%)
SoK: A Study of the Security on Voice Processing Systems. (9%)
DP-UTIL: Comprehensive Utility Analysis of Differential Privacy in Machine Learning. (1%)
Gradient Leakage Attack Resilient Deep Learning. (1%)
2021-12-23
Adaptive Modeling Against Adversarial Attacks. (99%)
Revisiting and Advancing Fast Adversarial Training Through The Lens of Bi-Level Optimization. (99%)
Robust Secretary and Prophet Algorithms for Packing Integer Programs. (2%)
Counterfactual Memorization in Neural Language Models. (2%)
2021-12-22
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. (99%)
How Should Pre-Trained Language Models Be Fine-Tuned Towards Adversarial Robustness? (98%)
Detect & Reject for Transferability of Black-box Adversarial Attacks Against Network Intrusion Detection Systems. (98%)
Adversarial Deep Reinforcement Learning for Improving the Robustness of Multi-agent Autonomous Driving Policies. (96%)
Understanding and Measuring Robustness of Multimodal Learning. (69%)
Evaluating the Robustness of Deep Reinforcement Learning for Autonomous and Adversarial Policies in a Multi-agent Urban Driving Environment. (41%)
2021-12-21
A Theoretical View of Linear Backpropagation and Its Convergence. (99%)
AED: An black-box NLP classifier model attacker. (99%)
Covert Communications via Adversarial Machine Learning and Reconfigurable Intelligent Surfaces. (81%)
Mind the Gap! A Study on the Transferability of Virtual vs Physical-world Testing of Autonomous Driving Systems. (76%)
Input-Specific Robustness Certification for Randomized Smoothing. (68%)
Improving Robustness with Image Filtering. (68%)
On the Adversarial Robustness of Causal Algorithmic Recourse. (10%)
MIA-Former: Efficient and Robust Vision Transformers via Multi-grained Input-Adaptation. (4%)
Exploring Credibility Scoring Metrics of Perception Systems for Autonomous Driving. (2%)
Adversarial Gradient Driven Exploration for Deep Click-Through Rate Prediction. (2%)
Longitudinal Study of the Prevalence of Malware Evasive Techniques. (1%)
2021-12-20
Certified Federated Adversarial Training. (98%)
Energy-bounded Learning for Robust Models of Code. (83%)
Black-Box Testing of Deep Neural Networks through Test Case Diversity. (82%)
Unifying Model Explainability and Robustness for Joint Text Classification and Rationale Extraction. (80%)
Adversarially Robust Stability Certificates can be Sample-Efficient. (2%)
2021-12-19
Initiative Defense against Facial Manipulation. (67%)
2021-12-18
Being Friends Instead of Adversaries: Deep Networks Learn from Data Simplified by Other Networks. (12%)
Android-COCO: Android Malware Detection with Graph Neural Network for Byte- and Native-Code. (1%)
2021-12-17
Reasoning Chain Based Adversarial Attack for Multi-hop Question Answering. (92%)
Deep Bayesian Learning for Car Hacking Detection. (81%)
Explain, Edit, and Understand: Rethinking User Study Design for Evaluating Model Explanations. (81%)
Dynamics-aware Adversarial Attack of 3D Sparse Convolution Network. (80%)
Provable Adversarial Robustness in the Quantum Model. (62%)
Domain Adaptation on Point Clouds via Geometry-Aware Implicits. (1%)
2021-12-16
Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives. (99%)
Towards Robust Neural Image Compression: Adversarial Attack and Model Finetuning. (99%)
All You Need is RAW: Defending Against Adversarial Attacks with Camera Image Pipelines. (99%)
Robust Upper Bounds for Adversarial Training. (75%)
TAFIM: Targeted Adversarial Attacks against Facial Image Manipulations. (64%)
Sharpness-Aware Minimization with Dynamic Reweighting. (31%)
APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts. (16%)
Correlation inference attacks against machine learning models. (13%)
Models in the Loop: Aiding Crowdworkers with Generative Annotation Assistants. (2%)
Pure Noise to the Rescue of Insufficient Data: Improving Imbalanced Classification by Training on Random Noise Images. (2%)
2021-12-15
On the Convergence and Robustness of Adversarial Training. (99%)
Temporal Shuffling for Defending Deep Action Recognition Models against Adversarial Attacks. (98%)
DuQM: A Chinese Dataset of Linguistically Perturbed Natural Questions for Evaluating the Robustness of Question Matching Models. (75%)
Robust Neural Network Classification via Double Regularization. (1%)
2021-12-14
Adversarial Examples for Extreme Multilabel Text Classification. (99%)
Robustifying automatic speech recognition by extracting slowly varying features. (99%)
On the Impact of Hard Adversarial Instances on Overfitting in Adversarial Training. (81%)
Dual-Key Multimodal Backdoors for Visual Question Answering. (81%)
MuxLink: Circumventing Learning-Resilient MUX-Locking Using Graph Neural Network-based Link Prediction. (4%)
2021-12-13
Detecting Audio Adversarial Examples with Logit Noising. (99%)
Triangle Attack: A Query-efficient Decision-based Adversarial Attack. (99%)
2021-12-12
Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses. (98%)
Quantifying and Understanding Adversarial Examples in Discrete Input Spaces. (91%)
SparseFed: Mitigating Model Poisoning Attacks in Federated Learning with Sparsification. (91%)
WOOD: Wasserstein-based Out-of-Distribution Detection. (12%)
2021-12-11
MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare. (99%)
Improving the Transferability of Adversarial Examples with Resized-Diverse-Inputs, Diversity-Ensemble and Region Fitting. (98%)
Stereoscopic Universal Perturbations across Different Architectures and Datasets. (98%)
2021-12-10
Learning to Learn Transferable Attack. (99%)
Cross-Modal Transferable Adversarial Attacks from Images to Videos. (99%)
Attacking Point Cloud Segmentation with Color-only Perturbation. (99%)
Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks. (92%)
Batch Label Inference and Replacement Attacks in Black-Boxed Vertical Federated Learning. (75%)
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models. (68%)
Efficient Action Poisoning Attacks on Linear Contextual Bandits. (67%)
How Private Is Your RL Policy? An Inverse RL Based Analysis Framework. (41%)
SoK: On the Security & Privacy in Federated Learning. (5%)
2021-12-09
Amicable Aid: Turning Adversarial Attack to Benefit Classification. (99%)
Mutual Adversarial Training: Learning together is better than going alone. (99%)
PARL: Enhancing Diversity of Ensemble Networks to Resist Adversarial Attacks via Pairwise Adversarially Robust Loss Function. (99%)
RamBoAttack: A Robust Query Efficient Deep Neural Network Decision Exploit. (99%)
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures. (69%)
Robustness Certificates for Implicit Neural Networks: A Mixed Monotone Contractive Approach. (38%)
PixMix: Dreamlike Pictures Comprehensively Improve Safety Measures. (10%)
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems. (2%)
3D-VField: Learning to Adversarially Deform Point Clouds for Robust 3D Object Detection. (1%)
2021-12-08
Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection. (99%)
On visual self-supervision and its effect on model robustness. (99%)
SNEAK: Synonymous Sentences-Aware Adversarial Attack on Natural Language Video Localization. (93%)
Revisiting Contrastive Learning through the Lens of Neighborhood Component Analysis: an Integrated Framework. (8%)
2021-12-07
Saliency Diversified Deep Ensemble for Robustness to Adversaries. (99%)
Vehicle trajectory prediction works, but not everywhere. (50%)
Lightning: Striking the Secure Isolation on GPU Clouds with Transient Hardware Faults. (11%)
Membership Inference Attacks From First Principles. (2%)
Training Deep Models to be Explained with Fewer Examples. (1%)
Presentation Attack Detection Methods based on Gaze Tracking and Pupil Dynamic: A Comprehensive Survey. (1%)
2021-12-06
Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review. (99%)
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial Removal. (84%)
ML Attack Models: Adversarial Attacks and Data Poisoning Attacks. (82%)
Test-Time Detection of Backdoor Triggers for Poisoned Deep Neural Networks. (82%)
When the Curious Abandon Honesty: Federated Learning Is Not Private. (68%)
Defending against Model Stealing via Verifying Embedded External Features. (33%)
Context-Aware Transfer Attacks for Object Detection. (1%)
2021-12-05
Robust Active Learning: Sample-Efficient Training of Robust Deep Learning Models. (96%)
Stochastic Local Winner-Takes-All Networks Enable Profound Adversarial Robustness. (88%)
Beyond Robustness: Resilience Verification of Tree-Based Classifiers. (2%)
On Impact of Semantically Similar Apps in Android Malware Datasets. (1%)
2021-12-04
RADA: Robust Adversarial Data Augmentation for Camera Localization in Challenging Weather. (10%)
2021-12-03
Single-Shot Black-Box Adversarial Attacks Against Malware Detectors: A Causal Language Model Approach. (99%)
Generalized Likelihood Ratio Test for Adversarially Robust Hypothesis Testing. (99%)
Blackbox Untargeted Adversarial Testing of Automatic Speech Recognition Systems. (98%)
Attack-Centric Approach for Evaluating Transferability of Adversarial Samples in Machine Learning Models. (54%)
Adversarial Attacks against a Satellite-borne Multispectral Cloud Detector. (13%)
A Game-Theoretic Approach for AI-based Botnet Attack Defence. (9%)
2021-12-02
A Unified Framework for Adversarial Attack and Defense in Constrained Feature Space. (99%)
Is Approximation Universally Defensive Against Adversarial Attacks in Deep Neural Networks? (93%)
Is RobustBench/AutoAttack a suitable Benchmark for Adversarial Robustness? (75%)
Training Efficiency and Robustness in Deep Learning. (41%)
FedRAD: Federated Robust Adaptive Distillation. (10%)
FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis. (3%)
On the Existence of the Adversarial Bayes Classifier (Extended Version). (2%)
Editing a classifier by rewriting its prediction rules. (1%)
2021-12-01
Adversarial Robustness of Deep Reinforcement Learning based Dynamic Recommender Systems. (99%)
Push Stricter to Decide Better: A Class-Conditional Feature Adaptive Framework for Improving Adversarial Robustness. (99%)
$\ell_\infty$-Robustness and Beyond: Unleashing Efficient Adversarial Training. (99%)
Certified Adversarial Defenses Meet Out-of-Distribution Corruptions: Benchmarking Robustness and Simple Baselines. (96%)
Adv-4-Adv: Thwarting Changing Adversarial Perturbations via Adversarial Domain Adaptation. (95%)
Robustness in Deep Learning for Computer Vision: Mind the gap? (31%)
CYBORG: Blending Human Saliency Into the Loss Improves Deep Learning. (1%)
2021-11-30
Using a GAN to Generate Adversarial Examples to Facial Image Recognition. (99%)
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users. (96%)
Human Imperceptible Attacks and Applications to Improve Fairness. (83%)
Evaluating Gradient Inversion Attacks and Defenses in Federated Learning. (81%)
FROB: Few-shot ROBust Model for Classification and Out-of-Distribution Detection. (78%)
COREATTACK: Breaking Up the Core Structure of Graphs. (78%)
Adversarial Attacks Against Deep Generative Models on Data: A Survey. (12%)
A Face Recognition System's Worst Morph Nightmare, Theoretically. (1%)
New Datasets for Dynamic Malware Classification. (1%)
Reliability Assessment and Safety Arguments for Machine Learning Components in Assuring Learning-Enabled Autonomous Systems. (1%)
2021-11-29
MedRDF: A Robust and Retrain-Less Diagnostic Framework for Medical Pretrained Models Against Adversarial Attack. (99%)
Adversarial Attacks in Cooperative AI. (82%)
Living-Off-The-Land Command Detection Using Active Learning. (10%)
Do Invariances in Deep Neural Networks Align with Human Perception? (9%)
A Simple Long-Tailed Recognition Baseline via Vision-Language Model. (1%)
ROBIN : A Benchmark for Robustness to Individual Nuisances in Real-World Out-of-Distribution Shifts. (1%)
Pyramid Adversarial Training Improves ViT Performance. (1%)
2021-11-28
Detecting Adversaries, yet Faltering to Noise? Leveraging Conditional Variational AutoEncoders for Adversary Detection in the Presence of Noisy Images. (96%)
MALIGN: Explainable Static Raw-byte Based Malware Family Classification using Sequence Alignment. (68%)
Automated Runtime-Aware Scheduling for Multi-Tenant DNN Inference on GPU. (1%)
ExCon: Explanation-driven Supervised Contrastive Learning for Image Classification. (1%)
2021-11-27
Adaptive Image Transformations for Transfer-based Adversarial Attack. (99%)
Adaptive Perturbation for Adversarial Attack. (99%)
Statically Detecting Adversarial Malware through Randomised Chaining. (98%)
Dissecting Malware in the Wild. (1%)
2021-11-26
ArchRepair: Block-Level Architecture-Oriented Repairing for Deep Neural Networks. (50%)
2021-11-25
Natural & Adversarial Bokeh Rendering via Circle-of-Confusion Predictive Network. (99%)
Clustering Effect of (Linearized) Adversarial Robust Models. (97%)
Simple Contrastive Representation Adversarial Learning for NLP Tasks. (93%)
Going Grayscale: The Road to Understanding and Improving Unlearnable Examples. (92%)
Towards Practical Deployment-Stage Backdoor Attack on Deep Neural Networks. (92%)
Gradient Inversion Attack: Leaking Private Labels in Two-Party Split Learning. (3%)
Joint inference and input optimization in equilibrium networks. (1%)
2021-11-24
Unity is strength: Improving the Detection of Adversarial Examples with Ensemble Approaches. (99%)
Thundernna: a white box adversarial attack. (99%)
Robustness against Adversarial Attacks in Neural Networks using Incremental Dissipativity. (92%)
WFDefProxy: Modularly Implementing and Empirically Evaluating Website Fingerprinting Defenses. (15%)
Sharpness-aware Quantization for Deep Neural Networks. (10%)
SLA$^2$P: Self-supervised Anomaly Detection with Adversarial Perturbation. (5%)
An Attack on Facial Soft-biometric Privacy Enhancement. (2%)
Accelerating Deep Learning with Dynamic Data Pruning. (1%)
2021-11-23
Adversarial machine learning for protecting against online manipulation. (92%)
Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS. (84%)
Subspace Adversarial Training. (69%)
HERO: Hessian-Enhanced Robust Optimization for Unifying and Improving Generalization and Quantization Performance. (1%)
2021-11-22
Adversarial Examples on Segmentation Models Can be Easy to Transfer. (99%)
Evaluating Adversarial Attacks on ImageNet: A Reality Check on Misclassification Classes. (99%)
Imperceptible Transfer Attack and Defense on 3D Point Cloud Classification. (99%)
Backdoor Attack through Frequency Domain. (92%)
NTD: Non-Transferability Enabled Backdoor Detection. (69%)
A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries. (33%)
Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data. (13%)
Automatic Mapping of the Best-Suited DNN Pruning Schemes for Real-Time Mobile Acceleration. (1%)
Electric Vehicle Attack Impact on Power Grid Operation. (1%)
2021-11-21
Stochastic Variance Reduced Ensemble Adversarial Attack for Boosting the Adversarial Transferability. (99%)
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model. (99%)
Medical Aegis: Robust adversarial protectors for medical images. (99%)
Local Linearity and Double Descent in Catastrophic Overfitting. (73%)
Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks. (62%)
2021-11-20
Are Vision Transformers Robust to Patch Perturbations? (98%)
2021-11-19
Towards Efficiently Evaluating the Robustness of Deep Neural Networks in IoT Systems: A GAN-based Method. (99%)
Meta Adversarial Perturbations. (99%)
Resilience from Diversity: Population-based approach to harden models against adversarial attacks. (99%)
Enhanced countering adversarial attacks via input denoising and feature restoring. (99%)
PatchCensor: Patch Robustness Certification for Transformers via Exhaustive Testing. (99%)
Fooling Adversarial Training with Inducing Noise. (98%)
Exposing Weaknesses of Malware Detectors with Explainability-Guided Evasion Attacks. (86%)
2021-11-18
TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems. (99%)
A Review of Adversarial Attack and Defense for Classification Methods. (99%)
Robust Person Re-identification with Multi-Modal Joint Defence. (98%)
Enhancing the Insertion of NOP Instructions to Obfuscate Malware via Deep Reinforcement Learning. (96%)
How to Build Robust FAQ Chatbot with Controllable Question Generator? (80%)
Adversarial attacks on voter model dynamics in complex networks. (76%)
Enhanced Membership Inference Attacks against Machine Learning Models. (12%)
Wiggling Weights to Improve the Robustness of Classifiers. (2%)
Improving Transferability of Representations via Augmentation-Aware Self-Supervision. (1%)
2021-11-17
TraSw: Tracklet-Switch Adversarial Attacks against Multi-Object Tracking. (99%)
Generating Unrestricted 3D Adversarial Point Clouds. (99%)
SmoothMix: Training Confidence-calibrated Smoothed Classifiers for Certified Robustness. (93%)
Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation. (92%)
Do Not Trust Prediction Scores for Membership Inference Attacks. (33%)
2021-11-16
Robustness of Bayesian Neural Networks to White-Box Adversarial Attacks. (99%)
Improving the robustness and accuracy of biomedical language models through adversarial training. (99%)
Detecting AutoAttack Perturbations in the Frequency Domain. (99%)
Adversarial Tradeoffs in Linear Inverse Problems and Robust StateEstimation. (92%)
Consistent Semantic Attacks on Optical Flow. (81%)
An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences. (54%)
Enabling equivariance for arbitrary Lie groups. (1%)
2021-11-15
A Survey on Adversarial Attacks for Malware Analysis. (98%)
Triggerless Backdoor Attack for NLP Tasks with Clean Labels. (68%)
Property Inference Attacks Against GANs. (67%)
FedCG: Leverage Conditional GAN for Protecting Privacy and Maintaining Competitive Performance in Federated Learning. (1%)
2021-11-14
Generating Band-Limited Adversarial Surfaces Using Neural Networks. (99%)
Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks. (76%)
Towards Interpretability of Speech Pause in Dementia Detection using Adversarial Learning. (75%)
Improving Compound Activity Classification via Deep Transfer and Representation Learning. (1%)
2021-11-13
Robust and Accurate Object Detection via Self-Knowledge Distillation. (62%)
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction. (2%)
2021-11-12
Neural Population Geometry Reveals the Role of Stochasticity in Robust Perception. (99%)
Measuring the Contribution of Multiple Model Representations in Detecting Adversarial Instances. (98%)
Adversarially Robust Learning for Security-Constrained Optimal Power Flow. (10%)
On Transferability of Prompt Tuning for Natural Language Processing. (8%)
A Bayesian Nash equilibrium-based moving target defense against stealthy sensor attacks. (1%)
Resilient Consensus-based Multi-agent Reinforcement Learning. (1%)
2021-11-11
On the Equivalence between Neural Network and Support Vector Machine. (1%)
2021-11-10
Trustworthy Medical Segmentation with Uncertainty Estimation. (93%)
Robust Learning via Ensemble Density Propagation in Deep Neural Networks. (2%)
2021-11-09
Tightening the Approximation Error of Adversarial Risk with Auto Loss Function Search. (99%)
MixACM: Mixup-Based Robustness Transfer via Distillation of Activated Channel Maps. (99%)
Sparse Adversarial Video Attacks with Spatial Transformations. (98%)
A Statistical Difference Reduction Method for Escaping Backdoor Detection. (97%)
Data Augmentation Can Improve Robustness. (73%)
Are Transformers More Robust Than CNNs? (67%)
2021-11-08
Geometrically Adaptive Dictionary Attack on Face Recognition. (99%)
Defense Against Explanation Manipulation. (98%)
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. (98%)
On Assessing The Safety of Reinforcement Learning algorithms Using Formal Methods. (75%)
Get a Model! Model Hijacking Attack Against Machine Learning Models. (69%)
Robust and Information-theoretically Safe Bias Classifier against Adversarial Attacks. (69%)
Characterizing the adversarial vulnerability of speech self-supervised learning. (68%)
HAPSSA: Holistic Approach to PDF Malware Detection Using Signal and Statistical Analysis. (67%)
Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning. (67%)
BARFED: Byzantine Attack-Resistant Federated Averaging Based on Outlier Elimination. (45%)
2021-11-07
Generative Dynamic Patch Attack. (99%)
Natural Adversarial Objects. (81%)
2021-11-06
"How Does It Detect A Malicious App?" Explaining the Predictions of AI-based Android Malware Detector. (11%)
2021-11-05
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Sequential Randomized Smoothing for Adversarially Robust Speech Recognition. (96%)
Federated Learning Attacks Revisited: A Critical Discussion of Gaps, Assumptions, and Evaluation Setups. (2%)
2021-11-04
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models. (99%)
Adversarial Attacks on Graph Classification via Bayesian Optimisation. (87%)
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods. (47%)
Attacking Deep Reinforcement Learning-Based Traffic Signal Control Systems with Colluding Vehicles. (3%)
2021-11-03
LTD: Low Temperature Distillation for Robust Adversarial Training. (88%)
Multi-Glimpse Network: A Robust and Efficient Classification Architecture based on Recurrent Downsampled Attention. (41%)
2021-11-02
Effective and Imperceptible Adversarial Textual Attack via Multi-objectivization. (99%)
Meta-Learning the Search Distribution of Black-Box Random Search Based Adversarial Attacks. (96%)
Training Certifiably Robust Neural Networks with Efficient Local Lipschitz Bounds. (70%)
Pareto Adversarial Robustness: Balancing Spatial Robustness and Sensitivity-based Robustness. (68%)
Knowledge Cross-Distillation for Membership Privacy. (38%)
Adversarially Perturbed Wavelet-based Morphed Face Generation. (9%)
2021-11-01
Graph Structural Attack by Spectral Distance. (93%)
Availability Attacks Create Shortcuts. (89%)
Robustness of deep learning algorithms in astronomy -- galaxy morphology studies. (83%)
When Does Contrastive Learning Preserve Adversarial Robustness from Pretraining to Finetuning? (69%)
ZeBRA: Precisely Destroying Neural Networks with Zero-Data Based Repeated Bit Flip Attack. (9%)
2021-10-31
An Actor-Critic Method for Simulation-Based Optimization. (56%)
2021-10-30
Get Fooled for the Right Reason: Improving Adversarial Robustness through a Teacher-guided Curriculum Learning Approach. (97%)
AdvCodeMix: Adversarial Attack on Code-Mixed Data. (93%)
Backdoor Pre-trained Models Can Transfer to All. (3%)
Trojan Source: Invisible Vulnerabilities. (1%)
2021-10-29
Attacking Video Recognition Models with Bullet-Screen Comments. (99%)
Adversarial Robustness with Semi-Infinite Constrained Learning. (92%)
{\epsilon}-weakened Robustness of Deep Neural Networks. (62%)
You are caught stealing my winning lottery ticket! Making a lottery ticket claim its ownership. (11%)
2021-10-28
Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework. (99%)
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value Analysis. (92%)
The magnitude vector of images. (1%)
2021-10-27
Towards Evaluating the Robustness of Neural Networks Learned by Transduction. (98%)
CAP: Co-Adversarial Perturbation on Weights and Features for Improving Generalization of Graph Neural Networks. (98%)
Towards Robust Reasoning over Knowledge Graphs. (83%)
Binarized ResNet: Enabling Robust Automatic Modulation Classification at the resource-constrained Edge. (80%)
Generalized Depthwise-Separable Convolutions for Adversarially Robust and Efficient Neural Networks. (74%)
Adversarial Neuron Pruning Purifies Backdoored Deep Models. (15%)
From Intrinsic to Counterfactual: On the Explainability of Contextualized Recommender Systems. (5%)
Robust Contrastive Learning Using Negative Samples with Diminished Semantics. (1%)
RoMA: Robust Model Adaptation for Offline Model-based Optimization. (1%)
2021-10-26
Can't Fool Me: Adversarially Robust Transformer for Video Understanding. (99%)
Frequency Centric Defense Mechanisms against Adversarial Examples. (99%)
ScaleCert: Scalable Certified Defense against Adversarial Patches with Sparse Superficial Layers. (99%)
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks. (99%)
FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective. (98%)
A Frequency Perspective of Adversarial Robustness. (98%)
Disrupting Deep Uncertainty Estimation Without Harming Accuracy. (86%)
Improving Local Effectiveness for Global robust training. (83%)
Robustness of Graph Neural Networks at Scale. (76%)
Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions. (75%)
Adversarial Robustness in Multi-Task Learning: Promises and Illusions. (64%)
AugMax: Adversarial Composition of Random Augmentations for Robust Training. (56%)
Qu-ANTI-zation: Exploiting Quantization Artifacts for Achieving Adversarial Outcomes. (50%)
Semantic Host-free Trojan Attack. (10%)
CAFE: Catastrophic Data Leakage in Vertical Federated Learning. (3%)
MEST: Accurate and Fast Memory-Economic Sparse Training Framework on the Edge. (1%)
Reliable and Trustworthy Machine Learning for Health Using Dataset Shift Detection. (1%)
Defensive Tensorization. (1%)
Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware. (1%)
2021-10-25
Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks. (99%)
Generating Watermarked Adversarial Texts. (99%)
Beyond $L_p$ clipping: Equalization-based Psychoacoustic Attacks against ASRs. (92%)
Fast Gradient Non-sign Methods. (92%)
Ensemble Federated Adversarial Training with Non-IID data. (87%)
GANash -- A GAN approach to steganography. (81%)
A Dynamical System Perspective for Lipschitz Neural Networks. (81%)
An Adaptive Structural Learning of Deep Belief Network for Image-based Crack Detection in Concrete Structures Using SDNET2018. (13%)
2021-10-24
Towards A Conceptually Simple Defensive Approach for Few-shot classifiers Against Adversarial Support Samples. (80%)
2021-10-23
ADC: Adversarial attacks against object Detection that evade Context consistency checks. (99%)
A Layer-wise Adversarial-aware Quantization Optimization for Improving Robustness. (81%)
2021-10-22
Improving Robustness of Malware Classifiers using Adversarial Strings Generated from Perturbed Latent Representations. (99%)
How and When Adversarial Robustness Transfers in Knowledge Distillation? (91%)
Fairness Degrading Adversarial Attacks Against Clustering Algorithms. (86%)
Adversarial robustness for latent models: Revisiting the robust-standard accuracies tradeoff. (80%)
PRECAD: Privacy-Preserving and Robust Federated Learning via Crypto-Aided Differential Privacy. (15%)
ProtoShotXAI: Using Prototypical Few-Shot Architecture for Explainable AI. (15%)
Spoofing Detection on Hand Images Using Quality Assessment. (1%)
Text Counterfactuals via Latent Optimization and Shapley-Guided Search. (1%)
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. (1%)
MANDERA: Malicious Node Detection in Federated Learning via Ranking. (1%)
2021-10-21
CAPTIVE: Constrained Adversarial Perturbations to Thwart IC Reverse Engineering. (98%)
PROVES: Establishing Image Provenance using Semantic Signatures. (93%)
RoMA: a Method for Neural Network Robustness Measurement and Assessment. (92%)
Anti-Backdoor Learning: Training Clean Models on Poisoned Data. (83%)
PipAttack: Poisoning Federated Recommender Systems forManipulating Item Promotion. (68%)
Robustness through Data Augmentation Loss Consistency. (61%)
Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness. (61%)
Watermarking Graph Neural Networks based on Backdoor Attacks. (31%)
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey. (8%)
2021-10-20
Adversarial Socialbot Learning via Multi-Agent Deep Hierarchical Reinforcement Learning. (83%)
Surrogate Representation Learning with Isometric Mapping for Gray-box Graph Adversarial Attacks. (62%)
Moir\'e Attack (MA): A New Potential Risk of Screen Photos. (56%)
Adversarial attacks against Bayesian forecasting dynamic models. (13%)
No One Representation to Rule Them All: Overlapping Features of Training Methods. (1%)
2021-10-19
Multi-concept adversarial attacks. (99%)
A Regularization Method to Improve Adversarial Robustness of Neural Networks for ECG Signal Classification. (96%)
TESSERACT: Gradient Flip Score to Secure Federated Learning Against Model Poisoning Attacks. (69%)
Understanding Convolutional Neural Networks from Theoretical Perspective via Volterra Convolution. (61%)
Detecting Backdoor Attacks Against Point Cloud Classifiers. (26%)
Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition. (13%)
A Deeper Look into RowHammer`s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses. (5%)
2021-10-18
Boosting the Transferability of Video Adversarial Examples via Temporal Translation. (99%)
Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal Information. (99%)
Improving Robustness using Generated Data. (97%)
MEMO: Test Time Robustness via Adaptation and Augmentation. (13%)
Minimal Multi-Layer Modifications of Deep Neural Networks. (4%)
2021-10-17
Unrestricted Adversarial Attacks on ImageNet Competition. (99%)
Improving Robustness of Reinforcement Learning for Power System Control with Adversarial Training. (99%)
ECG-ATK-GAN: Robustness against Adversarial Attacks on ECGs using Conditional Generative Adversarial Networks. (99%)
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications. (22%)
Poisoning Attacks on Fair Machine Learning. (12%)
2021-10-16
Black-box Adversarial Attacks on Network-wide Multi-step Traffic State Prediction Models. (99%)
Analyzing Dynamic Adversarial Training Data in the Limit. (82%)
Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services. (5%)
Tackling the Imbalance for GNNs. (4%)
2021-10-15
Adversarial Attacks on Gaussian Process Bandits. (99%)
Generating Natural Language Adversarial Examples through An Improved Beam Search Algorithm. (99%)
Adversarial Attacks on ML Defense Models Competition. (99%)
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. (76%)
Robustness of different loss functions and their impact on networks learning capability. (76%)
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures. (22%)
Textual Backdoor Attacks Can Be More Harmful via Two Simple Tricks. (10%)
Understanding and Improving Robustness of Vision Transformers through Patch-based Negative Augmentation. (8%)
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand. (1%)
2021-10-14
Adversarial examples by perturbing high-level features in intermediate decoder layers. (99%)
DI-AA: An Interpretable White-box Attack for Fooling Deep Neural Networks. (99%)
Adversarial Purification through Representation Disentanglement. (99%)
RAP: Robustness-Aware Perturbations for Defending against Backdoor Attacks on NLP Models. (93%)
An Optimization Perspective on Realizing Backdoor Injection Attacks on Deep Neural Networks in Hardware. (87%)
Interactive Analysis of CNN Robustness. (80%)
On Adversarial Vulnerability of PHM algorithms: An Initial Study. (69%)
Identifying and Mitigating Spurious Correlations for Improving Robustness in NLP Models. (61%)
Toward Degradation-Robust Voice Conversion. (9%)
Interpreting the Robustness of Neural NLP Models to Textual Perturbations. (9%)
Retrieval-guided Counterfactual Generation for QA. (2%)
Effective Certification of Monotone Deep Equilibrium Models. (1%)
2021-10-13
A Framework for Verification of Wasserstein Adversarial Robustness. (99%)
Identification of Attack-Specific Signatures in Adversarial Examples. (99%)
Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness. (99%)
Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer. (98%)
Brittle interpretations: The Vulnerability of TCAV and Other Concept-based Explainability Tools to Adversarial Attack. (93%)
Poison Forensics: Traceback of Data Poisoning Attacks in Neural Networks. (92%)
Boosting the Certified Robustness of L-infinity Distance Nets. (1%)
Benchmarking the Robustness of Spatial-Temporal Models Against Corruptions. (1%)
2021-10-12
Adversarial Attack across Datasets. (99%)
Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning. (99%)
SEPP: Similarity Estimation of Predicted Probabilities for Defending and Detecting Adversarial Text. (92%)
On the Security Risks of AutoML. (45%)
Zero-bias Deep Neural Network for Quickest RF Signal Surveillance. (1%)
2021-10-11
Boosting Fast Adversarial Training with Learnable Adversarial Initialization. (99%)
Parameterizing Activation Functions for Adversarial Robustness. (98%)
Amicable examples for informed source separation. (86%)
Doubly-Trained Adversarial Data Augmentation for Neural Machine Translation. (12%)
Intriguing Properties of Input-dependent Randomized Smoothing. (1%)
Hiding Images into Images with Real-world Robustness. (1%)
Source Mixing and Separation Robust Audio Steganography. (1%)
Homogeneous Learning: Self-Attention Decentralized Deep Learning. (1%)
Large Language Models Can Be Strong Differentially Private Learners. (1%)
A Closer Look at Prototype Classifier for Few-shot Image Classification. (1%)
Certified Patch Robustness via Smoothed Vision Transformers. (1%)
2021-10-10
Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability. (98%)
Universal Adversarial Attacks on Neural Networks for Power Allocation in a Massive MIMO System. (92%)
2021-10-09
Demystifying the Transferability of Adversarial Attacks in Computer Networks. (99%)
Provably Efficient Black-Box Action Poisoning Attacks Against Reinforcement Learning. (93%)
Widen The Backdoor To Let More Attackers In. (13%)
2021-10-08
Explainability-Aware One Point Attack for Point Cloud Neural Networks. (99%)
Game Theory for Adversarial Attacks and Defenses. (98%)
Graphs as Tools to Improve Deep Learning Methods. (10%)
IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization. (3%)
A Wireless Intrusion Detection System for 802.11 WPA3 Networks. (1%)
Salient ImageNet: How to discover spurious features in Deep Learning? (1%)
2021-10-07
Robust Feature-Level Adversaries are Interpretability Tools. (99%)
EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection. (99%)
Adversarial Attack by Limited Point Cloud Surface Modifications. (98%)
Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks. (98%)
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction. (80%)
Fingerprinting Multi-exit Deep Neural Network Models via Inference Time. (62%)
Adversarial Unlearning of Backdoors via Implicit Hypergradient. (56%)
MPSN: Motion-aware Pseudo Siamese Network for Indoor Video Head Detection in Buildings. (1%)
2021-10-06
HIRE-SNN: Harnessing the Inherent Robustness of Energy-Efficient Deep Spiking Neural Networks by Training with Crafted Input Noise. (99%)
Reversible adversarial examples against local visual perturbation. (99%)
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack. (99%)
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs. (99%)
Adversarial Attacks on Machinery Fault Diagnosis. (99%)
Adversarial Attacks on Spiking Convolutional Networks for Event-based Vision. (98%)
A Uniform Framework for Anomaly Detection in Deep Neural Networks. (97%)
Double Descent in Adversarial Training: An Implicit Label Noise Perspective. (88%)
Improving Adversarial Robustness for Free with Snapshot Ensemble. (83%)
DoubleStar: Long-Range Attack Towards Depth Estimation based Obstacle Avoidance in Autonomous Systems. (45%)
Inference Attacks Against Graph Neural Networks. (2%)
Data-driven behavioural biometrics for continuous and adaptive user verification using Smartphone and Smartwatch. (1%)
On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks. (1%)
Efficient Sharpness-aware Minimization for Improved Training of Neural Networks. (1%)
Stegomalware: A Systematic Survey of MalwareHiding and Detection in Images, Machine LearningModels and Research Challenges. (1%)
Exploring the Common Principal Subspace of Deep Features in Neural Networks. (1%)
Generalizing Neural Networks by Reflecting Deviating Data in Production. (1%)
2021-10-05
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems. (99%)
Adversarial Attacks on Black Box Video Classifiers: Leveraging the Power of Geometric Transformations. (99%)
Adversarial defenses via a mixture of generators. (99%)
Neural Network Adversarial Attack Method Based on Improved Genetic Algorithm. (92%)
BadPre: Task-agnostic Backdoor Attacks to Pre-trained NLP Foundation Models. (33%)
Spectral Bias in Practice: The Role of Function Frequency in Generalization. (1%)
CADA: Multi-scale Collaborative Adversarial Domain Adaptation for Unsupervised Optic Disc and Cup Segmentation. (1%)
Noisy Feature Mixup. (1%)
2021-10-04
Benchmarking Safety Monitors for Image Classifiers with Machine Learning. (1%)
2021-10-03
Adversarial Examples Generation for Reducing Implicit Gender Bias in Pre-trained Models. (82%)
2021-10-02
Evaluating Deep Learning Models and Adversarial Attacks on Accelerometer-Based Gesture Authentication. (98%)
Anti-aliasing Deep Image Classifiers using Novel Depth Adaptive Blurring and Activation Function. (13%)
2021-10-01
Calibrated Adversarial Training. (98%)
Universal Adversarial Spoofing Attacks against Face Recognition. (87%)
Score-Based Generative Classifiers. (84%)
One Timestep is All You Need: Training Spiking Neural Networks with Ultra Low Latency. (1%)
2021-09-30
Mitigating Black-Box Adversarial Attacks via Output Noise Perturbation. (98%)
You Cannot Easily Catch Me: A Low-Detectable Adversarial Patch for Object Detectors. (95%)
Adversarial Semantic Contour for Object Detection. (92%)
From Zero-Shot Machine Learning to Zero-Day Attack Detection. (10%)
2021-09-29
On Brightness Agnostic Adversarial Examples Against Face Recognition Systems. (99%)
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks. (70%)
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining. (41%)
Mitigation of Adversarial Policy Imitation via Constrained Randomization of Policy (CRoP). (10%)
2021-09-28
slimTrain -- A Stochastic Approximation Method for Training Separable Deep Neural Networks. (1%)
2021-09-27
MUTEN: Boosting Gradient-Based Adversarial Attacks via Mutant-Based Ensembles. (99%)
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors. (99%)
Classification and Adversarial examples in an Overparameterized Linear Model: A Signal Processing Perspective. (98%)
GANG-MAM: GAN based enGine for Modifying Android Malware. (64%)
Distributionally Robust Multi-Output Regression Ranking. (3%)
Improving Uncertainty of Deep Learning-based Object Classification on Radar Spectra using Label Smoothing. (1%)
Federated Deep Learning with Bayesian Privacy. (1%)
2021-09-26
Distributionally Robust Multiclass Classification and Applications in Deep CNN Image Classifiers. (11%)
2021-09-25
Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency. (99%)
Contributions to Large Scale Bayesian Inference and Adversarial Machine Learning. (98%)
MINIMAL: Mining Models for Data Free Universal Adversarial Triggers. (93%)
2021-09-24
Local Intrinsic Dimensionality Signals Adversarial Perturbations. (98%)
2021-09-23
Breaking BERT: Understanding its Vulnerabilities for Biomedical Named Entity Recognition through Adversarial Attack. (98%)
FooBaR: Fault Fooling Backdoor Attack on Neural Network Training. (88%)
AES Systems Are Both Overstable And Oversensitive: Explaining Why And Proposing Defenses. (68%)
DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications. (1%)
2021-09-22
Exploring Adversarial Examples for Efficient Active Learning in Machine Learning Classifiers. (99%)
CC-Cert: A Probabilistic Approach to Certify General Robustness of Neural Networks. (81%)
Security Analysis of Capsule Network Inference using Horizontal Collaboration. (69%)
Adversarial Transfer Attacks With Unknown Data and Class Overlap. (62%)
Pushing the Right Buttons: Adversarial Evaluation of Quality Estimation. (1%)
Backdoor Attacks on Federated Learning with Lottery Ticket Hypothesis. (1%)
2021-09-21
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability. (99%)
3D Point Cloud Completion with Geometric-Aware Adversarial Augmentation. (93%)
DeSMP: Differential Privacy-exploited Stealthy Model Poisoning Attacks in Federated Learning. (76%)
Privacy, Security, and Utility Analysis of Differentially Private CPES Data. (13%)
2021-09-20
Robust Physical-World Attacks on Face Recognition. (99%)
Modeling Adversarial Noise for Adversarial Defense. (99%)
Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection? (99%)
Robustness Analysis of Deep Learning Frameworks on Mobile Platforms. (10%)
"Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real World. (2%)
Towards Energy-Efficient and Secure Edge AI: A Cross-Layer Framework. (1%)
2021-09-19
On the Noise Stability and Robustness of Adversarially Trained Networks on NVM Crossbars. (99%)
Adversarial Training with Contrastive Learning in NLP. (16%)
2021-09-18
Clean-label Backdoor Attack against Deep Hashing based Retrieval. (98%)
2021-09-17
Messing Up 3D Virtual Environments: Transferable Adversarial 3D Objects. (98%)
Exploring the Training Robustness of Distributional Reinforcement Learning against Noisy State Observations. (8%)
2021-09-16
Harnessing Perceptual Adversarial Patches for Crowd Counting. (99%)
KATANA: Simple Post-Training Robustness Using Test Time Augmentations. (98%)
Targeted Attack on Deep RL-based Autonomous Driving with Learned Visual Patterns. (96%)
Adversarial Attacks against Deep Learning Based Power Control in Wireless Communications. (95%)
Don't Search for a Search Method -- Simple Heuristics Suffice for Adversarial Text Attacks. (68%)
Membership Inference Attacks Against Recommender Systems. (3%)
2021-09-15
Universal Adversarial Attack on Deep Learning Based Prognostics. (99%)
Balancing detectability and performance of attacks on the control channel of Markov Decision Processes. (98%)
FCA: Learning a 3D Full-coverage Vehicle Camouflage for Multi-view Physical Adversarial Attack. (95%)
BERT is Robust! A Case Against Synonym-Based Adversarial Examples in Text Classification. (92%)
Adversarial Mixing Policy for Relaxing Locally Linear Constraints in Mixup. (13%)
Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side Channel. (10%)
2021-09-14
A Novel Data Encryption Method Inspired by Adversarial Attacks. (99%)
Improving Gradient-based Adversarial Training for Text Classification by Contrastive Learning and Auto-Encoder. (99%)
PETGEN: Personalized Text Generation Attack on Deep Sequence Embedding-based Classification Models. (99%)
EVAGAN: Evasion Generative Adversarial Network for Low Data Regimes. (76%)
Dodging Attack Using Carefully Crafted Natural Makeup. (47%)
Avengers Ensemble! Improving Transferability of Authorship Obfuscation. (12%)
ARCH: Efficient Adversarial Regularized Training with Caching. (8%)
2021-09-13
Adversarial Bone Length Attack on Action Recognition. (99%)
Randomized Substitution and Vote for Textual Adversarial Example Detection. (99%)
Improving the Robustness of Adversarial Attacks Using an Affine-Invariant Gradient Estimator. (99%)
Evolving Architectures with Gradient Misalignment toward Low Adversarial Transferability. (98%)
A Practical Adversarial Attack on Contingency Detection of Smart Energy Systems. (98%)
Adversarial Examples for Evaluating Math Word Problem Solvers. (96%)
PAT: Pseudo-Adversarial Training For Detecting Adversarial Videos. (86%)
Byzantine-robust Federated Learning through Collaborative Malicious Gradient Filtering. (81%)
Formalizing and Estimating Distribution Inference Risks. (62%)
Virtual Data Augmentation: A Robust and General Framework for Fine-tuning Pre-trained Models. (50%)
Sensor Adversarial Traits: Analyzing Robustness of 3D Object Detection Sensor Fusion Models. (16%)
Adversarially Trained Object Detector for Unsupervised Domain Adaptation. (3%)
Perturbation CheckLists for Evaluating NLG Evaluation Metrics. (1%)
How to Select One Among All? An Extensive Empirical Study Towards the Robustness of Knowledge Distillation in Natural Language Understanding. (1%)
Detecting Safety Problems of Multi-Sensor Fusion in Autonomous Driving. (1%)
2021-09-12
TREATED:Towards Universal Defense against Textual Adversarial Attacks. (99%)
CoG: a Two-View Co-training Framework for Defending Adversarial Attacks on Graph. (98%)
Check Your Other Door! Creating Backdoor Attacks in the Frequency Domain. (93%)
RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models. (84%)
Shape-Biased Domain Generalization via Shock Graph Embeddings. (2%)
Source Inference Attacks in Federated Learning. (1%)
2021-09-11
RobustART: Benchmarking Robustness on Architecture Design and Training Techniques. (98%)
2-in-1 Accelerator: Enabling Random Precision Switch for Winning Both Adversarial Robustness and Efficiency. (81%)
2021-09-10
A Strong Baseline for Query Efficient Attacks in a Black Box Setting. (99%)
2021-09-09
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification. (99%)
Energy Attack: On Transferring Adversarial Examples. (99%)
Protein Folding Neural Networks Are Not Robust. (99%)
Towards Transferable Adversarial Attacks on Vision Transformers. (99%)
Multi-granularity Textual Adversarial Attack with Behavior Cloning. (98%)
Spatially Focused Attack against Spatiotemporal Graph Neural Networks. (81%)
Differential Privacy in Personalized Pricing with Nonparametric Demand Models. (26%)
EvilModel 2.0: Bringing Neural Network Models into Malware Attacks. (5%)
2021-09-08
Membership Inference Attacks Against Temporally Correlated Data in Deep Reinforcement Learning. (89%)
Robust Optimal Classification Trees Against Adversarial Examples. (80%)
2021-09-07
Adversarial Parameter Defense by Multi-Step Risk Minimization. (98%)
POW-HOW: An enduring timing side-channel to evade online malware sandboxes. (12%)
Unpaired Adversarial Learning for Single Image Deraining with Rain-Space Contrastive Constraints. (1%)
2021-09-06
Robustness and Generalization via Generative Adversarial Training. (82%)
Trojan Signatures in DNN Weights. (33%)
Automated Robustness with Adversarial Training as a Post-Processing Step. (4%)
Exposing Length Divergence Bias of Textual Matching Models. (2%)
2021-09-05
Efficient Combinatorial Optimization for Word-level Adversarial Textual Attack. (98%)
Tolerating Adversarial Attacks and Byzantine Faults in Distributed Machine Learning. (2%)
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode. (1%)
2021-09-04
Real-World Adversarial Examples involving Makeup Application. (99%)
Utilizing Adversarial Targeted Attacks to Boost Adversarial Robustness. (99%)
Training Meta-Surrogate Model for Transferable Adversarial Attack. (99%)
2021-09-03
SEC4SR: A Security Analysis Platform for Speaker Recognition. (99%)
Risk Assessment for Connected Vehicles under Stealthy Attacks on Vehicle-to-Vehicle Networks. (1%)
2021-09-02
A Synergetic Attack against Neural Network Classifiers combining Backdoor and Adversarial Examples. (99%)
Impact of Attention on Adversarial Robustness of Image Classification Models. (99%)
Adversarial Robustness for Unsupervised Domain Adaptation. (98%)
Real World Robustness from Systematic Noise. (91%)
Building Compact and Robust Deep Neural Networks with Toeplitz Matrices. (61%)
2021-09-01
Towards Improving Adversarial Training of NLP Models. (98%)
Excess Capacity and Backdoor Poisoning. (97%)
Regional Adversarial Training for Better Robust Generalization. (96%)
R-SNN: An Analysis and Design Methodology for Robustifying Spiking Neural Networks against Adversarial Attacks through Noise Filters for Dynamic Vision Sensors. (86%)
Proof Transfer for Neural Network Verification. (9%)
Guarding Machine Learning Hardware Against Physical Side-Channel Attacks. (2%)
2021-08-31
EG-Booster: Explanation-Guided Booster of ML Evasion Attacks. (99%)
Morphence: Moving Target Defense Against Adversarial Examples. (99%)
DPA: Learning Robust Physical Adversarial Camouflages for Object Detectors. (93%)
Black-Box Attacks on Sequential Recommenders via Data-Free Model Extraction. (83%)
Segmentation Fault: A Cheap Defense Against Adversarial Machine Learning. (75%)
Backdoor Attacks on Pre-trained Models by Layerwise Weight Poisoning. (4%)
2021-08-30
Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings. (99%)
Investigating Vulnerabilities of Deep Neural Policies. (99%)
Adversarial Example Devastation and Detection on Speech Recognition System by Adding Random Noise. (99%)
Single Node Injection Attack against Graph Neural Networks. (68%)
Benchmarking the Accuracy and Robustness of Feedback Alignment Algorithms. (41%)
Adaptive perturbation adversarial training: based on reinforcement learning. (41%)
How Does Adversarial Fine-Tuning Benefit BERT? (33%)
ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation. (26%)
DuTrust: A Sentiment Analysis Dataset for Trustworthiness Evaluation. (1%)
2021-08-29
Searching for an Effective Defender: Benchmarking Defense against Adversarial Word Substitution. (99%)
Reinforcement Learning Based Sparse Black-box Adversarial Attack on Video Recognition Models. (98%)
DropAttack: A Masked Weight Adversarial Training Method to Improve Generalization of Neural Networks. (82%)
HAT4RD: Hierarchical Adversarial Training for Rumor Detection on Social Media. (81%)
2021-08-27
Mal2GCN: A Robust Malware Detection Approach Using Deep Graph Convolutional Networks With Non-Negative Weights. (99%)
Disrupting Adversarial Transferability in Deep Neural Networks. (98%)
Evaluating the Robustness of Neural Language Models to Input Perturbations. (16%)
Deep learning models are not robust against noise in clinical text. (1%)
2021-08-26
Understanding the Logit Distributions of Adversarially-Trained Deep Neural Networks. (99%)
A Hierarchical Assessment of Adversarial Severity. (98%)
Physical Adversarial Attacks on an Aerial Imagery Object Detector. (96%)
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference. (80%)
Detection and Continual Learning of Novel Face Presentation Attacks. (2%)
2021-08-25
Adversarially Robust One-class Novelty Detection. (99%)
Certifiers Make Neural Networks Vulnerable to Availability Attacks. (99%)
Bridged Adversarial Training. (93%)
Generalized Real-World Super-Resolution through Adversarial Robustness. (93%)
2021-08-24
Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE. (99%)
Are socially-aware trajectory prediction models really socially-aware? (92%)
OOWL500: Overcoming Dataset Collection Bias in the Wild. (76%)
StyleAugment: Learning Texture De-biased Representations by Style Augmentation without Pre-defined Textures. (1%)
2021-08-23
Adversarial Robustness of Deep Learning: Theory, Algorithms, and Applications. (99%)
Semantic-Preserving Adversarial Text Attacks. (99%)
Deep Bayesian Image Set Classification: A Defence Approach against Adversarial Attacks. (99%)
Kryptonite: An Adversarial Attack Using Regional Focus. (99%)
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning. (73%)
SegMix: Co-occurrence Driven Mixup for Semantic Segmentation and Adversarial Robustness. (4%)
2021-08-22
Robustness-via-Synthesis: Robust Training with Generative Adversarial Perturbations. (99%)
Multi-Expert Adversarial Attack Detection in Person Re-identification Using Context Inconsistency. (98%)
Relating CNNs with brain: Challenges and findings. (10%)
2021-08-21
A Hard Label Black-box Adversarial Attack Against Graph Neural Networks. (99%)
"Adversarial Examples" for Proof-of-Learning. (98%)
Regularizing Instabilities in Image Reconstruction Arising from Learned Denoisers. (2%)
2021-08-20
AdvDrop: Adversarial Attack to DNNs by Dropping Information. (99%)
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier. (99%)
Integer-arithmetic-only Certified Robustness for Quantized Neural Networks. (98%)
Towards Understanding the Generative Capability of Adversarially Robust Classifiers. (98%)
Detecting and Segmenting Adversarial Graphics Patterns from Images. (93%)
UnSplit: Data-Oblivious Model Inversion, Model Stealing, and Label Inference Attacks Against Split Learning. (1%)
Early-exit deep neural networks for distorted images: providing an efficient edge offloading. (1%)
2021-08-19
Application of Adversarial Examples to Physical ECG Signals. (99%)
Pruning in the Face of Adversaries. (99%)
ASAT: Adaptively Scaled Adversarial Training in Time Series. (98%)
Amplitude-Phase Recombination: Rethinking Robustness of Convolutional Neural Networks in Frequency Domain. (80%)
2021-08-18
Revisiting Adversarial Robustness Distillation: Robust Soft Labels Make Student Better. (99%)
Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes. (98%)
MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression. (45%)
Proceedings of the 1st International Workshop on Adaptive Cyber Defense. (1%)
2021-08-17
When Should You Defend Your Classifier -- A Game-theoretical Analysis of Countermeasures against Adversarial Examples. (98%)
Adversarial Relighting Against Face Recognition. (98%)
Semantic Perturbations with Normalizing Flows for Improved Generalization. (13%)
Coalesced Multi-Output Tsetlin Machines with Clause Sharing. (1%)
Appearance Based Deep Domain Adaptation for the Classification of Aerial Images. (1%)
2021-08-16
Exploring Transferable and Robust Adversarial Perturbation Generation from the Perspective of Network Hierarchy. (99%)
Interpreting Attributions and Interactions of Adversarial Attacks. (83%)
Patch Attack Invariance: How Sensitive are Patch Attacks to 3D Pose? (62%)
NeuraCrypt is not private. (10%)
Identifying and Exploiting Structures for Reliable Deep Learning. (2%)
On the Opportunities and Risks of Foundation Models. (2%)
2021-08-15
Neural Architecture Dilation for Adversarial Robustness. (81%)
Deep Adversarially-Enhanced k-Nearest Neighbors. (74%)
IADA: Iterative Adversarial Data Augmentation Using Formal Verification and Expert Guidance. (1%)
2021-08-14
LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis. (1%)
2021-08-13
Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks. (99%)
Optical Adversarial Attack. (98%)
Understanding Structural Vulnerability in Graph Convolutional Networks. (96%)
The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs. (1%)
2021-08-12
AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-directional Metric Learning. (99%)
Deep adversarial attack on target detection systems. (99%)
Hatemoji: A Test Suite and Adversarially-Generated Dataset for Benchmarking and Detecting Emoji-based Hate. (69%)
2021-08-11
Turning Your Strength against You: Detecting and Mitigating Robust and Universal Adversarial Patch Attacks. (99%)
Attacks against Ranking Algorithms with Text Embeddings: a Case Study on Recruitment Algorithms. (78%)
Are Neural Ranking Models Robust? (4%)
Logic Explained Networks. (1%)
2021-08-10
Simple black-box universal adversarial attacks on medical image classification based on deep neural networks. (99%)
On the Effect of Pruning on Adversarial Robustness. (81%)
SoK: How Robust is Image Classification Deep Neural Network Watermarking? (Extended Version). (68%)
Perturbing Inputs for Fragile Interpretations in Deep Natural Language Processing. (64%)
UniNet: A Unified Scene Understanding Network and Exploring Multi-Task Relationships through the Lens of Adversarial Attacks. (2%)
Instance-wise Hard Negative Example Generation for Contrastive Learning in Unpaired Image-to-Image Translation. (1%)
2021-08-09
Meta Gradient Adversarial Attack. (99%)
On Procedural Adversarial Noise Attack And Defense. (99%)
Enhancing Knowledge Tracing via Adversarial Training. (98%)
Neural Network Repair with Reachability Analysis. (96%)
Classification Auto-Encoder based Detector against Diverse Data Poisoning Attacks. (92%)
Mis-spoke or mis-lead: Achieving Robustness in Multi-Agent Communicative Reinforcement Learning. (82%)
Privacy-Preserving Machine Learning: Methods, Challenges and Directions. (16%)
Explainable AI and susceptibility to adversarial attacks: a case study in classification of breast ultrasound images. (15%)
2021-08-07
Jointly Attacking Graph Neural Network and its Explanations. (96%)
Membership Inference Attacks on Lottery Ticket Networks. (33%)
Information Bottleneck Approach to Spatial Attention Learning. (1%)
2021-08-06
Evaluating Adversarial Attacks on Driving Safety in Vision-Based Autonomous Vehicles. (80%)
Ensemble Augmentation for Deep Neural Networks Using 1-D Time Series Vibration Data. (2%)
2021-08-05
BOSS: Bidirectional One-Shot Synthesis of Adversarial Examples. (99%)
Poison Ink: Robust and Invisible Backdoor Attack. (99%)
Imperceptible Adversarial Examples by Spatial Chroma-Shift. (99%)
Householder Activations for Provable Robustness against Adversarial Attacks. (83%)
Fairness Properties of Face Recognition and Obfuscation Systems. (68%)
Exploring Structure Consistency for Deep Model Watermarking. (10%)
Locally Interpretable One-Class Anomaly Detection for Credit Card Fraud Detection. (1%)
2021-08-04
Robust Transfer Learning with Pretrained Language Models through Adapters. (82%)
Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective. (31%)
2021-08-03
On the Robustness of Domain Adaption to Adversarial Attacks. (99%)
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples. (99%)
AdvRush: Searching for Adversarially Robust Neural Architectures. (99%)
The Devil is in the GAN: Backdoor Attacks and Defenses in Deep Generative Models. (88%)
DeepFreeze: Cold Boot Attacks and High Fidelity Model Recovery on Commercial EdgeML Device. (69%)
Tutorials on Testing Neural Networks. (1%)
2021-08-02
Hybrid Classical-Quantum Deep Learning Models for Autonomous Vehicle Traffic Image Classification Under Adversarial Attack. (98%)
Adversarial Attacks Against Deep Reinforcement Learning Framework in Internet of Vehicles. (10%)
Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. (9%)
Efficacy of Statistical and Artificial Intelligence-based False Information Cyberattack Detection Models for Connected Vehicles. (1%)
2021-08-01
Advances in adversarial attacks and defenses in computer vision: A survey. (92%)
Certified Defense via Latent Space Randomized Smoothing with Orthogonal Encoders. (80%)
An Effective and Robust Detector for Logo Detection. (70%)
Style Curriculum Learning for Robust Medical Image Segmentation. (2%)
2021-07-31
Delving into Deep Image Prior for Adversarial Defense: A Novel Reconstruction-based Defense Framework. (99%)
Adversarial Robustness of Deep Code Comment Generation. (99%)
Towards Adversarially Robust and Domain Generalizable Stereo Matching by Rethinking DNN Feature Backbones. (93%)
T$_k$ML-AP: Adversarial Attacks to Top-$k$ Multi-Label Learning. (81%)
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning. (67%)
Fair Representation Learning using Interpolation Enabled Disentanglement. (1%)
2021-07-30
Who's Afraid of Thomas Bayes? (92%)
Practical Attacks on Voice Spoofing Countermeasures. (86%)
Can You Hear It? Backdoor Attacks via Ultrasonic Triggers. (50%)
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection. (13%)
2021-07-29
Feature Importance-aware Transferable Adversarial Attacks. (99%)
Enhancing Adversarial Robustness via Test-time Transformation Ensembling. (98%)
The Robustness of Graph k-shell Structure under Adversarial Attacks. (93%)
Understanding the Effects of Adversarial Personalized Ranking Optimization Method on Recommendation Quality. (31%)
Towards robust vision by multi-task learning on monkey visual cortex. (3%)
2021-07-28
Imbalanced Adversarial Training with Reweighting. (86%)
Towards Robustness Against Natural Language Word Substitutions. (73%)
Models of Computational Profiles to Study the Likelihood of DNN Metamorphic Test Cases. (67%)
WaveCNet: Wavelet Integrated CNNs to Suppress Aliasing Effect for Noise-Robust Image Classification. (15%)
TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data Releasing. (2%)
2021-07-27
Towards Black-box Attacks on Deep Learning Apps. (89%)
Poisoning Online Learning Filters: DDoS Attacks and Countermeasures. (50%)
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks. (8%)
2021-07-26
Benign Adversarial Attack: Tricking Models for Goodness. (99%)
Learning to Adversarially Blur Visual Object Tracking. (98%)
Adversarial Attacks with Time-Scale Representations. (96%)
2021-07-24
Adversarial training may be a double-edged sword. (99%)
Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them. (98%)
Stress Test Evaluation of Biomedical Word Embeddings. (73%)
X-GGM: Graph Generative Modeling for Out-of-Distribution Generalization in Visual Question Answering. (1%)
2021-07-23
A Differentiable Language Model Adversarial Attack on Text Classifiers. (99%)
Structack: Structure-based Adversarial Attacks on Graph Neural Networks. (86%)
Adversarial Reinforced Instruction Attacker for Robust Vision-Language Navigation. (45%)
Clipped Hyperbolic Classifiers Are Super-Hyperbolic Classifiers. (8%)
2021-07-22
On the Certified Robustness for Ensemble Models and Beyond. (99%)
Unsupervised Detection of Adversarial Examples with Model Explanations. (99%)
Membership Inference Attack and Defense for Wireless Signal Classifiers with Deep Learning. (83%)
Towards Explaining Adversarial Examples Phenomenon in Artificial Neural Networks. (75%)
Estimating Predictive Uncertainty Under Program Data Distribution Shift. (1%)
Ready for Emerging Threats to Recommender Systems? A Graph Convolution-based Generative Shilling Attack. (1%)
2021-07-21
Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients. (98%)
Improved Text Classification via Contrastive Adversarial Training. (84%)
Black-box Probe for Unsupervised Domain Adaptation without Model Transferring. (81%)
Defending against Reconstruction Attack in Vertical Federated Learning. (10%)
Generative Models for Security: Attacks, Defenses, and Opportunities. (10%)
A Tandem Framework Balancing Privacy and Security for Voice User Interfaces. (5%)
Spinning Sequence-to-Sequence Models with Meta-Backdoors. (4%)
On the Convergence of Prior-Guided Zeroth-Order Optimization Algorithms. (2%)
2021-07-20
Using Undervolting as an On-Device Defense Against Adversarial Machine Learning Attacks. (99%)
A Markov Game Model for AI-based Cyber Security Attack Mitigation. (10%)
Leaking Secrets through Modern Branch Predictor in the Speculative World. (1%)
2021-07-19
Discriminator-Free Generative Adversarial Attack. (99%)
Feature-Filter: Detecting Adversarial Examples through Filtering off Recessive Features. (99%)
Examining the Human Perceptibility of Black-Box Adversarial Attacks on Face Recognition. (98%)
On the Veracity of Local, Model-agnostic Explanations in Audio Classification: Targeted Investigations with Adversarial Examples. (80%)
MEGEX: Data-Free Model Extraction Attack against Gradient-Based Explainable AI. (33%)
Structural Watermarking to Deep Neural Networks via Network Channel Pruning. (11%)
Generative Adversarial Neural Cellular Automata. (1%)
Improving Interpretability of Deep Neural Networks in Medical Diagnosis by Investigating the Individual Units. (1%)
Just Train Twice: Improving Group Robustness without Training Group Information. (1%)
2021-07-18
RobustFed: A Truth Inference Approach for Robust Federated Learning. (1%)
2021-07-17
BEDS-Bench: Behavior of EHR-models under Distributional Shift--A Benchmark. (9%)
2021-07-16
EGC2: Enhanced Graph Classification with Easy Graph Compression. (89%)
Proceedings of ICML 2021 Workshop on Theoretic Foundation, Criticism, and Application Trend of Explainable AI. (1%)
2021-07-15
Self-Supervised Contrastive Learning with Adversarial Perturbations for Defending Word Substitution-based Attacks. (99%)
Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving. (98%)
ECG-Adv-GAN: Detecting ECG Adversarial Examples with Conditional Generative Adversarial Networks. (92%)
Adversarial Attack for Uncertainty Estimation: Identifying Critical Regions in Neural Networks. (80%)
Subnet Replacement: Deployment-stage backdoor attack against deep neural networks in gray-box setting. (16%)
Tailor: Generating and Perturbing Text with Semantic Controls. (3%)
Shifts: A Dataset of Real Distributional Shift Across Multiple Large-Scale Tasks. (1%)
2021-07-14
AdvFilter: Predictive Perturbation-aware Filtering against Adversarial Attack via Multi-domain Learning. (99%)
Conservative Objective Models for Effective Offline Model-Based Optimization. (67%)
2021-07-13
AID-Purifier: A Light Auxiliary Network for Boosting Adversarial Defense. (88%)
Using BERT Encoding to Tackle the Mad-lib Attack in SMS Spam Detection. (69%)
Correlation Analysis between the Robustness of Sparse Neural Networks and their Random Hidden Structural Priors. (41%)
What classifiers know what they don't? (1%)
2021-07-12
EvoBA: An Evolution Strategy as a Strong Baseline forBlack-Box Adversarial Attacks. (99%)
Detect and Defense Against Adversarial Examples in Deep Learning using Natural Scene Statistics and Adaptive Denoising. (99%)
Perceptual-based deep-learning denoiser as a defense against adversarial attacks on ASR systems. (96%)
Putting words into the system's mouth: A targeted attack on neural machine translation using monolingual data poisoning. (81%)
A Closer Look at the Adversarial Robustness of Information Bottleneck Models. (70%)
SoftHebb: Bayesian inference in unsupervised Hebbian soft winner-take-all networks. (56%)
2021-07-11
Adversarial for Good? How the Adversarial ML Community's Values Impede Socially Beneficial Uses of Attacks. (76%)
Stateful Detection of Model Extraction Attacks. (2%)
Attack Rules: An Adversarial Approach to Generate Attacks for Industrial Control Systems using Machine Learning. (1%)
2021-07-10
Hack The Box: Fooling Deep Learning Abstraction-Based Monitors. (91%)
HOMRS: High Order Metamorphic Relations Selector for Deep Neural Networks. (88%)
Identifying Layers Susceptible to Adversarial Attacks. (83%)
Out of Distribution Detection and Adversarial Attacks on Deep Neural Networks for Robust Medical Image Analysis. (22%)
Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. (1%)
2021-07-09
Learning to Detect Adversarial Examples Based on Class Scores. (99%)
Resilience of Autonomous Vehicle Object Category Detection to Universal Adversarial Perturbations. (99%)
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems. (99%)
GGT: Graph-Guided Testing for Adversarial Sample Detection of Deep Neural Network. (98%)
Towards Robust General Medical Image Segmentation. (83%)
ARC: Adversarially Robust Control Policies for Autonomous Vehicles. (38%)
2021-07-08
Output Randomization: A Novel Defense for both White-box and Black-box Adversarial Models. (99%)
Improving Model Robustness with Latent Distribution Locally and Globally. (99%)
Analytically Tractable Hidden-States Inference in Bayesian Neural Networks. (50%)
Understanding the Limits of Unsupervised Domain Adaptation via Data Poisoning. (33%)
2021-07-07
Controlled Caption Generation for Images Through Adversarial Attacks. (99%)
Incorporating Label Uncertainty in Understanding Adversarial Robustness. (38%)
RoFL: Attestable Robustness for Secure Federated Learning. (2%)
2021-07-06
GradDiv: Adversarial Robustness of Randomized Neural Networks via Gradient Diversity Regularization. (99%)
Self-Adversarial Training incorporating Forgery Attention for Image Forgery Localization. (95%)
ROPUST: Improving Robustness through Fine-tuning with Photonic Processors and Synthetic Gradients. (76%)
On Generalization of Graph Autoencoders with Adversarial Training. (12%)
On Robustness of Lane Detection Models to Physical-World Adversarial Attacks in Autonomous Driving. (1%)
2021-07-05
When and How to Fool Explainable Models (and Humans) with Adversarial Examples. (99%)
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks. (99%)
Adversarial Robustness of Probabilistic Network Embedding for Link Prediction. (87%)
Dealing with Adversarial Player Strategies in the Neural Network Game iNNk through Ensemble Learning. (69%)
Understanding the Security of Deepfake Detection. (33%)
Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems. (15%)
Poisoning Attack against Estimating from Pairwise Comparisons. (15%)
Confidence Conditioned Knowledge Distillation. (10%)
2021-07-04
Certifiably Robust Interpretation via Renyi Differential Privacy. (67%)
Mirror Mirror on the Wall: Next-Generation Wireless Jamming Attacks Based on Software-Controlled Surfaces. (1%)
2021-07-03
Demiguise Attack: Crafting Invisible Semantic Adversarial Perturbations with Perceptual Similarity. (99%)
2021-07-01
Using Anomaly Feature Vectors for Detecting, Classifying and Warning of Outlier Adversarial Examples. (99%)
DVS-Attacks: Adversarial Attacks on Dynamic Vision Sensors for Spiking Neural Networks. (99%)
CLINE: Contrastive Learning with Semantic Negative Examples for Natural Language Understanding. (68%)
Adversarial Sample Detection for Speaker Verification by Neural Vocoders. (41%)
The Interplay between Distribution Parameters and the Accuracy-Robustness Tradeoff in Classification. (16%)
Reinforcement Learning for Feedback-Enabled Cyber Resilience. (10%)
2021-06-30
In-distribution adversarial attacks on object recognition models using gradient-free search. (99%)
Single-Step Adversarial Training for Semantic Segmentation. (96%)
Understanding Adversarial Attacks on Observations in Deep Reinforcement Learning. (84%)
Explanation-Guided Diagnosis of Machine Learning Evasion Attacks. (82%)
Bi-Level Poisoning Attack Model and Countermeasure for Appliance Consumption Data of Smart Homes. (8%)
Exploring Robustness of Neural Networks through Graph Measures. (8%)
A Context-Aware Information-Based Clone Node Attack Detection Scheme in Internet of Things. (1%)
Understanding and Improving Early Stopping for Learning with Noisy Labels. (1%)
2021-06-29
Adversarial Machine Learning for Cybersecurity and Computer Vision: Current Developments and Challenges. (99%)
Understanding Adversarial Examples Through Deep Neural Network's Response Surface and Uncertainty Regions. (99%)
Attack Transferability Characterization for Adversarially Robust Multi-label Classification. (99%)
Inconspicuous Adversarial Patches for Fooling Image Recognition Systems on Mobile Devices. (99%)
Bio-Inspired Adversarial Attack Against Deep Neural Networks. (98%)
Do Not Deceive Your Employer with a Virtual Background: A Video Conferencing Manipulation-Detection System. (62%)
The Threat of Offensive AI to Organizations. (54%)
Local Reweighting for Adversarial Training. (22%)
On the Interaction of Belief Bias and Explanations. (15%)
2021-06-28
Feature Importance Guided Attack: A Model Agnostic Adversarial Attack. (99%)
Evading Adversarial Example Detection Defenses with Orthogonal Projected Gradient Descent. (99%)
Improving Transferability of Adversarial Patches on Face Recognition with Generative Models. (99%)
Data Poisoning Won't Save You From Facial Recognition. (97%)
Adversarial Robustness of Streaming Algorithms through Importance Sampling. (61%)
Test-Time Adaptation to Distribution Shift by Confidence Maximization and Input Transformation. (2%)
Certified Robustness via Randomized Smoothing over Multiplicative Parameters. (1%)
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis. (1%)
2021-06-27
RAILS: A Robust Adversarial Immune-inspired Learning System. (98%)
Who is Responsible for Adversarial Defense? (93%)
ASK: Adversarial Soft k-Nearest Neighbor Attack and Defense. (82%)
Immuno-mimetic Deep Neural Networks (Immuno-Net). (64%)
Stabilizing Equilibrium Models by Jacobian Regularization. (1%)
2021-06-26
Multi-stage Optimization based Adversarial Training. (99%)
The Feasibility and Inevitability of Stealth Attacks. (69%)
2021-06-24
On the (Un-)Avoidability of Adversarial Examples. (99%)
Countering Adversarial Examples: Combining Input Transformation and Noisy Training. (99%)
Break it, Fix it: Attack and Defense for "Add-on'' Access Control Solutions in Distributed Data Analytics Platforms. (8%)
2021-06-23
Adversarial Examples in Multi-Layer Random ReLU Networks. (81%)
Teacher Model Fingerprinting Attacks Against Transfer Learning. (2%)
Meaningfully Explaining Model Mistakes Using Conceptual Counterfactuals. (1%)
Feature Attributions and Counterfactual Explanations Can Be Manipulated. (1%)
2021-06-22
DetectX -- Adversarial Input Detection using Current Signatures in Memristive XBar Arrays. (99%)
Self-Supervised Iterative Contextual Smoothing for Efficient Adversarial Defense against Gray- and Black-Box Attack. (99%)
Long-term Cross Adversarial Training: A Robust Meta-learning Method for Few-shot Classification Tasks. (83%)
On Adversarial Robustness of Synthetic Code Generation. (81%)
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data. (67%)
FLEA: Provably Robust Fair Multisource Learning from Unreliable Training Data. (1%)
2021-06-21
Policy Smoothing for Provably Robust Reinforcement Learning. (99%)
Delving into the pixels of adversarial samples. (98%)
HODA: Hardness-Oriented Detection of Model Extraction Attacks. (98%)
Friendly Training: Neural Networks Can Adapt Data To Make Learning Easier. (91%)
Membership Inference on Word Embedding and Beyond. (38%)
An Alternative Auxiliary Task for Enhancing Image Classification. (11%)
Zero-shot learning approach to adaptive Cybersecurity using Explainable AI. (1%)
2021-06-20
Adversarial Examples Make Strong Poisons. (98%)
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem. (95%)
Generative Model Adversarial Training for Deep Compressed Sensing. (8%)
2021-06-19
Attack to Fool and Explain Deep Networks. (99%)
A Stealthy and Robust Fingerprinting Scheme for Generative Models. (47%)
2021-06-18
Residual Error: a New Performance Measure for Adversarial Robustness. (99%)
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. (99%)
The Dimpled Manifold Model of Adversarial Examples in Machine Learning. (99%)
Exploring Counterfactual Explanations Through the Lens of Adversarial Examples: A Theoretical and Empirical Analysis. (99%)
Light Lies: Optical Adversarial Attack. (92%)
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection. (82%)
Less is More: Feature Selection for Adversarial Robustness with Compressive Counter-Adversarial Attacks. (80%)
Group-Structured Adversarial Training. (68%)
Accumulative Poisoning Attacks on Real-time Data. (45%)
Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks. (45%)
Federated Robustness Propagation: Sharing Adversarial Robustness in Federated Learning. (5%)
2021-06-17
Analyzing Adversarial Robustness of Deep Neural Networks in Pixel Space: a Semantic Perspective. (99%)
Bad Characters: Imperceptible NLP Attacks. (99%)
DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs. (99%)
Adversarial Visual Robustness by Causal Intervention. (99%)
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. (92%)
Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks. (91%)
Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems. (82%)
Poisoning and Backdooring Contrastive Learning. (70%)
CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing. (69%)
CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing. (64%)
On Deep Neural Network Calibration by Regularization and its Impact on Refinement. (3%)
Effective Model Sparsification by Scheduled Grow-and-Prune Methods. (1%)
2021-06-16
Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses. (99%)
Localized Uncertainty Attacks. (99%)
Evaluating the Robustness of Bayesian Neural Networks Against Different Types of Attacks. (67%)
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch. (38%)
Explainable AI for Natural Adversarial Images. (13%)
A Winning Hand: Compressing Deep Networks Can Improve Out-Of-Distribution Robustness. (2%)
Scaling-up Diverse Orthogonal Convolutional Networks with a Paraunitary Framework. (1%)
Loki: Hardening Code Obfuscation Against Automated Attacks. (1%)
2021-06-15
Adversarial Attacks on Deep Models for Financial Transaction Records. (99%)
Model Extraction and Adversarial Attacks on Neural Networks using Switching Power Information. (99%)
Towards Adversarial Robustness via Transductive Learning. (80%)
Voting for the right answer: Adversarial defense for speaker verification. (78%)
Detect and remove watermark in deep neural networks via generative adversarial networks. (68%)
CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. (13%)
Securing Face Liveness Detection Using Unforgeable Lip Motion Patterns. (12%)
Probabilistic Margins for Instance Reweighting in Adversarial Training. (8%)
CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals. (1%)
2021-06-14
PopSkipJump: Decision-Based Attack for Probabilistic Classifiers. (99%)
Now You See It, Now You Dont: Adversarial Vulnerabilities in Computational Pathology. (99%)
Audio Attacks and Defenses against AED Systems -- A Practical Study. (99%)
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions. (92%)
Evading Malware Classifiers via Monte Carlo Mutant Feature Discovery. (81%)
On the Relationship between Heterophily and Robustness of Graph Neural Networks. (81%)
Partial success in closing the gap between human and machine vision. (15%)
Text Generation with Efficient (Soft) Q-Learning. (2%)
Resilient Control of Platooning Networked Robitic Systems via Dynamic Watermarking. (1%)
Self-training Guided Adversarial Domain Adaptation For Thermal Imagery. (1%)
Code Integrity Attestation for PLCs using Black Box Neural Network Predictions. (1%)
2021-06-13
Target Model Agnostic Adversarial Attacks with Query Budgets on Language Understanding Models. (99%)
Selection of Source Images Heavily Influences the Effectiveness of Adversarial Attacks. (99%)
ATRAS: Adversarially Trained Robust Architecture Search. (96%)
Security Analysis of Camera-LiDAR Semantic-Level Fusion Against Black-Box Attacks on Autonomous Vehicles. (64%)
Weakly-supervised High-resolution Segmentation of Mammography Images for Breast Cancer Diagnosis. (1%)
HistoTransfer: Understanding Transfer Learning for Histopathology. (1%)
2021-06-12
Adversarial Robustness via Fisher-Rao Regularization. (67%)
What can linearized neural networks actually say about generalization? (31%)
FeSHI: Feature Map Based Stealthy Hardware Intrinsic Attack. (2%)
2021-06-11
CausalAdv: Adversarial Robustness through the Lens of Causality. (99%)
Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks. (99%)
Adversarial purification with Score-based generative models. (89%)
Relaxing Local Robustness. (80%)
TDGIA:Effective Injection Attacks on Graph Neural Networks. (76%)
Turn the Combination Lock: Learnable Textual Backdoor Attacks via Word Substitution. (56%)
CARTL: Cooperative Adversarially-Robust Transfer Learning. (8%)
A Shuffling Framework for Local Differential Privacy. (1%)
2021-06-10
Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm. (99%)
Deep neural network loses attention to adversarial images. (99%)
Verifying Quantized Neural Networks using SMT-Based Model Checking. (92%)
Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation. (80%)
An Ensemble Approach Towards Adversarial Robustness. (41%)
Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning. (1%)
Fair Classification with Adversarial Perturbations. (1%)
2021-06-09
HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks. (99%)
Towards Defending against Adversarial Examples via Attack-Invariant Features. (99%)
Attacking Adversarial Attacks as A Defense. (99%)
Improving White-box Robustness of Pre-processing Defenses via Joint Adversarial Training. (99%)
We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature. (98%)
Who Is the Strongest Enemy? Towards Optimal and Efficient Evasion Attacks in Deep RL. (97%)
URLTran: Improving Phishing URL Detection Using Transformers. (10%)
ZoPE: A Fast Optimizer for ReLU Networks with Low-Dimensional Inputs. (5%)
Practical Machine Learning Safety: A Survey and Primer. (4%)
Network insensitivity to parameter noise via adversarial regularization. (2%)
2021-06-08
On Improving Adversarial Transferability of Vision Transformers. (99%)
Simulated Adversarial Testing of Face Recognition Models. (99%)
Towards the Memorization Effect of Neural Networks in Adversarial Training. (93%)
Handcrafted Backdoors in Deep Neural Networks. (92%)
Enhancing Robustness of Neural Networks through Fourier Stabilization. (73%)
Provably Robust Detection of Out-of-distribution Data (almost) for free. (26%)
2021-06-07
Adversarial Attack and Defense in Deep Ranking. (99%)
Reveal of Vision Transformers Robustness against Adversarial Attacks. (99%)
Position Bias Mitigation: A Knowledge-Aware Graph Model for Emotion Cause Extraction. (89%)
3DB: A Framework for Debugging Computer Vision Models. (45%)
RoSearch: Search for Robust Student Architectures When Distilling Pre-trained Language Models. (11%)
Semantically Adversarial Scenario Generation with Explicit Knowledge Guidance. (1%)
2021-06-06
A Primer on Multi-Neuron Relaxation-based Adversarial Robustness Certification. (98%)
Zero-Shot Knowledge Distillation from a Decision-Based Black-Box Model. (4%)
2021-06-05
Ensemble Defense with Data Diversity: Weak Correlation Implies Strong Robustness. (92%)
Robust Stochastic Linear Contextual Bandits Under Adversarial Attacks. (69%)
RDA: Robust Domain Adaptation via Fourier Adversarial Attacking. (2%)
2021-06-04
Revisiting Hilbert-Schmidt Information Bottleneck for Adversarial Robustness. (99%)
BO-DBA: Query-Efficient Decision-Based Adversarial Attacks via Bayesian Optimization. (99%)
Human-Adversarial Visual Question Answering. (31%)
Predify: Augmenting deep neural networks with brain-inspired predictive coding dynamics. (15%)
DOCTOR: A Simple Method for Detecting Misclassification Errors. (1%)
Teaching keyword spotters to spot new keywords with limited examples. (1%)
2021-06-03
Improving the Transferability of Adversarial Examples with New Iteration Framework and Input Dropout. (99%)
Imperceptible Adversarial Examples for Fake Image Detection. (99%)
A Little Robustness Goes a Long Way: Leveraging Universal Features for Targeted Transfer Attacks. (99%)
Transferable Adversarial Examples for Anchor Free Object Detection. (99%)
Exploring Memorization in Adversarial Training. (98%)
Improving Neural Network Robustness via Persistency of Excitation. (68%)
Defending against Backdoor Attacks in Natural Language Generation. (38%)
Sneak Attack against Mobile Robotic Networks under Formation Control. (1%)
2021-06-02
PDPGD: Primal-Dual Proximal Gradient Descent Adversarial Attack. (99%)
Towards Robustness of Text-to-SQL Models against Synonym Substitution. (75%)
BERT-Defense: A Probabilistic Model Based on BERT to Combat Cognitively Inspired Orthographic Adversarial Attacks. (62%)
2021-06-01
Adversarial Defense for Automatic Speaker Verification by Self-Supervised Learning. (99%)
Improving Compositionality of Neural Networks by Decoding Representations to Inputs. (68%)
Markpainting: Adversarial Machine Learning meets Inpainting. (12%)
On the Efficacy of Adversarial Data Collection for Question Answering: Results from a Large-Scale Randomized Study. (9%)
Adversarial VQA: A New Benchmark for Evaluating the Robustness of VQA Models. (5%)
Memory Wrap: a Data-Efficient and Interpretable Extension to Image Classification Models. (1%)
Concurrent Adversarial Learning for Large-Batch Training. (1%)
2021-05-31
Adaptive Feature Alignment for Adversarial Training. (99%)
QueryNet: An Efficient Attack Framework with Surrogates Carrying Multiple Identities. (99%)
Transferable Sparse Adversarial Attack. (99%)
Adversarial Training with Rectified Rejection. (99%)
Robustifying $\ell_\infty$ Adversarial Training to the Union of Perturbation Models. (82%)
Dominant Patterns: Critical Features Hidden in Deep Neural Networks. (80%)
Exploration and Exploitation: Two Ways to Improve Chinese Spelling Correction Models. (75%)
Gradient-based Data Subversion Attack Against Binary Classifiers. (73%)
DISSECT: Disentangled Simultaneous Explanations via Concept Traversals. (1%)
The effectiveness of feature attribution methods and its correlation with automatic evaluation scores. (1%)
2021-05-30
Generating Adversarial Examples with Graph Neural Networks. (99%)
Defending Pre-trained Language Models from Adversarial Word Substitutions Without Performance Sacrifice. (98%)
NoiLIn: Do Noisy Labels Always Hurt Adversarial Training? (62%)
Evaluating Resilience of Encrypted Traffic Classification Against Adversarial Evasion Attacks. (62%)
DAAIN: Detection of Anomalous and Adversarial Input using Normalizing Flows. (12%)
EEG-based Cross-Subject Driver Drowsiness Recognition with an Interpretable Convolutional Neural Network. (1%)
2021-05-29
Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations. (99%)
Analysis and Applications of Class-wise Robustness in Adversarial Training. (99%)
A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices. (2%)
2021-05-28
Demotivate adversarial defense in remote sensing. (99%)
AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption. (92%)
Robust Regularization with Adversarial Labelling of Perturbed Samples. (83%)
SafeAMC: Adversarial training for robust modulation recognition models. (83%)
Towards optimally abstaining from prediction. (81%)
Rethinking Noisy Label Models: Labeler-Dependent Noise with Adversarial Awareness. (76%)
Visualizing Representations of Adversarially Perturbed Inputs. (68%)
Chromatic and spatial analysis of one-pixel attacks against an image classifier. (15%)
FoveaTer: Foveated Transformer for Image Classification. (10%)
DeepMoM: Robust Deep Learning With Median-of-Means. (1%)
2021-05-27
A BIC-based Mixture Model Defense against Data Poisoning Attacks on Classifiers. (84%)
2021-05-26
Deep Repulsive Prototypes for Adversarial Robustness. (99%)
Adversarial Attack Framework on Graph Embedding Models with Limited Knowledge. (98%)
Adversarial robustness against multiple $l_p$-threat models at the price of one and how to quickly fine-tune robust models to another threat model. (93%)
Can Linear Programs Have Adversarial Examples? A Causal Perspective. (83%)
Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger. (61%)
Fooling Partial Dependence via Data Poisoning. (13%)
2021-05-25
Practical Convex Formulation of Robust One-hidden-layer Neural Network Training. (98%)
Adversarial Attack Driven Data Augmentation for Accurate And Robust Medical Image Segmentation. (98%)
Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' Outputs. (67%)
Robust Value Iteration for Continuous Control Tasks. (9%)
2021-05-24
OFEI: A Semi-black-box Android Adversarial Sample Attack Framework Against DLaaS. (99%)
Learning Security Classifiers with Verified Global Robustness Properties. (92%)
Feature Space Targeted Attacks by Statistic Alignment. (82%)
Improved OOD Generalization via Adversarial Training and Pre-training. (12%)
Out-of-Distribution Detection in Dermatology using Input Perturbation and Subset Scanning. (5%)
AirNet: Neural Network Transmission over the Air. (1%)
Every Byte Matters: Traffic Analysis of Bluetooth Wearable Devices. (1%)
Using Adversarial Attacks to Reveal the Statistical Bias in Machine Reading Comprehension Models. (1%)
Dissecting Click Fraud Autonomy in the Wild. (1%)
2021-05-23
Killing Two Birds with One Stone: Stealing Model and Inferring Attribute from BERT-based APIs. (99%)
CMUA-Watermark: A Cross-Model Universal Adversarial Watermark for Combating Deepfakes. (92%)
Regularization Can Help Mitigate Poisoning Attacks... with the Right Hyperparameters. (12%)
2021-05-22
Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems. (99%)
Exploring Robustness of Unsupervised Domain Adaptation in Semantic Segmentation. (98%)
Securing Optical Networks using Quantum-secured Blockchain: An Overview. (1%)
2021-05-21
ReLUSyn: Synthesizing Stealthy Attacks for Deep Neural Network Based Cyber-Physical Systems. (81%)
Exploring Misclassifications of Robust Neural Networks to Enhance Adversarial Attacks. (76%)
Backdoor Attacks on Self-Supervised Learning. (68%)
Intriguing Properties of Vision Transformers. (8%)
Explainable Enterprise Credit Rating via Deep Feature Crossing Network. (1%)
2021-05-20
Simple Transparent Adversarial Examples. (99%)
Anomaly Detection of Adversarial Examples using Class-conditional Generative Adversarial Networks. (99%)
Preventing Machine Learning Poisoning Attacks Using Authentication and Provenance. (11%)
TestRank: Bringing Order into Unlabeled Test Instances for Deep Learning Tasks. (1%)
2021-05-19
Attack on practical speaker verification system using universal adversarial perturbations. (99%)
Local Aggressive Adversarial Attacks on 3D Point Cloud. (99%)
An Orthogonal Classifier for Improving the Adversarial Robustness of Neural Networks. (76%)
Balancing Robustness and Sensitivity using Feature Contrastive Learning. (15%)
DeepStrike: Remotely-Guided Fault Injection Attacks on DNN Accelerator in Cloud-FPGA. (1%)
User Label Leakage from Gradients in Federated Learning. (1%)
Hunter in the Dark: Deep Ensemble Networks for Discovering Anomalous Activity from Smart Networks. (1%)
2021-05-18
Sparta: Spatially Attentive and Adversarially Robust Activation. (99%)
Detecting Adversarial Examples with Bayesian Neural Network. (99%)
Fighting Gradients with Gradients: Dynamic Defenses against Adversarial Attacks. (98%)
On the Robustness of Domain Constraints. (98%)
Learning and Certification under Instance-targeted Poisoning. (82%)
2021-05-17
Towards Robust Vision Transformer. (95%)
Gradient Masking and the Underestimated Robustness Threats of Differential Privacy in Deep Learning. (93%)
An SDE Framework for Adversarial Training, with Convergence and Robustness Analysis. (69%)
A Fusion-Denoising Attack on InstaHide with Data Augmentation. (1%)
2021-05-16
Vision Transformers are Robust Learners. (99%)
Prototype-supervised Adversarial Network for Targeted Attack of Deep Hashing. (99%)
SoundFence: Securing Ultrasonic Sensors in Vehicles Using Physical-Layer Defense. (2%)
2021-05-15
Real-time Detection of Practical Universal Adversarial Perturbations. (99%)
2021-05-14
Salient Feature Extractor for Adversarial Defense on Deep Neural Networks. (99%)
High-Robustness, Low-Transferability Fingerprinting of Neural Networks. (9%)
Information-theoretic Evolution of Model Agnostic Global Explanations. (1%)
Iterative Algorithms for Assessing Network Resilience Against Structured Perturbations. (1%)
2021-05-13
Stochastic-Shield: A Probabilistic Approach Towards Training-Free Adversarial Defense in Quantized CNNs. (98%)
When Human Pose Estimation Meets Robustness: Adversarial Algorithms and Benchmarks. (5%)
DeepObliviate: A Powerful Charm for Erasing Data Residual Memory in Deep Neural Networks. (1%)
Biometrics: Trust, but Verify. (1%)
2021-05-12
AVA: Adversarial Vignetting Attack against Visual Recognition. (99%)
OutFlip: Generating Out-of-Domain Samples for Unknown Intent Detection with Natural Language Attack. (70%)
Adversarial Reinforcement Learning in Dynamic Channel Access and Power Control. (2%)
A Statistical Threshold for Adversarial Classification in Laplace Mechanisms. (1%)
2021-05-11
Poisoning MorphNet for Clean-Label Backdoor Attack to Point Clouds. (99%)
Improving Adversarial Transferability with Gradient Refining. (99%)
Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective. (16%)
2021-05-10
Adversarial examples attack based on random warm restart mechanism and improved Nesterov momentum. (99%)
Examining and Mitigating Kernel Saturation in Convolutional Neural Networks using Negative Images. (1%)
2021-05-09
Automated Decision-based Adversarial Attacks. (99%)
Efficiency-driven Hardware Optimization for Adversarially Robust Neural Networks. (88%)
Security Concerns on Machine Learning Solutions for 6G Networks in mmWave Beam Prediction. (81%)
Robust Training Using Natural Transformation. (13%)
Learning Image Attacks toward Vision Guided Autonomous Vehicles. (4%)
Combining Time-Dependent Force Perturbations in Robot-Assisted Surgery Training. (1%)
2021-05-08
Self-Supervised Adversarial Example Detection by Disentangled Representation. (99%)
De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks. (96%)
Certified Robustness to Text Adversarial Attacks by Randomized [MASK]. (93%)
Provable Guarantees against Data Poisoning Using Self-Expansion and Compatibility. (81%)
Mental Models of Adversarial Machine Learning. (16%)
2021-05-07
Adv-Makeup: A New Imperceptible and Transferable Attack on Face Recognition. (99%)
Uniform Convergence, Adversarial Spheres and a Simple Remedy. (15%)
2021-05-06
Dynamic Defense Approach for Adversarial Robustness in Deep Neural Networks via Stochastic Ensemble Smoothed Model. (99%)
A Simple and Strong Baseline for Universal Targeted Attacks on Siamese Visual Tracking. (99%)
Understanding Catastrophic Overfitting in Adversarial Training. (92%)
Attestation Waves: Platform Trust via Remote Power Analysis. (1%)
2021-05-05
Attack-agnostic Adversarial Detection on Medical Data Using Explainable Machine Learning. (99%)
Exploiting Vulnerabilities in Deep Neural Networks: Adversarial and Fault-Injection Attacks. (97%)
Contrastive Learning and Self-Training for Unsupervised Domain Adaptation in Semantic Segmentation. (1%)
A Theoretical-Empirical Approach to Estimating Sample Complexity of DNNs. (1%)
2021-05-04
Poisoning the Unlabeled Dataset of Semi-Supervised Learning. (92%)
Broadly Applicable Targeted Data Sample Omission Attacks. (68%)
An Overview of Laser Injection against Embedded Neural Network Models. (2%)
2021-05-03
Physical world assistive signals for deep neural network classifiers -- neither defense nor attack. (83%)
Black-Box Dissector: Towards Erasing-based Hard-Label Model Stealing Attack. (73%)
2021-05-02
BAARD: Blocking Adversarial Examples by Testing for Applicability, Reliability and Decidability. (99%)
Who's Afraid of Adversarial Transferability? (99%)
Multi-Robot Coordination and Planning in Uncertain and Adversarial Environments. (10%)
GRNN: Generative Regression Neural Network -- A Data Leakage Attack for Federated Learning. (2%)
Spinner: Automated Dynamic Command Subsystem Perturbation. (1%)
2021-05-01
Adversarial Example Detection for DNN Models: A Review and Experimental Comparison. (99%)
A Perceptual Distortion Reduction Framework: Towards Generating Adversarial Examples with High Perceptual Quality and Attack Success Rate. (98%)
On the Adversarial Robustness of Quantized Neural Networks. (75%)
Hidden Backdoors in Human-Centric Language Models. (73%)
One Detector to Rule Them All: Towards a General Deepfake Attack Detection Framework. (62%)
A Master Key Backdoor for Universal Impersonation Attack against DNN-based Face Verification. (62%)
Load Oscillating Attacks of Smart Grids: Demand Strategies and Vulnerability Analysis. (2%)
RATT: Leveraging Unlabeled Data to Guarantee Generalization. (1%)
2021-04-30
Deep Image Destruction: A Comprehensive Study on Vulnerability of Deep Image-to-Image Models against Adversarial Attacks. (99%)
Black-box Gradient Attack on Graph Neural Networks: Deeper Insights in Graph-based Attack and Defense. (99%)
Black-box adversarial attacks using Evolution Strategies. (98%)
IPatch: A Remote Adversarial Patch. (97%)
DeFiRanger: Detecting Price Manipulation Attacks on DeFi Applications. (10%)
FIPAC: Thwarting Fault- and Software-Induced Control-Flow Attacks with ARM Pointer Authentication. (2%)
2021-04-29
GasHis-Transformer: A Multi-scale Visual Transformer Approach for Gastric Histopathology Image Classification. (67%)
A neural anisotropic view of underspecification in deep learning. (26%)
Analytical bounds on the local Lipschitz constants of ReLU networks. (12%)
Learning Robust Variational Information Bottleneck with Reference. (5%)
2021-04-28
AdvHaze: Adversarial Haze Attack. (99%)
2021-04-27
Improved and Efficient Text Adversarial Attacks using Target Information. (97%)
Metamorphic Detection of Repackaged Malware. (91%)
Structure-Aware Hierarchical Graph Pooling using Information Bottleneck. (2%)
Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model's Complexity. (1%)
2021-04-26
Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT. (99%)
Delving into Data: Effectively Substitute Training for Black-box Attack. (99%)
secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python. (99%)
Good Artists Copy, Great Artists Steal: Model Extraction Attacks Against Image Translation Generative Adversarial Networks. (98%)
Impact of Spatial Frequency Based Constraints on Adversarial Robustness. (98%)
PatchGuard++: Efficient Provable Attack Detection against Adversarial Patches. (87%)
2021-04-25
3D Adversarial Attacks Beyond Point Cloud. (99%)
Making Generated Images Hard To Spot: A Transferable Attack On Synthetic Image Detectors. (81%)
2021-04-24
Influence Based Defense Against Data Poisoning Attacks in Online Learning. (99%)
2021-04-23
Theoretical Study of Random Noise Defense against Query-Based Black-Box Attacks. (98%)
Evaluating Deception Detection Model Robustness To Linguistic Variation. (82%)
Lightweight Detection of Out-of-Distribution and Adversarial Samples via Channel Mean Discrepancy. (3%)
Improving Neural Silent Speech Interface Models by Adversarial Training. (1%)
2021-04-22
Towards Adversarial Patch Analysis and Certified Defense against Crowd Counting. (99%)
Learning Transferable 3D Adversarial Cloaks for Deep Trained Detectors. (98%)
Performance Evaluation of Adversarial Attacks: Discrepancies and Solutions. (86%)
Operator Shifting for General Noisy Matrix Systems. (56%)
SPECTRE: Defending Against Backdoor Attacks Using Robust Statistics. (22%)
2021-04-21
Dual Head Adversarial Training. (99%)
Mixture of Robust Experts (MoRE): A Flexible Defense Against Multiple Perturbations. (99%)
Robust Certification for Laplace Learning on Geometric Graphs. (96%)
Jacobian Regularization for Mitigating Universal Adversarial Perturbations. (95%)
Dataset Inference: Ownership Resolution in Machine Learning. (83%)
2021-04-20
Adversarial Training for Deep Learning-based Intrusion Detection Systems. (99%)
MixDefense: A Defense-in-Depth Framework for Adversarial Example Detection Based on Statistical and Semantic Analysis. (99%)
MagicPai at SemEval-2021 Task 7: Method for Detecting and Rating Humor Based on Multi-Task Adversarial Training. (64%)
Does enhanced shape bias improve neural network robustness to common corruptions? (26%)
Robust Sensor Fusion Algorithms Against Voice Command Attacks in Autonomous Vehicles. (9%)
Network Defense is Not a Game. (1%)
2021-04-19
Staircase Sign Method for Boosting Adversarial Attacks. (99%)
Improving Adversarial Robustness Using Proxy Distributions. (99%)
Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models. (99%)
LAFEAT: Piercing Through Adversarial Defenses with Latent Features. (99%)
Removing Adversarial Noise in Class Activation Feature Space. (99%)
Direction-Aggregated Attack for Transferable Adversarial Examples. (99%)
Manipulating SGD with Data Ordering Attacks. (95%)
Provable Robustness of Adversarial Training for Learning Halfspaces with Noise. (22%)
Protecting the Intellectual Properties of Deep Neural Networks with an Additional Class and Steganographic Images. (11%)
Semi-Supervised Domain Adaptation with Prototypical Alignment and Consistency Learning. (1%)
2021-04-18
Best Practices for Noise-Based Augmentation to Improve the Performance of Emotion Recognition "In the Wild". (83%)
Making Attention Mechanisms More Robust and Interpretable with Virtual Adversarial Training. (68%)
On the Sensitivity and Stability of Model Interpretations in NLP. (1%)
2021-04-17
Attacking Text Classifiers via Sentence Rewriting Sampler. (99%)
Rethinking Image-Scaling Attacks: The Interplay Between Vulnerabilities in Machine Learning Systems. (99%)
Improving Question Answering Model Robustness with Synthetic Adversarial Data Generation. (98%)
Improving Zero-Shot Cross-Lingual Transfer Learning via Robust Training. (87%)
AM2iCo: Evaluating Word Meaning in Context across Low-ResourceLanguages with Adversarial Examples. (15%)
2021-04-16
Fashion-Guided Adversarial Attack on Person Segmentation. (99%)
Towards Variable-Length Textual Adversarial Attacks. (99%)
An Adversarially-Learned Turing Test for Dialog Generation Models. (96%)
Random and Adversarial Bit Error Robustness: Energy-Efficient and Secure DNN Accelerators. (83%)
Lower Bounds on Cross-Entropy Loss in the Presence of Test-time Adversaries. (2%)
2021-04-15
Gradient-based Adversarial Attacks against Text Transformers. (99%)
Robust Backdoor Attacks against Deep Neural Networks in Real Physical World. (86%)
Are Multilingual BERT models robust? A Case Study on Adversarial Attacks for Multilingual Question Answering. (12%)
Federated Learning for Malware Detection in IoT Devices. (10%)
2021-04-14
Meaningful Adversarial Stickers for Face Recognition in Physical World. (98%)
Orthogonalizing Convolutional Layers with the Cayley Transform. (80%)
Defending Against Adversarial Denial-of-Service Data Poisoning Attacks. (38%)
Improved Branch and Bound for Neural Network Verification via Lagrangian Decomposition. (1%)
2021-04-13
Mitigating Adversarial Attack for Compute-in-Memory Accelerator Utilizing On-chip Finetune. (99%)
Detecting Operational Adversarial Examples for Reliable Deep Learning. (82%)
Fall of Giants: How popular text-based MLaaS fall against a simple evasion attack. (75%)
2021-04-12
Sparse Coding Frontend for Robust Neural Networks. (99%)
A Backdoor Attack against 3D Point Cloud Classifiers. (96%)
Plot-guided Adversarial Example Construction for Evaluating Open-domain Story Generation. (56%)
Double Perturbation: On the Robustness of Robustness and Counterfactual Bias Evaluation. (50%)
Thief, Beware of What Get You There: Towards Understanding Model Extraction Attack. (1%)
2021-04-11
Achieving Model Robustness through Discrete Adversarial Training. (99%)
Pay attention to your loss: understanding misconceptions about 1-Lipschitz neural networks. (1%)
2021-04-10
Distributed Estimation over Directed Graphs Resilient to Sensor Spoofing. (69%)
Fool Me Twice: Entailment from Wikipedia Gamification. (61%)
Adversarial Regularization as Stackelberg Game: An Unrolled Optimization Approach. (15%)
Disentangled Contrastive Learning for Learning Robust Textual Representations. (11%)
2021-04-09
Relating Adversarially Robust Generalization to Flat Minima. (99%)
SPoTKD: A Protocol for Symmetric Key Distribution over Public Channels Using Self-Powered Timekeeping Devices. (1%)
Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication. (1%)
Learning Sampling Policy for Faster Derivative Free Optimization. (1%)
2021-04-08
FACESEC: A Fine-grained Robustness Evaluation Framework for Face Recognition Systems. (98%)
Explainability-based Backdoor Attacks Against Graph Neural Networks. (15%)
A single gradient step finds adversarial examples on random two-layers neural networks. (10%)
Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses. (8%)
2021-04-07
Universal Adversarial Training with Class-Wise Perturbations. (99%)
The art of defense: letting networks fool the attacker. (98%)
Universal Spectral Adversarial Attacks for Deformable Shapes. (81%)
Adversarial Robustness Guarantees for Gaussian Processes. (68%)
Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective. (61%)
Improving Robustness of Deep Reinforcement Learning Agents: Environment Attacks based on Critic Networks. (10%)
Sparse Oblique Decision Trees: A Tool to Understand and Manipulate Neural Net Features. (3%)
An Object Detection based Solver for Google's Image reCAPTCHA v2. (1%)
2021-04-06
Exploring Targeted Universal Adversarial Perturbations to End-to-end ASR Models. (93%)
Adversarial Robustness under Long-Tailed Distribution. (89%)
Robust Adversarial Classification via Abstaining. (75%)
Backdoor Attack in the Physical World. (2%)
2021-04-05
Robust Classification Under $\ell_0$ Attack for the Gaussian Mixture Model. (99%)
Adaptive Clustering of Robust Semantic Representations for Adversarial Image Purification. (98%)
BBAEG: Towards BERT-based Biomedical Adversarial Example Generation for Text Classification. (96%)
Deep Learning-Based Autonomous Driving Systems: A Survey of Attacks and Defenses. (74%)
Can audio-visual integration strengthen robustness under multimodal attacks? (68%)
Jekyll: Attacking Medical Image Diagnostics using Deep Generative Models. (33%)
Unified Detection of Digital and Physical Face Attacks. (8%)
Beyond Categorical Label Representations for Image Classification. (2%)
Rethinking Perturbations in Encoder-Decoders for Fast Training. (1%)
2021-04-04
Semantically Stealthy Adversarial Attacks against Segmentation Models. (99%)
Reliably fast adversarial training via latent adversarial perturbation. (93%)
2021-04-03
Mitigating Gradient-based Adversarial Attacks via Denoising and Compression. (99%)
Gradient-based Adversarial Deep Modulation Classification with Data-driven Subsampling. (93%)
Property-driven Training: All You (N)Ever Wanted to Know About. (38%)
2021-04-02
Defending Against Image Corruptions Through Adversarial Augmentations. (92%)
RABA: A Robust Avatar Backdoor Attack on Deep Neural Network. (83%)
Diverse Gaussian Noise Consistency Regularization for Robustness and Uncertainty Calibration under Noise Domain Shifts. (2%)
Fast-adapting and Privacy-preserving Federated Recommender System. (1%)
2021-04-01
TRS: Transferability Reduced Ensemble via Encouraging Gradient Diversity and Model Smoothness. (99%)
Domain Invariant Adversarial Learning. (98%)
Normal vs. Adversarial: Salience-based Analysis of Adversarial Samples for Relation Extraction. (93%)
Towards Evaluating and Training Verifiably Robust Neural Networks. (45%)
Augmenting Zero Trust Architecture to Endpoints Using Blockchain: A Systematic Review. (3%)
Learning from Noisy Labels via Dynamic Loss Thresholding. (1%)
2021-03-31
Adversarial Heart Attack: Neural Networks Fooled to Segment Heart Symbols in Chest X-Ray Images. (99%)
Adversarial Attacks and Defenses for Speech Recognition Systems. (99%)
Fast Certified Robust Training with Short Warmup. (86%)
Fast Jacobian-Vector Product for Deep Networks. (22%)
Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid. (2%)
Digital Forensics vs. Anti-Digital Forensics: Techniques, Limitations and Recommendations. (1%)
2021-03-30
On the Robustness of Vision Transformers to Adversarial Examples. (99%)
Class-Aware Robust Adversarial Training for Object Detection. (96%)
PointBA: Towards Backdoor Attacks in 3D Point Cloud. (92%)
What Causes Optical Flow Networks to be Vulnerable to Physical Adversarial Attacks. (91%)
Statistical inference for individual fairness. (67%)
Learning Lipschitz Feedback Policies from Expert Demonstrations: Closed-Loop Guarantees, Generalization and Robustness. (47%)
Improving robustness against common corruptions with frequency biased models. (1%)
2021-03-29
Lagrangian Objective Function Leads to Improved Unforeseen Attack Generalization in Adversarial Training. (99%)
Enhancing the Transferability of Adversarial Attacks through Variance Tuning. (99%)
On the Adversarial Robustness of Vision Transformers. (99%)
ZeroGrad : Mitigating and Explaining Catastrophic Overfitting in FGSM Adversarial Training. (95%)
Certifiably-Robust Federated Adversarial Learning via Randomized Smoothing. (93%)
Fooling LiDAR Perception via Adversarial Trajectory Perturbation. (83%)
Robust Reinforcement Learning under model misspecification. (31%)
Automating Defense Against Adversarial Attacks: Discovery of Vulnerabilities and Application of Multi-INT Imagery to Protect Deployed Models. (16%)
MISA: Online Defense of Trojaned Models using Misattributions. (10%)
Be Careful about Poisoned Word Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models. (9%)
Selective Output Smoothing Regularization: Regularize Neural Networks by Softening Output Distributions. (1%)
2021-03-28
Improved Autoregressive Modeling with Distribution Smoothing. (86%)
2021-03-27
On the benefits of robust models in modulation recognition. (99%)
IoU Attack: Towards Temporally Coherent Black-Box Adversarial Attack for Visual Object Tracking. (99%)
LiBRe: A Practical Bayesian Approach to Adversarial Detection. (99%)
2021-03-26
Cyclic Defense GAN Against Speech Adversarial Attacks. (99%)
Combating Adversaries with Anti-Adversaries. (93%)
On Generating Transferable Targeted Perturbations. (93%)
Building Reliable Explanations of Unreliable Neural Networks: Locally Smoothing Perspective of Model Interpretation. (86%)
Ensemble-in-One: Learning Ensemble within Random Gated Networks for Enhanced Adversarial Robustness. (83%)
Visual Explanations from Spiking Neural Networks using Interspike Intervals. (62%)
Unsupervised Robust Domain Adaptation without Source Data. (13%)
2021-03-25
Adversarial Attacks are Reversible with Natural Supervision. (99%)
Adversarial Attacks on Deep Learning Based mmWave Beam Prediction in 5G and Beyond. (98%)
MagDR: Mask-guided Detection and Reconstruction for Defending Deepfakes. (81%)
Deep-RBF Networks for Anomaly Detection in Automotive Cyber-Physical Systems. (70%)
Orthogonal Projection Loss. (45%)
THAT: Two Head Adversarial Training for Improving Robustness at Scale. (26%)
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography. (11%)
HufuNet: Embedding the Left Piece as Watermark and Keeping the Right Piece for Ownership Verification in Deep Neural Networks. (10%)
The Geometry of Over-parameterized Regression and Adversarial Perturbations. (2%)
Synthesize-It-Classifier: Learning a Generative Classifier through RecurrentSelf-analysis. (1%)
Spirit Distillation: Precise Real-time Prediction with Insufficient Data. (1%)
Recent Advances in Large Margin Learning. (1%)
2021-03-24
Towards Both Accurate and Robust Neural Networks without Extra Data. (99%)
Vulnerability of Appearance-based Gaze Estimation. (97%)
Black-box Detection of Backdoor Attacks with Limited Information and Data. (96%)
Deepfake Forensics via An Adversarial Game. (10%)
2021-03-23
Robust and Accurate Object Detection via Adversarial Learning. (98%)
CLIP: Cheap Lipschitz Training of Neural Networks. (96%)
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers? (92%)
Characterizing and Improving the Robustness of Self-Supervised Learning through Background Augmentations. (87%)
RPATTACK: Refined Patch Attack on General Object Detectors. (76%)
NNrepair: Constraint-based Repair of Neural Network Classifiers. (50%)
Are all outliers alike? On Understanding the Diversity of Outliers for Detecting OODs. (31%)
Improved Estimation of Concentration Under $\ell_p$-Norm Distance Metrics Using Half Spaces. (22%)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. (1%)
2021-03-22
Grey-box Adversarial Attack And Defence For Sentiment Classification. (99%)
Fast Approximate Spectral Normalization for Robust Deep Neural Networks. (98%)
Spatio-Temporal Sparsification for General Robust Graph Convolution Networks. (87%)
RA-BNN: Constructing Robust & Accurate Binary Neural Network to Simultaneously Defend Adversarial Bit-Flip Attack and Improve Accuracy. (75%)
Adversarial Feature Augmentation and Normalization for Visual Recognition. (13%)
Adversarially Optimized Mixup for Robust Classification. (13%)
2021-03-21
ExAD: An Ensemble Approach for Explanation-based Adversarial Detection. (99%)
TextFlint: Unified Multilingual Robustness Evaluation Toolkit for Natural Language Processing. (75%)
Natural Perturbed Training for General Robustness of Neural Network Classifiers. (38%)
Self adversarial attack as an augmentation method for immunohistochemical stainings. (33%)
2021-03-20
Robust Models Are More Interpretable Because Attributions Look Normal. (15%)
2021-03-19
LSDAT: Low-Rank and Sparse Decomposition for Decision-based Adversarial Attack. (99%)
SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems. (93%)
Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions. (86%)
Interpretable Deep Learning: Interpretation, Interpretability, Trustworthiness, and Beyond. (2%)
2021-03-18
Generating Adversarial Computer Programs using Optimized Obfuscations. (99%)
Boosting Adversarial Transferability through Enhanced Momentum. (99%)
Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles. (98%)
Enhancing Transformer for Video Understanding Using Gated Multi-Level Attention and Temporal Adversarial Training. (76%)
Model Extraction and Adversarial Transferability, Your BERT is Vulnerable! (69%)
TOP: Backdoor Detection in Neural Networks via Transferability of Perturbation. (61%)
Noise Modulation: Let Your Model Interpret Itself. (54%)
KoDF: A Large-scale Korean DeepFake Detection Dataset. (16%)
Reading Isn't Believing: Adversarial Attacks On Multi-Modal Neurons. (9%)
2021-03-17
Can Targeted Adversarial Examples Transfer When the Source and Target Models Have No Label Space Overlap? (99%)
Adversarial Attacks on Camera-LiDAR Models for 3D Car Detection. (98%)
Improved, Deterministic Smoothing for L1 Certified Robustness. (82%)
Understanding Generalization in Adversarial Training via the Bias-Variance Decomposition. (41%)
Code-Mixing on Sesame Street: Dawn of the Adversarial Polyglots. (38%)
Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss. (13%)
2021-03-16
Adversarial Driving: Attacking End-to-End Autonomous Driving. (93%)
Adversarial YOLO: Defense Human Detection Patch Attacks via Detecting Adversarial Patches. (92%)
Anti-Adversarially Manipulated Attributions for Weakly and Semi-Supervised Semantic Segmentation. (75%)
Bio-inspired Robustness: A Review. (70%)
2021-03-15
Constant Random Perturbations Provide Adversarial Robustness with Minimal Effect on Accuracy. (83%)
Adversarial Training is Not Ready for Robot Learning. (67%)
HDTest: Differential Fuzz Testing of Brain-Inspired Hyperdimensional Computing. (64%)
Understanding invariance via feedforward inversion of discriminatively trained classifiers. (10%)
Meta-Solver for Neural Ordinary Differential Equations. (2%)
2021-03-14
Towards Robust Speech-to-Text Adversarial Attack. (99%)
BreakingBED -- Breaking Binary and Efficient Deep Neural Networks by Adversarial Attacks. (98%)
Multi-Discriminator Sobolev Defense-GAN Against Adversarial Attacks for End-to-End Speech Systems. (82%)
Membership Inference Attacks on Machine Learning: A Survey. (68%)
2021-03-13
Attack as Defense: Characterizing Adversarial Examples using Robustness. (99%)
Generating Unrestricted Adversarial Examples via Three Parameters. (99%)
Simeon -- Secure Federated Machine Learning Through Iterative Filtering. (12%)
2021-03-12
Learning Defense Transformers for Counterattacking Adversarial Examples. (99%)
Internal Wasserstein Distance for Adversarial Attack and Defense. (99%)
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Adversarial Machine Learning Security Problems for 6G: mmWave Beam Prediction Use-Case. (82%)
Network Environment Design for Autonomous Cyberdefense. (1%)
2021-03-11
Stochastic-HMDs: Adversarial Resilient Hardware Malware Detectors through Voltage Over-scaling. (99%)
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Verification. (99%)
Adversarial Laser Beam: Effective Physical-World Attack to DNNs in a Blink. (99%)
DAFAR: Detecting Adversaries by Feedback-Autoencoder Reconstruction. (99%)
ReinforceBug: A Framework to Generate Adversarial Textual Examples. (97%)
Multi-Task Federated Reinforcement Learning with Adversaries. (15%)
BODAME: Bilevel Optimization for Defense Against Model Extraction. (8%)
2021-03-10
Improving Adversarial Robustness via Channel-wise Activation Suppressing. (99%)
TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack. (92%)
VideoMoCo: Contrastive Video Representation Learning with Temporally Adversarial Examples. (67%)
Fine-tuning of Pre-trained End-to-end Speech Recognition with Generative Adversarial Networks. (1%)
2021-03-09
Stabilized Medical Image Attacks. (99%)
Revisiting Model's Uncertainty and Confidences for Adversarial Example Detection. (99%)
Practical Relative Order Attack in Deep Ranking. (99%)
BASAR:Black-box Attack on Skeletal Action Recognition. (99%)
Understanding the Robustness of Skeleton-based Action Recognition under Adversarial Attack. (98%)
Deep Learning for Android Malware Defenses: a Systematic Literature Review. (11%)
Robust Black-box Watermarking for Deep NeuralNetwork using Inverse Document Frequency. (10%)
Towards Strengthening Deep Learning-based Side Channel Attacks with Mixup. (2%)
2021-03-08
Packet-Level Adversarial Network Traffic Crafting using Sequence Generative Adversarial Networks. (99%)
Improving Transformation-based Defenses against Adversarial Examples with First-order Perturbations. (99%)
Contemplating real-world object classification. (81%)
Consistency Regularization for Adversarial Robustness. (50%)
Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses. (2%)
Deeply Unsupervised Patch Re-Identification for Pre-training Object Detectors. (1%)
Deep Model Intellectual Property Protection via Deep Watermarking. (1%)
2021-03-07
Universal Adversarial Perturbations and Image Spam Classifiers. (99%)
Detecting Adversarial Examples from Sensitivity Inconsistency of Spatial-Transform Domain. (99%)
Improving Global Adversarial Robustness Generalization With Adversarially Trained GAN. (99%)
Insta-RS: Instance-wise Randomized Smoothing for Improved Robustness and Accuracy. (76%)
2021-03-06
T-Miner: A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification. (98%)
Hidden Backdoor Attack against Semantic Segmentation Models. (93%)
2021-03-05
Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence. (13%)
Don't Forget to Sign the Gradients! (10%)
Tor circuit fingerprinting defenses using adaptive padding. (1%)
2021-03-04
Hard-label Manifolds: Unexpected Advantages of Query Efficiency for Finding On-manifold Adversarial Examples. (99%)
WaveGuard: Understanding and Mitigating Audio Adversarial Examples. (99%)
Towards Evaluating the Robustness of Deep Diagnostic Models by Adversarial Attack. (99%)
QAIR: Practical Query-efficient Black-Box Attacks for Image Retrieval. (99%)
SpectralDefense: Detecting Adversarial Attacks on CNNs in the Fourier Domain. (99%)
Gradient-Guided Dynamic Efficient Adversarial Training. (96%)
PointGuard: Provably Robust 3D Point Cloud Classification. (92%)
Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods. (12%)
A Novel Framework for Threat Analysis of Machine Learning-based Smart Healthcare Systems. (1%)
On the privacy-utility trade-off in differentially private hierarchical text classification. (1%)
2021-03-03
Structure-Preserving Progressive Low-rank Image Completion for Defending Adversarial Attacks. (99%)
A Modified Drake Equation for Assessing Adversarial Risk to Machine Learning Models. (89%)
Shift Invariance Can Reduce Adversarial Robustness. (87%)
A Robust Adversarial Network-Based End-to-End Communications System With Strong Generalization Ability Against Adversarial Attacks. (81%)
On the effectiveness of adversarial training against common corruptions. (67%)
Formalizing Generalization and Robustness of Neural Networks to Weight Perturbations. (64%)
2021-03-02
Evaluating the Robustness of Geometry-Aware Instance-Reweighted Adversarial Training. (99%)
A Survey On Universal Adversarial Attack. (99%)
Online Adversarial Attacks. (99%)
Adversarial Examples for Unsupervised Machine Learning Models. (98%)
DeepCert: Verification of Contextually Relevant Robustness for Neural Network Image Classifiers. (97%)
ActiveGuard: An Active DNN IP Protection Technique via Adversarial Examples. (97%)
Fixing Data Augmentation to Improve Adversarial Robustness. (69%)
A Brief Survey on Deep Learning Based Data Hiding. (54%)
Group-wise Inhibition based Feature Regularization for Robust Classification. (16%)
DP-InstaHide: Provably Defusing Poisoning and Backdoor Attacks with Differentially Private Data Augmentations. (1%)
2021-03-01
Dual Attention Suppression Attack: Generate Adversarial Camouflage in Physical World. (99%)
Brain Programming is Immune to Adversarial Attacks: Towards Accurate and Robust Image Classification using Symbolic Learning. (99%)
Smoothness Analysis of Adversarial Training. (98%)
Explaining Adversarial Vulnerability with a Data Sparsity Hypothesis. (96%)
Mind the box: $l_1$-APGD for sparse adversarial attacks on image classifiers. (93%)
Adversarial training in communication constrained federated learning. (87%)
Counterfactual Explanations for Oblique Decision Trees: Exact, Efficient Algorithms. (82%)
Am I a Real or Fake Celebrity? Measuring Commercial Face Recognition Web APIs under Deepfake Impersonation Attack. (70%)
A Multiclass Boosting Framework for Achieving Fast and Provable Adversarial Robustness. (64%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (62%)
2021-02-28
Model-Agnostic Defense for Lane Detection against Adversarial Attack. (98%)
Robust learning under clean-label attack. (22%)
2021-02-27
Effective Universal Unrestricted Adversarial Attacks using a MOE Approach. (98%)
Tiny Adversarial Mulit-Objective Oneshot Neural Architecture Search. (93%)
End-to-end Uncertainty-based Mitigation of Adversarial Attacks to Automated Lane Centering. (73%)
Adversarial Information Bottleneck. (33%)
Neuron Coverage-Guided Domain Generalization. (2%)
2021-02-26
What Doesn't Kill You Makes You Robust(er): Adversarial Training against Poisons and Backdoors.
NEUROSPF: A tool for the Symbolic Analysis of Neural Networks. (68%)
2021-02-25
On Instabilities of Conventional Multi-Coil MRI Reconstruction to Small Adverserial Perturbations.
Do Input Gradients Highlight Discriminative Features?
Nonlinear Projection Based Gradient Estimation for Query Efficient Blackbox Attacks.
Understanding Robustness in Teacher-Student Setting: A New Perspective.
Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints.
Cybersecurity Threats in Connected and Automated Vehicles based Federated Learning Systems.
A statistical framework for efficient out of distribution detection in deep neural networks. (1%)
2021-02-24
Confidence Calibration with Bounded Error Using Transformations.
Sketching Curvature for Efficient Out-of-Distribution Detection for Deep Neural Networks.
Robust SleepNets.
Multiplicative Reweighting for Robust Neural Network Optimization.
Identifying Untrustworthy Predictions in Neural Networks by Geometric Gradient Analysis.
Graphfool: Targeted Label Adversarial Attack on Graph Embedding.
2021-02-23
The Sensitivity of Word Embeddings-based Author Detection Models to Semantic-preserving Adversarial Perturbations.
Rethinking Natural Adversarial Examples for Classification Models.
Automated Discovery of Adaptive Attacks on Adversarial Defenses.
Adversarial Robustness with Non-uniform Perturbations.
Non-Singular Adversarial Robustness of Neural Networks.
Enhancing Model Robustness By Incorporating Adversarial Knowledge Into Semantic Representation.
Adversarial Examples Detection beyond Image Space.
Oriole: Thwarting Privacy against Trustworthy Deep Learning Models.
2021-02-22
On the robustness of randomized classifiers to adversarial examples.
Resilience of Bayesian Layer-Wise Explanations under Adversarial Attacks.
Man-in-The-Middle Attacks and Defense in a Power System Cyber-Physical Testbed.
Sandwich Batch Normalization: A Drop-In Replacement for Feature Distribution Heterogeneity.
2021-02-21
The Effects of Image Distribution and Task on Adversarial Robustness.
A Zeroth-Order Block Coordinate Descent Algorithm for Huge-Scale Black-Box Optimization.
Constrained Optimization to Train Neural Networks on Critical and Under-Represented Classes. (1%)
2021-02-20
On Fast Adversarial Robustness Adaptation in Model-Agnostic Meta-Learning.
Measuring $\ell_\infty$ Attacks by the $\ell_2$ Norm.
2021-02-19
A PAC-Bayes Analysis of Adversarial Robustness.
Effective and Efficient Vote Attack on Capsule Networks.
2021-02-18
Random Projections for Improved Adversarial Robustness.
Fortify Machine Learning Production Systems: Detect and Classify Adversarial Attacks.
Make Sure You're Unsure: A Framework for Verifying Probabilistic Specifications.
Center Smoothing: Provable Robustness for Functions with Metric-Space Outputs.
2021-02-17
Improving Hierarchical Adversarial Robustness of Deep Neural Networks.
Consistent Non-Parametric Methods for Maximizing Robustness.
Bridging the Gap Between Adversarial Robustness and Optimization Bias.
Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids.
2021-02-16
Globally-Robust Neural Networks.
A Law of Robustness for Weight-bounded Neural Networks.
Just Noticeable Difference for Machine Perception and Generation of Regularized Adversarial Images with Minimal Perturbation.
2021-02-15
Data Profiling for Adversarial Training: On the Ruin of Problematic Data.
Certified Robustness to Programmable Transformations in LSTMs.
Generating Structured Adversarial Attacks Using Frank-Wolfe Method.
Universal Adversarial Examples and Perturbations for Quantum Classifiers.
Low Curvature Activations Reduce Overfitting in Adversarial Training.
And/or trade-off in artificial neurons: impact on adversarial robustness.
Certifiably Robust Variational Autoencoders.
2021-02-14
Guided Interpolation for Adversarial Training.
Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS.
Exploring Adversarial Robustness of Deep Metric Learning.
Adversarial Attack on Network Embeddings via Supervised Network Poisoning.
Perceptually Constrained Adversarial Attacks.
CAP-GAN: Towards Adversarial Robustness with Cycle-consistent Attentional Purification.
Cross-modal Adversarial Reprogramming.
2021-02-13
Mixed Nash Equilibria in the Adversarial Examples Game.
Adversarial defense for automatic speaker verification by cascaded self-supervised learning models.
2021-02-12
UAVs Path Deviation Attacks: Survey and Research Challenges.
Universal Adversarial Perturbations Through the Lens of Deep Steganography: Towards A Fourier Perspective.
Universal Adversarial Perturbations for Malware.
On the Paradox of Certified Training. (13%)
2021-02-11
Adversarially robust deepfake media detection using fused convolutional neural network predictions.
Defuse: Harnessing Unrestricted Adversarial Examples for Debugging Models Beyond Test Accuracy.
RobOT: Robustness-Oriented Testing for Deep Learning Systems.
2021-02-10
Meta Federated Learning.
Adversarial Robustness: What fools you makes you stronger.
CIFS: Improving Adversarial Robustness of CNNs via Channel-wise Importance-based Feature Selection.
Dompteur: Taming Audio Adversarial Examples.
Enhancing Real-World Adversarial Patches through 3D Modeling of Complex Target Scenes.
Towards Certifying L-infinity Robustness using Neural Networks with L-inf-dist Neurons.
RoBIC: A benchmark suite for assessing classifiers robustness.
Bayesian Inference with Certifiable Adversarial Robustness.
2021-02-09
Target Training Does Adversarial Training Without Adversarial Samples.
Security and Privacy for Artificial Intelligence: Opportunities and Challenges.
"What's in the box?!": Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models.
Adversarial Perturbations Are Not So Weird: Entanglement of Robust and Non-Robust Features in Neural Network Classifiers.
Detecting Localized Adversarial Examples: A Generic Approach using Critical Region Analysis.
Making Paper Reviewing Robust to Bid Manipulation Attacks.
Towards Bridging the gap between Empirical and Certified Robustness against Adversarial Examples.
2021-02-08
Efficient Certified Defenses Against Patch Attacks on Image Classifiers.
A Real-time Defense against Website Fingerprinting Attacks.
Benford's law: what does it say on adversarial images?
Exploiting epistemic uncertainty of the deep learning models to generate adversarial samples.
2021-02-07
Adversarial example generation with AdaBelief Optimizer and Crop Invariance.
Adversarial Imaging Pipelines.
2021-02-06
SPADE: A Spectral Method for Black-Box Adversarial Robustness Evaluation.
2021-02-05
Corner Case Generation and Analysis for Safety Assessment of Autonomous Vehicles.
Model Agnostic Answer Reranking System for Adversarial Question Answering.
Robust Single-step Adversarial Training with Regularizer.
Understanding the Interaction of Adversarial Training with Noisy Labels.
Optimal Transport as a Defense Against Adversarial Attacks.
2021-02-04
DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks.
Adversarial Training Makes Weight Loss Landscape Sharper in Logistic Regression.
Adversarial Robustness Study of Convolutional Neural Network for Lumbar Disk Shape Reconstruction from MR images.
PredCoin: Defense against Query-based Hard-label Attack.
Adversarial Attacks and Defenses in Physiological Computing: A Systematic Review.
Audio Adversarial Examples: Attacks Using Vocal Masks.
ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models.
2021-02-03
Adversarially Robust Learning with Unknown Perturbation Sets.
IWA: Integrated Gradient based White-box Attacks for Fooling Deep Neural Networks.
2021-02-02
On Robustness of Neural Semantic Parsers.
Towards Robust Neural Networks via Close-loop Control.
Recent Advances in Adversarial Training for Adversarial Robustness.
Probabilistic Trust Intervals for Out of Distribution Detection. (68%)
2021-02-01
Fast Training of Provably Robust Neural Networks by SingleProp.
Towards Speeding up Adversarial Training in Latent Spaces.
Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems.
Comparing hundreds of machine learning classifiers and discrete choice models in predicting travel behavior: an empirical benchmark. (1%)
2021-01-31
Deep Deterministic Information Bottleneck with Matrix-based Entropy Functional.
Towards Imperceptible Query-limited Adversarial Attacks with Perceptual Feature Fidelity Loss.
Admix: Enhancing the Transferability of Adversarial Attacks.
2021-01-30
Cortical Features for Defense Against Adversarial Audio Attacks.
2021-01-29
You Only Query Once: Effective Black Box Adversarial Attacks with Minimal Repeated Queries.
2021-01-28
Adversarial Machine Learning Attacks on Condition-Based Maintenance Capabilities.
Adversarial Attacks on Deep Learning Based Power Allocation in a Massive MIMO Network.
Increasing the Confidence of Deep Neural Networks by Coverage Analysis.
Adversarial Learning with Cost-Sensitive Classes.
2021-01-27
Robust Android Malware Detection System against Adversarial Attacks using Q-Learning.
Adversaries in Online Learning Revisited: with applications in Robust Optimization and Adversarial training.
Adversarial Stylometry in the Wild: Transferable Lexical Substitution Attacks on Author Profiling.
Meta Adversarial Training against Universal Patches.
Detecting Adversarial Examples by Input Transformations, Defense Perturbations, and Voting.
Improving Neural Network Robustness through Neighborhood Preserving Layers.
2021-01-26
Blind Image Denoising and Inpainting Using Robust Hadamard Autoencoders.
Property Inference From Poisoning.
Adversarial Vulnerability of Active Transfer Learning.
SkeletonVis: Interactive Visualization for Understanding Adversarial Attacks on Human Action Recognition Models.
The Effect of Class Definitions on the Transferability of Adversarial Attacks Against Forensic CNNs.
Defenses Against Multi-Sticker Physical Domain Attacks on Classifiers.
Investigating the significance of adversarial attacks and their relation to interpretability for radar-based human activity recognition systems.
Visual explanation of black-box model: Similarity Difference and Uniqueness (SIDU) method.
Towards Universal Physical Attacks On Cascaded Camera-Lidar 3D Object Detection Models.
2021-01-25
Diverse Adversaries for Mitigating Bias in Training.
They See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors.
Generalizing Adversarial Examples by AdaBelief Optimizer.
Towards Practical Robustness Analysis for DNNs based on PAC-Model Learning.
Few-Shot Website Fingerprinting Attack.
Understanding and Achieving Efficient Robustness with Adversarial Supervised Contrastive Learning.
2021-01-23
A Transferable Anti-Forensic Attack on Forensic CNNs Using A Generative Adversarial Network.
Error Diffusion Halftoning Against Adversarial Examples.
A Comprehensive Evaluation Framework for Deep Model Robustness.
2021-01-22
Online Adversarial Purification based on Self-Supervision.
Towards Optimal Branching of Linear and Semidefinite Relaxations for Neural Network Robustness Certification.
Generating Black-Box Adversarial Examples in Sparse Domain.
Adaptive Neighbourhoods for the Discovery of Adversarial Examples.
2021-01-21
Robust Reinforcement Learning on State Observations with Learned Optimal Adversary.
Adv-OLM: Generating Textual Adversaries via OLM.
Self-Adaptive Training: Bridging Supervised and Self-Supervised Learning.
A Person Re-identification Data Augmentation Method with Adversarial Defense Effect.
Adversarial Attacks and Defenses for Speaker Identification Systems.
A general multi-modal data learning method for Person Re-identification. (78%)
2021-01-20
Adversarial Attacks for Tabular Data: Application to Fraud Detection and Imbalanced Data.
Invariance, encodings, and generalization: learning identity effects with neural networks.
Fooling thermal infrared pedestrian detectors in real world using small bulbs.
2021-01-19
LowKey: Leveraging Adversarial Attacks to Protect Social Media Users from Facial Recognition.
A Search-Based Testing Framework for Deep Neural Networks of Source Code Embedding.
PICA: A Pixel Correlation-based Attentional Black-box Adversarial Attack.
Attention-Guided Black-box Adversarial Attacks with Large-Scale Multiobjective Evolutionary Optimization.
2021-01-18
What Do Deep Nets Learn? Class-wise Patterns Revealed in the Input Space.
Red Alarm for Pre-trained Models: Universal Vulnerability to Neuron-Level Backdoor Attacks. (1%)
2021-01-17
Adversarial Interaction Attack: Fooling AI to Misinterpret Human Intentions.
GraphAttacker: A General Multi-Task GraphAttack Framework.
Exploring Adversarial Robustness of Multi-Sensor Perception Systems in Self Driving.
2021-01-16
Multi-objective Search of Robust Neural Architectures against Multiple Types of Adversarial Attacks.
Adversarial Attacks On Multi-Agent Communication.
2021-01-15
Fundamental Tradeoffs in Distributionally Adversarial Training.
Black-box Adversarial Attacks in Autonomous Vehicle Technology.
Heating up decision boundaries: isocapacitory saturation, adversarial scenarios and generalization bounds.
Mining Data Impressions from Deep Models as Substitute for the Unavailable Training Data.
2021-01-14
Context-Aware Image Denoising with Auto-Threshold Canny Edge Detection to Suppress Adversarial Perturbation.
Robusta: Robust AutoML for Feature Selection via Reinforcement Learning.
Neural Attention Distillation: Erasing Backdoor Triggers from Deep Neural Networks.
2021-01-13
Untargeted, Targeted and Universal Adversarial Attacks and Defenses on Time Series.
Image Steganography based on Iteratively Adversarial Samples of A Synchronized-directions Sub-image.
2021-01-12
Robustness Gym: Unifying the NLP Evaluation Landscape.
Robustness of on-device Models: Adversarial Attack to Deep Learning Models on Android Apps.
Random Transformation of Image Brightness for Adversarial Attack.
On the Effectiveness of Small Input Noise for Defending Against Query-based Black-Box Attacks.
2021-01-11
The Vulnerability of Semantic Segmentation Networks to Adversarial Attacks in Autonomous Driving: Enhancing Extensive Environment Sensing.
2021-01-10
Adversarially Robust and Explainable Model Compression with On-Device Personalization for Text Classification.
2021-01-08
Adversarial Attack Attribution: Discovering Attributable Signals in Adversarial ML Attacks.
DiPSeN: Differentially Private Self-normalizing Neural Networks For Adversarial Robustness in Federated Learning.
Exploring Adversarial Fake Images on Face Manifold.
2021-01-07
The Effect of Prior Lipschitz Continuity on the Adversarial Robustness of Bayesian Neural Networks.
Robust Text CAPTCHAs Using Adversarial Examples.
2021-01-06
Adversarial Robustness by Design through Analog Computing and Synthetic Gradients.
Understanding the Error in Evaluating Adversarial Robustness.
2021-01-05
Noise Sensitivity-Based Energy Efficient and Robust Adversary Detection in Neural Networks.
2021-01-04
Fooling Object Detectors: Adversarial Attacks by Half-Neighbor Masks.
Local Competition and Stochasticity for Adversarial Robustness in Deep Learning.
Local Black-box Adversarial Attacks: A Query Efficient Approach.
Robust Machine Learning Systems: Challenges, Current Trends, Perspectives, and the Road Ahead.
2021-01-02
Improving DGA-Based Malicious Domain Classifiers for Malware Defense with Adversarial Machine Learning.
2020-12-31
Better Robustness by More Coverage: Adversarial Training with Mixup Augmentation for Robust Fine-tuning.
Patch-wise++ Perturbation for Adversarial Targeted Attacks.
2020-12-30
Temporally-Transferable Perturbations: Efficient, One-Shot Adversarial Attacks for Online Visual Object Trackers.
Beating Attackers At Their Own Games: Adversarial Example Detection Using Adversarial Gradient Directions.
2020-12-29
Black-box Adversarial Attacks on Monocular Depth Estimation Using Evolutionary Multi-objective Optimization.
Generating Adversarial Examples in Chinese Texts Using Sentence-Pieces.
Improving Adversarial Robustness in Weight-quantized Neural Networks.
With False Friends Like These, Who Can Have Self-Knowledge?
Generating Natural Language Attacks in a Hard Label Black Box Setting.
2020-12-28
Enhanced Regularizers for Attributional Robustness.
Analysis of Dominant Classes in Universal Adversarial Perturbations.
2020-12-27
Person Re-identification with Adversarial Triplet Embedding.
My Teacher Thinks The World Is Flat! Interpreting Automatic Essay Scoring Mechanism.
2020-12-26
Sparse Adversarial Attack to Object Detection.
Assessment of the Relative Importance of different hyper-parameters of LSTM for an IDS.
2020-12-25
Robustness, Privacy, and Generalization of Adversarial Training.
A Simple Fine-tuning Is All You Need: Towards Robust Deep Learning Via Adversarial Fine-tuning.
2020-12-24
A Context Aware Approach for Generating Natural Language Attacks.
Exploring Adversarial Examples via Invertible Neural Networks.
Improving the Certified Robustness of Neural Networks via Consistency Regularization.
Adversarial Momentum-Contrastive Pre-Training.
Learning Robust Representation for Clustering through Locality Preserving Variational Discriminative Network.
2020-12-23
The Translucent Patch: A Physical and Universal Attack on Object Detectors.
Gradient-Free Adversarial Attacks for Bayesian Neural Networks.
SCOPE CPS: Secure Compiling of PLCs in Cyber-Physical Systems.
Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems.
2020-12-22
Learning to Initialize Gradient Descent Using Gradient Descent.
Unadversarial Examples: Designing Objects for Robust Vision.
Multi-shot NAS for Discovering Adversarially Robust Convolutional Neural Architectures at Targeted Capacities.
On Frank-Wolfe Optimization for Adversarial Robustness and Interpretability.
2020-12-21
Genetic Adversarial Training of Decision Trees.
Incremental Verification of Fixed-Point Implementations of Neural Networks.
Blurring Fools the Network -- Adversarial Attacks by Feature Peak Suppression and Gaussian Blurring.
Exploiting Vulnerability of Pooling in Convolutional Neural Networks by Strict Layer-Output Manipulation for Adversarial Attacks.
Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification.
Self-Progressing Robust Training.
Adjust-free adversarial example generation in speech recognition using evolutionary multi-objective optimization under black-box condition.
Defence against adversarial attacks using classical and quantum-enhanced Boltzmann machines.
On Success and Simplicity: A Second Look at Transferable Targeted Attacks.
Learning from What We Know: How to Perform Vulnerability Prediction using Noisy Historical Data. (1%)
2020-12-20
Color Channel Perturbation Attacks for Fooling Convolutional Neural Networks and A Defense Against Such Attacks.
2020-12-19
Sample Complexity of Adversarially Robust Linear Classification on Separated Data.
2020-12-18
Semantics and explanation: why counterfactual explanations produce adversarial examples in deep neural networks.
ROBY: Evaluating the Robustness of a Deep Model by its Decision Boundaries.
AdvExpander: Generating Natural Language Adversarial Examples by Expanding Text.
Adversarially Robust Estimate and Risk Analysis in Linear Regression.
RAILS: A Robust Adversarial Immune-inspired Learning System.
Efficient Training of Robust Decision Trees Against Adversarial Examples.
On the human-recognizability phenomenon of adversarially trained deep image classifiers.
2020-12-17
Characterizing the Evasion Attackability of Multi-label Classifiers.
A Hierarchical Feature Constraint to Camouflage Medical Adversarial Attacks.
2020-12-16
On the Limitations of Denoising Strategies as Adversarial Defenses.
2020-12-15
FoggySight: A Scheme for Facial Lookup Privacy.
FAWA: Fast Adversarial Watermark Attack on Optical Character Recognition (OCR) Systems.
Amata: An Annealing Mechanism for Adversarial Training Acceleration.
2020-12-14
Disentangled Information Bottleneck.
Adaptive Verifiable Training Using Pairwise Class Similarity.
Robustness Threats of Differential Privacy.
HaS-Nets: A Heal and Select Mechanism to Defend DNNs Against Backdoor Attacks for Data Collection Scenarios.
Improving Adversarial Robustness via Probabilistically Compact Loss with Logit Constraints.
Binary Black-box Evasion Attacks Against Deep Learning-based Static Malware Detectors with Adversarial Byte-Level Language Model.
Contrastive Learning with Adversarial Perturbations for Conditional Text Generation.
2020-12-13
Achieving Adversarial Robustness Requires An Active Teacher.
2020-12-12
Query-free Black-box Adversarial Attacks on Graphs.
2020-12-11
Closeness and Uncertainty Aware Adversarial Examples Detection in Adversarial Machine Learning.
Attack Agnostic Detection of Adversarial Examples via Random Subspace Analysis.
Analyzing and Improving Adversarial Training for Generative Modeling. (86%)
2020-12-10
GNNUnlock: Graph Neural Networks-based Oracle-less Unlocking Scheme for Provably Secure Logic Locking.
Next Wave Artificial Intelligence: Robust, Explainable, Adaptable, Ethical, and Accountable.
DSRNA: Differentiable Search of Robust Neural Architectures.
I-GCN: Robust Graph Convolutional Network via Influence Mechanism.
An Empirical Review of Adversarial Defenses.
Robustness and Transferability of Universal Attacks on Compressed Models.
Geometric Adversarial Attacks and Defenses on 3D Point Clouds.
SPAA: Stealthy Projector-based Adversarial Attacks on Deep Image Classifiers.
2020-12-09
Generating Out of Distribution Adversarial Attack using Latent Space Poisoning.
Detection of Adversarial Supports in Few-shot Classifiers Using Self-Similarity and Filtering.
Securing Deep Spiking Neural Networks against Adversarial Attacks through Inherent Structural Parameters.
Composite Adversarial Attacks.
2020-12-08
Provable Defense against Privacy Leakage in Federated Learning from Representation Perspective.
On 1/n neural representation and robustness.
Locally optimal detection of stochastic targeted universal adversarial perturbations.
A Deep Marginal-Contrastive Defense against Adversarial Attacks on 1D Models.
Using Feature Alignment can Improve Clean Average Precision and Adversarial Robustness in Object Detection.
EvaLDA: Efficient Evasion Attacks Towards Latent Dirichlet Allocation.
Overcomplete Representations Against Adversarial Videos.
Mitigating the Impact of Adversarial Attacks in Very Deep Networks.
Reinforcement Based Learning on Classification Task Could Yield Better Generalization and Adversarial Accuracy.
Poisoning Semi-supervised Federated Learning via Unlabeled Data: Attacks and Defenses. (95%)
Data Dependent Randomized Smoothing. (1%)
2020-12-07
A Singular Value Perspective on Model Robustness.
Backpropagating Linearly Improves Transferability of Adversarial Examples.
Learning to Separate Clusters of Adversarial Representations for Robust Adversarial Detection.
Are DNNs fooled by extremely unrecognizable images?
Reprogramming Language Models for Molecular Representation Learning.
2020-12-06
Black-box Model Inversion Attribute Inference Attacks on Classification Models.
PAC-Learning for Strategic Classification.
2020-12-05
Evaluating adversarial robustness in simulated cerebellum.
2020-12-04
Advocating for Multiple Defense Strategies against Adversarial Examples.
Practical No-box Adversarial Attacks against DNNs.
Towards Natural Robustness Against Adversarial Examples.
Unsupervised Adversarially-Robust Representation Learning on Graphs.
Kernel-convoluted Deep Neural Networks with Data Augmentation.
2020-12-03
Ethical Testing in the Real World: Evaluating Physical Testing of Adversarial Machine Learning.
FAT: Federated Adversarial Training.
An Empirical Study of Derivative-Free-Optimization Algorithms for Targeted Black-Box Attacks in Deep Neural Networks.
Channel Effects on Surrogate Models of Adversarial Attacks against Wireless Signal Classifiers.
Attribute-Guided Adversarial Training for Robustness to Natural Perturbations.
2020-12-02
From a Fourier-Domain Perspective on Adversarial Examples to a Wiener Filter Defense for Semantic Segmentation.
FenceBox: A Platform for Defeating Adversarial Examples with Data Augmentation Techniques.
Towards Defending Multiple $\ell_p$-norm Bounded Adversarial Perturbations via Gated Batch Normalization.
Content-Adaptive Pixel Discretization to Improve Model Robustness.
How Robust are Randomized Smoothing based Defenses to Data Poisoning?
2020-12-01
Adversarial Robustness Across Representation Spaces.
Robustness Out of the Box: Compositional Representations Naturally Defend Against Black-Box Patch Attacks.
Boosting Adversarial Attacks on Neural Networks with Better Optimizer.
One-Pixel Attack Deceives Computer-Assisted Diagnosis of Cancer.
Towards Imperceptible Adversarial Image Patches Based on Network Explanations.
2020-11-30
Guided Adversarial Attack for Evaluating and Enhancing Adversarial Defenses.
Just One Moment: Structural Vulnerability of Deep Action Recognition against One Frame Attack.
2020-11-29
Architectural Adversarial Robustness: The Case for Deep Pursuit.
A Targeted Universal Attack on Graph Convolutional Network.
SwitchX: Gmin-Gmax Switching for Energy-Efficient and Robust Implementation of Binary Neural Networks on ReRAM Xbars.
2020-11-28
Cyberbiosecurity: DNA Injection Attack in Synthetic Biology.
Deterministic Certification to Adversarial Attacks via Bernstein Polynomial Approximation.
FaceGuard: A Self-Supervised Defense Against Adversarial Face Images.
2020-11-27
3D Invisible Cloak.
Fast and Complete: Enabling Complete Neural Network Verification with Rapid and Massively Parallel Incomplete Verifiers.
Voting based ensemble improves robustness of defensive models.
Generalized Adversarial Examples: Attacks and Defenses.
Robust and Natural Physical Adversarial Examples for Object Detectors.
SocialGuard: An Adversarial Example Based Privacy-Preserving Technique for Social Images.
Use the Spear as a Shield: A Novel Adversarial Example based Privacy-Preserving Technique against Membership Inference Attacks.
2020-11-26
Rethinking Uncertainty in Deep Learning: Whether and How it Improves Robustness.
Exposing the Robustness and Vulnerability of Hybrid 8T-6T SRAM Memory Architectures to Adversarial Attacks in Deep Neural Networks.
Robust Attacks on Deep Learning Face Recognition in the Physical World.
Regularization with Latent Space Virtual Adversarial Training.
Invisible Perturbations: Physical Adversarial Examples Exploiting the Rolling Shutter Effect.
2020-11-25
Adversarial Attack on Facial Recognition using Visible Light.
Adversarial Evaluation of Multimodal Models under Realistic Gray Box Assumption.
SurFree: a fast surrogate-free black-box attack.
Advancing diagnostic performance and clinical usability of neural networks via adversarial training and dual batch normalization.
Probing Model Signal-Awareness via Prediction-Preserving Input Minimization. (80%)
2020-11-24
Trust but Verify: Assigning Prediction Credibility by Counterfactual Constrained Learning.
Stochastic sparse adversarial attacks.
On the Adversarial Robustness of 3D Point Cloud Classification.
Towards Imperceptible Universal Attacks on Texture Recognition.
2020-11-23
Omni: Automated Ensemble with Unexpected Models against Adversarial Evasion Attack.
Augmented Lagrangian Adversarial Attacks.
2020-11-22
Learnable Boundary Guided Adversarial Training.
Nudge Attacks on Point-Cloud DNNs.
2020-11-21
Spatially Correlated Patterns in Adversarial Images.
A Neuro-Inspired Autoencoding Defense Against Adversarial Perturbations.
Robust Data Hiding Using Inverse Gradient Attention. (2%)
2020-11-20
Are Chess Discussions Racist? An Adversarial Hate Speech Data Set.
Detecting Universal Trigger's Adversarial Attack with Honeypot.
2020-11-19
An Experimental Study of Semantic Continuity for Deep Learning Models.
Adversarial Examples for $k$-Nearest Neighbor Classifiers Based on Higher-Order Voronoi Diagrams.
Adversarial Threats to DeepFake Detection: A Practical Perspective.
Multi-Task Adversarial Attack.
Latent Adversarial Debiasing: Mitigating Collider Bias in Deep Neural Networks.
2020-11-18
Robustified Domain Adaptation.
Adversarial collision attacks on image hashing functions.
Contextual Fusion For Adversarial Robustness.
Adversarial Turing Patterns from Cellular Automata.
Self-Gradient Networks.
Adversarial Profiles: Detecting Out-Distribution & Adversarial Samples in Pre-trained CNNs.
2020-11-17
FoolHD: Fooling speaker identification by Highly imperceptible adversarial Disturbances.
SIENA: Stochastic Multi-Expert Neural Patcher.
Shaping Deep Feature Space towards Gaussian Mixture for Visual Classification.
Generating universal language adversarial examples by understanding and enhancing the transferability across neural models.
Probing Predictions on OOD Images via Nearest Categories. (75%)
2020-11-16
MAAC: Novel Alert Correlation Method To Detect Multi-step Attack.
Enforcing robust control guarantees within neural network policies.
Adversarially Robust Classification based on GLRT.
Combining GANs and AutoEncoders for Efficient Anomaly Detection.
Extreme Value Preserving Networks.
2020-11-15
Towards Understanding the Regularization of Adversarial Robustness on Neural Networks.
Ensemble of Models Trained by Key-based Transformed Images for Adversarially Robust Defense Against Black-box Attacks.
Almost Tight L0-norm Certified Robustness of Top-k Predictions against Adversarial Perturbations.
Power Side-Channel Attacks on BNN Accelerators in Remote FPGAs. (1%)
2020-11-14
Audio-Visual Event Recognition through the lens of Adversary.
2020-11-13
Transformer-Encoder Detector Module: Using Context to Improve Robustness to Adversarial Attacks on Object Detection.
Query-based Targeted Action-Space Adversarial Policies on Deep Reinforcement Learning Agents.
2020-11-12
Adversarial Robustness Against Image Color Transformation within Parametric Filter Space.
Sparse PCA: Algorithms, Adversarial Perturbations and Certificates.
2020-11-11
Adversarial images for the primate brain.
Detecting Adversarial Patches with Class Conditional Reconstruction Networks.
2020-11-10
Efficient and Transferable Adversarial Examples from Bayesian Neural Networks.
2020-11-09
Solving Inverse Problems With Deep Neural Networks -- Robustness Included?
2020-11-07
Adversarial Black-Box Attacks On Text Classifiers Using Multi-Objective Genetic Optimization Guided By Deep Networks.
Bridging the Performance Gap between FGSM and PGD Adversarial Training.
2020-11-06
Single-Node Attacks for Fooling Graph Neural Networks.
A survey on practical adversarial examples for malware classifiers.
2020-11-05
A Black-Box Attack Model for Visually-Aware Recommender Systems.
Data Augmentation via Structured Adversarial Perturbations.
Defense-friendly Images in Adversarial Attacks: Dataset and Metrics forPerturbation Difficulty.
Dynamically Sampled Nonlocal Gradients for Stronger Adversarial Attacks.
2020-11-03
You Do (Not) Belong Here: Detecting DPI Evasion Attacks with Context Learning.
Detecting Word Sense Disambiguation Biases in Machine Translation for Model-Agnostic Adversarial Attacks.
Penetrating RF Fingerprinting-based Authentication with a Generative Adversarial Attack.
Recent Advances in Understanding Adversarial Robustness of Deep Neural Networks.
A Tunable Robust Pruning Framework Through Dynamic Network Rewiring of DNNs.
MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors.
2020-11-02
Adversarial Examples in Constrained Domains.
Frequency-based Automated Modulation Classification in the Presence of Adversaries.
Robust Algorithms for Online Convex Problems via Primal-Dual.
Trustworthy AI.
2020-11-01
LG-GAN: Label Guided Adversarial Network for Flexible Targeted Attack of Point Cloud-based Deep Networks.
Vulnerability of the Neural Networks Against Adversarial Examples: A Survey.
2020-10-31
MAD-VAE: Manifold Awareness Defense Variational Autoencoder.
2020-10-30
Integer Programming-based Error-Correcting Output Code Design for Robust Classification.
Leveraging Extracted Model Adversaries for Improved Black Box Attacks.
EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks.
Adversarial Attacks on Optimization based Planners.
Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks.
Perception Improvement for Free: Exploring Imperceptible Black-box Adversarial Attacks on Image Classification.
Adversarial Robust Training of Deep Learning MRI Reconstruction Models.
2020-10-29
Volumetric Medical Image Segmentation: A 3D Deep Coarse-to-fine Framework and Its Adversarial Examples.
Perception Matters: Exploring Imperceptible and Transferable Anti-forensics for GAN-generated Fake Face Imagery Detection.
Can the state of relevant neurons in a deep neural networks serve as indicators for detecting adversarial attacks?
Reliable Graph Neural Networks via Robust Aggregation.
Passport-aware Normalization for Deep Model Protection.
Robustifying Binary Classification to Adversarial Perturbation.
Beyond cross-entropy: learning highly separable feature distributions for robust and accurate classification.
WaveTransform: Crafting Adversarial Examples via Input Decomposition.
Machine Learning (In) Security: A Stream of Problems. (8%)
2020-10-28
Most ReLU Networks Suffer from $\ell^2$ Adversarial Perturbations.
Object Hider: Adversarial Patch Attack Against Object Detectors.
Evaluating Robustness of Predictive Uncertainty Estimation: Are Dirichlet-based Models Reliable?
Transferable Universal Adversarial Perturbations Using Generative Models.
2020-10-27
Fast Local Attack: Generating Local Adversarial Examples for Object Detectors.
Anti-perturbation of Online Social Networks by Graph Label Transition.
2020-10-26
Robust and Verifiable Information Embedding Attacks to Deep Neural Networks via Error-Correcting Codes.
GreedyFool: Distortion-Aware Sparse Adversarial Attack.
Robust Pre-Training by Adversarial Contrastive Learning.
Versatile Verification of Tree Ensembles.
Robustness May Be at Odds with Fairness: An Empirical Study on Class-wise Accuracy.
Exploring the Security Boundary of Data Reconstruction via Neuron Exclusivity Analysis. (16%)
2020-10-25
Attack Agnostic Adversarial Defense via Visual Imperceptible Bound.
Dynamic Adversarial Patch for Evading Object Detection Models.
Asymptotic Behavior of Adversarial Training in Binary Classification.
2020-10-24
ATRO: Adversarial Training with a Rejection Option.
Are Adversarial Examples Created Equal? A Learnable Weighted Minimax Risk for Robustness under Non-uniform Attacks.
Stop Bugging Me! Evading Modern-Day Wiretapping Using Adversarial Perturbations.
2020-10-23
Improving Robustness by Augmenting Training Sentences with Predicate-Argument Structures.
Towards Robust Neural Networks via Orthogonal Diversity.
2020-10-22
Contrastive Learning with Adversarial Examples.
Adversarial Attacks on Binary Image Recognition Systems.
Rewriting Meaningful Sentences via Conditional BERT Sampling and an application on fooling text classifiers.
An Efficient Adversarial Attack for Tree Ensembles.
Adversarial Robustness of Supervised Sparse Coding.
Enabling certification of verification-agnostic networks via memory-efficient semidefinite programming.
Defense-guided Transferable Adversarial Attacks.
Once-for-All Adversarial Training: In-Situ Tradeoff between Robustness and Accuracy for Free.
2020-10-21
Adversarial Attacks on Deep Algorithmic Trading Policies.
Maximum Mean Discrepancy is Aware of Adversarial Attacks.
Precise Statistical Analysis of Classification Accuracies for Adversarial Training.
Learning Black-Box Attackers with Transferable Priors and Query Feedback.
Class-Conditional Defense GAN Against End-to-End Speech Attacks.
A Distributional Robustness Certificate by Randomized Smoothing.
2020-10-20
Preventing Personal Data Theft in Images with Adversarial ML.
Towards Understanding the Dynamics of the First-Order Adversaries.
Robust Neural Networks inspired by Strong Stability Preserving Runge-Kutta methods.
Boosting Gradient for White-Box Adversarial Attacks.
Tight Second-Order Certificates for Randomized Smoothing.
2020-10-19
A Survey of Machine Learning Techniques in Adversarial Image Forensics.
Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification.
RobustBench: a standardized adversarial robustness benchmark.
Optimism in the Face of Adversity: Understanding and Improving Deep Learning through Adversarial Robustness.
Verifying the Causes of Adversarial Examples.
When Bots Take Over the Stock Market: Evasion Attacks Against Algorithmic Traders.
FLAG: Adversarial Data Augmentation for Graph Neural Networks.
2020-10-18
FADER: Fast Adversarial Example Rejection.
Poisoned classifiers are not only backdoored, they are fundamentally broken.
2020-10-17
A Generative Model based Adversarial Security of Deep Learning and Linear Classifier Models.
Finding Physical Adversarial Examples for Autonomous Driving with Fast and Differentiable Image Compositing.
Weight-Covariance Alignment for Adversarially Robust Neural Networks.
2020-10-16
DPAttack: Diffused Patch Attacks against Universal Object Detection.
Mischief: A Simple Black-Box Attack Against Transformer Architectures.
Learning Robust Algorithms for Online Allocation Problems Using Adversarial Training.
2020-10-15
Adversarial Images through Stega Glasses.
A Hamiltonian Monte Carlo Method for Probabilistic Adversarial Attack and Learning.
Generalizing Universal Adversarial Attacks Beyond Additive Perturbations.
Certifying Neural Network Robustness to Random Input Noise from Samples.
Overfitting or Underfitting? Understand Robustness Drop in Adversarial Training.
Maximum-Entropy Adversarial Data Augmentation for Improved Generalization and Robustness.
Exploiting Vulnerabilities of Deep Learning-based Energy Theft Detection in AMI through Adversarial Attacks.
Progressive Defense Against Adversarial Attacks for Deep Learning as a Service in Internet of Things.
2020-10-14
Pair the Dots: Jointly Examining Training History and Test Stimuli for Model Interpretability.
Towards Resistant Audio Adversarial Examples.
An Adversarial Attack against Stacked Capsule Autoencoder.
Explain2Attack: Text Adversarial Attacks via Cross-Domain Interpretability.
GreedyFool: Multi-Factor Imperceptibility and Its Application to Designing Black-box Adversarial Example Attack.
2020-10-13
Toward Few-step Adversarial Training from a Frequency Perspective.
Higher-Order Certification for Randomized Smoothing.
Linking average- and worst-case perturbation robustness via class selectivity and dimensionality.
2020-10-12
Universal Model for 3D Medical Image Analysis.
To be Robust or to be Fair: Towards Fairness in Adversarial Training.
Learning to Attack with Fewer Pixels: A Probabilistic Post-hoc Framework for Refining Arbitrary Dense Adversarial Attacks.
Shape-Texture Debiased Neural Network Training.
On the Power of Abstention and Data-Driven Decision Making for Adversarial Robustness.
From Hero to Z\'eroe: A Benchmark of Low-Level Adversarial Attacks.
EFSG: Evolutionary Fooling Sentences Generator.
Contrast and Classify: Training Robust VQA Models. (2%)
2020-10-11
Gradient-based Analysis of NLP Models is Manipulable.
IF-Defense: 3D Adversarial Point Cloud Defense via Implicit Function based Restoration.
2020-10-10
Is It Time to Redefine the Classification Task for Deep Neural Networks?
Regularizing Neural Networks via Adversarial Model Perturbation. (1%)
2020-10-09
Understanding Spatial Robustness of Deep Neural Networks.
How Does Mixup Help With Robustness and Generalization?
2020-10-08
Transcending Transcend: Revisiting Malware Classification with Conformal Evaluation.
Improve Adversarial Robustness via Weight Penalization on Classification Layer.
A Unified Approach to Interpreting and Boosting Adversarial Transferability.
Improved Techniques for Model Inversion Attacks.
Affine-Invariant Robust Training.
Targeted Attention Attack on Deep Learning Models in Road Sign Recognition.
Gaussian MRF Covariance Modeling for Efficient Black-Box Adversarial Attacks.
2020-10-07
Hiding the Access Pattern is Not Enough: Exploiting Search Pattern Leakage in Searchable Encryption.
Learning Clusterable Visual Features for Zero-Shot Recognition.
Don't Trigger Me! A Triggerless Backdoor Attack Against Deep Neural Networks.
Revisiting Batch Normalization for Improving Corruption Robustness.
Batch Normalization Increases Adversarial Vulnerability: Disentangling Usefulness and Robustness of Model Features.
Decamouflage: A Framework to Detect Image-Scaling Attacks on Convolutional Neural Networks.
Global Optimization of Objective Functions Represented by ReLU Networks.
CD-UAP: Class Discriminative Universal Adversarial Perturbation.
Not All Datasets Are Born Equal: On Heterogeneous Data and Adversarial Examples.
Double Targeted Universal Adversarial Perturbations.
Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples.
Adversarial Attacks to Machine Learning-Based Smart Healthcare Systems.
Adversarial attacks on audio source separation.
2020-10-06
Visualizing Color-wise Saliency of Black-Box Image Classification Models.
Constraining Logits by Bounded Function for Adversarial Robustness.
Adversarial Patch Attacks on Monocular Depth Estimation Networks.
BAAAN: Backdoor Attacks Against Autoencoder and GAN-Based Machine Learning Models.
2020-10-05
Detecting Misclassification Errors in Neural Networks with a Gaussian Process Model.
Adversarial Boot Camp: label free certified robustness in one epoch.
Understanding Classifier Mistakes with Generative Models.
CAT-Gen: Improving Robustness in NLP Models via Controlled Adversarial Text Generation.
Second-Order NLP Adversarial Examples.
A Panda? No, It's a Sloth: Slowdown Attacks on Adaptive Multi-Exit Neural Network Inference.
InfoBERT: Improving Robustness of Language Models from An Information Theoretic Perspective.
Understanding Catastrophic Overfitting in Single-step Adversarial Training.
Downscaling Attack and Defense: Turning What You See Back Into What You Get.
Metadata-Based Detection of Child Sexual Abuse Material. (1%)
2020-10-04
TextAttack: Lessons learned in designing Python frameworks for NLP.
A Study for Universal Adversarial Attacks on Texture Recognition.
Adversarial Attack and Defense of Structured Prediction Models.
Geometry-aware Instance-reweighted Adversarial Training.
Unknown Presentation Attack Detection against Rational Attackers.
2020-10-03
Adversarial and Natural Perturbations for General Robustness.
Multi-Step Adversarial Perturbations on Recommender Systems Embeddings.
A Geometry-Inspired Attack for Generating Natural Language Adversarial Examples.
Efficient Robust Training via Backward Smoothing.
Do Wider Neural Networks Really Help Adversarial Robustness?
2020-10-02
Note: An alternative proof of the vulnerability of $k$-NN classifiers in high intrinsic dimensionality regions.
An Empirical Study of DNNs Robustification Inefficacy in Protecting Visual Recommenders.
Block-wise Image Transformation with Secret Key for Adversarially Robust Defense.
Query complexity of adversarial attacks.
CorrAttack: Black-box Adversarial Attack with Structured Search.
A Deep Genetic Programming based Methodology for Art Media Classification Robust to Adversarial Perturbations.
Data-Driven Certification of Neural Networks with Random Input Noise. (16%)
2020-10-01
Assessing Robustness of Text Classification through Maximal Safe Radius Computation.
Bag of Tricks for Adversarial Training.
2020-09-30
Erratum Concerning the Obfuscated Gradients Attack on Stochastic Activation Pruning.
Accurate and Robust Feature Importance Estimation under Distribution Shifts.
Uncertainty-Matching Graph Neural Networks to Defend Against Poisoning Attacks.
DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles.
2020-09-29
Neural Topic Modeling with Cycle-Consistent Adversarial Training.
Fast Fr\'echet Inception Distance.
2020-09-28
Adversarial Attacks Against Deep Learning Systems for ICD-9 Code Assignment.
STRATA: Building Robustness with a Simple Method for Generating Black-box Adversarial Attacks for Models of Code.
Graph Adversarial Networks: Protecting Information against Adversarial Attacks.
Adversarial Robustness of Stabilized NeuralODEs Might be from Obfuscated Gradients.
Generating End-to-End Adversarial Examples for Malware Classifiers Using Explainability.
Learning to Generate Image Source-Agnostic Universal Adversarial Perturbations. (92%)
2020-09-27
Learning to Improve Image Compression without Changing the Standard Decoder.
RoGAT: a robust GNN combined revised GAT with adjusted graphs.
Where Does the Robustness Come from? A Study of the Transformation-based Ensemble Defence.
2020-09-26
Differentially Private Adversarial Robustness Through Randomized Perturbations.
Beneficial Perturbations Network for Defending Adversarial Examples.
2020-09-25
Training CNNs in Presence of JPEG Compression: Multimedia Forensics vs Computer Vision.
Attention Meets Perturbations: Robust and Interpretable Attention with Adversarial Training.
2020-09-24
Advancing the Research and Development of Assured Artificial Intelligence and Machine Learning Capabilities.
Adversarial Examples in Deep Learning for Multivariate Time Series Regression.
Improving Query Efficiency of Black-box Adversarial Attack.
2020-09-23
Enhancing Mixup-based Semi-Supervised Learning with Explicit Lipschitz Regularization.
Improving Dialog Evaluation with a Multi-reference Adversarial Dataset and Large Scale Pretraining.
Adversarial robustness via stochastic regularization of neural activation sensitivity.
A Partial Break of the Honeypots Defense to Catch Adversarial Attacks.
Semantics-Preserving Adversarial Training.
Robustification of Segmentation Models Against Adversarial Perturbations In Medical Imaging.
Detection of Iterative Adversarial Attacks via Counter Attack.
Torchattacks: A PyTorch Repository for Adversarial Attacks.
2020-09-22
What Do You See? Evaluation of Explainable Artificial Intelligence (XAI) Interpretability through Neural Backdoors.
Tailoring: encoding inductive biases by optimizing unsupervised objectives at prediction time.
Adversarial Attack Based Countermeasures against Deep Learning Side-Channel Attacks.
2020-09-21
Uncertainty-aware Attention Graph Neural Network for Defending Adversarial Attacks.
Scalable Adversarial Attack on Graph Neural Networks with Alternating Direction Method of Multipliers.
Generating Adversarial yet Inconspicuous Patches with a Single Image.
Adversarial Training with Stochastic Weight Average.
Improving Ensemble Robustness by Collaboratively Promoting and Demoting Adversarial Robustness.
DeepDyve: Dynamic Verification for Deep Neural Networks.
Feature Distillation With Guided Adversarial Contrastive Learning.
Crafting Adversarial Examples for Deep Learning Based Prognostics (Extended Version).
Stereopagnosia: Fooling Stereo Networks with Adversarial Perturbations.
Optimal Provable Robustness of Quantum Classification via Quantum Hypothesis Testing.
Password Strength Signaling: A Counter-Intuitive Defense Against Password Cracking. (1%)
2020-09-20
Improving Robustness and Generality of NLP Models Using Disentangled Representations.
2020-09-19
Efficient Certification of Spatial Robustness.
OpenAttack: An Open-source Textual Adversarial Attack Toolkit.
Making Images Undiscoverable from Co-Saliency Detection.
Bias Field Poses a Threat to DNN-based X-Ray Recognition.
Learning to Attack: Towards Textual Adversarial Attacking in Real-world Situations.
Adversarial Rain Attack and Defensive Deraining for DNN Perception.
Adversarial Exposure Attack on Diabetic Retinopathy Imagery Grading.
EI-MTD:Moving Target Defense for Edge Intelligence against Adversarial Attacks.
2020-09-18
Robust Decentralized Learning for Neural Networks.
MIRAGE: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design. (1%)
2020-09-17
Certifying Confidence via Randomized Smoothing.
Generating Label Cohesive and Well-Formed Adversarial Claims.
Vax-a-Net: Training-time Defence Against Adversarial Patch Attacks.
Label Smoothing and Adversarial Robustness.
Online Alternate Generator against Adversarial Attacks.
MultAV: Multiplicative Adversarial Videos.
On the Transferability of Minimal Prediction Preserving Inputs in Question Answering.
Large Norms of CNN Layers Do Not Hurt Adversarial Robustness.
2020-09-16
Multimodal Safety-Critical Scenarios Generation for Decision-Making Algorithms Evaluation.
Analysis of Generalizability of Deep Neural Networks Based on the Complexity of Decision Boundary.
Malicious Network Traffic Detection via Deep Learning: An Information Theoretic View.
Contextualized Perturbation for Textual Adversarial Attack.
2020-09-15
Puzzle Mix: Exploiting Saliency and Local Statistics for Optimal Mixup.
Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition Systems.
Switching Gradient Directions for Query-Efficient Black-Box Adversarial Attacks.
Decision-based Universal Adversarial Attack.
2020-09-14
A Game Theoretic Analysis of Additive Adversarial Attacks and Defenses.
Input Hessian Regularization of Neural Networks.
Robust Deep Learning Ensemble against Deception.
Hold Tight and Never Let Go: Security of Deep Learning based Automated Lane Centering under Physical-World Attack.
2020-09-13
Manifold attack.
Towards the Quantification of Safety Risks in Deep Neural Networks.
2020-09-12
Certified Robustness of Graph Classification against Topology Attack with Randomized Smoothing.
2020-09-11
Defending Against Multiple and Unforeseen Adversarial Videos.
Robust Neural Machine Translation: Modeling Orthographic and Interpunctual Variation.
Achieving Adversarial Robustness via Sparsity.
The Intriguing Relation Between Counterfactual Explanations and Adversarial Examples.
Semantic-preserving Reinforcement Learning Attack Against Graph Neural Networks for Malware Detection.
2020-09-10
Second Order Optimization for Adversarial Robustness and Interpretability.
Quantifying the Preferential Direction of the Model Gradient in Adversarial Training With Projected Gradient Descent.
2020-09-09
End-to-end Kernel Learning via Generative Random Fourier Features.
Searching for a Search Method: Benchmarking Search Algorithms for Generating NLP Adversarial Examples.
A black-box adversarial attack for poisoning clustering.
SoK: Certified Robustness for Deep Neural Networks.
2020-09-08
Fuzzy Unique Image Transformation: Defense Against Adversarial Attacks On Deep COVID-19 Models.
Adversarial Machine Learning in Image Classification: A Survey Towards the Defender's Perspective.
2020-09-07
Adversarial attacks on deep learning models for fatty liver disease classification by modification of ultrasound image reconstruction method.
Adversarial Attack on Large Scale Graph.
Black Box to White Box: Discover Model Characteristics Based on Strategic Probing.
2020-09-06
A Game Theoretic Analysis of LQG Control under Adversarial Attack.
Dynamically Computing Adversarial Perturbations for Recurrent Neural Networks.
Detection Defense Against Adversarial Attacks with Saliency Map.
2020-09-05
Bluff: Interactively Deciphering Adversarial Attacks on Deep Neural Networks.
Dual Manifold Adversarial Robustness: Defense against Lp and non-Lp Adversarial Attacks.
2020-09-03
MIPGAN -- Generating Strong and High Quality Morphing Attacks Using Identity Prior Driven GAN. (10%)
2020-09-02
Yet Meta Learning Can Adapt Fast, It Can Also Break Easily.
Perceptual Deep Neural Networks: Adversarial Robustness through Input Recreation.
Open-set Adversarial Defense.
Adversarially Robust Neural Architectures.
Flow-based detection and proxy-based evasion of encrypted malware C2 traffic.
Adversarial Attacks on Deep Learning Systems for User Identification based on Motion Sensors.
Simulating Unknown Target Models for Query-Efficient Black-box Attacks.
2020-09-01
Defending against substitute model black box adversarial attacks with the 01 loss.
2020-08-31
Adversarial Patch Camouflage against Aerial Detection.
MALCOM: Generating Malicious Comments to Attack Neural Fake News Detection Models.
Efficient, Direct, and Restricted Black-Box Graph Evasion Attacks to Any-Layer Graph Neural Networks via Influence Function.
2020-08-30
Benchmarking adversarial attacks and defenses for time-series data.
An Integrated Approach to Produce Robust Models with High Efficiency.
Shape Defense Against Adversarial Attacks.
2020-08-29
Improving Resistance to Adversarial Deformations by Regularizing Gradients.
2020-08-27
A Scene-Agnostic Framework with Adversarial Training for Abnormal Event Detection in Video.
GhostBuster: Looking Into Shadows to Detect Ghost Objects in Autonomous Vehicle 3D Sensing.
Minimal Adversarial Examples for Deep Learning on 3D Point Clouds.
On the Intrinsic Robustness of NVM Crossbars Against Adversarial Attacks.
Adversarial Eigen Attack on Black-Box Models.
Color and Edge-Aware Adversarial Image Perturbations.
Adversarially Robust Learning via Entropic Regularization.
2020-08-26
Adversarially Training for Audio Classifiers.
2020-08-25
Likelihood Landscapes: A Unifying Principle Behind Many Adversarial Defenses.
Two Sides of the Same Coin: White-box and Black-box Attacks for Transfer Learning.
Rethinking Non-idealities in Memristive Crossbars for Adversarial Robustness in Neural Networks.
An Adversarial Attack Defending System for Securing In-Vehicle Networks.
2020-08-24
Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation.
2020-08-23
Developing and Defeating Adversarial Examples.
Ptolemy: Architecture Support for Robust Deep Learning.
PermuteAttack: Counterfactual Explanation of Machine Learning Credit Scorecards.
2020-08-22
Self-Competitive Neural Networks.
2020-08-21
A Survey on Assessing the Generalization Envelope of Deep Neural Networks: Predictive Uncertainty, Out-of-distribution and Adversarial Samples.
2020-08-20
Towards adversarial robustness with 01 loss neural networks.
On Attribution of Deepfakes.
$\beta$-Variational Classifiers Under Attack.
Yet Another Intermediate-Level Attack.
2020-08-19
Addressing Neural Network Robustness with Mixup and Targeted Labeling Adversarial Training.
On $\ell_p$-norm Robustness of Ensemble Stumps and Trees.
Prototype-based interpretation of the functionality of neurons in winner-take-all neural networks.
2020-08-18
Improving adversarial robustness of deep neural networks by using semantic information.
Direct Adversarial Training for GANs.
Accelerated Zeroth-Order and First-Order Momentum Methods from Mini to Minimax Optimization.
2020-08-17
A Deep Dive into Adversarial Robustness in Zero-Shot Learning.
Adversarial Attack and Defense Strategies for Deep Speaker Recognition Systems.
Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection.
Robustness Verification of Quantum Classifiers. (81%)
2020-08-16
TextDecepter: Hard Label Black Box Attack on Text Classifiers.
Adversarial Concurrent Training: Optimizing Robustness and Accuracy Trade-off of Deep Neural Networks.
2020-08-15
Relevance Attack on Detectors.
2020-08-14
Defending Adversarial Attacks without Adversarial Attacks in Deep Reinforcement Learning.
On the Generalization Properties of Adversarial Training.
Generating Image Adversarial Examples by Embedding Digital Watermarks.
From Attack to Protection: Leveraging Watermarking Attack Network for Advanced Add-on Watermarking. (2%)
2020-08-13
Adversarial Training and Provable Robustness: A Tale of Two Objectives.
Semantically Adversarial Learnable Filters.
Continuous Patrolling Games. (45%)
2020-08-12
Learning to Learn from Mistakes: Robust Optimization for Adversarial Noise.
Defending Adversarial Examples via DNN Bottleneck Reinforcement.
Feature Binding with Category-Dependant MixUp for Semantic Segmentation and Adversarial Robustness.
Semantics-preserving adversarial attacks in NLP.
2020-08-11
Revisiting Adversarially Learned Injection Attacks Against Recommender Systems.
2020-08-10
Informative Dropout for Robust Representation Learning: A Shape-bias Perspective.
FireBERT: Hardening BERT-based classifiers against adversarial attack.
2020-08-09
Enhancing Robustness Against Adversarial Examples in Network Intrusion Detection Systems.
Adversarial Training with Fast Gradient Projection Method against Synonym Substitution based Text Attacks.
2020-08-08
Enhance CNN Robustness Against Noises for Classification of 12-Lead ECG with Variable Length.
2020-08-07
Visual Attack and Defense on Text.
Optimizing Information Loss Towards Robust Neural Networks.
Adversarial Examples on Object Recognition: A Comprehensive Survey.
2020-08-06
Stronger and Faster Wasserstein Adversarial Attacks.
Improve Generalization and Robustness of Neural Networks via Weight Scale Shifting Invariant Regularizations.
2020-08-05
One word at a time: adversarial attacks on retrieval models.
Robust Deep Reinforcement Learning through Adversarial Loss.
2020-08-04
Adv-watermark: A Novel Watermark Perturbation for Adversarial Examples.
TREND: Transferability based Robust ENsemble Design.
Can Adversarial Weight Perturbations Inject Neural Backdoors?
Entropy Guided Adversarial Model for Weakly Supervised Object Localization.
2020-08-03
Hardware Accelerator for Adversarial Attacks on Deep Learning Neural Networks.
Anti-Bandit Neural Architecture Search for Model Defense.
2020-08-01
Efficient Adversarial Attacks for Visual Object Tracking.
Trojaning Language Models for Fun and Profit.
2020-07-31
Vulnerability Under Adversarial Machine Learning: Bias or Variance?
Physical Adversarial Attack on Vehicle Detector in the Carla Simulator.
Adversarial Attacks with Multiple Antennas Against Deep Learning-Based Modulation Classifiers.
TEAM: We Need More Powerful Adversarial Examples for DNNs.
2020-07-30
Black-box Adversarial Sample Generation Based on Differential Evolution.
A Data Augmentation-based Defense Method Against Adversarial Attacks in Neural Networks.
vWitness: Certifying Web Page Interactions with Computer Vision. (83%)
2020-07-29
End-to-End Adversarial White Box Attacks on Music Instrument Classification.
Adversarial Robustness for Machine Learning Cyber Defenses Using Log Data.
Generative Classifiers as a Basis for Trustworthy Computer Vision.
Stylized Adversarial Defense.
Detecting Anomalous Inputs to DNN Classifiers By Joint Statistical Testing at the Layers.
2020-07-28
Cassandra: Detecting Trojaned Networks from Adversarial Perturbations.
Derivation of Information-Theoretically Optimal Adversarial Attacks with Applications to Robust Machine Learning.
Reachable Sets of Classifiers and Regression Models: (Non-)Robustness Analysis and Robust Training.
Label-Only Membership Inference Attacks.
2020-07-27
Attacking and Defending Machine Learning Applications of Public Cloud.
KOVIS: Keypoint-based Visual Servoing with Zero-Shot Sim-to-Real Transfer for Robotics Manipulation.
From Sound Representation to Model Robustness.
Towards Accuracy-Fairness Paradox: Adversarial Example-based Data Augmentation for Visual Debiasing.
2020-07-26
RANDOM MASK: Towards Robust Convolutional Neural Networks.
Robust Collective Classification against Structural Attacks.
Train Like a (Var)Pro: Efficient Training of Neural Networks with Variable Projection. (1%)
2020-07-25
MirrorNet: Bio-Inspired Adversarial Attack for Camouflaged Object Segmentation.
Adversarial Privacy-preserving Filter.
MP3 Compression To Diminish Adversarial Noise in End-to-End Speech Recognition.
2020-07-24
Deep Co-Training with Task Decomposition for Semi-Supervised Domain Adaptation. (1%)
2020-07-23
Provably Robust Adversarial Examples.
2020-07-22
SOCRATES: Towards a Unified Platform for Neural Network Verification.
Adversarial Training Reduces Information and Improves Transferability.
Robust Machine Learning via Privacy/Rate-Distortion Theory.
Threat of Adversarial Attacks on Face Recognition: A Comprehensive Survey.
2020-07-21
Audio Adversarial Examples for Robust Hybrid CTC/Attention Speech Recognition.
Towards Visual Distortion in Black-Box Attacks.
2020-07-20
DeepNNK: Explaining deep models and their generalization using polytope interpolation.
Evaluating a Simple Retraining Strategy as a Defense Against Adversarial Attacks.
Robust Tracking against Adversarial Attacks.
Scaling Polyhedral Neural Network Verification on GPUs.
AdvFoolGen: Creating Persistent Troubles for Deep Classifiers.
2020-07-19
Semantic Equivalent Adversarial Data Augmentation for Visual Question Answering.
Exploiting vulnerabilities of deep neural networks for privacy protection.
Connecting the Dots: Detecting Adversarial Perturbations Using Context Inconsistency.
Adversarial Immunization for Improving Certifiable Robustness on Graphs.
2020-07-18
DDR-ID: Dual Deep Reconstruction Networks Based Image Decomposition for Anomaly Detection.
Towards Quantum-Secure Authentication and Key Agreement via Abstract Multi-Agent Interaction. (1%)
2020-07-17
Anomaly Detection in Unsupervised Surveillance Setting Using Ensemble of Multimodal Data with Adversarial Defense.
Neural Networks with Recurrent Generative Feedback.
2020-07-16
Understanding and Diagnosing Vulnerability under Adversarial Attacks.
Transfer Learning without Knowing: Reprogramming Black-box Machine Learning Models with Scarce Data and Limited Resources.
Accelerated Stochastic Gradient-free and Projection-free Methods.
Provable Worst Case Guarantees for the Detection of Out-of-Distribution Data.
An Empirical Study on the Robustness of NAS based Architectures.
Do Adversarially Robust ImageNet Models Transfer Better?
Learning perturbation sets for robust machine learning.
On Robustness and Transferability of Convolutional Neural Networks. (1%)
Less is More: A privacy-respecting Android malware classifier using Federated Learning. (1%)
2020-07-15
A Survey of Privacy Attacks in Machine Learning.
Accelerating Robustness Verification of Deep Neural Networks Guided by Target Labels.
A Survey on Security Attacks and Defense Techniques for Connected and Autonomous Vehicles.
2020-07-14
Towards robust sensing for Autonomous Vehicles: An adversarial perspective.
Robustifying Reinforcement Learning Agents via Action Space Adversarial Training.
Bounding The Number of Linear Regions in Local Area for Neural Networks with ReLU Activations.
Multitask Learning Strengthens Adversarial Robustness.
Adversarial Examples and Metrics.
AdvFlow: Inconspicuous Black-box Adversarial Attacks using Normalizing Flows.
Pasadena: Perceptually Aware and Stealthy Adversarial Denoise Attack.
Adversarial Attacks against Neural Networks in Audio Domain: Exploiting Principal Components.
Towards a Theoretical Understanding of the Robustness of Variational Autoencoders.
2020-07-13
A simple defense against adversarial attacks on heatmap explanations.
Understanding Adversarial Examples from the Mutual Influence of Images and Perturbations.
Adversarial robustness via robust low rank representations.
Security and Machine Learning in the Real World.
Hard Label Black-box Adversarial Attacks in Low Query Budget Regimes.
Calling Out Bluff: Attacking the Robustness of Automatic Scoring Systems with Simple Adversarial Testing.
SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems.
Patch-wise Attack for Fooling Deep Neural Network.
2020-07-12
Generating Fluent Adversarial Examples for Natural Languages.
Adversarial jamming attacks and defense strategies via adaptive deep reinforcement learning.
Probabilistic Jacobian-based Saliency Maps Attacks.
2020-07-11
Understanding Object Detection Through An Adversarial Lens.
ManiGen: A Manifold Aided Black-box Generator of Adversarial Examples.
Adversarially-Trained Deep Nets Transfer Better: Illustration on Image Classification. (15%)
2020-07-10
Improved Detection of Adversarial Images Using Deep Neural Networks.
Miss the Point: Targeted Adversarial Attack on Multiple Landmark Detection.
Generating Adversarial Inputs Using A Black-box Differential Technique.
2020-07-09
Improving Adversarial Robustness by Enforcing Local and Global Compactness.
Boundary thickness and robustness in learning models.
Node Copying for Protection Against Graph Neural Network Topology Attacks.
Efficient detection of adversarial images.
2020-07-08
How benign is benign overfitting?
SLAP: Improving Physical Adversarial Examples with Short-Lived Adversarial Perturbations.
RobFR: Benchmarking Adversarial Robustness on Face Recognition.
A Critical Evaluation of Open-World Machine Learning.
On the relationship between class selectivity, dimensionality, and robustness.
Evaluation of Adversarial Training on Different Types of Neural Networks in Deep Learning-based IDSs.
2020-07-07
Robust Learning with Frequency Domain Regularization.
Regional Image Perturbation Reduces $L_p$ Norms of Adversarial Examples While Maintaining Model-to-model Transferability.
Fast Training of Deep Neural Networks Robust to Adversarial Perturbations.
Making Adversarial Examples More Transferable and Indistinguishable.
Detection as Regression: Certified Object Detection by Median Smoothing.
2020-07-06
Certifying Decision Trees Against Evasion Attacks by Program Analysis.
On Data Augmentation and Adversarial Risk: An Empirical Analysis.
Understanding and Improving Fast Adversarial Training.
Black-box Adversarial Example Generation with Normalizing Flows.
2020-07-05
Adversarial Learning in the Cyber Security Domain.
2020-07-04
On Connections between Regularizations for Improving DNN Robustness.
Relationship between manifold smoothness and adversarial vulnerability in deep learning with local errors.
Deep Active Learning via Open Set Recognition. (1%)
2020-07-03
Towards Robust Deep Learning with Ensemble Networks and Noisy Layers.
2020-07-02
Efficient Proximal Mapping of the 1-path-norm of Shallow Networks.
Deep Learning Defenses Against Adversarial Examples for Dynamic Risk Assessment.
Decoder-free Robustness Disentanglement without (Additional) Supervision.
Increasing Trustworthiness of Deep Neural Networks via Accuracy Monitoring.
Trace-Norm Adversarial Examples.
Generating Adversarial Examples withControllable Non-transferability.
2020-07-01
Unifying Model Explainability and Robustness via Machine-Checkable Concepts.
Measuring Robustness to Natural Distribution Shifts in Image Classification.
Determining Sequence of Image Processing Technique (IPT) to Detect Adversarial Attacks.
Query-Free Adversarial Transfer via Undertrained Surrogates.
Adversarial Example Games.
Robustness against Relational Adversary.
A Le Cam Type Bound for Adversarial Learning and Applications.
Opportunities and Challenges in Deep Learning Adversarial Robustness: A Survey.
2020-06-30
Towards Robust LiDAR-based Perception in Autonomous Driving: General Black-box Adversarial Sensor Attack and Countermeasures.
Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection.
Black-box Certification and Learning under Adversarial Perturbations.
Neural Network Virtual Sensors for Fuel Injection Quantities with Provable Performance Specifications.
Generating Adversarial Examples with an Optimized Quality.
2020-06-29
Harnessing Adversarial Distances to Discover High-Confidence Errors.
Sharp Statistical Guarantees for Adversarially Robust Gaussian Classification.
Legal Risks of Adversarial Machine Learning Research.
Biologically Inspired Mechanisms for Adversarial Robustness.
Improving Uncertainty Estimates through the Relationship with Adversarial Robustness.
2020-06-28
FDA3 : Federated Defense Against Adversarial Attacks for Cloud-Based IIoT Applications.
Geometry-Inspired Top-k Adversarial Perturbations.
2020-06-26
Orthogonal Deep Models As Defense Against Black-Box Attacks.
Informative Outlier Matters: Robustifying Out-of-distribution Detection Using Outlier Mining.
Diverse Knowledge Distillation (DKD): A Solution for Improving The Robustness of Ensemble Models Against Adversarial Attacks.
Can We Mitigate Backdoor Attack Using Adversarial Detection Methods?
2020-06-25
Smooth Adversarial Training.
Proper Network Interpretability Helps Adversarial Robustness in Classification.
Uncovering the Connections Between Adversarial Transferability and Knowledge Transferability.
Can 3D Adversarial Logos Cloak Humans?
2020-06-24
Defending against adversarial attacks on medical imaging AI system, classification or detection?
Compositional Explanations of Neurons.
Blacklight: Defending Black-Box Adversarial Attacks on Deep Neural Networks.
Imbalanced Gradients: A Subtle Cause of Overestimated Adversarial Robustness.
2020-06-23
RayS: A Ray Searching Method for Hard-label Adversarial Attack.
Sparse-RS: a versatile framework for query-efficient sparse black-box adversarial attacks.
Adversarial Robustness of Deep Sensor Fusion Models.
2020-06-22
Learning to Generate Noise for Multi-Attack Robustness.
Perceptual Adversarial Robustness: Defense Against Unseen Threat Models.
2020-06-21
Network Moments: Extensions and Sparse-Smooth Attacks.
2020-06-20
How do SGD hyperparameters in natural training affect adversarial robustness?
Defense against Adversarial Attacks in NLP via Dirichlet Neighborhood Ensemble.
Stochastic Shortest Path with Adversarially Changing Costs. (1%)
2020-06-19
Local Convolutions Cause an Implicit Bias towards High Frequency Adversarial Examples.
A general framework for defining and optimizing robustness.
Analyzing the Real-World Applicability of DGA Classifiers.
Towards an Adversarially Robust Normalization Approach.
Differentiable Language Model Adversarial Attacks on Categorical Sequence Classifiers.
Adversarial Attacks for Multi-view Deep Models.
2020-06-18
Local Competition and Uncertainty for Adversarial Robustness in Deep Learning.
Dissecting Deep Networks into an Ensemble of Generative Classifiers for Robust Predictions.
The Dilemma Between Dimensionality Reduction and Adversarial Robustness.
Beware the Black-Box: on the Robustness of Recent Defenses to Adversarial Examples.
2020-06-17
Noise or Signal: The Role of Image Backgrounds in Object Recognition.
Adversarial Examples Detection and Analysis with Layer-wise Autoencoders.
Adversarial Defense by Latent Style Transformations.
Disrupting Deepfakes with an Adversarial Attack that Survives Training.
Universal Lower-Bounds on Classification Error under Adversarial Attacks and Random Corruption.
Fairness Through Robustness: Investigating Robustness Disparity in Deep Learning.
2020-06-16
Calibrating Deep Neural Network Classifiers on Out-of-Distribution Datasets.
SPLASH: Learnable Activation Functions for Improving Accuracy and Adversarial Robustness.
Debona: Decoupled Boundary Network Analysis for Tighter Bounds and Faster Adversarial Robustness Proofs.
On sparse connectivity, adversarial robustness, and a novel model of the artificial neuron.
AdvMind: Inferring Adversary Intent of Black-Box Attacks.
The shape and simplicity biases of adversarially robust ImageNet-trained CNNs.
2020-06-15
Total Deep Variation: A Stable Regularizer for Inverse Problems.
DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder.
Improving Adversarial Robustness via Unlabeled Out-of-Domain Data.
Fast & Accurate Method for Bounding the Singular Values of Convolutional Layers with Application to Lipschitz Regularization.
GNNGuard: Defending Graph Neural Networks against Adversarial Attacks.
CG-ATTACK: Modeling the Conditional Distribution of Adversarial Perturbations to Boost Black-Box Attack.
Multiscale Deep Equilibrium Models.
2020-06-14
GradAug: A New Regularization Method for Deep Neural Networks.
PatchUp: A Regularization Technique for Convolutional Neural Networks.
On Saliency Maps and Adversarial Robustness.
On the transferability of adversarial examples between convex and 01 loss models.
Adversarial Attacks and Detection on Reinforcement Learning-Based Interactive Recommender Systems.
Sparsity Turns Adversarial: Energy and Latency Attacks on Deep Neural Networks.
Duplicity Games for Deception Design with an Application to Insider Threat Mitigation. (11%)
2020-06-13
The Pitfalls of Simplicity Bias in Neural Networks.
Adversarial Self-Supervised Contrastive Learning.
Rethinking Clustering for Robustness.
Defensive Approximation: Securing CNNs using Approximate Computing.
2020-06-12
Provably Robust Metric Learning.
Defending against GAN-based Deepfake Attacks via Transformation-aware Adversarial Faces.
D-square-B: Deep Distribution Bound for Natural-looking Adversarial Attack.
Targeted Adversarial Perturbations for Monocular Depth Prediction.
2020-06-11
Large-Scale Adversarial Training for Vision-and-Language Representation Learning.
Smoothed Geometry for Robust Attribution.
Protecting Against Image Translation Deepfakes by Leaking Universal Perturbations from Black-Box Neural Networks.
Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification.
Robustness to Adversarial Attacks in Learning-Enabled Controllers.
On the Tightness of Semidefinite Relaxations for Certifying Robustness to Adversarial Examples.
Adversarial Attack Vulnerability of Medical Image Analysis Systems: Unexplored Factors.
Achieving robustness in classification using optimal transport with hinge regularization.
Backdoor Smoothing: Demystifying Backdoor Attacks on Deep Neural Networks. (96%)
2020-06-10
Evaluating Graph Vulnerability and Robustness using TIGER.
Towards Robust Fine-grained Recognition by Maximal Separation of Discriminative Features.
Deterministic Gaussian Averaged Neural Networks.
Interpolation between Residual and Non-Residual Networks.
Towards Certified Robustness of Metric Learning.
2020-06-09
Towards an Intrinsic Definition of Robustness for a Classifier.
Black-Box Adversarial Attacks on Graph Neural Networks with Limited Node Access.
GAP++: Learning to generate target-conditioned adversarial examples.
Adversarial Attacks on Brain-Inspired Hyperdimensional Computing-Based Classifiers.
Provable tradeoffs in adversarially robust classification.
Distributional Robust Batch Contextual Bandits. (1%)
2020-06-08
Calibrated neighborhood aware confidence measure for deep metric learning.
A Self-supervised Approach for Adversarial Robustness.
Distributional Robustness with IPMs and links to Regularization and GANs.
On Universalized Adversarial and Invariant Perturbations.
Tricking Adversarial Attacks To Fail.
Global Robustness Verification Networks.
Trade-offs between membership privacy & adversarially robust learning.
Adversarial Feature Desensitization.
2020-06-07
Extensions and limitations of randomized smoothing for robustness guarantees.
Uncertainty-Aware Deep Classifiers using Generative Models.
2020-06-06
Unique properties of adversarially trained linear classifiers on Gaussian data.
Can Domain Knowledge Alleviate Adversarial Attacks in Multi-Label Classifiers?
2020-06-05
Adversarial Image Generation and Training for Deep Convolutional Neural Networks.
Lipschitz Bounds and Provably Robust Training by Laplacian Smoothing.
Sponge Examples: Energy-Latency Attacks on Neural Networks.
2020-06-04
Characterizing the Weight Space for Different Learning Models.
Towards Understanding Fast Adversarial Training.
Defense for Black-box Attacks on Anti-spoofing Models by Self-Supervised Learning.
Pick-Object-Attack: Type-Specific Adversarial Attack for Object Detection.
2020-06-02
SaliencyMix: A Saliency Guided Data Augmentation Strategy for Better Regularization.
Exploring the role of Input and Output Layers of a Deep Neural Network in Adversarial Defense.
Perturbation Analysis of Gradient-based Adversarial Attacks.
Adversarial Item Promotion: Vulnerabilities at the Core of Top-N Recommenders that Use Images to Address Cold Start.
Detecting Audio Attacks on ASR Systems with Dropout Uncertainty.
2020-06-01
Second-Order Provable Defenses against Adversarial Attacks.
Adversarial Attacks on Reinforcement Learning based Energy Management Systems of Extended Range Electric Delivery Vehicles.
Adversarial Attacks on Classifiers for Eye-based User Modelling.
Rethinking Empirical Evaluation of Adversarial Robustness Using First-Order Attack Methods.
2020-05-31
Evaluations and Methods for Explanation through Robustness Analysis.
Estimating Principal Components under Adversarial Perturbations.
2020-05-30
Exploring Model Robustness with Adaptive Networks and Improved Adversarial Training.
2020-05-29
SAFER: A Structure-free Approach for Certified Robustness to Adversarial Word Substitutions.
2020-05-28
Monocular Depth Estimators: Vulnerabilities and Attacks.
QEBA: Query-Efficient Boundary-Based Blackbox Attack.
Adversarial Attacks and Defense on Texts: A Survey.
Adversarial Robustness of Deep Convolutional Candlestick Learner.
2020-05-27
Enhancing Resilience of Deep Learning Networks by Means of Transferable Adversaries.
Mitigating Advanced Adversarial Attacks with More Advanced Gradient Obfuscation Techniques.
Stochastic Security: Adversarial Defense Using Long-Run Dynamics of Energy-Based Models.
Calibrated Surrogate Losses for Adversarially Robust Classification.
2020-05-26
Effects of Forward Error Correction on Communications Aware Evasion Attacks.
Investigating a Spectral Deception Loss Metric for Training Machine Learning-based Evasion Attacks.
Generating Semantically Valid Adversarial Questions for TableQA.
2020-05-25
Adversarial Feature Selection against Evasion Attacks.
2020-05-24
Detecting Adversarial Examples for Speech Recognition via Uncertainty Quantification.
SoK: Arms Race in Adversarial Malware Detection.
Adaptive Adversarial Logits Pairing.
2020-05-23
ShapeAdv: Generating Shape-Aware Adversarial 3D Point Clouds.
Adversarial Attack on Hierarchical Graph Pooling Neural Networks.
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend. (1%)
2020-05-22
Vulnerability of deep neural networks for detecting COVID-19 cases from chest X-ray images to universal adversarial attacks.
2020-05-21
Revisiting Role of Autoencoders in Adversarial Settings.
Robust Ensemble Model Training via Random Layer Sampling Against Adversarial Attack.
Inaudible Adversarial Perturbations for Targeted Attack in Speaker Recognition.
Investigating Vulnerability to Adversarial Examples on Multimodal Data Fusion in Deep Learning.
2020-05-20
Graph Structure Learning for Robust Graph Neural Networks.
Model-Based Robust Deep Learning: Generalizing to Natural, Out-of-Distribution Data.
An Adversarial Approach for Explaining the Predictions of Deep Neural Networks.
A survey on Adversarial Recommender Systems: from Attack/Defense strategies to Generative Adversarial Networks.
Feature Purification: How Adversarial Training Performs Robust Deep Learning.
2020-05-19
Synthesizing Unrestricted False Positive Adversarial Objects Using Generative Models.
Bias-based Universal Adversarial Patch Attack for Automatic Check-out.
2020-05-18
Universalization of any adversarial attack using very few test examples.
On Intrinsic Dataset Properties for Adversarial Machine Learning.
Defending Your Voice: Adversarial Attack on Voice Conversion.
Reliability and Robustness analysis of Machine Learning based Phishing URL Detectors.
Improve robustness of DNN for ECG signal classification:a noise-to-signal ratio perspective.
Increasing-Margin Adversarial (IMA) Training to Improve Adversarial Robustness of Neural Networks.
Spatiotemporal Attacks for Embodied Agents.
2020-05-17
Toward Adversarial Robustness by Diversity in an Ensemble of Specialized Deep Neural Networks.
2020-05-16
Universal Adversarial Perturbations: A Survey.
Encryption Inspired Adversarial Defense for Visual Classification.
PatchGuard: Provable Defense against Adversarial Patches Using Masks on Small Receptive Fields.
2020-05-15
How to Make 5G Communications "Invisible": Adversarial Machine Learning for Wireless Privacy.
Practical Traffic-space Adversarial Attacks on Learning-based NIDSs.
Initializing Perturbations in Multiple Directions for Fast Adversarial Training.
2020-05-14
Stealthy and Efficient Adversarial Attacks against Deep Reinforcement Learning.
Towards Assessment of Randomized Mechanisms for Certifying Adversarial Robustness.
A Deep Learning-based Fine-grained Hierarchical Learning Approach for Robust Malware Classification.
2020-05-13
DeepRobust: A PyTorch Library for Adversarial Attacks and Defenses.
2020-05-12
Evaluating Ensemble Robustness Against Adversarial Attacks.
Increased-confidence adversarial examples for improved transferability of Counter-Forensic attacks.
Adversarial examples are useful too!
Effective and Robust Detection of Adversarial Examples via Benford-Fourier Coefficients.
2020-05-11
Channel-Aware Adversarial Attacks Against Deep Learning-Based Wireless Signal Classifiers.
Spanning Attack: Reinforce Black-box Attacks with Unlabeled Data.
2020-05-09
It's Morphin' Time! Combating Linguistic Discrimination with Inflectional Perturbations.
Class-Aware Domain Adaptation for Improving Adversarial Robustness.
2020-05-08
Towards Robustness against Unsuspicious Adversarial Examples.
2020-05-07
Efficient Exact Verification of Binarized Neural Networks.
Projection & Probability-Driven Black-Box Attack.
Defending Hardware-based Malware Detectors against Adversarial Attacks.
2020-05-06
GraCIAS: Grassmannian of Corrupted Images for Adversarial Security.
Training robust neural networks using Lipschitz bounds.
2020-05-05
Enhancing Intrinsic Adversarial Robustness via Feature Pyramid Decoder.
Hacking the Waveform: Generalized Wireless Adversarial Deep Learning.
Adversarial Training against Location-Optimized Adversarial Patches.
Measuring Adversarial Robustness using a Voronoi-Epsilon Adversary.
2020-05-04
On the Benefits of Models with Perceptually-Aligned Gradients.
Do Gradient-based Explanations Tell Anything About Adversarial Robustness to Android Malware?
2020-05-03
Robust Encodings: A Framework for Combating Adversarial Typos.
2020-05-02
On the Generalization Effects of Linear Transformations in Data Augmentation. (1%)
2020-05-01
Jacks of All Trades, Masters Of None: Addressing Distributional Shift and Obtrusiveness via Transparent Patch Attacks.
Birds have four legs?! NumerSense: Probing Numerical Commonsense Knowledge of Pre-trained Language Models.
Robust Deep Learning as Optimal Control: Insights and Convergence Guarantees.
Defense of Word-level Adversarial Attacks via Random Substitution Encoding.
2020-04-30
Evaluating Neural Machine Comprehension Model Robustness to Noisy Inputs and Adversarial Attacks.
Imitation Attacks and Defenses for Black-box Machine Translation Systems.
Universal Adversarial Attacks with Natural Triggers for Text Classification.
Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness.
2020-04-29
Perturbing Across the Feature Hierarchy to Improve Standard and Strict Blackbox Attack Transferability.
TAVAT: Token-Aware Virtual Adversarial Training for Language Understanding.
TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP.
2020-04-28
Adversarial Learning Guarantees for Linear Hypotheses and Neural Networks.
Minority Reports Defense: Defending Against Adversarial Patches.
2020-04-27
DeSePtion: Dual Sequence Prediction and Adversarial Examples for Improved Fact-Checking.
Adversarial Fooling Beyond "Flipping the Label".
"Call me sexist, but...": Revisiting Sexism Detection Using Psychological Scales and Adversarial Samples. (81%)
2020-04-26
Transferable Perturbations of Deep Feature Distributions.
Towards Feature Space Adversarial Attack.
Printing and Scanning Attack for Image Counter Forensics.
Improved Image Wasserstein Attacks and Defenses.
2020-04-25
Improved Adversarial Training via Learned Optimizer.
Enabling Fast and Universal Audio Adversarial Attack Using Generative Model.
Harnessing adversarial examples with a surprisingly simple defense.
2020-04-24
Towards Characterizing Adversarial Defects of Deep Learning Software from the Lens of Uncertainty.
A Black-box Adversarial Attack Strategy with Adjustable Sparsity and Generalizability for Deep Image Classifiers.
Reevaluating Adversarial Examples in Natural Language.
2020-04-23
Adversarial Machine Learning in Network Intrusion Detection Systems.
Adversarial Attacks and Defenses: An Interpretation Perspective.
Evaluating Adversarial Robustness for Deep Neural Network Interpretability using fMRI Decoding.
On Adversarial Examples for Biomedical NLP Tasks.
Ensemble Generative Cleaning with Feedback Loops for Defending Adversarial Attacks.
Improved Noise and Attack Robustness for Semantic Segmentation by Using Multi-Task Training with Self-Supervised Depth Estimation.
RAIN: A Simple Approach for Robust and Accurate Image Classification Networks.
2020-04-22
CodNN -- Robust Neural Networks From Coded Classification.
Provably robust deep generative models.
QUANOS- Adversarial Noise Sensitivity Driven Hybrid Quantization of Neural Networks.
Adversarial examples and where to find them.
2020-04-21
Scalable Attack on Graph Data by Injecting Vicious Nodes.
Certifying Joint Adversarial Robustness for Model Ensembles.
Probabilistic Safety for Bayesian Neural Networks.
BERT-ATTACK: Adversarial Attack Against BERT Using BERT.
EMPIR: Ensembles of Mixed Precision Deep Networks for Increased Robustness against Adversarial Attacks.
2020-04-20
GraN: An Efficient Gradient-Norm Based Detector for Adversarial and Misclassified Examples.
Approximate exploitability: Learning a best response in large games. (74%)
2020-04-19
Dynamic Knowledge Graph-based Dialogue Generation with Improved Adversarial Meta-Learning.
Adversarial Training for Large Neural Language Models.
Headless Horseman: Adversarial Attacks on Transfer Learning Models.
2020-04-18
Protecting Classifiers From Attacks. A Bayesian Approach.
Single-step Adversarial training with Dropout Scheduling.
2020-04-17
Adversarial Attack on Deep Learning-Based Splice Localization.
2020-04-16
Shortcut Learning in Deep Neural Networks.
2020-04-15
Targeted Attack for Deep Hashing based Retrieval.
A Framework for Enhancing Deep Neural Networks Against Adversarial Malware.
Advanced Evasion Attacks and Mitigations on Practical ML-Based Phishing Website Classifiers.
2020-04-14
On the Optimal Interaction Range for Multi-Agent Systems Under Adversarial Attack.
Extending Adversarial Attacks to Produce Adversarial Class Probability Distributions.
2020-04-13
Adversarial Robustness Guarantees for Random Deep Neural Networks.
Frequency-Guided Word Substitutions for Detecting Textual Adversarial Examples.
Adversarial Weight Perturbation Helps Robust Generalization.
Adversarial Augmentation Policy Search for Domain and Cross-Lingual Generalization in Reading Comprehension.
Towards Robust Classification with Image Quality Assessment.
Towards Transferable Adversarial Attack against Deep Face Recognition.
2020-04-12
PatchAttack: A Black-box Texture-based Attack with Reinforcement Learning.
2020-04-11
Domain Adaptive Transfer Attack (DATA)-based Segmentation Networks for Building Extraction from Aerial Images.
Certified Adversarial Robustness for Deep Reinforcement Learning.
Robust Large-Margin Learning in Hyperbolic Space.
Verification of Deep Convolutional Neural Networks Using ImageStars.
2020-04-10
Adversarial Attacks on Machine Learning Cybersecurity Defences in Industrial Control Systems.
Luring of transferable adversarial perturbations in the black-box paradigm.
2020-04-09
Blind Adversarial Training: Balance Accuracy and Robustness.
Blind Adversarial Pruning: Balance Accuracy, Efficiency and Robustness.
On Adversarial Examples and Stealth Attacks in Artificial Intelligence Systems.
2020-04-08
Transferable, Controllable, and Inconspicuous Adversarial Attacks on Person Re-identification With Deep Mis-Ranking.
2020-04-07
Towards Evaluating the Robustness of Chinese BERT Classifiers.
Feature Partitioning for Robust Tree Ensembles and their Certification in Adversarial Scenarios.
Learning to fool the speaker recognition.
Universal Adversarial Perturbations Generative Network for Speaker Recognition.
2020-04-05
Approximate Manifold Defense Against Multiple Adversarial Perturbations.
2020-04-04
Understanding (Non-)Robust Feature Disentanglement and the Relationship Between Low- and High-Dimensional Adversarial Attacks.
BAE: BERT-based Adversarial Examples for Text Classification.
2020-04-03
Adversarial Robustness through Regularization: A Second-Order Approach.
2020-04-01
Evading Deepfake-Image Detectors with White- and Black-Box Attacks.
Towards Achieving Adversarial Robustness by Enforcing Feature Consistency Across Bit Planes.
Physically Realizable Adversarial Examples for LiDAR Object Detection.
2020-03-31
A Thorough Comparison Study on Adversarial Attacks and Defenses for Common Thorax Disease Classification in Chest X-rays.
2020-03-30
Characterizing Speech Adversarial Examples Using Self-Attention U-Net Enhancement.
Adversarial Attacks on Multivariate Time Series.
Improved Gradient based Adversarial Attacks for Quantized Networks.
Towards Deep Learning Models Resistant to Large Perturbations.
Efficient Black-box Optimization of Adversarial Windows Malware with Constrained Manipulations.
2020-03-28
Adversarial Robustness: From Self-Supervised Pre-Training to Fine-Tuning.
DaST: Data-free Substitute Training for Adversarial Attacks.
Adversarial Imitation Attack.
2020-03-26
Do Deep Minds Think Alike? Selective Adversarial Attacks for Fine-Grained Manipulation of Multiple Deep Neural Networks.
Challenging the adversarial robustness of DNNs based on error-correcting output codes.
2020-03-25
Plausible Counterfactuals: Auditing Deep Learning Classifiers with Realistic Adversarial Examples.
2020-03-24
Adversarial Light Projection Attacks on Face Recognition Systems: A Feasibility Study.
2020-03-23
Defense Through Diverse Directions.
Adversarial Attacks on Monocular Depth Estimation.
Inherent Adversarial Robustness of Deep Spiking Neural Networks: Effects of Discrete Input Encoding and Non-Linear Activations.
Adversarial Perturbations Fool Deepfake Detectors.
2020-03-22
Understanding the robustness of deep neural network classifiers for breast cancer screening.
Architectural Resilience to Foreground-and-Background Adversarial Noise.
2020-03-21
Detecting Adversarial Examples in Learning-Enabled Cyber-Physical Systems using Variational Autoencoder for Regression.
Robust Out-of-distribution Detection in Neural Networks.
Cooling-Shrinking Attack: Blinding the Tracker with Imperceptible Noises.
2020-03-20
Adversarial Examples and the Deeper Riddle of Induction: The Need for a Theory of Artifacts in Deep Learning.
Investigating Image Applications Based on Spatial-Frequency Transform and Deep Learning Techniques.
Quantum noise protects quantum classifiers against adversaries.
One Neuron to Fool Them All.
Adversarial Robustness on In- and Out-Distribution Improves Explainability.
2020-03-19
Breaking certified defenses: Semantic adversarial examples with spoofed robustness certificates.
Face-Off: Adversarial Face Obfuscation.
Robust Deep Reinforcement Learning against Adversarial Perturbations on State Observations.
Overinterpretation reveals image classification model pathologies. (81%)
2020-03-18
Vulnerabilities of Connectionist AI Applications: Evaluation and Defence.
Generating Socially Acceptable Perturbations for Efficient Evaluation of Autonomous Vehicles.
Solving Non-Convex Non-Differentiable Min-Max Games using Proximal Gradient Method.
SAT: Improving Adversarial Training via Curriculum-Based Loss Smoothing.
2020-03-17
Motion-Excited Sampler: Video Adversarial Attack with Sparked Prior.
Heat and Blur: An Effective and Fast Defense Against Adversarial Examples.
Adversarial Transferability in Wearable Sensor Systems.
2020-03-15
Output Diversified Initialization for Adversarial Attacks.
Anomalous Example Detection in Deep Learning: A Survey.
Towards Face Encryption by Generating Adversarial Identity Masks.
Toward Adversarial Robustness via Semi-supervised Robust Training.
2020-03-14
Minimum-Norm Adversarial Examples on KNN and KNN-Based Models.
Certified Defenses for Adversarial Patches.
Dynamic Divide-and-Conquer Adversarial Training for Robust Semantic Segmentation.
On the benefits of defining vicinal distributions in latent space.
2020-03-13
Towards a Resilient Machine Learning Classifier -- a Case Study of Ransomware Detection.
GeoDA: a geometric framework for black-box adversarial attacks.
When are Non-Parametric Methods Robust?
2020-03-12
Topological Effects on Attacks Against Vertex Classification.
Inline Detection of DGA Domains Using Side Information.
ARAE: Adversarially Robust Training of Autoencoders Improves Novelty Detection.
ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems.
2020-03-11
Frequency-Tuned Universal Adversarial Attacks.
2020-03-10
SAD: Saliency-based Defenses Against Adversarial Examples.
Using an ensemble color space model to tackle adversarial examples.
Cryptanalytic Extraction of Neural Network Models.
A Survey of Adversarial Learning on Graphs.
2020-03-09
Domain Adaptation with Conditional Distribution Matching and Generalized Label Shift.
Towards Probabilistic Verification of Machine Unlearning.
Manifold Regularization for Locally Stable Deep Neural Networks.
Generating Natural Language Adversarial Examples on a Large Scale with Generative Models.
Gradient-based adversarial attacks on categorical sequence models via traversing an embedded world.
2020-03-08
Security of Distributed Machine Learning: A Game-Theoretic Approach to Design Secure DSVM.
An Empirical Evaluation on Robustness and Uncertainty of Regularization Methods.
On the Robustness of Cooperative Multi-Agent Reinforcement Learning.
Adversarial Attacks on Probabilistic Autoregressive Forecasting Models.
Adversarial Camouflage: Hiding Physical-World Attacks with Natural Styles.
No Surprises: Training Robust Lung Nodule Detection for Low-Dose CT Scans by Augmenting with Adversarial Attacks.
2020-03-07
Dynamic Backdoor Attacks Against Machine Learning Models.
Adversarial Machine Learning: Bayesian Perspectives. (26%)
2020-03-06
Defense against adversarial attacks on spoofing countermeasures of ASV.
Triple Memory Networks: a Brain-Inspired Method for Continual Learning.
MAB-Malware: A Reinforcement Learning Framework for Attacking Static Malware Classifiers.
2020-03-05
Towards Practical Lottery Ticket Hypothesis for Adversarial Training.
Exploiting Verified Neural Networks via Floating Point Numerical Error.
Detection and Recovery of Adversarial Attacks with Injected Attractors.
Adversarial Robustness Through Local Lipschitzness.
Adversarial Vertex Mixup: Toward Better Adversarially Robust Generalization.
Search Space of Adversarial Perturbations against Image Filters.
2020-03-04
Real-time, Universal, and Robust Adversarial Attacks Against Speaker Recognition Systems.
Colored Noise Injection for Training Adversarially Robust Neural Networks.
Double Backpropagation for Training Autoencoders against Adversarial Attack.
Black-box Smoothing: A Provable Defense for Pretrained Classifiers.
Metrics and methods for robustness evaluation of neural networks with generative models.
2020-03-03
Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks.
Analyzing Accuracy Loss in Randomized Smoothing Defenses.
Discriminative Multi-level Reconstruction under Compact Latent Space for One-Class Novelty Detection.
Security of Deep Learning based Lane Keeping System under Physical-World Adversarial Attack.
Type I Attack for Generative Models.
2020-03-02
Data-Free Adversarial Perturbations for Practical Black-Box Attack.
Learn2Perturb: an End-to-end Feature Perturbation Learning to Improve Adversarial Robustness.
Disrupting Deepfakes: Adversarial Attacks Against Conditional Image Translation Networks and Facial Manipulation Systems.
Hidden Cost of Randomized Smoothing.
Adversarial Network Traffic: Towards Evaluating the Robustness of Deep Learning-Based Network Traffic Classification.
2020-03-01
Adversarial Attacks and Defenses on Graphs: A Review, A Tool and Empirical Studies.
2020-02-29
Understanding the Intrinsic Robustness of Image Distributions using Conditional Generative Models.
Why is the Mahalanobis Distance Effective for Anomaly Detection?
2020-02-28
Improving Certified Robustness via Statistical Learning with Logical Reasoning.
Applying Tensor Decomposition to image for Robustness against Adversarial Attack.
2020-02-27
Adv-BERT: BERT is not robust on misspellings! Generating nature adversarial samples on BERT.
Detecting Patch Adversarial Attacks with Image Residuals.
Certified Defense to Image Transformations via Randomized Smoothing.
Are L2 adversarial examples intrinsically different?
TSS: Transformation-Specific Smoothing for Robustness Certification.
On Isometry Robustness of Deep 3D Point Cloud Models under Adversarial Attacks.
Utilizing Network Properties to Detect Erroneous Inputs.
FMix: Enhancing Mixed Sample Data Augmentation. (22%)
2020-02-26
Revisiting Ensembles in an Adversarial Context: Improving Natural Accuracy.
Invariance vs. Robustness of Neural Networks.
Overfitting in adversarially robust deep learning.
MGA: Momentum Gradient Attack on Network.
Improving Robustness of Deep-Learning-Based Image Reconstruction.
Defense-PointNet: Protecting PointNet Against Adversarial Attacks.
Adversarial Attack on Deep Product Quantization Network for Image Retrieval.
Randomization matters. How to defend against strong adversarial attacks.
Learning Adversarially Robust Representations via Worst-Case Mutual Information Maximization.
2020-02-25
Understanding and Mitigating the Tradeoff Between Robustness and Accuracy.
The Curious Case of Adversarially Robust Models: More Data Can Help, Double Descend, or Hurt Generalization.
G\"odel's Sentence Is An Adversarial Example But Unsolvable.
Towards an Efficient and General Framework of Robust Training for Graph Neural Networks.
(De)Randomized Smoothing for Certifiable Defense against Patch Attacks.
Attacks Which Do Not Kill Training Make Adversarial Learning Stronger.
Adversarial Ranking Attack and Defense.
2020-02-24
A Model-Based Derivative-Free Approach to Black-Box Adversarial Examples: BOBYQA.
Utilizing a null class to restrict decision spaces and defend against neural network adversarial attacks.
Adversarial Perturbations Prevail in the Y-Channel of the YCbCr Color Space.
Towards Rapid and Robust Adversarial Training with One-Step Attacks.
Precise Tradeoffs in Adversarial Training for Linear Regression.
HYDRA: Pruning Adversarially Robust Neural Networks.
2020-02-23
Adversarial Attack on DL-based Massive MIMO CSI Feedback.
Triple Wins: Boosting Accuracy, Robustness and Efficiency Together by Enabling Input-Adaptive Inference.
2020-02-22
Non-Intrusive Detection of Adversarial Deep Learning Attacks via Observer Networks.
Temporal Sparse Adversarial Attack on Sequence-based Gait Recognition.
Real-Time Detectors for Digital and Physical Adversarial Inputs to Perception Systems.
Using Single-Step Adversarial Training to Defend Iterative Adversarial Examples.
2020-02-21
Polarizing Front Ends for Robust CNNs.
Robustness from Simple Classifiers.
Adversarial Detection and Correction by Matching Prediction Distributions.
UnMask: Adversarial Detection and Defense Through Robust Feature Alignment.
Robustness to Programmable String Transformations via Augmented Abstract Training.
Black-Box Certification with Randomized Smoothing: A Functional Optimization Based Framework.
Adversarial Attacks on Machine Learning Systems for High-Frequency Trading.
2020-02-20
Enhanced Adversarial Strategically-Timed Attacks against Deep Reinforcement Learning.
On the Decision Boundaries of Deep Neural Networks: A Tropical Geometry Perspective.
A Bayes-Optimal View on Adversarial Examples.
Towards Certifiable Adversarial Sample Detection.
Boosting Adversarial Training with Hypersphere Embedding.
Byzantine-resilient Decentralized Stochastic Gradient Descent. (5%)
2020-02-19
Bayes-TrEx: Model Transparency by Example.
AdvMS: A Multi-source Multi-cost Defense Against Adversarial Attacks.
NAttack! Adversarial Attacks to bypass a GAN based classifier trained to detect Network intrusion.
On Adaptive Attacks to Adversarial Example Defenses.
Indirect Adversarial Attacks via Poisoning Neighbors for Graph Convolutional Networks.
Randomized Smoothing of All Shapes and Sizes.
2020-02-18
Action-Manipulation Attacks Against Stochastic Bandits: Attacks and Defense.
Deflecting Adversarial Attacks.
Towards Query-Efficient Black-Box Adversary with Zeroth-Order Natural Gradient Descent.
Block Switching: A Stochastic Approach for Deep Learning Security.
2020-02-17
TensorShield: Tensor-based Defense Against Adversarial Attacks on Images.
On the Similarity of Deep Learning Representations Across Didactic and Adversarial Examples.
Scalable Quantitative Verification For Deep Neural Networks.
CAT: Customized Adversarial Training for Improved Robustness.
On the Matrix-Free Generation of Adversarial Perturbations for Black-Box Attacks.
Robust Stochastic Bandit Algorithms under Probabilistic Unbounded Adversarial Attack.
Regularized Training and Tight Certification for Randomized Smoothed Classifier with Provable Robustness.
GRAPHITE: A Practical Framework for Generating Automatic Physical Adversarial Machine Learning Attacks.
2020-02-16
Over-parameterized Adversarial Training: An Analysis Overcoming the Curse of Dimensionality.
2020-02-15
Undersensitivity in Neural Reading Comprehension.
Hold me tight! Influence of discriminative features on deep network boundaries.
Blind Adversarial Network Perturbations.
2020-02-14
Skip Connections Matter: On the Transferability of Adversarial Examples Generated with ResNets.
Adversarial Distributional Training for Robust Deep Learning.
2020-02-13
Recurrent Attention Model with Log-Polar Mapping is Robust against Adversarial Attacks.
The Conditional Entropy Bottleneck.
Identifying Audio Adversarial Examples via Anomalous Pattern Detection.
2020-02-12
Stabilizing Differentiable Architecture Search via Perturbation-based Regularization.
Over-the-Air Adversarial Flickering Attacks against Video Recognition Networks.
2020-02-11
Adversarial Robustness for Code.
Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial Perturbations.
Robustness of Bayesian Neural Networks to Gradient-Based Attacks.
Improving the affordability of robustness training for DNNs.
Fast Geometric Projections for Local Robustness Certification.
Graph Universal Adversarial Attacks: A Few Bad Actors Ruin Graph Learning Models.
More Data Can Expand the Generalization Gap Between Adversarially Robust and Standard Models.
2020-02-10
Playing to Learn Better: Repeated Games for Adversarial Learning with Multiple Classifiers.
Adversarial Data Encryption.
Generalised Lipschitz Regularisation Equals Distributional Robustness.
2020-02-09
MDEA: Malware Detection with Evolutionary Adversarial Learning.
Robust binary classification with the 01 loss.
Watch out! Motion is Blurring the Vision of Your Deep Neural Networks.
Feature-level Malware Obfuscation in Deep Learning.
Adversarial Deepfakes: Evaluating Vulnerability of Deepfake Detectors to Adversarial Examples.
Category-wise Attack: Transferable Adversarial Examples for Anchor Free Object Detection.
Certified Robustness of Community Detection against Adversarial Structural Perturbation via Randomized Smoothing.
Random Smoothing Might be Unable to Certify $\ell_\infty$ Robustness for High-Dimensional Images.
Input Validation for Neural Networks via Runtime Local Robustness Verification.
2020-02-08
Attacking Optical Character Recognition (OCR) Systems with Adversarial Watermarks.
Curse of Dimensionality on Randomized Smoothing for Certifiable Robustness.
2020-02-07
Renofeation: A Simple Transfer Learning Method for Improved Adversarial Robustness.
Analysis of Random Perturbations for Robust Convolutional Neural Networks.
RAID: Randomized Adversarial-Input Detection for Neural Networks.
Assessing the Adversarial Robustness of Monte Carlo and Distillation Methods for Deep Bayesian Neural Network Classification.
Semantic Robustness of Models of Source Code.
2020-02-06
Reliability Validation of Learning Enabled Vehicle Tracking.
An Analysis of Adversarial Attacks and Defenses on Autonomous Driving Models.
AI-GAN: Attack-Inspired Generation of Adversarial Examples.
2020-02-05
Over-the-Air Adversarial Attacks on Deep Learning Based Modulation Classifier over Wireless Channels.
Understanding the Decision Boundary of Deep Neural Networks: An Empirical Study.
2020-02-04
Adversarially Robust Frame Sampling with Bounded Irregularities.
Adversarial Attacks to Scale-Free Networks: Testing the Robustness of Physical Criteria.
Minimax Defense against Gradient-based Adversarial Attacks.
2020-02-03
A Differentiable Color Filter for Generating Unrestricted Adversarial Images.
Regularizers for Single-step Adversarial Training.
Defending Adversarial Attacks via Semantic Feature Manipulation.
2020-02-02
Robust saliency maps with decoy-enhanced saliency score.
2020-02-01
Towards Sharper First-Order Adversary with Quantized Gradients.
AdvJND: Generating Adversarial Examples with Just Noticeable Difference.
2020-01-31
Additive Tree Ensembles: Reasoning About Potential Instances.
Politics of Adversarial Machine Learning.
FastWordBug: A Fast Method To Generate Adversarial Text Against NLP Applications.
2020-01-30
Tiny Noise Can Make an EEG-Based Brain-Computer Interface Speller Output Anything.
2020-01-29
A4 : Evading Learning-based Adblockers.
D2M: Dynamic Defense and Modeling of Adversarial Movement in Networks.
Just Noticeable Difference for Machines to Generate Adversarial Images.
Semantic Adversarial Perturbations using Learnt Representations.
Adversarial Attacks on Convolutional Neural Networks in Facial Recognition Domain.
2020-01-28
Modelling and Quantifying Membership Information Leakage in Machine Learning.
2020-01-27
Interpreting Machine Learning Malware Detectors Which Leverage N-gram Analysis.
Generating Natural Adversarial Hyperspectral examples with a modified Wasserstein GAN.
FakeLocator: Robust Localization of GAN-Based Face Manipulations via Semantic Segmentation Networks with Bells and Whistles.
Challenges and Countermeasures for Adversarial Attacks on Deep Reinforcement Learning.
Practical Fast Gradient Sign Attack against Mammographic Image Classifier.
2020-01-26
Ensemble Noise Simulation to Handle Uncertainty about Gradient-based Adversarial Attacks.
2020-01-25
Weighted Average Precision: Adversarial Example Detection in the Visual Perception of Autonomous Vehicles.
AI-Powered GUI Attack and Its Defensive Methods.
Analyzing the Noise Robustness of Deep Neural Networks.
2020-01-24
When Wireless Security Meets Machine Learning: Motivation, Challenges, and Research Directions.
2020-01-23
Privacy for All: Demystify Vulnerability Disparity of Differential Privacy against Membership Inference Attack.
Towards Robust DNNs: An Taylor Expansion-Based Method for Generating Powerful Adversarial Examples.
On the human evaluation of audio adversarial examples.
2020-01-22
Adversarial Attack on Community Detection by Hiding Individuals.
2020-01-21
SAUNet: Shape Attentive U-Net for Interpretable Medical Image Segmentation.
Secure and Robust Machine Learning for Healthcare: A Survey.
FixMatch: Simplifying Semi-Supervised Learning with Consistency and Confidence.
GhostImage: Perception Domain Attacks against Vision-based Object Classification Systems.
Generate High-Resolution Adversarial Samples by Identifying Effective Features.
Massif: Interactive Interpretation of Adversarial Attacks on Deep Learning.
Elephant in the Room: An Evaluation Framework for Assessing Adversarial Examples in NLP.
2020-01-17
Cyber Attack Detection thanks to Machine Learning Algorithms.
2020-01-16
Code-Bridged Classifier (CBC): A Low or Negative Overhead Defense for Making a CNN Classifier Robust Against Adversarial Attacks.
A Little Fog for a Large Turn.
The gap between theory and practice in function approximation with deep neural networks.
Universal Adversarial Attack on Attention and the Resulting Dataset DAmageNet.
Increasing the robustness of DNNs against image corruptions by playing the Game of Noise.
2020-01-14
Noisy Machines: Understanding Noisy Neural Networks and Enhancing Robustness to Analog Hardware Errors Using Distillation.
2020-01-13
Advbox: a toolbox to generate adversarial examples that fool neural networks.
2020-01-12
Membership Inference Attacks Against Object Detection Models.
An Adversarial Approach for the Robust Classification of Pneumonia from Chest Radiographs.
Fast is better than free: Revisiting adversarial training.
2020-01-11
Exploring and Improving Robustness of Multi Task Deep Neural Networks via Domain Agnostic Defenses.
Sparse Black-box Video Attack with Reinforcement Learning.
2020-01-10
ReluDiff: Differential Verification of Deep Neural Networks.
Guess First to Enable Better Compression and Adversarial Robustness.
2020-01-08
To Transfer or Not to Transfer: Misclassification Attacks Against Transfer Learned Text Classifiers.
MACER: Attack-free and Scalable Robust Training via Maximizing Certified Radius.
Transferability of Adversarial Examples to Attack Cloud-based Image Classifier Service.
2020-01-07
Softmax-based Classification is k-means Clustering: Formal Proof, Consequences for Adversarial Attacks, and Improvement through Centroid Based Tailoring.
2020-01-06
Deceiving Image-to-Image Translation Networks for Autonomous Driving with Adversarial Perturbations.
Generating Semantic Adversarial Examples via Feature Manipulation.
2020-01-05
The Human Visual System and Adversarial AI.
2020-01-02
Reject Illegal Inputs with Generative Classifier Derived from Any Discriminative Classifier.
2020-01-01
Exploring Adversarial Attack in Spiking Neural Networks with Spike-Compatible Gradient.
Ensembles of Many Diverse Weak Defenses can be Strong: Defending Deep Neural Networks Against Adversarial Attacks.
2019-12-31
Automated Testing for Deep Learning Systems with Differential Behavior Criteria.
Protecting GANs against privacy attacks by preventing overfitting.
Erase and Restore: Simple, Accurate and Resilient Detection of $L_2$ Adversarial Examples.
Quantum Adversarial Machine Learning.
2019-12-30
Adversarial Example Generation using Evolutionary Multi-objective Optimization.
Defending from adversarial examples with a two-stream architecture.
2019-12-28
Detecting Out-of-Distribution Examples with In-distribution Examples and Gram Matrices.
Search Based Repair of Deep Neural Networks.
2019-12-26
Benchmarking Adversarial Robustness.
Efficient Adversarial Training with Transferable Adversarial Examples.
2019-12-24
Attack-Resistant Federated Learning with Residual-based Reweighting.
Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid.
Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer.
Characterizing the Decision Boundary of Deep Neural Networks.
2019-12-23
White Noise Analysis of Neural Networks.
Adversarial AutoAugment.
Geometry-aware Generation of Adversarial and Cooperative Point Clouds.
2019-12-21
T3: Tree-Autoencoder Constrained Adversarial Text Generation for Targeted Attack.
2019-12-20
Measuring Dataset Granularity.
Certified Robustness for Top-k Predictions against Adversarial Perturbations via Randomized Smoothing.
secml: A Python Library for Secure and Explainable Machine Learning.
Jacobian Adversarially Regularized Networks for Robustness.
Explainability and Adversarial Robustness for RNNs.
Adversarial symmetric GANs: bridging adversarial samples and adversarial networks.
2019-12-19
Does Symbolic Knowledge Prevent Adversarial Fooling?
A New Ensemble Method for Concessively Targeted Multi-model Attack.
Mitigating large adversarial perturbations on X-MAS (X minus Moving Averaged Samples).
Optimization-Guided Binary Diversification to Mislead Neural Networks for Malware Detection.
$n$-ML: Mitigating Adversarial Examples via Ensembles of Topologically Manipulated Classifiers.
Towards Verifying Robustness of Neural Networks Against Semantic Perturbations.
Perturbations on the Perceptual Ball.
2019-12-18
Identifying Adversarial Sentences by Analyzing Text Complexity.
An Adversarial Perturbation Oriented Domain Adaptation Approach for Semantic Segmentation.
Adversarial VC-dimension and Sample Complexity of Neural Networks.
SIGMA : Strengthening IDS with GAN and Metaheuristics Attacks.
Detecting Adversarial Attacks On Audio-Visual Speech Recognition.
2019-12-17
APRICOT: A Dataset of Physical Adversarial Attacks on Object Detection.
2019-12-16
CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator.
MimicGAN: Robust Projection onto Image Manifolds with Corruption Mimicking.
On-manifold Adversarial Data Augmentation Improves Uncertainty Calibration.
Constructing a provably adversarially-robust classifier from a high accuracy one.
2019-12-15
DAmageNet: A Universal Adversarial Dataset.
2019-12-14
What Else Can Fool Deep Learning? Addressing Color Constancy Errors on Deep Neural Network Performance.
Towards Robust Toxic Content Classification.
2019-12-13
Potential adversarial samples for white-box attacks.
2019-12-11
Learning to Model Aspects of Hearing Perception Using Neural Loss Functions.
Gabor Layers Enhance Network Robustness.
An Efficient Approach for Using Expectation Maximization Algorithm in Capsule Networks.
Detecting and Correcting Adversarial Images Using Image Processing Operations and Convolutional Neural Networks.
What it Thinks is Important is Important: Robustness Transfers through Input Gradients.
2019-12-10
Towards a Robust Classifier: An MDL-Based Method for Generating Adversarial Examples.
Appending Adversarial Frames for Universal Video Attack.
Training Provably Robust Models by Polyhedral Envelope Regularization.
Statistically Robust Neural Network Classification. (22%)
2019-12-09
Feature Losses for Adversarial Robustness.
2019-12-08
Hardening Random Forest Cyber Detectors Against Adversarial Attacks.
Amora: Black-box Adversarial Morphing Attack.
2019-12-07
Exploring the Back Alleys: Analysing The Robustness of Alternative Neural Network Architectures against Adversarial Attacks.
2019-12-06
Achieving Robustness in the Wild via Adversarial Mixing with Disentangled Representations.
Principal Component Properties of Adversarial Samples.
Training Deep Neural Networks for Interpretability and Adversarial Robustness.
2019-12-05
Detection of Face Recognition Adversarial Attacks.
The Search for Sparse, Robust Neural Networks.
Region-Wise Attack: On Efficient Generation of Robust Physical Adversarial Examples.
2019-12-04
Learning with Multiplicative Perturbations.
A Survey of Game Theoretic Approaches for Adversarial Machine Learning in Cybersecurity Tasks.
Walking on the Edge: Fast, Low-Distortion Adversarial Examples.
Towards Robust Image Classification Using Sequential Attention Models.
Scratch that! An Evolution-based Adversarial Attack against Neural Networks.
2019-12-03
A Survey of Black-Box Adversarial Attacks on Computer Vision Models.
FANNet: Formal Analysis of Noise Tolerance, Training Bias and Input Sensitivity in Neural Networks.
2019-12-02
Cost-Aware Robust Tree Ensembles for Security Applications.
Deep Neural Network Fingerprinting by Conferrable Adversarial Examples.
Universal Adversarial Perturbations for CNN Classifiers in EEG-Based BCIs.
2019-12-01
Adversary A3C for Robust Reinforcement Learning.
A Method for Computing Class-wise Universal Adversarial Perturbations.
AdvPC: Transferable Adversarial Perturbations on 3D Point Clouds.
2019-11-30
Design and Interpretation of Universal Adversarial Patches in Face Detection.
Error-Correcting Neural Network.
2019-11-29
Square Attack: a query-efficient black-box adversarial attack via random search.
2019-11-28
Towards Privacy and Security of Deep Learning Systems: A Survey.
2019-11-26
Survey of Attacks and Defenses on Edge-Deployed Neural Networks.
An Adaptive View of Adversarial Robustness from Test-time Smoothing Defense.
Can Attention Masks Improve Adversarial Robustness?
Defending Against Adversarial Machine Learning.
Using Depth for Pixel-Wise Detection of Adversarial Attacks in Crowd Counting.
2019-11-25
Playing it Safe: Adversarial Robustness with an Abstain Option.
ColorFool: Semantic Adversarial Colorization.
Adversarial Attack with Pattern Replacement.
One Man's Trash is Another Man's Treasure: Resisting Adversarial Examples by Adversarial Examples.
2019-11-24
When NAS Meets Robustness: In Search of Robust Architectures against Adversarial Attacks.
Time-aware Gradient Attack on Dynamic Network Link Prediction.
2019-11-23
Robust Assessment of Real-World Adversarial Examples.
Universal Adversarial Robustness of Texture and Shape-Biased Models.
2019-11-22
Bounding Singular Values of Convolution Layers.
Enhancing Cross-task Black-Box Transferability of Adversarial Examples with Dispersion Reduction.
Attack Agnostic Statistical Method for Adversarial Detection.
Universal adversarial examples in speech command classification.
Invert and Defend: Model-based Approximate Inversion of Generative Adversarial Networks for Secure Inference.
2019-11-21
Heuristic Black-box Adversarial Attacks on Video Recognition Models.
Adversarial Examples Improve Image Recognition.
Patch-level Neighborhood Interpolation: A General and Effective Graph-based Regularization Strategy. (1%)
2019-11-20
Robustness Certificates for Sparse Adversarial Attacks by Randomized Ablation.
Analysis of Deep Networks for Monocular Depth Estimation Through Adversarial Attacks with Proposal of a Defense Method.
Fine-grained Synthesis of Unrestricted Adversarial Examples.
Deep Minimax Probability Machine.
2019-11-19
Logic-inspired Deep Neural Networks.
Where is the Bottleneck of Adversarial Learning with Unlabeled Data?
Adversarial Robustness of Flow-Based Generative Models.
Defective Convolutional Layers Learn Robust CNNs.
Generate (non-software) Bugs to Fool Classifiers.
2019-11-18
A New Ensemble Adversarial Attack Powered by Long-term Gradient Memories.
A novel method for identifying the deep neural network model with the Serial Number.
Adversarial Attacks on Grid Events Classification: An Adversarial Machine Learning Approach.
WITCHcraft: Efficient PGD attacks with random step size.
Deep Detector Health Management under Adversarial Campaigns.
2019-11-17
Countering Inconsistent Labelling by Google's Vision API for Rotated Images.
Deep Verifier Networks: Verification of Deep Discriminative Models with Deep Generative Models.
Smoothed Inference for Adversarially-Trained Models.
2019-11-16
SMART: Skeletal Motion Action Recognition aTtack.
Suspicion-Free Adversarial Attacks on Clustering Algorithms.
Black-Box Adversarial Attack with Transferable Model-based Embedding.
Defensive Few-shot Learning.
2019-11-15
Learning To Characterize Adversarial Subspaces.
On Model Robustness Against Adversarial Examples.
Simple iterative method for generating targeted universal adversarial perturbations.
AdvKnn: Adversarial Attacks On K-Nearest Neighbor Classifiers With Approximate Gradients.
2019-11-14
Adversarial Embedding: A robust and elusive Steganography and Watermarking technique.
Self-supervised Adversarial Training.
DomainGAN: Generating Adversarial Examples to Attack Domain Generation Algorithm Classifiers.
CAGFuzz: Coverage-Guided Adversarial Generative Fuzzing Testing of Deep Learning Systems.
2019-11-13
There is Limited Correlation between Coverage and Robustness for Deep Neural Networks.
Adversarial Margin Maximization Networks.
2019-11-12
Improving Robustness of Task Oriented Dialog Systems.
On Robustness to Adversarial Examples and Polynomial Optimization.
Adversarial Examples in Modern Machine Learning: A Review.
2019-11-11
Few-Features Attack to Fool Machine Learning Models through Mask-Based GAN.
RNN-Test: Towards Adversarial Testing for Recurrent Neural Network Systems.
Learning From Brains How to Regularize Machines.
Robust Design of Deep Neural Networks against Adversarial Attacks based on Lyapunov Theory.
CALPA-NET: Channel-pruning-assisted Deep Residual Network for Steganalysis of Digital Images.
GraphDefense: Towards Robust Graph Convolutional Networks.
2019-11-09
A Reinforced Generation of Adversarial Samples for Neural Machine Translation.
Improving Machine Reading Comprehension via Adversarial Training.
Adaptive versus Standard Descent Methods and Robustness Against Adversarial Examples.
Minimalistic Attacks: How Little it Takes to Fool a Deep Reinforcement Learning Policy.
2019-11-08
Adversarial Attacks on Time-Series Intrusion Detection for Industrial Control Systems.
Patch augmentation: Towards efficient decision boundaries for neural networks.
Domain Robustness in Neural Machine Translation.
Adversarial Attacks on GMM i-vector based Speaker Verification Systems.
Imperceptible Adversarial Attacks on Tabular Data.
2019-11-07
White-Box Target Attack for EEG-Based BCI Regression Problems.
Active Learning for Black-Box Adversarial Attacks in EEG-Based Brain-Computer Interfaces.
2019-11-06
Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance.
Fooling LIME and SHAP: Adversarial Attacks on Post hoc Explanation Methods.
The Threat of Adversarial Attacks on Machine Learning in Network Security -- A Survey.
Reversible Adversarial Example based on Reversible Image Transformation.
2019-11-05
Adversarial Enhancement for Community Detection in Complex Networks.
DLA: Dense-Layer-Analysis for Adversarial Example Detection.
Intriguing Properties of Adversarial ML Attacks in the Problem Space.
Coverage Guided Testing for Recurrent Neural Networks.
2019-11-04
Persistency of Excitation for Robustness of Neural Networks.
Fast-UAP: An Algorithm for Speeding up Universal Adversarial Perturbation Generation with Orientation of Perturbation Vectors.
A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models.
2019-11-03
Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems.
MadNet: Using a MAD Optimization for Defending Against Adversarial Attacks.
2019-11-02
Automatic Detection of Generated Text is Easiest when Humans are Fooled.
Security of Facial Forensics Models Against Adversarial Attacks.
2019-10-31
Enhancing Certifiable Robustness via a Deep Model Ensemble.
Certifiable Robustness to Graph Perturbations.
Adversarial Music: Real World Audio Adversary Against Wake-word Detection System.
2019-10-30
Investigating Resistance of Deep Learning-based IDS against Adversaries using min-max Optimization.
Beyond Universal Person Re-ID Attack.
2019-10-29
Adversarial Example in Remote Sensing Image Recognition.
2019-10-28
Active Subspace of Neural Networks: Structural Analysis and Universal Attacks.
Certified Adversarial Robustness for Deep Reinforcement Learning.
2019-10-27
Word-level Textual Adversarial Attacking as Combinatorial Optimization.
EdgeFool: An Adversarial Image Enhancement Filter.
Spot Evasion Attacks: Adversarial Examples for License Plate Recognition Systems with Convolutional Neural Networks.
2019-10-26
Detection of Adversarial Attacks and Characterization of Adversarial Subspace.
Understanding and Quantifying Adversarial Examples Existence in Linear Classification.
Adversarial Defense Via Local Flatness Regularization.
2019-10-25
Effectiveness of random deep feature selection for securing image manipulation detectors against adversarial examples.
MediaEval 2019: Concealed FGSM Perturbations for Privacy Preservation.
Label Smoothing and Logit Squeezing: A Replacement for Adversarial Training?
2019-10-24
ATZSL: Defensive Zero-Shot Recognition in the Presence of Adversaries.
2019-10-23
A Useful Taxonomy for Adversarial Robustness of Neural Networks.
Wasserstein Smoothing: Certified Robustness against Wasserstein Adversarial Attacks.
2019-10-22
Attacking Optical Flow.
Adversarial Example Detection by Classification for Deep Speech Recognition.
Cross-Representation Transferability of Adversarial Attacks: From Spectrograms to Audio Waveforms.
Structure Matters: Towards Generating Transferable Adversarial Images.
2019-10-21
Recovering Localized Adversarial Attacks.
Learning to Learn by Zeroth-Order Oracle.
An Alternative Surrogate Loss for PGD-based Adversarial Testing.
2019-10-20
Enhancing Recurrent Neural Networks with Sememes.
2019-10-19
Adversarial Attacks on Spoofing Countermeasures of automatic speaker verification.
2019-10-18
Toward Metrics for Differentiating Out-of-Distribution Sets.
Are Perceptually-Aligned Gradients a General Property of Robust Classifiers?
Spatial-aware Online Adversarial Perturbations Against Visual Object Tracking.
A Fast Saddle-Point Dynamical System Approach to Robust Deep Learning.
2019-10-17
Instance adaptive adversarial training: Improved accuracy tradeoffs in neural nets.
Enforcing Linearity in DNN succours Robustness and Adversarial Image Generation.
LanCe: A Comprehensive and Lightweight CNN Defense Methodology against Physical Adversarial Attacks on Embedded Multimedia Applications.
Adversarial T-shirt! Evading Person Detectors in A Physical World.
2019-10-16
A New Defense Against Adversarial Images: Turning a Weakness into a Strength.
2019-10-15
Improving Robustness of time series classifier with Neural ODE guided gradient based data augmentation.
Understanding Misclassifications by Attributes.
Adversarial Examples for Models of Code.
On adversarial patches: real-world attack on ArcFace-100 face recognition system.
2019-10-14
DeepSearch: Simple and Effective Blackbox Fuzzing of Deep Neural Networks.
Confidence-Calibrated Adversarial Training: Generalizing to Unseen Attacks.
ZO-AdaMM: Zeroth-Order Adaptive Momentum Method for Black-Box Optimization.
Man-in-the-Middle Attacks against Machine Learning Classifiers via Malicious Generative Models.
Real-world adversarial attack on MTCNN face detection system.
2019-10-12
On Robustness of Neural Ordinary Differential Equations.
2019-10-11
Hear "No Evil", See "Kenansville": Efficient and Transferable Black-Box Attacks on Speech Recognition and Voice Identification Systems.
Verification of Neural Networks: Specifying Global Robustness using Generative Models.
2019-10-10
Universal Adversarial Perturbation for Text Classification.
Information Aware Max-Norm Dirichlet Networks for Predictive Uncertainty Estimation.
2019-10-09
Learning deep forest with multi-scale Local Binary Pattern features for face anti-spoofing.
Adversarial Learning of Deepfakes in Accounting.
Deep Latent Defence.
Adversarial Training: embedding adversarial perturbations into the parameter space of a neural network to build a robust system.
2019-10-08
Directional Adversarial Training for Cost Sensitive Deep Learning Classification Applications.
SmoothFool: An Efficient Framework for Computing Smooth Adversarial Perturbations.
2019-10-07
Interpretable Disentanglement of Neural Networks by Extracting Class-Specific Subnetwork.
2019-10-05
Unrestricted Adversarial Attacks for Semantic Segmentation.
Yet another but more efficient black-box adversarial attack: tiling and evolution strategies.
2019-10-04
Requirements for Developing Robust Neural Networks.
Adversarial Examples for Cost-Sensitive Classifiers.
2019-10-03
Perturbations are not Enough: Generating Adversarial Examples with Spatial Distortions.
BUZz: BUffer Zones for defending adversarial examples in image classification.
Verification of Neural Network Behaviour: Formal Guarantees for Power System Applications.
2019-10-02
Attacking Vision-based Perception in End-to-End Autonomous Driving Models.
Adversarially Robust Few-Shot Learning: A Meta-Learning Approach.
2019-10-01
Boosting Image Recognition with Non-differentiable Constraints.
Generating Semantic Adversarial Examples with Differentiable Rendering.
Attacking CNN-based anti-spoofing face authentication in the physical domain.
An Efficient and Margin-Approaching Zero-Confidence Adversarial Attack.
Cross-Layer Strategic Ensemble Defense Against Adversarial Examples.
Deep Neural Rejection against Adversarial Examples.
2019-09-30
Black-box Adversarial Attacks with Bayesian Optimization.
Min-Max Optimization without Gradients: Convergence and Applications to Adversarial ML.
Role of Spatial Context in Adversarial Robustness for Object Detection.
2019-09-29
Techniques for Adversarial Examples Threatening the Safety of Artificial Intelligence Based Systems.
2019-09-27
Maximal adversarial perturbations for obfuscation: Hiding certain attributes while preserving rest.
Impact of Low-bitwidth Quantization on the Adversarial Robustness for Embedded Neural Networks.
Training-Free Uncertainty Estimation for Dense Regression: Sensitivity as a Surrogate. (1%)
2019-09-26
Towards Understanding the Transferability of Deep Representations.
Adversarial Machine Learning Attack on Modulation Classification.
Adversarial ML Attack on Self Organizing Cellular Networks.
Towards neural networks that provably know when they don't know.
Lower Bounds on Adversarial Robustness from Optimal Transport.
2019-09-25
Probabilistic Modeling of Deep Features for Out-of-Distribution and Adversarial Detection.
Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks.
FreeLB: Enhanced Adversarial Training for Natural Language Understanding.
2019-09-24
A Visual Analytics Framework for Adversarial Text Generation.
Intelligent image synthesis to attack a segmentation CNN using adversarial learning.
Sign-OPT: A Query-Efficient Hard-label Adversarial Attack.
Matrix Sketching for Secure Collaborative Machine Learning. (1%)
2019-09-23
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples.
Robust Local Features for Improving the Generalization of Adversarial Training.
FENCE: Feasible Evasion Attacks on Neural Networks in Constrained Environments.
2019-09-22
HAWKEYE: Adversarial Example Detector for Deep Neural Networks.
Towards Interpreting Recurrent Neural Networks through Probabilistic Abstraction.
2019-09-20
Adversarial Learning with Margin-based Triplet Embedding Regularization.
COPYCAT: Practical Adversarial Attacks on Visualization-Based Malware Detection.
Defending Against Physically Realizable Attacks on Image Classification.
2019-09-19
Propagated Perturbation of Adversarial Attack for well-known CNNs: Empirical Study and its Explanation.
Adversarial Vulnerability Bounds for Gaussian Process Classification.
Absum: Simple Regularization Method for Reducing Structural Sensitivity of Convolutional Neural Networks.
Toward Robust Image Classification.
Training Robust Deep Neural Networks via Adversarial Noise Propagation.
2019-09-17
Adversarial Attacks and Defenses in Images, Graphs and Text: A Review.
Generating Black-Box Adversarial Examples for Text Classifiers Using a Deep Reinforced Model.
Defending against Machine Learning based Inference Attacks via Adversarial Examples: Opportunities and Challenges.
2019-09-16
They Might NOT Be Giants: Crafting Black-Box Adversarial Examples with Fewer Queries Using Particle Swarm Optimization.
HAD-GAN: A Human-perception Auxiliary Defense GAN to Defend Adversarial Examples.
Towards Quality Assurance of Software Product Lines with Adversarial Configurations.
Interpreting and Improving Adversarial Robustness with Neuron Sensitivity.
2019-09-15
An Empirical Study towards Characterizing Deep Learning Development and Deployment across Different Frameworks and Platforms.
Detecting Adversarial Samples Using Influence Functions and Nearest Neighbors.
2019-09-14
Natural Language Adversarial Attacks and Defenses in Word Level.
2019-09-13
Adversarial Attack on Skeleton-based Human Action Recognition.
Say What I Want: Towards the Dark Side of Neural Dialogue Models.
White-Box Adversarial Defense via Self-Supervised Data Estimation.
Defending Against Adversarial Attacks by Suppressing the Largest Eigenvalue of Fisher Information Matrix.
2019-09-12
Inspecting adversarial examples using the Fisher information.
An Empirical Investigation of Randomized Defenses against Adversarial Attacks.
Transferable Adversarial Robustness using Adversarially Trained Autoencoders.
2019-09-11
Feedback Learning for Improving the Robustness of Neural Networks.
Sparse and Imperceivable Adversarial Attacks.
2019-09-10
Localized Adversarial Training for Increased Accuracy and Robustness in Image Classification.
Identifying and Resisting Adversarial Videos Using Temporal Consistency.
Effectiveness of Adversarial Examples and Defenses for Malware Classification.
Towards Noise-Robust Neural Networks via Progressive Adversarial Training.
UPC: Learning Universal Physical Camouflage Attacks on Object Detectors.
FDA: Feature Disruptive Attack.
Learning to Disentangle Robust and Vulnerable Features for Adversarial Detection.
Toward Finding The Global Optimal of Adversarial Examples.
2019-09-09
Adversarial Robustness Against the Union of Multiple Perturbation Models.
DeepObfuscator: Obfuscating Intermediate Representations with Privacy-Preserving Adversarial Learning on Smartphones. (1%)
2019-09-08
STA: Adversarial Attacks on Siamese Trackers.
When Explainability Meets Adversarial Learning: Detecting Adversarial Examples using SHAP Signatures.
2019-09-06
Learning to Discriminate Perturbations for Blocking Adversarial Attacks in Text Classification.
Natural Adversarial Sentence Generation with Gradient-based Perturbation.
Blackbox Attacks on Reinforcement Learning Agents Using Approximated Temporal Information.
2019-09-05
Spatiotemporally Constrained Action Space Attacks on Deep Reinforcement Learning Agents.
Adversarial Examples with Difficult Common Words for Paraphrase Identification.
2019-09-04
Are Adversarial Robustness and Common Perturbation Robustness Independent Attributes ?
2019-09-03
Certified Robustness to Adversarial Word Substitutions.
Achieving Verified Robustness to Symbol Substitutions via Interval Bound Propagation.
2019-09-02
Metric Learning for Adversarial Robustness.
2019-08-29
Adversarial Training Methods for Network Embedding.
Deep Neural Network Ensembles against Deception: Ensemble Diversity, Accuracy and Robustness.
Defeating Misclassification Attacks Against Transfer Learning.
Universal, transferable and targeted adversarial attacks.
2019-08-26
A Statistical Defense Approach for Detecting Adversarial Examples.
Gated Convolutional Networks with Hybrid Connectivity for Image Classification.
2019-08-25
Adversarial Edit Attacks for Tree Data.
advPattern: Physical-World Attacks on Deep Person Re-Identification via Adversarially Transformable Patterns.
2019-08-24
Targeted Mismatch Adversarial Attack: Query with a Flower to Retrieve the Tower.
2019-08-23
Improving Adversarial Robustness via Attention and Adversarial Logit Pairing.
AdvHat: Real-world adversarial attack on ArcFace Face ID system.
2019-08-22
Saliency Methods for Explaining Adversarial Attacks.
2019-08-21
Testing Robustness Against Unforeseen Adversaries.
Evaluating Defensive Distillation For Defending Text Processing Neural Networks Against Adversarial Examples.
2019-08-20
Denoising and Verification Cross-Layer Ensemble Against Black-box Adversarial Attacks.
Transferring Robustness for Graph Neural Network Against Poisoning Attacks.
2019-08-19
Universal Adversarial Triggers for NLP.
Protecting Neural Networks with Hierarchical Random Switching: Towards Better Robustness-Accuracy Trade-off for Stochastic Defenses.
Hybrid Batch Attacks: Finding Black-box Adversarial Examples with Limited Queries.
2019-08-18
On the Robustness of Human Pose Estimation.
Adversarial Defense by Suppressing High-frequency Components.
2019-08-17
Verification of Neural Network Control Policy Under Persistent Adversarial Perturbation.
Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks.
2019-08-16
Adversarial point perturbations on 3D objects.
2019-08-14
Once a MAN: Towards Multi-Target Attack via Learning Multi-Target Adversarial Network Once.
AdvFaces: Adversarial Face Synthesis.
DAPAS : Denoising Autoencoder to Prevent Adversarial attack in Semantic Segmentation.
2019-08-12
On Defending Against Label Flipping Attacks on Malware Detection Systems.
Adversarial Neural Pruning with Latent Vulnerability Suppression.
2019-08-09
On the Adversarial Robustness of Neural Networks without Weight Transport.
2019-08-08
Defending Against Adversarial Iris Examples Using Wavelet Decomposition.
Universal Adversarial Audio Perturbations.
2019-08-07
Improved Adversarial Robustness by Reducing Open Space Risk via Tent Activations.
Investigating Decision Boundaries of Trained Neural Networks.
2019-08-06
Explaining Deep Neural Networks Using Spectrum-Based Fault Localization.
MetaAdvDet: Towards Robust Detection of Evolving Adversarial Attacks.
BlurNet: Defense by Filtering the Feature Maps.
2019-08-05
Random Directional Attack for Fooling Deep Neural Networks.
Adversarial Self-Defense for Cycle-Consistent GANs.
Automated Detection System for Adversarial Examples with High-Frequency Noises Sieve.
A principled approach for generating adversarial images under non-smooth dissimilarity metrics.
Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems.
2019-08-04
A Restricted Black-box Adversarial Framework Towards Attacking Graph Embedding Models.
2019-08-03
Exploring the Robustness of NMT Systems to Nonsensical Inputs.
2019-08-02
AdvGAN++ : Harnessing latent layers for adversary generation.
2019-08-01
Black-box Adversarial ML Attack on Modulation Classification.
Robustifying deep networks for image segmentation.
2019-07-31
Adversarial Robustness Curves.
Optimal Attacks on Reinforcement Learning Policies.
2019-07-30
Impact of Adversarial Examples on Deep Learning Models for Biomedical Image Segmentation.
Not All Adversarial Examples Require a Complex Defense: Identifying Over-optimized Adversarial Examples with IQR-based Logit Thresholding.
2019-07-28
Are Odds Really Odd? Bypassing Statistical Detection of Adversarial Examples.
2019-07-27
Is BERT Really Robust? A Strong Baseline for Natural Language Attack on Text Classification and Entailment.
2019-07-26
Understanding Adversarial Robustness: The Trade-off between Minimum and Average Margin.
On the Design of Black-box Adversarial Examples by Leveraging Gradient-free Optimization and Operator Splitting Method.
2019-07-24
Towards Adversarially Robust Object Detection.
Joint Adversarial Training: Incorporating both Spatial and Pixel Attacks.
Defense Against Adversarial Attacks Using Feature Scattering-based Adversarial Training.
Weakly Supervised Localization using Min-Max Entropy: an Interpretable Framework.
Understanding Adversarial Attacks on Deep Learning Based Medical Image Analysis Systems.
2019-07-23
Enhancing Adversarial Example Transferability with an Intermediate Level Attack.
2019-07-21
Characterizing Attacks on Deep Reinforcement Learning.
2019-07-17
Connecting Lyapunov Control Theory to Adversarial Attacks.
Robustness properties of Facebook's ResNeXt WSL models.
Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems.
2019-07-16
Adversarial Security Attacks and Perturbations on Machine Learning and Deep Learning Methods.
Latent Adversarial Defence with Boundary-guided Generation.
Natural Adversarial Examples.
Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving.
Explaining Vulnerabilities to Adversarial Machine Learning through Visual Analytics.
2019-07-15
Graph Interpolating Activation Improves Both Natural and Robust Accuracies in Data-Efficient Deep Learning.
Recovery Guarantees for Compressible Signals with Adversarial Noise.
2019-07-14
Measuring the Transferability of Adversarial Examples.
2019-07-12
Unsupervised Adversarial Attacks on Deep Feature-based Retrieval with GAN.
Stateful Detection of Black-Box Adversarial Attacks.
Generative Modeling by Estimating Gradients of the Data Distribution.
2019-07-11
Why Blocking Targeted Adversarial Perturbations Impairs the Ability to Learn.
Adversarial Objects Against LiDAR-Based Autonomous Driving Systems.
2019-07-10
Metamorphic Detection of Adversarial Examples in Deep Learning Models With Affine Transformations.
2019-07-09
PhysGAN: Generating Physical-World-Resilient Adversarial Examples for Autonomous Driving.
2019-07-06
Affine Disentangled GAN for Interpretable and Robust AV Perception.
2019-07-05
Detecting and Diagnosing Adversarial Images with Class-Conditional Capsule Reconstructions.
2019-07-04
Adversarial Robustness through Local Linearization.
Adversarial Attacks in Sound Event Classification.
2019-07-03
Robust Synthesis of Adversarial Visual Examples Using a Deep Image Prior.
Minimally distorted Adversarial Examples with a Fast Adaptive Boundary Attack.
2019-07-02
Efficient Cyber Attacks Detection in Industrial Control Systems Using Lightweight Neural Networks and PCA.
Treant: Training Evasion-Aware Decision Trees.
2019-07-01
Comment on "Adv-BNN: Improved Adversarial Defense through Robust Bayesian Neural Network".
Diminishing the Effect of Adversarial Perturbations via Refining Feature Representation.
Accurate, reliable and fast robustness evaluation.
2019-06-30
Fooling a Real Car with Adversarial Traffic Signs.
2019-06-28
Using Self-Supervised Learning Can Improve Model Robustness and Uncertainty.
Certifiable Robustness and Robust Training for Graph Convolutional Networks.
Learning to Cope with Adversarial Attacks.
Robustness Guarantees for Deep Neural Networks on Videos.
2019-06-27
Using Intuition from Empirical Properties to Simplify Adversarial Training Defense.
Adversarial Robustness via Label-Smoothing.
Evolving Robust Neural Architectures to Defend from Adversarial Attacks.
2019-06-26
The Adversarial Robustness of Sampling.
Defending Adversarial Attacks by Correcting logits.
2019-06-25
Quantitative Verification of Neural Networks And its Security Applications.
Are Adversarial Perturbations a Showstopper for ML-Based CAD? A Case Study on CNN-Based Lithographic Hotspot Detection.
2019-06-24
Deceptive Reinforcement Learning Under Adversarial Manipulations on Cost Signals.
2019-06-22
Defending Against Adversarial Examples with K-Nearest Neighbor.
2019-06-21
Hiding Faces in Plain Sight: Disrupting AI Face Synthesis with Adversarial Perturbations.
A Fourier Perspective on Model Robustness in Computer Vision.
Evolution Attack On Neural Networks.
Adversarial Examples to Fool Iris Recognition Systems.
A Cyclically-Trained Adversarial Network for Invariant Representation Learning.
2019-06-20
On Physical Adversarial Patches for Object Detection.
2019-06-19
Catfish Effect Between Internal and External Attackers:Being Semi-honest is Helpful.
Improving the robustness of ImageNet classifiers using elements of human visual cognition.
A unified view on differential privacy and robustness to adversarial examples.
Convergence of Adversarial Training in Overparametrized Networks.
Global Adversarial Attacks for Assessing Deep Learning Robustness.
Cloud-based Image Classification Service Is Not Robust To Simple Transformations: A Forgotten Battlefield.
SemanticAdv: Generating Adversarial Examples via Attribute-conditional Image Editing.
2019-06-17
Adversarial attacks on Copyright Detection Systems.
Improving Black-box Adversarial Attacks with a Transfer-based Prior.
The Attack Generator: A Systematic Approach Towards Constructing Adversarial Attacks.
2019-06-16
Interpolated Adversarial Training: Achieving Robust Neural Networks without Sacrificing Accuracy.
Defending Against Adversarial Attacks Using Random Forests.
2019-06-15
Representation Quality Of Neural Networks Links To Adversarial Attacks and Defences.
2019-06-14
Adversarial Training Can Hurt Generalization.
Towards Compact and Robust Deep Neural Networks.
Perceptual Based Adversarial Audio Attacks.
Copy and Paste: A Simple But Effective Initialization Method for Black-Box Adversarial Attacks.
Robust or Private? Adversarial Training Makes Models More Vulnerable to Privacy Attacks.
Towards Stable and Efficient Training of Verifiably Robust Neural Networks.
Adversarial Robustness Assessment: Why both $L_0$ and $L_\infty$ Attacks Are Necessary.
2019-06-13
A Computationally Efficient Method for Defending Adversarial Deep Learning Attacks.
Lower Bounds for Adversarially Robust PAC Learning.
2019-06-12
Tight Certificates of Adversarial Robustness for Randomly Smoothed Classifiers.
2019-06-11
Subspace Attack: Exploiting Promising Subspaces for Query-Efficient Black-box Attacks.
Mimic and Fool: A Task Agnostic Adversarial Attack.
Efficient and Accurate Estimation of Lipschitz Constants for Deep Neural Networks.
2019-06-10
E-LPIPS: Robust Perceptual Image Similarity via Random Transformation Ensembles.
Evaluating the Robustness of Nearest Neighbor Classifiers: A Primal-Dual Perspective.
Robustness Verification of Tree-based Models.
Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective.
2019-06-09
On the Vulnerability of Capsule Networks to Adversarial Attacks.
Intriguing properties of adversarial training.
Improved Adversarial Robustness via Logit Regularization Methods.
Attacking Graph Convolutional Networks via Rewiring.
Towards A Unified Min-Max Framework for Adversarial Exploration and Robustness.
Provably Robust Deep Learning via Adversarially Trained Smoothed Classifiers.
2019-06-08
Strategies to architect AI Safety: Defense to guard AI from Adversaries.
Sensitivity of Deep Convolutional Networks to Gabor Noise.
ML-LOO: Detecting Adversarial Examples with Feature Attribution.
Provably Robust Boosted Decision Stumps and Trees against Adversarial Attacks.
Making targeted black-box evasion attacks effective and efficient.
Defending Against Universal Attacks Through Selective Feature Regeneration.
2019-06-07
A cryptographic approach to black box adversarial machine learning.
Using learned optimizers to make models robust to input noise.
Efficient Project Gradient Descent for Ensemble Adversarial Attack.
Inductive Bias of Gradient Descent based Adversarial Training on Separable Data.
Adversarial Explanations for Understanding Image Classification Decisions and Improved Neural Network Robustness.
Robustness for Non-Parametric Classification: A Generic Attack and Defense.
2019-06-06
Robust Attacks against Multiple Classifiers.
Improving Robustness Without Sacrificing Accuracy with Patch Gaussian Augmentation.
Understanding Adversarial Behavior of DNNs by Disentangling Non-Robust and Robust Components in Performance Metric.
Should Adversarial Attacks Use Pixel p-Norm?
Image Synthesis with a Single (Robust) Classifier.
2019-06-05
MNIST-C: A Robustness Benchmark for Computer Vision.
Enhancing Gradient-based Attacks with Symbolic Intervals.
Query-efficient Meta Attack to Deep Neural Networks.
c-Eval: A Unified Metric to Evaluate Feature-based Explanations via Perturbation.
Multi-way Encoding for Robustness.
2019-06-04
Adversarial Training is a Form of Data-dependent Operator Norm Regularization.
Architecture Selection via the Trade-off Between Accuracy and Robustness. (67%)
2019-06-03
Adversarial Exploitation of Policy Imitation.
Adversarial Risk Bounds for Neural Networks through Sparsity based Compression.
The Adversarial Machine Learning Conundrum: Can The Insecurity of ML Become The Achilles' Heel of Cognitive Networks?
Adversarial Robustness as a Prior for Learned Representations.
RL-Based Method for Benchmarking the Adversarial Resilience and Robustness of Deep Reinforcement Learning Policies.
Achieving Generalizable Robustness of Deep Neural Networks by Stability Training.
A Surprising Density of Illusionable Natural Speech.
Fast and Stable Interval Bounds Propagation for Training Verifiably Robust Models.
Understanding the Limitations of Conditional Generative Models.
2019-06-02
Adversarially Robust Generalization Just Requires More Unlabeled Data.
2019-06-01
Adversarial Examples for Edge Detection: They Exist, and They Transfer.
Perceptual Evaluation of Adversarial Attacks for CNN-based Image Classification.
Enhancing Transformation-based Defenses using a Distribution Classifier.
2019-05-31
Unlabeled Data Improves Adversarial Robustness.
Reverse KL-Divergence Training of Prior Networks: Improved Uncertainty and Adversarial Robustness.
Are Labels Required for Improving Adversarial Robustness?
2019-05-30
Real-Time Adversarial Attacks.
Residual Networks as Nonlinear Systems: Stability Analysis using Linearization.
Identifying Classes Susceptible to Adversarial Attacks.
Robust Sparse Regularization: Simultaneously Optimizing Neural Network Robustness and Compactness.
Interpretable Adversarial Training for Text.
2019-05-29
Bandlimiting Neural Networks Against Adversarial Attacks.
Misleading Authorship Attribution of Source Code using Adversarial Learning.
Securing Connected & Autonomous Vehicles: Challenges Posed by Adversarial Machine Learning and The Way Forward.
Functional Adversarial Attacks.
CopyCAT: Taking Control of Neural Policies with Constant Attacks.
2019-05-28
ME-Net: Towards Effective Adversarial Robustness with Matrix Estimation.
Adversarial Attacks on Remote User Authentication Using Behavioural Mouse Dynamics.
Improving the Robustness of Deep Neural Networks via Adversarial Training with Triplet Loss.
Snooping Attacks on Deep Reinforcement Learning.
High Frequency Component Helps Explain the Generalization of Convolutional Neural Networks.
Expected Tight Bounds for Robust Training.
Empirically Measuring Concentration: Fundamental Limits on Intrinsic Robustness.
Cross-Domain Transferability of Adversarial Perturbations.
Certifiably Robust Interpretation in Deep Learning.
2019-05-27
Brain-inspired reverse adversarial examples.
Label Universal Targeted Attack.
Fooling Detection Alone is Not Enough: First Adversarial Attack against Multiple Object Tracking.
Provable robustness against all adversarial $l_p$-perturbations for $p\geq 1$.
Scaleable input gradient regularization for adversarial robustness.
Combating Adversarial Misspellings with Robust Word Recognition.
Analyzing the Interpretability Robustness of Self-Explaining Models.
Adversarially Robust Learning Could Leverage Computational Hardness.
Unsupervised Euclidean Distance Attack on Network Embedding.
GAT: Generative Adversarial Training for Adversarial Example Detection and Robust Classification.
2019-05-26
State-Reification Networks: Improving Generalization by Modeling the Distribution of Hidden Representations.
Non-Determinism in Neural Networks for Adversarial Robustness.
Purifying Adversarial Perturbation with Adversarially Trained Auto-encoders.
Rearchitecting Classification Frameworks For Increased Robustness.
Robust Classification using Robust Feature Augmentation.
Generalizable Adversarial Attacks Using Generative Models.
2019-05-25
Trust but Verify: An Information-Theoretic Explanation for the Adversarial Fragility of Machine Learning Systems, and a General Defense against Adversarial Attacks.
Adversarial Distillation for Ordered Top-k Attacks.
Adversarial Policies: Attacking Deep Reinforcement Learning.
Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness.
2019-05-24
Robustness to Adversarial Perturbations in Learning from Incomplete Data.
Enhancing Adversarial Defense by k-Winners-Take-All.
Power up! Robust Graph Convolutional Network via Graph Powering.
2019-05-23
A Direct Approach to Robust Deep Learning Using Adversarial Networks.
PHom-GeM: Persistent Homology for Generative Models.
Thwarting finite difference adversarial attacks with output randomization.
Interpreting Adversarially Trained Convolutional Neural Networks.
Adversarially Robust Distillation.
2019-05-22
Convergence and Margin of Adversarial Training on Separable Data.
Detecting Adversarial Examples and Other Misclassifications in Neural Networks by Introspection.
2019-05-21
DoPa: A Fast and Comprehensive CNN Defense Methodology against Physical Adversarial Attacks.
2019-05-20
Adversarially robust transfer learning.
2019-05-19
Testing DNN Image Classifiers for Confusion & Bias Errors.
2019-05-18
What Do Adversarially Robust Models Look At?
Taking Care of The Discretization Problem:A Black-Box Adversarial Image Attack in Discrete Integer Domain.
2019-05-17
POPQORN: Quantifying Robustness of Recurrent Neural Networks.
A critique of the DeepSec Platform for Security Analysis of Deep Learning Models.
Simple Black-box Adversarial Attacks.
2019-05-16
Parsimonious Black-Box Adversarial Attacks via Efficient Combinatorial Optimization.
2019-05-15
On Norm-Agnostic Robustness of Adversarial Training.
An Efficient Pre-processing Method to Eliminate Adversarial Effects.
2019-05-14
Robustification of deep net classifiers by key based diversified aggregation with pre-filtering.
2019-05-13
Adversarial Examples for Electrocardiograms.
Analyzing Adversarial Attacks Against Deep Learning for Intrusion Detection in IoT Networks.
Harnessing the Vulnerability of Latent Layers in Adversarially Trained Models.
2019-05-11
Moving Target Defense for Deep Visual Sensing against Adversarial Examples.
2019-05-10
Interpreting and Evaluating Neural Network Robustness.
On the Connection Between Adversarial Robustness and Saliency Map Interpretability.
Exact Adversarial Attack to Image Captioning via Structured Output Learning with Latent Variables.
2019-05-09
Adversarial Defense Framework for Graph Neural Network.
Mitigating Deep Learning Vulnerabilities from Adversarial Examples Attack in the Cybersecurity Domain.
Exploring the Hyperparameter Landscape of Adversarial Robustness.
Learning Interpretable Features via Adversarially Robust Optimization.
Universal Adversarial Perturbations for Speech Recognition Systems.
2019-05-08
ROSA: Robust Salient Object Detection against Adversarial Attacks.
Enhancing Cross-task Transferability of Adversarial Examples with Dispersion Reduction.
Adversarial Image Translation: Unrestricted Adversarial Examples in Face Recognition Systems.
2019-05-07
A Comprehensive Analysis on Adversarial Robustness of Spiking Neural Networks.
Representation of White- and Black-Box Adversarial Examples in Deep Neural Networks and Humans: A Functional Magnetic Resonance Imaging Study.
An Empirical Evaluation of Adversarial Robustness under Transfer Learning.
Adaptive Generation of Unrestricted Adversarial Inputs.
2019-05-06
Batch Normalization is a Cause of Adversarial Vulnerability.
Adversarial Examples Are Not Bugs, They Are Features.
Machine Learning Cryptanalysis of a Quantum Random Number Generator. (1%)
2019-05-05
Better the Devil you Know: An Analysis of Evasion Attacks using Out-of-Distribution Adversarial Examples.
2019-05-03
Transfer of Adversarial Robustness Between Perturbation Types.
2019-05-02
Adversarial Training with Voronoi Constraints.
Weight Map Layer for Noise and Adversarial Attack Robustness.
You Only Propagate Once: Accelerating Adversarial Training via Maximal Principle.
2019-05-01
POBA-GA: Perturbation Optimized Black-Box Adversarial Attacks via Genetic Algorithm.
Dropping Pixels for Adversarial Robustness.
NATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks.
2019-04-30
Test Selection for Deep Learning Systems.
Detecting Adversarial Examples through Nonlinear Dimensionality Reduction.
2019-04-29
Adversarial Training for Free!
Adversarial Training and Robustness for Multiple Perturbations.
2019-04-27
Non-Local Context Encoder: Robust Biomedical Image Segmentation against Adversarial Attacks.
2019-04-26
Robustness Verification of Support Vector Machines.
2019-04-24
A Robust Approach for Securing Audio Classification Against Adversarial Attacks.
Physical Adversarial Textures that Fool Visual Object Tracking.
2019-04-23
Minimizing Perceived Image Quality Loss Through Adversarial Attack Scoping.
2019-04-22
blessing in disguise: Designing Robust Turing Test by Employing Algorithm Unrobustness.
Using Videos to Evaluate Image Model Robustness.
2019-04-21
Beyond Explainability: Leveraging Interpretability for Improved Adversarial Learning.
2019-04-20
Can Machine Learning Model with Static Features be Fooled: an Adversarial Machine Learning Approach.
2019-04-19
Salient Object Detection in the Deep Learning Era: An In-Depth Survey.
2019-04-18
Fooling automated surveillance cameras: adversarial patches to attack person detection.
2019-04-17
ZK-GanDef: A GAN based Zero Knowledge Adversarial Training Defense for Neural Networks.
Defensive Quantization: When Efficiency Meets Robustness.
Interpreting Adversarial Examples with Attributes.
Adversarial Defense Through Network Profiling Based Path Extraction.
Gotta Catch 'Em All: Using Concealed Trapdoors to Detect Adversarial Attacks on Neural Networks.
Semantic Adversarial Attacks: Parametric Transformations That Fool Deep Classifiers.
2019-04-16
Reducing Adversarial Example Transferability Using Gradient Regularization.
AT-GAN: An Adversarial Generator Model for Non-constrained Adversarial Examples.
2019-04-15
Are Self-Driving Cars Secure? Evasion Attacks against Deep Neural Networks for Steering Angle Prediction.
Influence of Control Parameters and the Size of Biomedical Image Datasets on the Success of Adversarial Attacks.
2019-04-13
Exploiting Vulnerabilities of Load Forecasting Through Adversarial Attacks.
2019-04-12
Cycle-Consistent Adversarial GAN: the integration of adversarial attack and defense.
Generating Minimal Adversarial Perturbations with Integrated Adaptive Gradients.
Evaluating Robustness of Deep Image Super-Resolution against Adversarial Attacks.
Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks.
Unrestricted Adversarial Examples via Semantic Manipulation.
2019-04-11
Black-Box Decision based Adversarial Attack with Symmetric $\alpha$-stable Distribution.
2019-04-10
Learning to Generate Synthetic Data via Compositing.
Black-box Adversarial Attacks on Video Recognition Models.
2019-04-09
Generation & Evaluation of Adversarial Examples for Malware Obfuscation.
2019-04-08
Efficient Decision-based Black-box Adversarial Attacks on Face Recognition.
A Target-Agnostic Attack on Deep Models: Exploiting Security Vulnerabilities of Transfer Learning.
2019-04-07
JumpReLU: A Retrofit Defense Strategy for Adversarial Attacks.
Malware Evasion Attack and Defense.
2019-04-06
On Training Robust PDF Malware Classifiers.
2019-04-05
Evading Defenses to Transferable Adversarial Examples by Translation-Invariant Attacks.
2019-04-04
White-to-Black: Efficient Distillation of Black-Box Adversarial Attacks.
Minimum Uncertainty Based Detection of Adversaries in Deep Neural Networks.
2019-04-03
Understanding the efficacy, reliability and resiliency of computer vision techniques for malware detection and future research directions.
Interpreting Adversarial Examples by Activation Promotion and Suppression.
HopSkipJumpAttack: A Query-Efficient Decision-Based Attack.
Summit: Scaling Deep Learning Interpretability by Visualizing Activation and Attribution Summarizations.
2019-04-02
Adversarial Attacks against Deep Saliency Models.
2019-04-01
Curls & Whey: Boosting Black-Box Adversarial Attacks.
Robustness of 3D Deep Learning in an Adversarial Setting.
Defending against adversarial attacks by randomized diversification.
Adversarial Defense by Restricting the Hidden Space of Deep Neural Networks.
Regional Homogeneity: Towards Learning Transferable Universal Adversarial Perturbations Against Defenses.
2019-03-31
On the Vulnerability of CNN Classifiers in EEG-Based BCIs.
2019-03-29
Adversarial Robustness vs Model Compression, or Both?
2019-03-28
Benchmarking Neural Network Robustness to Common Corruptions and Perturbations.
Smooth Adversarial Examples.
2019-03-27
Bridging Adversarial Robustness and Gradient Interpretability.
Scaling up the randomized gradient-free adversarial attack reveals overestimation of robustness using established attacks.
Rallying Adversarial Techniques against Deep Learning for Network Security.
Text Processing Like Humans Do: Visually Attacking and Shielding NLP Systems.
2019-03-26
On the Adversarial Robustness of Multivariate Robust Estimation.
A geometry-inspired decision-based attack.
2019-03-25
Defending against Whitebox Adversarial Attacks via Randomized Discretization.
Exploiting Excessive Invariance caused by Norm-Bounded Adversarial Robustness.
The LogBarrier adversarial attack: making effective use of decision boundary information.
Robust Neural Networks using Randomized Adversarial Training.
2019-03-24
A Formalization of Robustness for Deep Neural Networks.
Variational Inference with Latent Space Quantization for Adversarial Resilience.
2019-03-23
Improving Adversarial Robustness via Guided Complement Entropy.
2019-03-22
Imperceptible, Robust, and Targeted Adversarial Examples for Automatic Speech Recognition.
Fast Bayesian Uncertainty Estimation and Reduction of Batch Normalized Single Image Super-Resolution Network. (45%)
2019-03-21
Adversarial camera stickers: A physical camera-based attack on deep learning systems.
2019-03-20
Provable Certificates for Adversarial Examples: Fitting a Ball in the Union of Polytopes.
2019-03-19
On the Robustness of Deep K-Nearest Neighbors.
2019-03-18
Generating Adversarial Examples With Conditional Generative Adversarial Net.
Practical Hidden Voice Attacks against Speech and Speaker Recognition Systems.
2019-03-17
Adversarial Attacks on Deep Neural Networks for Time Series Classification.
2019-03-15
On Evaluation of Adversarial Perturbations for Sequence-to-Sequence Models.
On Certifying Non-uniform Bound against Adversarial Attacks.
2019-03-14
A Research Agenda: Dynamic Models to Defend Against Correlated Attacks.
Attribution-driven Causal Analysis for Detection of Adversarial Examples.
2019-03-13
Adversarial attacks against Fact Extraction and VERification.
2019-03-12
Simple Physical Adversarial Examples against End-to-End Autonomous Driving Models.
2019-03-11
Can Adversarial Network Attack be Defended?
2019-03-09
Manifold Preserving Adversarial Learning.
2019-03-07
Attack Type Agnostic Perceptual Enhancement of Adversarial Images.
Out-domain examples for generative models.
2019-03-06
GanDef: A GAN based Adversarial Training Defense for Neural Network Classifier.
2019-03-05
Statistical Guarantees for the Robustness of Bayesian Neural Networks.
L 1-norm double backpropagation adversarial defense.
2019-03-04
Defense Against Adversarial Images using Web-Scale Nearest-Neighbor Search.
The Vulnerabilities of Graph Convolutional Networks: Stronger Attacks and Defensive Techniques.
Complement Objective Training.
Safety Verification and Robustness Analysis of Neural Networks via Quadratic Constraints and Semidefinite Programming.
2019-03-03
A Kernelized Manifold Mapping to Diminish the Effect of Adversarial Perturbations.
2019-03-01
Evaluating Adversarial Evasion Attacks in the Context of Wireless Communications.
PuVAE: A Variational Autoencoder to Purify Adversarial Examples.
Attacking Graph-based Classification via Manipulating the Graph Structure.
2019-02-28
On the Effectiveness of Low Frequency Perturbations.
Enhancing the Robustness of Deep Neural Networks by Boundary Conditional GAN.
Towards Understanding Adversarial Examples Systematically: Exploring Data Size, Task and Model Factors.
Adversarial Attack and Defense on Point Sets.
2019-02-27
Adversarial Attacks on Time Series.
Robust Decision Trees Against Adversarial Examples.
Tensor Dropout for Robust Learning.
The Best Defense Is a Good Offense: Adversarial Attacks to Avoid Modulation Detection.
A Distributionally Robust Optimization Method for Adversarial Multiple Kernel Learning. (76%)
AutoGAN-based Dimension Reduction for Privacy Preservation. (1%)
2019-02-26
Disentangled Deep Autoencoding Regularization for Robust Image Classification.
Analyzing Deep Neural Networks with Symbolic Propagation: Towards Higher Precision and Faster Verification.
2019-02-25
Verification of Non-Linear Specifications for Neural Networks.
Adversarial attacks hidden in plain sight.
2019-02-24
MaskDGA: A Black-box Evasion Technique Against DGA Classifiers and Adversarial Defenses.
Adversarial Reinforcement Learning under Partial Observability in Software-Defined Networking.
2019-02-23
Re-evaluating ADEM: A Deeper Look at Scoring Dialogue Responses.
A Deep, Information-theoretic Framework for Robust Biometric Recognition.
2019-02-22
Physical Adversarial Attacks Against End-to-End Autoencoder Communication Systems.
A Convex Relaxation Barrier to Tight Robustness Verification of Neural Networks.
Adversarial Attacks on Graph Neural Networks via Meta Learning.
2019-02-21
On the Sensitivity of Adversarial Robustness to Input Data Distributions.
Quantifying Perceptual Distortion of Adversarial Examples.
Wasserstein Adversarial Examples via Projected Sinkhorn Iterations.
2019-02-20
advertorch v0.1: An Adversarial Robustness Toolbox based on PyTorch.
Perceptual Quality-preserving Black-Box Attack against Deep Learning Image Classifiers.
Graph Adversarial Training: Dynamically Regularizing Based on Graph Structure.
2019-02-19
There are No Bit Parts for Sign Bits in Black-Box Attacks.
2019-02-18
On Evaluating Adversarial Robustness.
AuxBlocks: Defense Adversarial Example via Auxiliary Blocks.
Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting Attacks with Adversarial Traces.
2019-02-16
Mitigation of Adversarial Examples in RF Deep Classifiers Utilizing AutoEncoder Pre-training.
Adversarial Examples in RF Deep Learning: Detection of the Attack and its Physical Robustness.
2019-02-15
DeepFault: Fault Localization for Deep Neural Networks.
2019-02-14
Can Intelligent Hyperparameter Selection Improve Resistance to Adversarial Examples?
2019-02-13
The Odds are Odd: A Statistical Test for Detecting Adversarial Examples.
2019-02-12
Examining Adversarial Learning against Graph-based IoT Malware Detection Systems.
2019-02-11
Adversarial Samples on Android Malware Detection Systems for IoT Systems.
A Survey: Towards a Robust Deep Neural Network in Text Domain.
2019-02-09
Model Compression with Adversarial Robustness: A Unified Optimization Framework.
When Causal Intervention Meets Adversarial Examples and Image Masking for Deep Neural Networks.
2019-02-08
Minimal Images in Deep Neural Networks: Fragile Object Recognition in Natural Images.
Understanding the One-Pixel Attack: Propagation Maps and Locality Analysis.
Discretization based Solutions for Secure Machine Learning against Adversarial Attacks.
2019-02-07
Robustness Of Saak Transform Against Adversarial Attacks.
Certified Adversarial Robustness via Randomized Smoothing.
2019-02-06
Fooling Neural Network Interpretations via Adversarial Model Manipulation.
Daedalus: Breaking Non-Maximum Suppression in Object Detection via Adversarial Examples.
2019-02-05
Fatal Brain Damage.
2019-02-04
Theoretical evidence for adversarial robustness through randomization.
Predictive Uncertainty Quantification with Compound Density Networks.
Is Spiking Secure? A Comparative Study on the Security Vulnerabilities of Spiking and Deep Neural Networks.
2019-02-01
Robustness Certificates Against Adversarial Examples for ReLU Networks.
Natural and Adversarial Error Detection using Invariance to Image Transformations.
Adaptive Gradient for Adversarial Perturbations Generation.
Robustness of Generalized Learning Vector Quantization Models against Adversarial Attacks.
The Efficacy of SHIELD under Different Threat Models.
2019-01-31
A New Family of Neural Networks Provably Resistant to Adversarial Attacks.
Training Artificial Neural Networks by Generalized Likelihood Ratio Method: Exploring Brain-like Learning to Improve Robustness.
2019-01-30
A Simple Explanation for the Existence of Adversarial Examples with Small Hamming Distance.
Augmenting Model Robustness with Transformation-Invariant Attacks.
2019-01-29
Adversarial Examples Are a Natural Consequence of Test Error in Noise.
RED-Attack: Resource Efficient Decision based Attack for Machine Learning.
Reliable Smart Road Signs.
On the Effect of Low-Rank Weights on Adversarial Robustness of Neural Networks.
Adversarial Metric Attack and Defense for Person Re-identification.
2019-01-28
Improving Adversarial Robustness of Ensembles with Diversity Training.
CapsAttacks: Robust and Imperceptible Adversarial Attacks on Capsule Networks.
Defense Methods Against Adversarial Examples for Recurrent Neural Networks.
Using Pre-Training Can Improve Model Robustness and Uncertainty.
Efficient Multiparty Interactive Coding for Insertions, Deletions and Substitutions. (1%)
2019-01-27
An Information-Theoretic Explanation for the Adversarial Fragility of AI Classifiers.
Characterizing the Shape of Activation Space in Deep Neural Networks.
Strong Black-box Adversarial Attacks on Unsupervised Machine Learning Models.
2019-01-26
A Black-box Attack on Neural Networks Based on Swarm Evolutionary Algorithm.
Weighted-Sampling Audio Adversarial Example Attack.
2019-01-25
Generative Adversarial Networks for Black-Box API Attacks with Limited Training Data.
Improving Adversarial Robustness via Promoting Ensemble Diversity.
Chapter: Vulnerability of Quantum Information Systems to Collective Manipulation. (1%)
2019-01-24
Towards Interpretable Deep Neural Networks by Leveraging Adversarial Examples.
Cross-Entropy Loss and Low-Rank Features Have Responsibility for Adversarial Examples.
Theoretically Principled Trade-off between Robustness and Accuracy.
2019-01-23
SirenAttack: Generating Adversarial Audio for End-to-End Acoustic Systems.
Sitatapatra: Blocking the Transfer of Adversarial Samples.
2019-01-21
Universal Rules for Fooling Deep Neural Networks based Text Classification.
Adversarial Attacks on Deep Learning Models in Natural Language Processing: A Survey.
Sensitivity Analysis of Deep Neural Networks.
Perception-in-the-Loop Adversarial Examples.
2019-01-17
Easy to Fool? Testing the Anti-evasion Capabilities of PDF Malware Scanners.
2019-01-15
The Limitations of Adversarial Training and the Blind-Spot Attack.
2019-01-13
Generating Adversarial Perturbation with Root Mean Square Gradient.
2019-01-12
ECGadv: Generating Adversarial Electrocardiogram to Misguide Arrhythmia Classification System.
2019-01-11
Explaining Vulnerabilities of Deep Learning to Adversarial Malware Binaries.
2019-01-10
Characterizing and evaluating adversarial examples for Offline Handwritten Signature Verification.
Image Transformation can make Neural Networks more robust against Adversarial Examples.
2019-01-09
Extending Adversarial Attacks and Defenses to Deep 3D Point Cloud Classifiers.
2019-01-08
Interpretable BoW Networks for Adversarial Example Detection.
2019-01-07
Image Super-Resolution as a Defense Against Adversarial Attacks.
2019-01-05
Fake News Detection via NLP is Vulnerable to Adversarial Attacks.
2019-01-04
Adversarial Examples Versus Cloud-based Detectors: A Black-box Empirical Study.
2019-01-02
Multi-Label Adversarial Perturbations.
Adversarial Robustness May Be at Odds With Simplicity.
2019-01-01
A Noise-Sensitivity-Analysis-Based Test Prioritization Technique for Deep Neural Networks.
2018-12-27
DeepBillboard: Systematic Physical-World Testing of Autonomous Driving Systems.
2018-12-26
Adversarial Attack and Defense on Graph Data: A Survey.
2018-12-25
Noise Flooding for Detecting Audio Adversarial Examples Against Automatic Speech Recognition.
PPD: Permutation Phase Defense Against Adversarial Examples in Deep Learning.
A Multiversion Programming Inspired Approach to Detecting Audio Adversarial Examples.
A Data-driven Adversarial Examples Recognition Framework via Adversarial Feature Genome.
Seeing isn't Believing: Practical Adversarial Attack Against Object Detectors.
2018-12-24
DUP-Net: Denoiser and Upsampler Network for 3D Adversarial Point Clouds Defense.
2018-12-23
Markov Game Modeling of Moving Target Defense for Strategic Detection of Threats in Cloud Networks.
Guessing Smart: Biased Sampling for Efficient Black-Box Adversarial Attacks.
2018-12-22
Exploiting the Inherent Limitation of L0 Adversarial Examples.
2018-12-21
Dissociable neural representations of adversarially perturbed images in convolutional neural networks and the human brain.
2018-12-19
Enhancing Robustness of Deep Neural Networks Against Adversarial Malware Samples: Principles, Framework, and AICS'2019 Challenge.
2018-12-18
PROVEN: Certifying Robustness of Neural Networks with a Probabilistic Approach.
2018-12-17
Spartan Networks: Self-Feature-Squeezing Neural Networks for increased robustness in adversarial settings.
Designing Adversarially Resilient Classifiers using Resilient Feature Engineering.
A Survey of Safety and Trustworthiness of Deep Neural Networks.
2018-12-16
Defense-VAE: A Fast and Accurate Defense against Adversarial Attacks.
2018-12-15
Perturbation Analysis of Learning Algorithms: A Unifying Perspective on Generation of Adversarial Examples.
Trust Region Based Adversarial Attack on Neural Networks.
2018-12-14
Adversarial Sample Detection for Deep Neural Network through Model Mutation Testing.
2018-12-13
TextBugger: Generating Adversarial Text Against Real-world Applications.
Why ReLU networks yield high-confidence predictions far away from the training data and how to mitigate the problem.
Generating Hard Examples for Pixel-wise Classification. (4%)
2018-12-12
Thwarting Adversarial Examples: An $L_0$-RobustSparse Fourier Transform.
2018-12-11
On the Security of Randomized Defenses Against Adversarial Samples.
Adversarial Framing for Image and Video Classification.
2018-12-10
Defending Against Universal Perturbations With Shared Adversarial Training.
2018-12-08
Feature Denoising for Improving Adversarial Robustness.
AutoGAN: Robust Classifier Against Adversarial Attacks.
Detecting Adversarial Examples in Convolutional Neural Networks.
Learning Transferable Adversarial Examples via Ghost Networks.
2018-12-07
Deep-RBF Networks Revisited: Robust Classification with Rejection.
Combatting Adversarial Attacks through Denoising and Dimensionality Reduction: A Cascaded Autoencoder Approach.
2018-12-06
Adversarial Defense of Image Classification Using a Variational Auto-Encoder.
Adversarial Attacks, Regression, and Numerical Stability Regularization.
Prior Networks for Detection of Adversarial Attacks.
Towards Leveraging the Information of Gradients in Optimization-based Adversarial Attack.
Fooling Network Interpretation in Image Classification.
The Limitations of Model Uncertainty in Adversarial Settings.
MMA Training: Direct Input Space Margin Maximization through Adversarial Training.
2018-12-05
On Configurable Defense against Adversarial Example Attacks.
Regularized Ensembles and Transferability in Adversarial Learning.
SADA: Semantic Adversarial Diagnostic Attacks for Autonomous Applications.
2018-12-04
Rigorous Agent Evaluation: An Adversarial Approach to Uncover Catastrophic Failures.
Random Spiking and Systematic Evaluation of Defenses Against Adversarial Examples.
2018-12-03
Disentangling Adversarial Robustness and Generalization.
Interpretable Deep Learning under Fire.
Adversarial Example Decomposition.
2018-12-02
Model-Reuse Attacks on Deep Learning Systems.
Universal Perturbation Attack Against Image Retrieval.
2018-12-01
FineFool: Fine Object Contour Attack via Attention.
Building robust classifiers through generation of confident out of distribution examples.
Discrete Adversarial Attacks and Submodular Optimization with Applications to Text Classification.
Effects of Loss Functions And Target Representations on Adversarial Robustness.
SentiNet: Detecting Localized Universal Attacks Against Deep Learning Systems.
2018-11-30
Transferable Adversarial Attacks for Image and Video Object Detection.
ComDefend: An Efficient Image Compression Model to Defend Adversarial Examples.
Adversarial Defense by Stratified Convolutional Sparse Coding.
2018-11-29
CNN-Cert: An Efficient Framework for Certifying Robustness of Convolutional Neural Networks.
Bayesian Adversarial Spheres: Bayesian Inference and Adversarial Examples in a Noiseless Setting.
Adversarial Examples as an Input-Fault Tolerance Problem.
Analyzing Federated Learning through an Adversarial Lens.
2018-11-28
Adversarial Attacks for Optical Flow-Based Action Recognition Classifiers.
Strike (with) a Pose: Neural Networks Are Easily Fooled by Strange Poses of Familiar Objects.
A randomized gradient-free attack on ReLU networks.
Adversarial Machine Learning And Speech Emotion Recognition: Utilizing Generative Adversarial Networks For Robustness.
2018-11-27
Robust Classification of Financial Risk.
Universal Adversarial Training.
Using Attribution to Decode Dataset Bias in Neural Network Models for Chemistry.
A Frank-Wolfe Framework for Efficient and Effective Adversarial Attacks.
2018-11-26
ResNets Ensemble via the Feynman-Kac Formalism to Improve Natural and Robust Accuracies.
Bilateral Adversarial Training: Towards Fast Training of More Robust Models Against Adversarial Attacks.
2018-11-25
Is Data Clustering in Adversarial Settings Secure?
2018-11-24
Attention, Please! Adversarial Defense via Activation Rectification and Preservation.
2018-11-23
Robustness via curvature regularization, and vice versa.
Decoupling Direction and Norm for Efficient Gradient-Based L2 Adversarial Attacks and Defenses.
2018-11-22
Parametric Noise Injection: Trainable Randomness to Improve Deep Neural Network Robustness against Adversarial Attack.
Strength in Numbers: Trading-off Robustness and Computation via Adversarially-Trained Ensembles.
Detecting Adversarial Perturbations Through Spatial Behavior in Activation Spaces.
2018-11-21
Task-generalizable Adversarial Attack based on Perceptual Metric.
Towards Robust Neural Networks with Lipschitz Continuity.
2018-11-20
How the Softmax Output is Misleading for Evaluating the Strength of Adversarial Examples.
MimicGAN: Corruption-Mimicking for Blind Image Recovery & Adversarial Defense.
Intermediate Level Adversarial Attack for Enhanced Transferability.
Lightweight Lipschitz Margin Training for Certified Defense against Adversarial Examples.
Convolutional Neural Networks with Transformed Input based on Robust Tensor Network Decomposition.
2018-11-19
Optimal Transport Classifier: Defending Against Adversarial Attacks by Regularized Deep Embedding.
2018-11-18
Generalizable Adversarial Training via Spectral Normalization.
Regularized adversarial examples for model interpretability.
The Taboo Trap: Behavioural Detection of Adversarial Samples.
2018-11-17
DeepConsensus: using the consensus of features from multiple layers to attain robust image classification.
Classifiers Based on Deep Sparse Coding Architectures are Robust to Deep Learning Transferable Examples.
Boosting the Robustness Verification of DNN by Identifying the Achilles's Heel.
2018-11-16
Protecting Voice Controlled Systems Using Sound Source Identification Based on Acoustic Cues.
DARCCC: Detecting Adversaries by Reconstruction from Class Conditional Capsules.
2018-11-15
A note on hyperparameters in black-box adversarial examples.
Mathematical Analysis of Adversarial Attacks.
Adversarial Examples from Cryptographic Pseudo-Random Generators.
A Spectral View of Adversarially Robust Features.
2018-11-14
Verification of Recurrent Neural Networks Through Rule Extraction.
Robustness of spectral methods for community detection.
2018-11-13
Deep Q learning for fooling neural networks.
2018-11-08
Universal Decision-Based Black-Box Perturbations: Breaking Security-Through-Obscurity Defenses.
New CleverHans Feature: Better Adversarial Robustness Evaluations with Attack Bundling.
A Geometric Perspective on the Transferability of Adversarial Directions.
2018-11-07
CAAD 2018: Iterative Ensemble Adversarial Attack.
AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning.
2018-11-06
MixTrain: Scalable Training of Verifiably Robust Neural Networks.
SparseFool: a few pixels make a big difference.
2018-11-05
Active Deep Learning Attacks under Strict Rate Limitations for Online API Calls.
FUNN: Flexible Unsupervised Neural Network.
On the Transferability of Adversarial Examples Against CNN-Based Image Forensics.
2018-11-04
FAdeML: Understanding the Impact of Pre-Processing Noise Filtering on Adversarial Machine Learning.
QuSecNets: Quantization-based Defense Mechanism for Securing Deep Neural Network against Adversarial Attacks.
SSCNets: Robustifying DNNs using Secure Selective Convolutional Filters.
2018-11-03
Adversarial Gain.
CAAD 2018: Powerful None-Access Black-Box Attack Based on Adversarial Transformation Network.
Adversarial Black-Box Attacks on Automatic Speech Recognition Systems using Multi-Objective Evolutionary Optimization.
Learning to Defense by Learning to Attack.
2018-11-02
A Marauder's Map of Security and Privacy in Machine Learning.
Semidefinite relaxations for certifying robustness to adversarial examples.
Efficient Neural Network Robustness Certification with General Activation Functions.
Towards Adversarial Malware Detection: Lessons Learned from PDF-based Attacks.
TrISec: Training Data-Unaware Imperceptible Security Attacks on Deep Neural Networks.
2018-11-01
Improving Adversarial Robustness by Encouraging Discriminative Features.
On the Geometry of Adversarial Examples.
Excessive Invariance Causes Adversarial Vulnerability.
2018-10-31
When Not to Classify: Detection of Reverse Engineering Attacks on DNN Image Classifiers.
Unauthorized AI cannot Recognize Me: Reversible Adversarial Example.
2018-10-30
Improved Network Robustness with Adversary Critic.
On the Effectiveness of Interval Bound Propagation for Training Verifiably Robust Models.
2018-10-29
Adversarial Risk and Robustness: General Definitions and Implications for the Uniform Distribution.
Logit Pairing Methods Can Fool Gradient-Based Attacks.
2018-10-28
RecurJac: An Efficient Recursive Algorithm for Bounding Jacobian Matrix of Neural Networks and Its Applications.
Rademacher Complexity for Adversarially Robust Generalization.
Robust Audio Adversarial Example for a Physical Attack.
2018-10-27
Towards Robust Deep Neural Networks.
Regularization Effect of Fast Gradient Sign Method and its Generalization.
2018-10-26
Attacks Meet Interpretability: Attribute-steered Detection of Adversarial Samples.
2018-10-25
Law and Adversarial Machine Learning.
Attack Graph Convolutional Networks by Adding Fake Nodes.
Evading classifiers in discrete domains with provable optimality guarantees.
2018-10-24
Robust Adversarial Learning via Sparsifying Front Ends.
2018-10-23
Stochastic Substitute Training: A Gray-box Approach to Craft Adversarial Examples Against Gradient Obfuscation Defenses.
One Bit Matters: Understanding Adversarial Examples as the Abuse of Redundancy.
Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors.
2018-10-22
Adversarial Risk Bounds via Function Transformation.
Cost-Sensitive Robustness against Adversarial Examples.
Sparse DNNs with Improved Adversarial Robustness.
2018-10-19
On Extensions of CLEVER: A Neural Network Robustness Evaluation Algorithm.
2018-10-18
Exploring Adversarial Examples in Malware Detection.
A Training-based Identification Approach to VIN Adversarial Examples.
2018-10-17
Provable Robustness of ReLU networks via Maximization of Linear Regions.
2018-10-16
Projecting Trouble: Light Based Adversarial Attacks on Deep Learning Classifiers.
Security Matters: A Survey on Adversarial Machine Learning.
2018-10-15
Concise Explanations of Neural Networks using Adversarial Training.
2018-10-11
Characterizing Adversarial Examples Based on Spatial Consistency Information for Semantic Segmentation.
MeshAdv: Adversarial Meshes for Visual Recognition.
2018-10-09
Is PGD-Adversarial Training Necessary? Alternative Training via a Soft-Quantization Network with Noisy-Natural Samples Only.
Analyzing the Noise Robustness of Deep Neural Networks.
The Adversarial Attack and Detection under the Fisher Information Metric.
2018-10-08
Limitations of adversarial robustness: strong No Free Lunch Theorem.
Efficient Two-Step Adversarial Defense for Deep Neural Networks.
Combinatorial Attacks on Binarized Neural Networks.
Average Margin Regularization for Classifiers.
2018-10-04
Feature Prioritization and Regularization Improve Standard Accuracy and Adversarial Robustness.
Improved Generalization Bounds for Robust Learning.
2018-10-02
Can Adversarially Robust Learning Leverage Computational Hardness?
Adversarial Examples - A Complete Characterisation of the Phenomenon.
Link Prediction Adversarial Attack.
2018-10-01
Adv-BNN: Improved Adversarial Defense through Robust Bayesian Neural Network.
Improving the Generalization of Adversarial Training with Domain Adaptation.
Large batch size training of neural networks with adversarial training and second-order information.
Improved robustness to adversarial examples using Lipschitz regularization of the loss.
2018-09-30
Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Convolutional Networks.
2018-09-29
CAAD 2018: Generating Transferable Adversarial Examples.
Interpreting Adversarial Robustness: A View from Decision Surface in Input Space.
To compress or not to compress: Understanding the Interactions between Adversarial Attacks and Neural Network Compression.
2018-09-28
Characterizing Audio Adversarial Examples Using Temporal Dependency.
Adversarial Attacks and Defences: A Survey.
Explainable Black-Box Attacks Against Model-based Authentication.
2018-09-26
Adversarial Attacks on Cognitive Self-Organizing Networks: The Challenge and the Way Forward.
2018-09-24
Neural Networks with Structural Resistance to Adversarial Attacks.
Fast Geometrically-Perturbed Adversarial Faces.
On The Utility of Conditional Generation Based Mutual Information for Characterizing Adversarial Subspaces.
Low Frequency Adversarial Perturbation.
2018-09-23
Is Ordered Weighted $\ell_1$ Regularized Regression Robust to Adversarial Perturbation? A Case Study on OSCAR.
2018-09-22
Adversarial Defense via Data Dependent Activation Function and Total Variation Minimization.
2018-09-21
Unrestricted Adversarial Examples.
Adversarial Binaries for Authorship Identification.
2018-09-20
Playing the Game of Universal Adversarial Perturbations.
2018-09-19
Efficient Formal Safety Analysis of Neural Networks.
Adversarial Training Towards Robust Multimedia Recommender System.
Generating 3D Adversarial Point Clouds.
2018-09-17
HashTran-DNN: A Framework for Enhancing Robustness of Deep Neural Networks against Adversarial Malware Samples.
Robustness Guarantees for Bayesian Inference with Gaussian Processes.
2018-09-16
Exploring the Vulnerability of Single Shot Module in Object Detectors via Imperceptible Background Patches.
Robust Adversarial Perturbation on Deep Proposal-based Models.
2018-09-13
Defensive Dropout for Hardening Deep Neural Networks under Adversarial Attacks.
Query-Efficient Black-Box Attack by Active Learning.
Adversarial Examples: Opportunities and Challenges.
2018-09-11
On the Structural Sensitivity of Deep Convolutional Networks to the Directions of Fourier Basis Functions.
Isolated and Ensemble Audio Preprocessing Methods for Detecting Adversarial Examples against Automatic Speech Recognition.
Humans can decipher adversarial images.
Does it care what you asked? Understanding Importance of Verbs in Deep Learning QA System. (22%)
2018-09-09
The Curse of Concentration in Robust Learning: Evasion and Poisoning Attacks from Concentration of Measure.
Training for Faster Adversarial Robustness Verification via Inducing ReLU Stability.
Certified Adversarial Robustness with Additive Noise.
2018-09-08
Towards Query Efficient Black-box Attacks: An Input-free Perspective.
Fast Gradient Attack on Network Embedding.
Structure-Preserving Transformation: Generating Diverse and Transferable Adversarial Examples.
Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks.
2018-09-07
A Deeper Look at 3D Shape Classifiers.
Metamorphic Relation Based Adversarial Attacks on Differentiable Neural Computer.
Trick Me If You Can: Human-in-the-loop Generation of Adversarial Examples for Question Answering.
Query Attack via Opposite-Direction Feature:Towards Robust Image Retrieval.
2018-09-06
Adversarial Over-Sensitivity and Over-Stability Strategies for Dialogue Models.
Are adversarial examples inevitable?
IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection.
Adversarial Reprogramming of Text Classification Neural Networks.
2018-09-05
Bridging machine learning and cryptography in defence against adversarial attacks.
2018-09-04
Adversarial Attacks on Node Embeddings.
2018-09-03
HASP: A High-Performance Adaptive Mobile Security Enhancement Against Malicious Speech Recognition.
Adversarial Attack Type I: Cheat Classifiers by Significant Changes.
2018-08-31
MULDEF: Multi-model-based Defense Against Adversarial Examples for Neural Networks.
2018-08-28
DLFuzz: Differential Fuzzing Testing of Deep Learning Systems.
All You Need is "Love": Evading Hate-speech Detection.
Lipschitz regularized Deep Neural Networks generalize and are adversarially robust.
2018-08-27
Targeted Nonlinear Adversarial Perturbations in Images and Videos.
Generalisation in humans and deep neural networks.
2018-08-26
Adversarially Regularising Neural NLI Models to Integrate Logical Background Knowledge.
2018-08-25
Analysis of adversarial attacks against CNN-based image forgery detectors.
Guiding Deep Learning System Testing using Surprise Adequacy.
2018-08-24
Is Machine Learning in Power Systems Vulnerable?
2018-08-23
Maximal Jacobian-based Saliency Map Attack.
Adversarial Attacks on Deep-Learning Based Radio Signal Classification.
2018-08-20
Controlling Over-generalization and its Effect on Adversarial Examples Generation and Detection.
Stochastic Combinatorial Ensembles for Defending Against Adversarial Examples.
2018-08-17
Reinforcement Learning for Autonomous Defence in Software-Defined Networking.
2018-08-16
Mitigation of Adversarial Attacks through Embedded Feature Selection.
Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding.
Distributionally Adversarial Attack.
2018-08-10
Using Randomness to Improve Robustness of Machine-Learning Models Against Evasion Attacks.
Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection.
2018-08-08
Beyond Pixel Norm-Balls: Parametric Adversaries using an Analytically Differentiable Renderer.
2018-08-07
Data augmentation using synthetic data for time series classification with deep residual networks.
2018-08-06
Adversarial Vision Challenge.
Defense Against Adversarial Attacks with Saak Transform.
Gray-box Adversarial Training.
2018-08-05
Is Robustness the Cost of Accuracy? -- A Comprehensive Study on the Robustness of 18 Deep Image Classification Models.
Structured Adversarial Attack: Towards General Implementation and Better Interpretability.
2018-08-04
Traits & Transferability of Adversarial Examples against Instance Segmentation & Object Detection.
ATMPA: Attacking Machine Learning-based Malware Visualization Detection Methods via Adversarial Examples.
2018-08-03
Ask, Acquire, and Attack: Data-free UAP Generation using Class Impressions.
DeepCloak: Adversarial Crafting As a Defensive Measure to Cloak Processes.
2018-07-31
EagleEye: Attack-Agnostic Defense against Adversarial Inputs (Technical Report).
2018-07-27
Rob-GAN: Generator, Discriminator, and Adversarial Attacker.
2018-07-26
A general metric for identifying adversarial images.
Evaluating and Understanding the Robustness of Adversarial Logit Pairing.
2018-07-25
HiDDeN: Hiding Data With Deep Networks.
Limitations of the Lipschitz constant as a defense against adversarial examples.
Unbounded Output Networks for Classification.
2018-07-24
Contrastive Video Representation Learning via Adversarial Perturbations.
2018-07-21
Simultaneous Adversarial Training - Learn from Others Mistakes.
2018-07-20
Prior Convictions: Black-Box Adversarial Attacks with Bandits and Priors.
Physical Adversarial Examples for Object Detectors.
2018-07-18
Harmonic Adversarial Attack Method.
2018-07-17
Gradient Band-based Adversarial Training for Generalized Attack Immunity of A3C Path Finding.
Motivating the Rules of the Game for Adversarial Example Research.
Defend Deep Neural Networks Against Adversarial Examples via Fixed and Dynamic Quantized Activation Functions.
2018-07-16
Online Robust Policy Learning in the Presence of Unknown Adversaries.
Manifold Adversarial Learning.
2018-07-12
Query-Efficient Hard-label Black-box Attack:An Optimization-based Approach.
2018-07-11
With Friends Like These, Who Needs Adversaries?
2018-07-10
A Simple Unified Framework for Detecting Out-of-Distribution Samples and Adversarial Attacks.
A Game-Based Approximate Verification of Deep Neural Networks with Provable Guarantees.
Attack and defence in cellular decision-making: lessons from machine learning.
2018-07-09
Adaptive Adversarial Attack on Scene Text Recognition.
2018-07-08
Vulnerability Analysis of Chest X-Ray Image Classification Against Adversarial Attacks.
2018-07-05
Implicit Generative Modeling of Random Noise during Training for Adversarial Robustness.
2018-07-04
Benchmarking Neural Network Robustness to Common Corruptions and Surface Variations.
2018-07-03
Local Gradients Smoothing: Defense against localized adversarial attacks.
Adversarial Robustness Toolbox v1.0.0.
2018-07-02
Adversarial Perturbations Against Real-Time Video Classification Systems.
2018-07-01
Towards Adversarial Training with Moderate Performance Improvement for Neural Network Classification.
2018-06-29
Adversarial Examples in Deep Learning: Characterization and Divergence.
2018-06-28
Adversarial Reprogramming of Neural Networks.
2018-06-27
Gradient Similarity: An Explainable Approach to Detect Adversarial Attacks against Deep Learning.
Customizing an Adversarial Example Generator with Class-Conditional GANs.
2018-06-25
Exploring Adversarial Examples: Patterns of One-Pixel Attacks.
2018-06-23
Defending Malware Classification Networks Against Adversarial Perturbations with Non-Negative Weight Restrictions.
On Adversarial Examples for Character-Level Neural Machine Translation.
Evaluation of Momentum Diverse Input Iterative Fast Gradient Sign Method (M-DI2-FGSM) Based Attack Method on MCS 2018 Adversarial Attacks on Black Box Face Recognition System.
2018-06-21
Detection based Defense against Adversarial Examples from the Steganalysis Point of View.
2018-06-20
Gradient Adversarial Training of Neural Networks.
Combinatorial Testing for Deep Learning Systems.
2018-06-19
On the Learning of Deep Local Features for Robust Face Spoofing Detection.
Built-in Vulnerabilities to Imperceptible Adversarial Perturbations.
2018-06-15
Non-Negative Networks Against Adversarial Attacks.
2018-06-14
Copycat CNN: Stealing Knowledge by Persuading Confession with Random Non-Labeled Data.
2018-06-13
Hierarchical interpretations for neural network predictions.
Manifold Mixup: Better Representations by Interpolating Hidden States.
2018-06-12
Adversarial Attacks on Variational Autoencoders.
Ranking Robustness Under Adversarial Document Manipulations.
2018-06-11
Defense Against the Dark Arts: An overview of adversarial example security research and future research directions.
2018-06-08
Monge blunts Bayes: Hardness Results for Adversarial Training.
2018-06-07
Revisiting Adversarial Risk.
Training Augmentation with Adversarial Examples for Robust Speech Recognition.
2018-06-06
Adversarial Attack on Graph Structured Data.
Adversarial Regression with Multiple Learners.
Killing four birds with one Gaussian process: the relation between different test-time attacks.
2018-06-05
DPatch: An Adversarial Patch Attack on Object Detectors.
2018-06-04
Mitigation of Policy Manipulation Attacks on Deep Q-Networks with Parameter-Space Noise.
An Explainable Adversarial Robustness Metric for Deep Learning Neural Networks.
PAC-learning in the presence of evasion adversaries.
2018-06-02
Sufficient Conditions for Idealised Models to Have No Adversarial Examples: a Theoretical and Empirical Study with Bayesian Neural Networks.
Detecting Adversarial Examples via Key-based Network.
2018-05-31
PeerNets: Exploiting Peer Wisdom Against Adversarial Attacks.
Resisting Adversarial Attacks using Gaussian Mixture Variational Autoencoders.
Scaling provable adversarial defenses.
Sequential Attacks on Agents for Long-Term Adversarial Goals.
Greedy Attack and Gumbel Attack: Generating Adversarial Examples for Discrete Data.
2018-05-30
Adversarial Attacks on Face Detectors using Neural Net based Constrained Optimization.
ADAGIO: Interactive Experimentation with Adversarial Attack and Defense for Audio.
Robustifying Models Against Adversarial Attacks by Langevin Dynamics.
Robustness May Be at Odds with Accuracy.
2018-05-29
AutoZOOM: Autoencoder-based Zeroth Order Optimization Method for Attacking Black-box Neural Networks.
Adversarial Noise Attacks of Deep Learning Architectures -- Stability Analysis via Sparse Modeled Signals.
Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization.
2018-05-28
Adversarial Examples in Remote Sensing.
GenAttack: Practical Black-box Attacks with Gradient-Free Optimization.
2018-05-27
Defending Against Adversarial Attacks by Leveraging an Entire GAN.
2018-05-25
Training verified learners with learned verifiers.
Adversarial examples from computational constraints.
2018-05-24
Laplacian Networks: Bounding Indicator Function Smoothness for Neural Network Robustness.
2018-05-23
Anonymizing k-Facial Attributes via Adversarial Perturbations.
Towards Robust Training of Neural Networks by Regularizing Adversarial Gradients.
Towards the first adversarially robust neural network model on MNIST.
2018-05-22
Adversarially Robust Training through Structured Gradient Regularization.
2018-05-21
Adversarial Noise Layer: Regularize Neural Network By Adding Noise.
Constructing Unrestricted Adversarial Examples with Generative Models.
Bidirectional Learning for Robust Neural Networks.
Adversarial Attacks on Neural Networks for Graph Data.
2018-05-20
Featurized Bidirectional GAN: Adversarial Defense via Adversarially Learned Semantic Inference.
Towards Understanding Limitations of Pixel Discretization Against Adversarial Attacks.
Targeted Adversarial Examples for Black Box Audio Systems.
2018-05-17
Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models.
2018-05-16
Towards Robust Neural Machine Translation.
2018-05-14
Detecting Adversarial Samples for Deep Neural Networks through Mutation Testing.
2018-05-12
Curriculum Adversarial Training.
AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning.
2018-05-11
Breaking Transferability of Adversarial Samples with Randomness.
2018-05-09
On Visual Hallmarks of Robustness to Adversarial Malware.
Robust Classification with Convolutional Prototype Learning.
2018-05-08
Interpretable Adversarial Perturbation in Input Embedding Space for Text.
2018-05-05
A Counter-Forensic Method for CNN-Based Camera Model Identification.
2018-05-03
Siamese networks for generating adversarial examples.
2018-04-30
Concolic Testing for Deep Neural Networks.
How Robust are Deep Neural Networks?
Adversarially Robust Generalization Requires More Data.
2018-04-29
Adversarial Regression for Detecting Attacks in Cyber-Physical Systems.
2018-04-28
Formal Security Analysis of Neural Networks using Symbolic Intervals.
2018-04-25
Towards Fast Computation of Certified Robustness for ReLU Networks.
2018-04-23
Towards Dependable Deep Convolutional Neural Networks (CNNs) with Out-distribution Learning.
Siamese Generative Adversarial Privatizer for Biometric Data.
Black-box Adversarial Attacks with Limited Queries and Information.
VectorDefense: Vectorization as a Defense to Adversarial Examples.
Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers.
2018-04-21
Generating Natural Language Adversarial Examples.
2018-04-20
Gradient Masking Causes CLEVER to Overestimate Adversarial Perturbation Size.
Learning More Robust Features with Adversarial Training.
ADef: an Iterative Algorithm to Construct Adversarial Deformations.
2018-04-19
Attacking Convolutional Neural Network using Differential Evolution.
Semantic Adversarial Deep Learning.
2018-04-18
Simulation-based Adversarial Test Generation for Autonomous Vehicles with Machine Learning Components.
Neural Automated Essay Scoring and Coherence Modeling for Adversarially Crafted Input.
2018-04-17
Robust Machine Comprehension Models via Adversarial Training.
Adversarial Example Generation with Syntactically Controlled Paraphrase Networks.
2018-04-16
Global Robustness Evaluation of Deep Neural Networks with Provable Guarantees for the $L_0$ Norm.
ShapeShifter: Robust Physical Adversarial Attack on Faster R-CNN Object Detector.
2018-04-14
On the Limitation of MagNet Defense against $L_1$-based Adversarial Examples.
Adversarial Attacks Against Medical Deep Learning Systems.
2018-04-11
Detecting Malicious PowerShell Commands using Deep Neural Networks.
2018-04-10
On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses.
2018-04-09
Adversarial Training Versus Weight Decay.
An ADMM-Based Universal Framework for Adversarial Attacks on Deep Neural Networks.
2018-04-08
Adaptive Spatial Steganography Based on Probability-Controlled Adversarial Examples.
2018-04-06
Fortified Networks: Improving the Robustness of Deep Networks by Modeling the Manifold of Hidden Representations.
2018-04-04
Unifying Bilateral Filtering and Adversarial Training for Robust Neural Networks.
2018-03-30
Adversarial Attacks and Defences Competition.
2018-03-29
Security Consideration For Deep Learning-Based Image Forensics.
2018-03-28
Defending against Adversarial Images using Basis Functions Transformations.
The Effects of JPEG and JPEG2000 Compression on Attacks using Adversarial Examples.
2018-03-26
Bypassing Feature Squeezing by Increasing Adversary Strength.
On the Limitation of Local Intrinsic Dimensionality for Characterizing the Subspaces of Adversarial Examples.
Clipping free attacks against artificial neural networks.
2018-03-24
Security Theater: On the Vulnerability of Classifiers to Exploratory Attacks.
A Dynamic-Adversarial Mining Approach to the Security of Machine Learning.
An Overview of Vulnerabilities of Voice Controlled Systems.
2018-03-23
Generalizability vs. Robustness: Adversarial Examples for Medical Imaging.
CNN Based Adversarial Embedding with Minimum Alteration for Image Steganography.
Detecting Adversarial Perturbations with Saliency.
Improving DNN Robustness to Adversarial Attacks using Jacobian Regularization.
2018-03-22
Understanding Measures of Uncertainty for Adversarial Example Detection.
2018-03-21
Adversarial Defense based on Structure-to-Signal Autoencoders.
Task dependent Deep LDA pruning of neural networks.
2018-03-20
DeepGauge: Multi-Granularity Testing Criteria for Deep Learning Systems.
2018-03-19
Technical Report: When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks.
Improving Transferability of Adversarial Examples with Input Diversity.
2018-03-17
A Dual Approach to Scalable Verification of Deep Networks.
2018-03-16
Adversarial Logit Pairing.
Semantic Adversarial Examples.
2018-03-15
Large Margin Deep Networks for Classification.
2018-03-13
Feature Distillation: DNN-Oriented JPEG Compression Against Adversarial Examples.
Deep k-Nearest Neighbors: Towards Confident, Interpretable and Robust Deep Learning.
Invisible Mask: Practical Attacks on Face Recognition with Infrared.
Defending against Adversarial Attack towards Deep Neural Networks via Collaborative Multi-task Training.
2018-03-12
Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables.
2018-03-10
Combating Adversarial Attacks Using Sparse Representations.
Detecting Adversarial Examples via Neural Fingerprinting.
2018-03-09
Detecting Adversarial Examples - A Lesson from Multimedia Forensics.
On Generation of Adversarial Examples using Convex Programming.
Explaining Black-box Android Malware Detection.
2018-03-08
Rethinking Feature Distribution for Loss Functions in Image Classification.
2018-03-07
Sparse Adversarial Perturbations for Videos.
2018-03-04
Stochastic Activation Pruning for Robust Adversarial Defense.
2018-03-03
Seq2Sick: Evaluating the Robustness of Sequence-to-Sequence Models with Adversarial Examples.
2018-03-02
Protecting JPEG Images Against Adversarial Attacks.
2018-02-26
Understanding and Enhancing the Transferability of Adversarial Examples.
On the Suitability of $L_p$-norms for Creating and Preventing Adversarial Examples.
Retrieval-Augmented Convolutional Neural Networks for Improved Robustness against Adversarial Examples.
Max-Mahalanobis Linear Discriminant Analysis Networks.
2018-02-23
Deep Defense: Training DNNs with Improved Adversarial Robustness.
Sensitivity and Generalization in Neural Networks: an Empirical Study.
Adversarial vulnerability for any classifier.
Verifying Controllers Against Adversarial Examples with Bayesian Optimization.
2018-02-22
Unravelling Robustness of Deep Learning based Face Recognition Against Adversarial Attacks.
Hessian-based Analysis of Large Batch Training and Robustness to Adversaries.
Adversarial Examples that Fool both Computer Vision and Time-Limited Humans.
2018-02-21
Adversarial Training for Probabilistic Spiking Neural Networks.
L2-Nonexpansive Neural Networks.
Generalizable Adversarial Examples Detection Based on Bi-model Decision Mismatch.
2018-02-20
Attack Strength vs. Detectability Dilemma in Adversarial Machine Learning.
Out-distribution training confers robustness to deep neural networks.
2018-02-19
On Lyapunov exponents and adversarial perturbation.
Shield: Fast, Practical Defense and Vaccination for Deep Learning using JPEG Compression.
Divide, Denoise, and Defend against Adversarial Attacks.
Robustness of Rotation-Equivariant Networks to Adversarial Perturbations.
Are Generative Classifiers More Robust to Adversarial Attacks?
2018-02-18
DARTS: Deceiving Autonomous Cars with Toxic Signs.
2018-02-15
ASP:A Fast Adversarial Attack Example Generation Framework based on Adversarial Saliency Prediction.
Adversarial Risk and the Dangers of Evaluating Against Weak Attacks.
2018-02-14
Fooling OCR Systems with Adversarial Text Images.
Security Analysis and Enhancement of Model Compressed Deep Learning Systems under Adversarial Attacks.
2018-02-13
Query-Free Attacks on Industry-Grade Face Recognition Systems under Resource Constraints.
Identify Susceptible Locations in Medical Records via Adversarial Attacks on Deep Predictive Models.
Deceiving End-to-End Deep Learning Malware Detectors using Adversarial Examples.
2018-02-12
Lipschitz-Margin Training: Scalable Certification of Perturbation Invariance for Deep Neural Networks.
Predicting Adversarial Examples with High Confidence.
2018-02-09
Certified Robustness to Adversarial Examples with Differential Privacy.
2018-02-08
Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection.
2018-02-05
Blind Pre-Processing: A Robust Defense Method Against Adversarial Examples.
First-order Adversarial Vulnerability of Neural Networks and Input Dimension.
2018-02-02
Secure Detection of Image Manipulation by means of Random Feature Selection.
Hardening Deep Neural Networks via Adversarial Model Cascades.
2018-02-01
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples.
2018-01-31
Evaluating the Robustness of Neural Networks: An Extreme Value Theory Approach.
2018-01-29
Robustness of classification ability of spiking neural networks.
2018-01-28
Certified Defenses against Adversarial Examples.
2018-01-27
Towards an Understanding of Neural Networks in Natural-Image Spaces.
2018-01-26
Deflecting Adversarial Attacks with Pixel Deflection.
Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning.
2018-01-24
CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition.
Generalizable Data-free Objective for Crafting Universal Adversarial Perturbations.
2018-01-22
Adversarial Texts with Gradient Methods.
2018-01-15
A Comparative Study of Rule Extraction for Recurrent Neural Networks.
Sparsity-based Defense against Adversarial Attacks on Linear Classifiers.
Towards Imperceptible and Robust Adversarial Example Attacks against Neural Networks.
2018-01-12
Black-box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers.
2018-01-11
A3T: Adversarially Augmented Adversarial Training.
2018-01-10
Fooling End-to-end Speaker Verification by Adversarial Examples.
2018-01-09
Adversarial Deep Learning for Robust Detection of Binary Encoded Malware.
Less is More: Culling the Training Set to Improve Robustness of Deep Neural Networks.
2018-01-08
Rogue Signs: Deceiving Traffic Sign Recognition with Malicious Ads and Logos.
Adversarial Spheres.
Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality.
Spatially Transformed Adversarial Examples.
Generating Adversarial Examples with Adversarial Networks.
LaVAN: Localized and Visible Adversarial Noise.
Attacking Speaker Recognition With Deep Generative Models.
HeNet: A Deep Learning Approach on Intel$^\circledR$ Processor Trace for Effective Exploit Detection.
2018-01-07
Denoising Dictionary Learning Against Adversarial Perturbations.
2018-01-05
Adversarial Perturbation Intensity Achieving Chosen Intra-Technique Transferability Level for Logistic Regression.
Audio Adversarial Examples: Targeted Attacks on Speech-to-Text.
Shielding Google's language toxicity model against adversarial attacks.
2018-01-03
Facial Attributes: Accuracy and Adversarial Robustness.
Neural Networks in Adversarial Setting and Ill-Conditioned Weight Space.
2018-01-02
High Dimensional Spaces, Deep Learning and Adversarial Examples.
Did you hear that? Adversarial Examples Against Automatic Speech Recognition.
Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey.
2017-12-31
A General Framework for Adversarial Examples with Objectives.
2017-12-28
Gradient Regularization Improves Accuracy of Discriminative Models.
2017-12-27
Adversarial Patch.
2017-12-26
Exploring the Space of Black-box Attacks on Deep Neural Networks.
Building Robust Deep Neural Networks for Road Sign Detection.
The Robust Manifold Defense: Adversarial Training using Generative Models.
2017-12-24
Android Malware Detection using Deep Learning on API Method Sequences.
2017-12-23
Whatever Does Not Kill Deep Reinforcement Learning, Makes It Stronger.
2017-12-22
Query-limited Black-box Attacks to Classifiers.
2017-12-21
Using LIP to Gloss Over Faces in Single-Stage Face Detection Networks.
ReabsNet: Detecting and Revising Adversarial Examples.
Note on Attacking Object Detectors with Adversarial Stickers.
Wolf in Sheep's Clothing - The Downscaling Attack Against Deep Learning Applications.
2017-12-19
Query-Efficient Black-box Adversarial Examples (superceded).
Adversarial Examples: Attacks and Defenses for Deep Learning.
2017-12-18
HotFlip: White-Box Adversarial Examples for Text Classification.
When Not to Classify: Anomaly Detection of Attacks (ADA) on DNN Classifiers at Test Time.
2017-12-17
Deep Neural Networks as 0-1 Mixed Integer Linear Programs: A Feasibility Study.
Super-sparse Learning in Similarity Spaces.
2017-12-16
Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Classification Models.
2017-12-14
DANCin SEQ2SEQ: Fooling Text Classifiers with Adversarial Text Example Generation.
2017-12-12
Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models.
2017-12-11
Training Ensembles to Detect Adversarial Examples.
2017-12-10
Robust Deep Reinforcement Learning with Adversarial Attacks.
2017-12-09
NAG: Network for Adversary Generation.
2017-12-08
Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning.
Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser.
2017-12-07
Adversarial Examples that Fool Detectors.
Exploring the Landscape of Spatial Robustness.
2017-12-06
Generative Adversarial Perturbations.
Attacking Visual Language Grounding with Adversarial Examples: A Case Study on Neural Image Captioning.
2017-12-05
Towards Practical Verification of Machine Learning: The Case of Computer Vision Systems.
2017-12-02
Improving Network Robustness against Adversarial Attacks with Compact Convolution.
Towards Robust Neural Networks via Random Self-ensemble.
Where Classification Fails, Interpretation Rises.
2017-11-30
Measuring the tendency of CNNs to Learn Surface Statistical Regularities.
2017-11-27
Adversary Detection in Neural Networks via Persistent Homology.
On the Robustness of Semantic Segmentation Models to Adversarial Attacks.
Butterfly Effect: Bidirectional Control of Classification Performance by Small Additive Perturbation.
2017-11-26
Improving the Adversarial Robustness and Interpretability of Deep Neural Networks by Regularizing their Input Gradients.
2017-11-24
Geometric robustness of deep networks: analysis and improvement.
2017-11-22
Safer Classification by Synthesis.
MagNet and "Efficient Defenses Against Adversarial Attacks" are Not Robust to Adversarial Examples.
Adversarial Phenomenon in the Eyes of Bayesian Deep Learning.
2017-11-21
Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training.
2017-11-20
Evaluating Robustness of Neural Networks with Mixed Integer Programming.
Adversarial Attacks Beyond the Image Space.
2017-11-17
How Wrong Am I? - Studying Adversarial Examples and their Impact on Uncertainty in Gaussian Process Machine Learning Models.
2017-11-16
Enhanced Attacks on Defensively Distilled Deep Neural Networks.
Defense against Universal Adversarial Perturbations.
2017-11-15
The best defense is a good offense: Countering black box attacks by predicting slightly wrong labels.
2017-11-12
Machine vs Machine: Minimax-Optimal Defense Against Adversarial Examples.
2017-11-09
Crafting Adversarial Examples For Speech Paralinguistics Applications.
2017-11-08
Intriguing Properties of Adversarial Examples.
2017-11-06
Mitigating Adversarial Effects Through Randomization.
HyperNetworks with statistical filtering for defending adversarial examples.
Towards Reverse-Engineering Black-Box Neural Networks.
2017-11-02
The (Un)reliability of saliency methods.
Provable defenses against adversarial examples via the convex outer adversarial polytope.
2017-11-01
Attacking Binarized Neural Networks.
2017-10-31
Countering Adversarial Images using Input Transformations.
Conditional Variance Penalties and Domain Shift Robustness.
Generating Natural Adversarial Examples.
2017-10-30
PixelDefend: Leveraging Generative Models to Understand and Defend against Adversarial Examples.
2017-10-29
Attacking the Madry Defense Model with $L_1$-based Adversarial Examples.
Certifying Some Distributional Robustness with Principled Adversarial Training.
2017-10-28
Interpretation of Neural Networks is Fragile.
2017-10-27
Adversarial Detection of Flash Malware: Limitations and Open Issues.
2017-10-25
mixup: Beyond Empirical Risk Minimization.
2017-10-24
One pixel attack for fooling deep neural networks.
2017-10-21
Feature-Guided Black-Box Safety Testing of Deep Neural Networks.
2017-10-17
Boosting Adversarial Attacks with Momentum.
2017-10-12
Game-Theoretic Design of Secure and Resilient Distributed Support Vector Machines with Adversaries.
2017-10-09
Standard detectors aren't (currently) fooled by physical adversarial stop signs.
Verification of Binarized Neural Networks via Inter-Neuron Factoring.
2017-10-02
Detecting Adversarial Attacks on Neural Network Policies with Visual Foresight.
DeepSafe: A Data-driven Approach for Checking Adversarial Robustness in Neural Networks.
2017-09-28
Provably Minimally-Distorted Adversarial Examples.
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization.
2017-09-26
Output Range Analysis for Deep Neural Networks.
2017-09-25
Fooling Vision and Language Models Despite Localization and Attention Mechanism.
2017-09-19
Verifying Properties of Binarized Deep Neural Networks.
2017-09-16
Mitigating Evasion Attacks to Deep Neural Networks via Region-based Classification.
2017-09-13
A Learning and Masking Approach to Secure Learning.
Models and Framework for Adversarial Attacks on Complex Adaptive Systems.
2017-09-12
EAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples.
2017-09-11
Art of singular vectors and universal adversarial perturbations.
Ensemble Methods as a Defense to Adversarial Perturbations Against Deep Neural Networks.
2017-09-08
Towards Proving the Adversarial Robustness of Deep Neural Networks.
DeepFense: Online Accelerated Defense Against Adversarial Deep Learning.
2017-09-02
Security Evaluation of Pattern Classifiers under Attack.
2017-08-31
On Security and Sparsity of Linear Classifiers for Adversarial Settings.
Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin.
2017-08-29
Practical Attacks Against Graph-based Clustering.
2017-08-28
DeepTest: Automated Testing of Deep-Neural-Network-driven Autonomous Cars.
Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features.
2017-08-23
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub Humanoid.
2017-08-22
CNN Fixations: An unraveling approach to visualize the discriminative image regions.
2017-08-21
Evasion Attacks against Machine Learning at Test Time.
2017-08-17
Towards Interpretable Deep Neural Networks by Leveraging Adversarial Examples.
Learning Universal Adversarial Perturbations with Generative Models.
2017-08-14
Attacking Automatic Video Analysis Algorithms: A Case Study of Google Cloud Video Intelligence API.
2017-08-13
ZOO: Zeroth Order Optimization based Black-box Attacks to Deep Neural Networks without Training Substitute Models.
2017-08-08
Cascade Adversarial Machine Learning Regularized with a Unified Embedding.
2017-08-04
Adversarial Robustness: Softmax versus Openmax.
2017-08-01
Adversarial-Playground: A Visualization Suite Showing How Adversarial Examples Fool Deep Learning.
2017-07-27
Robust Physical-World Attacks on Deep Learning Models.
2017-07-24
Synthesizing Robust Adversarial Examples.
2017-07-23
Adversarial Examples for Evaluating Reading Comprehension Systems.
2017-07-21
Confidence estimation in Deep Neural networks via density modelling.
2017-07-20
Efficient Defenses Against Adversarial Attacks.
2017-07-19
Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers.
2017-07-18
Fast Feature Fool: A data independent approach to universal adversarial perturbations.
APE-GAN: Adversarial Perturbation Elimination with GAN.
2017-07-17
Houdini: Fooling Deep Structured Prediction Models.
2017-07-13
Foolbox: A Python toolbox to benchmark the robustness of machine learning models.
2017-07-11
NO Need to Worry about Adversarial Examples in Object Detection in Autonomous Vehicles.
A Survey on Resilient Machine Learning.
2017-07-10
Towards Crafting Text Adversarial Samples.
2017-07-04
UPSET and ANGRI : Breaking High Performance Image Classifiers.
2017-06-21
Comparing deep neural networks against humans: object recognition when the signal gets weaker.
2017-06-19
Towards Deep Learning Models Resistant to Adversarial Attacks.
2017-06-14
Adversarial Example Defenses: Ensembles of Weak Defenses are not Strong.
2017-06-13
Analyzing the Robustness of Nearest Neighbors to Adversarial Examples.
2017-06-06
Adversarial-Playground: A Visualization Suite for Adversarial Sample Generation.
2017-06-02
Towards Robust Detection of Adversarial Examples.
2017-05-30
Feature Squeezing Mitigates and Detects Carlini/Wagner Adversarial Examples.
2017-05-27
MAT: A Multi-strength Adversarial Training Method to Mitigate Adversarial Attacks.
2017-05-26
Classification regions of deep neural networks.
Robustness of classifiers to universal perturbations: a geometric perspective.
2017-05-25
MagNet: a Two-Pronged Defense against Adversarial Examples.
2017-05-23
Formal Guarantees on the Robustness of a Classifier against Adversarial Manipulation.
Detecting Adversarial Image Examples in Deep Networks with Adaptive Noise Reduction.
Black-Box Attacks against RNN based Malware Detection Algorithms.
2017-05-22
Regularizing deep networks using efficient layerwise adversarial training.
2017-05-21
Evading Classifiers by Morphing in the Dark.
2017-05-20
Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods.
2017-05-19
Ensemble Adversarial Training: Attacks and Defenses.
MTDeep: Boosting the Security of Deep Neural Nets Against Adversarial Attacks with Moving Target Defense.
2017-05-18
DeepXplore: Automated Whitebox Testing of Deep Learning Systems.
Delving into adversarial attacks on deep policies.
2017-05-15
Extending Defensive Distillation.
2017-05-09
Generative Adversarial Trainer: Defense to Adversarial Perturbations with GAN.
2017-05-08
Keeping the Bad Guys Out: Protecting and Vaccinating Deep Learning with JPEG Compression.
2017-05-05
Detecting Adversarial Samples Using Density Ratio Estimates.
2017-04-28
Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection.
Parseval Networks: Improving Robustness to Adversarial Examples.
2017-04-26
Deep Text Classification Can be Fooled.
2017-04-19
Universal Adversarial Perturbations Against Semantic Image Segmentation.
2017-04-17
Adversarial and Clean Data Are Not Twins.
2017-04-16
Google's Cloud Vision API Is Not Robust To Noise.
2017-04-11
The Space of Transferable Adversarial Examples.
Interpretable Explanations of Black Boxes by Meaningful Perturbation. (1%)
2017-04-09
Enhancing Robustness of Machine Learning Systems via Data Transformations.
2017-04-06
Adequacy of the Gradient-Descent Method for Classifier Evasion Attacks.
2017-04-05
Comment on "Biologically inspired protection of deep networks from adversarial attacks".
2017-04-04
Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks.
2017-03-31
SafetyNet: Detecting and Rejecting Adversarial Examples Robustly.
2017-03-27
Adversarial Transformation Networks: Learning to Generate Adversarial Examples.
Biologically inspired protection of deep networks from adversarial attacks.
2017-03-26
Deceiving Google's Cloud Video Intelligence API Built for Summarizing Videos.
2017-03-24
Adversarial Examples for Semantic Segmentation and Object Detection.
2017-03-23
Self corrective Perturbations for Semantic Segmentation and Classification.
2017-03-22
Data Driven Exploratory Attacks on Black Box Classifiers in Adversarial Domains.
2017-03-20
On the Limitation of Convolutional Neural Networks in Recognizing Negative Images.
2017-03-16
Fraternal Twins: Unifying Attacks on Machine Learning and Digital Watermarking.
2017-03-13
Blocking Transferability of Adversarial Examples in Black-Box Learning Systems.
2017-03-07
Tactics of Adversarial Attack on Deep Reinforcement Learning Agents.
2017-03-03
Adversarial Examples for Semantic Image Segmentation.
2017-03-02
Compositional Falsification of Cyber-Physical Systems with Machine Learning Components.
2017-03-01
Detecting Adversarial Samples from Artifacts.
2017-02-26
Deceiving Google's Perspective API Built for Detecting Toxic Comments.
2017-02-22
Robustness to Adversarial Examples through an Ensemble of Specialists.
Adversarial examples for generative models.
DeepCloak: Masking Deep Neural Network Models for Robustness Against Adversarial Samples.
2017-02-21
On the (Statistical) Detection of Adversarial Examples.
2017-02-20
Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN.
2017-02-14
On Detecting Adversarial Perturbations.
2017-02-07
Adversarial Attacks on Neural Network Policies.
2017-02-03
Reluplex: An Efficient SMT Solver for Verifying Deep Neural Networks.
2017-01-15
Vulnerability of Deep Reinforcement Learning to Policy Induction Attacks.
2017-01-04
Dense Associative Memory is Robust to Adversarial Inputs.
2016-12-22
Adversarial Examples Detection in Deep Networks with Convolutional Filter Statistics.
2016-12-19
Simple Black-Box Adversarial Perturbations for Deep Networks.
2016-12-05
Learning Adversary-Resistant Deep Neural Networks.
2016-12-01
A Theoretical Framework for Robustness of (Deep) Classifiers against Adversarial Examples.
Adversarial Images for Variational Autoencoders.
Deep Variational Information Bottleneck.
2016-11-30
Towards Robust Deep Neural Networks with BANG.
2016-11-18
LOTS about Attacking Deep Features.
2016-11-15
AdversariaLib: An Open-source Library for the Security Evaluation of Machine Learning Algorithms Under Attack.
2016-11-11
Towards the Science of Security and Privacy in Machine Learning.
2016-11-08
Delving into Transferable Adversarial Examples and Black-box Attacks.
2016-11-03
Adversarial Machine Learning at Scale.
2016-10-26
Universal adversarial perturbations.
2016-10-21
Safety Verification of Deep Neural Networks.
2016-10-14
Are Accuracy and Robustness Correlated?
2016-10-13
Assessing Threat of Adversarial Examples on Deep Neural Networks.
2016-10-06
Using Non-invertible Data Transformations to Build Adversarial-Robust Neural Networks.
2016-10-04
Adversary Resistant Deep Neural Networks with an Application to Malware Detection.
2016-10-03
Technical Report on the CleverHans v2.1.0 Adversarial Examples Library.
2016-09-06
Statistical Meta-Analysis of Presentation Attacks for Secure Multibiometric Systems.
2016-09-03
Randomized Prediction Games for Adversarial Machine Learning.
2016-08-31
Robustness of classifiers: from adversarial to random noise.
2016-08-27
A Boundary Tilting Persepective on the Phenomenon of Adversarial Examples.
2016-08-16
Towards Evaluating the Robustness of Neural Networks.
2016-08-02
A study of the effect of JPG compression on adversarial images.
2016-08-01
Early Methods for Detecting Adversarial Images.
2016-07-18
On the Effectiveness of Defensive Distillation.
2016-07-14
Defensive Distillation is Not Robust to Adversarial Examples.
2016-07-08
Adversarial examples in the physical world.
2016-06-14
Adversarial Perturbations Against Deep Neural Networks for Malware Classification.
2016-05-23
Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples.
Measuring Neural Net Robustness with Constraints.
2016-05-17
Are Facial Attributes Adversarially Robust?
2016-05-05
Adversarial Diversity and Hard Positive Generation.
2016-04-27
Crafting Adversarial Input Sequences for Recurrent Neural Networks.
2016-04-14
Improving the Robustness of Deep Neural Networks via Stability Training.
2016-04-09
A General Retraining Framework for Scalable Adversarial Classification.
2016-03-16
Suppressing the Unusual: towards Robust CNNs using Symmetric Activation Functions.
2016-02-18
Breaking Symmetric Cryptosystems using Quantum Period Finding. (1%)
2016-02-08
Practical Black-Box Attacks against Machine Learning.
2016-02-07
Ensemble Robustness and Generalization of Stochastic Deep Learning Algorithms.
2016-01-26
Unifying Adversarial Training Algorithms with Flexible Deep Data Gradient Regularization.
2015-11-23
The Limitations of Deep Learning in Adversarial Settings.
2015-11-19
A Unified Gradient Regularization Family for Adversarial Examples.
Manifold Regularized Deep Neural Networks using Adversarial Examples.
Robust Convolutional Neural Networks under Adversarial Noise.
Foveation-based Mechanisms Alleviate Adversarial Examples.
Towards Open Set Deep Networks.
2015-11-17
Understanding Adversarial Training: Increasing Local Stability of Neural Nets through Robust Optimization.
2015-11-16
Adversarial Manipulation of Deep Representations.
2015-11-14
DeepFool: a simple and accurate method to fool deep neural networks.
2015-11-13
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks.
2015-11-10
Learning with a Strong Adversary.
2015-10-18
Exploring the Space of Adversarial Images.
2015-10-14
Improving Back-Propagation by Adding an Adversarial Gradient.
2015-07-16
Deep Learning and Music Adversaries.
2015-02-09
Analysis of classifiers' robustness to adversarial perturbations.
2014-12-19
Explaining and Harnessing Adversarial Examples.
2014-12-11
Towards Deep Neural Network Architectures Robust to Adversarial Examples.
2014-12-05
Deep Neural Networks are Easily Fooled: High Confidence Predictions for Unrecognizable Images.
2014-01-29
Security Evaluation of Support Vector Machines in Adversarial Environments.
2013-12-20
Intriguing properties of neural networks.
There's also an RSS Feed if that's more of your thing.