A Complete List of All (arXiv) Adversarial Example Papers
by Nicholas Carlini 2019-06-15
It can be hard to stay up-to-date on the published papers in the field of adversarial examples, where we have seen massive growth in the number of papers written each year. I have been somewhat religiously keeping track of these papers for the last few years, and realized it may be helpful for others to release this list.
The only requirement I used for selecting papers for this list is that it is primarily a paper about adversarial examples, or extensively uses adversarial examples. Due to the sheer quantity of papers, I can't guarantee that I actually have found all of them.
But I did try.
I also may have included papers that don't match these criteria (and are about something different instead), or made inconsistent judgement calls as to whether or not any given paper is mainly an adversarial example paper. Send me an email if something is wrong and I'll correct it.
As a result, this list is completely un-filtered. Everything that mainly presents itself as an adversarial example paper is listed here; I pass no judgement of quality. For a curated list of papers that I think are excellent and worth reading, see the Adversarial Machine Learning Reading List.
One final note about the data. This list automatically updates with new papers, even before I get a chance to manually filter through them. I do this filtering roughly twice a week, and it's then that I'll remove the ones that aren't related to adversarial examples. As a result, there may be some false positives on the most recent few entries. The new un-verified entries will have a probability indicated that my simplistic (but reasonably well calibrated) bag-of-words classifier believes the given paper is actually about adversarial examples.
The full paper list appears below. I've also released a TXT file (and a TXT file with abstracts) and a JSON file with the same data. If you do anything interesting with this data I'd be happy to hear from you what it was.
Paper List
2023-03-30
Adversarial Attack and Defense for Dehazing Networks. (97%)
Understanding the Robustness of 3D Object Detection with Bird's-Eye-View Representations in Autonomous Driving. (81%)
Robo3D: Towards Robust and Reliable 3D Perception against Corruptions. (2%)
Explainable Intrusion Detection Systems Using Competitive Learning Techniques. (1%)
Differential Area Analysis for Ransomware: Attacks, Countermeasures, and Limitations. (1%)
2023-03-29
Latent Feature Relation Consistency for Adversarial Robustness. (99%)
Beyond Empirical Risk Minimization: Local Structure Preserving Regularization for Improving Adversarial Robustness. (99%)
Targeted Adversarial Attacks on Wind Power Forecasts. (88%)
ImageNet-E: Benchmarking Neural Network Robustness via Attribute Editing. (56%)
Graph Neural Networks for Hardware Vulnerability Analysis -- Can you Trust your GNN? (16%)
Mole Recruitment: Poisoning of Image Classifiers via Selective Batch Sampling. (10%)
A Tensor-based Convolutional Neural Network for Small Dataset Classification. (2%)
ALUM: Adversarial Data Uncertainty Modeling from Latent Model Uncertainty Compensation. (1%)
2023-03-28
A Pilot Study of Query-Free Adversarial Attack against Stable Diffusion. (99%)
Improving the Transferability of Adversarial Samples by Path-Augmented Method. (99%)
Towards Effective Adversarial Textured 3D Meshes on Physical Face Recognition. (99%)
Transferable Adversarial Attacks on Vision Transformers with Token Gradient Regularization. (98%)
Denoising Autoencoder-based Defensive Distillation as an Adversarial Robustness Algorithm. (98%)
TransAudio: Towards the Transferable Adversarial Audio Attack via Learning Contextualized Perturbations. (98%)
A Survey on Malware Detection with Graph Representation Learning. (41%)
Provable Robustness for Streaming Models with a Sliding Window. (15%)
On the Use of Reinforcement Learning for Attacking and Defending Load Frequency Control. (3%)
A Universal Identity Backdoor Attack against Speaker Verification based on Siamese Network. (1%)
2023-03-27
Classifier Robustness Enhancement Via Test-Time Transformation. (99%)
Improving the Transferability of Adversarial Examples via Direction Tuning. (99%)
EMShepherd: Detecting Adversarial Samples via Side-channel Leakage. (99%)
Learning the Unlearnable: Adversarial Augmentations Suppress Unlearnable Example Attacks. (97%)
CAT:Collaborative Adversarial Training. (69%)
Diffusion Denoised Smoothing for Certified and Adversarial Robust Out-Of-Distribution Detection. (67%)
Personalized Federated Learning on Long-Tailed Data via Adversarial Feature Augmentation. (41%)
Mask and Restore: Blind Backdoor Defense at Test Time with Masked Autoencoder. (41%)
Sequential training of GANs against GAN-classifiers reveals correlated "knowledge gaps" present among independently trained GAN instances. (41%)
Anti-DreamBooth: Protecting users from personalized text-to-image synthesis. (5%)
2023-03-26
MGTBench: Benchmarking Machine-Generated Text Detection. (26%)
2023-03-25
CFA: Class-wise Calibrated Fair Adversarial Training. (98%)
PORE: Provably Robust Recommender Systems against Data Poisoning Attacks. (68%)
Improving robustness of jet tagging algorithms with adversarial training: exploring the loss surface. (12%)
2023-03-24
PIAT: Parameter Interpolation based Adversarial Training for Image Classification. (99%)
How many dimensions are required to find an adversarial example? (99%)
Effective black box adversarial attack with handcrafted kernels. (99%)
Adversarial Attack and Defense for Medical Image Analysis: Methods and Applications. (99%)
Improved Adversarial Training Through Adaptive Instance-wise Loss Smoothing. (99%)
Feature Separation and Recalibration for Adversarial Robustness. (98%)
Physically Adversarial Infrared Patches with Learnable Shapes and Locations. (97%)
Generalist: Decoupling Natural and Robust Generalization. (96%)
Ensemble-based Blackbox Attacks on Dense Prediction. (86%)
Backdoor Attacks with Input-unique Triggers in NLP. (54%)
PoisonedGNN: Backdoor Attack on Graph Neural Networks-based Hardware Security Systems. (22%)
Enhancing Multiple Reliability Measures via Nuisance-extended Information Bottleneck. (5%)
Optimal Smoothing Distribution Exploration for Backdoor Neutralization in Deep Learning-based Traffic Systems. (2%)
TRAK: Attributing Model Behavior at Scale. (1%)
2023-03-23
Watch Out for the Confusing Faces: Detecting Face Swapping with the Probability Distribution of Face Identification Models. (68%)
Quadratic Graph Attention Network (Q-GAT) for Robust Construction of Gene Regulatory Networks. (50%)
Optimization and Optimizers for Adversarial Robustness. (41%)
Adversarial Robustness and Feature Impact Analysis for Driver Drowsiness Detection. (41%)
Paraphrasing evades detectors of AI-generated text, but retrieval is an effective defense. (15%)
Decentralized Adversarial Training over Graphs. (13%)
Don't FREAK Out: A Frequency-Inspired Approach to Detecting Backdoor Poisoned Samples in DNNs. (8%)
Low-frequency Image Deep Steganography: Manipulate the Frequency Distribution to Hide Secrets with Tenacious Robustness. (1%)
Efficient Symbolic Reasoning for Neural-Network Verification. (1%)
2023-03-22
Reliable and Efficient Evaluation of Adversarial Robustness for Deep Hashing-Based Retrieval. (99%)
Semantic Image Attack for Visual Model Diagnosis. (99%)
Revisiting DeepFool: generalization and improvement. (99%)
Wasserstein Adversarial Examples on Univariant Time Series Data. (99%)
Test-time Defense against Adversarial Attacks: Detection and Reconstruction of Adversarial Examples via Masked Autoencoder. (99%)
Sibling-Attack: Rethinking Transferable Adversarial Attacks against Face Recognition. (78%)
An Extended Study of Human-like Behavior under Adversarial Training. (76%)
Distribution-restrained Softmax Loss for the Model Robustness. (38%)
Backdoor Defense via Adaptively Splitting Poisoned Dataset. (16%)
Edge Deep Learning Model Protection via Neuron Authorization. (11%)
2023-03-21
State-of-the-art optical-based physical adversarial attacks for deep learning computer vision systems. (99%)
Information-containing Adversarial Perturbation for Combating Facial Manipulation Systems. (99%)
OTJR: Optimal Transport Meets Optimal Jacobian Regularization for Adversarial Robustness. (99%)
Efficient Decision-based Black-box Patch Attacks on Video Recognition. (98%)
Black-box Backdoor Defense via Zero-shot Image Purification. (86%)
Model Robustness Meets Data Privacy: Adversarial Robustness Distillation without Original Data. (10%)
Influencer Backdoor Attack on Semantic Segmentation. (8%)
Poisoning Attacks in Federated Edge Learning for Digital Twin 6G-enabled IoTs: An Anticipatory Study. (1%)
2023-03-20
Adversarial Robustness of Learning-based Static Malware Classifiers. (99%)
TWINS: A Fine-Tuning Framework for Improved Transferability of Adversarial Robustness and Generalization. (99%)
Adversarial Attacks against Binary Similarity Systems. (99%)
Translate your gibberish: black-box adversarial attack on machine translation systems. (83%)
GNN-Ensemble: Towards Random Decision Graph Neural Networks. (56%)
Benchmarking Robustness of 3D Object Detection to Common Corruptions in Autonomous Driving. (41%)
Did You Train on My Dataset? Towards Public Dataset Protection with Clean-Label Backdoor Watermarking. (9%)
Boosting Semi-Supervised Learning by Exploiting All Unlabeled Data. (2%)
Robustifying Token Attention for Vision Transformers. (1%)
2023-03-19
Randomized Adversarial Training via Taylor Expansion. (99%)
AdaptGuard: Defending Against Universal Attacks for Model Adaptation. (82%)
2023-03-18
NoisyHate: Benchmarking Content Moderation Machine Learning Models with Human-Written Perturbations Online. (98%)
FedRight: An Effective Model Copyright Protection for Federated Learning. (96%)
2023-03-17
Fuzziness-tuned: Improving the Transferability of Adversarial Examples. (99%)
Robust Mode Connectivity-Oriented Adversarial Defense: Enhancing Neural Network Robustness Against Diversified $\ell_p$ Attacks. (99%)
It Is All About Data: A Survey on the Effects of Data on Adversarial Robustness. (98%)
Detection of Uncertainty in Exceedance of Threshold (DUET): An Adversarial Patch Localizer. (83%)
Adversarial Counterfactual Visual Explanations. (31%)
MedLocker: A Transferable Adversarial Watermarking for Preventing Unauthorized Analysis of Medical Image Dataset. (16%)
Can AI-Generated Text be Reliably Detected? (13%)
Mobile Edge Adversarial Detection for Digital Twinning to the Metaverse with Deep Reinforcement Learning. (9%)
Moving Target Defense for Service-oriented Mission-critical Networks. (1%)
2023-03-16
Rethinking Model Ensemble in Transfer-based Adversarial Attacks. (99%)
Image Classifiers Leak Sensitive Attributes About Their Classes. (68%)
Among Us: Adversarially Robust Collaborative Perception by Consensus. (67%)
Exorcising ''Wraith'': Protecting LiDAR-based Object Detector in Automated Driving System from Appearing Attacks. (50%)
Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation. (11%)
2023-03-15
Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information. (99%)
Robust Evaluation of Diffusion-Based Adversarial Purification. (83%)
DeeBBAA: A benchmark Deep Black Box Adversarial Attack against Cyber-Physical Power Systems. (81%)
The Devil's Advocate: Shattering the Illusion of Unexploitable Data using Diffusion Models. (62%)
EvalAttAI: A Holistic Approach to Evaluating Attribution Maps in Robust and Non-Robust Models. (45%)
Certifiable (Multi)Robustness Against Patch Attacks Using ERM. (10%)
Reinforce Data, Multiply Impact: Improved Model Accuracy and Robustness with Dataset Reinforcement. (1%)
2023-03-14
BODEGA: Benchmark for Adversarial Example Generation in Credibility Assessment. (98%)
Resilient Dynamic Average Consensus based on Trusted agents. (69%)
Improving Adversarial Robustness with Hypersphere Embedding and Angular-based Regularizations. (31%)
2023-03-13
Constrained Adversarial Learning and its applicability to Automated Software Testing: a systematic review. (99%)
Can Adversarial Examples Be Parsed to Reveal Victim Model Information? (99%)
Review on the Feasibility of Adversarial Evasion Attacks and Defenses for Network Intrusion Detection Systems. (99%)
SMUG: Towards robust MRI reconstruction by smoothed unrolling. (98%)
Model-tuning Via Prompts Makes NLP Models Adversarially Robust. (93%)
Robust Contrastive Language-Image Pretraining against Adversarial Attacks. (76%)
Model Extraction Attacks on Split Federated Learning. (47%)
WDiscOOD: Out-of-Distribution Detection via Whitened Linear Discriminative Analysis. (1%)
2023-03-12
Adv-Bot: Realistic Adversarial Botnet Attacks against Network Intrusion Detection Systems. (99%)
Adaptive Local Adversarial Attacks on 3D Point Clouds for Augmented Reality. (99%)
DNN-Alias: Deep Neural Network Protection Against Side-Channel Attacks via Layer Balancing. (96%)
Multi-metrics adaptively identifies backdoors in Federated learning. (92%)
Adversarial Attacks to Direct Data-driven Control for Destabilization. (91%)
Backdoor Defense via Deconfounded Representation Learning. (83%)
Interpreting Hidden Semantics in the Intermediate Layers of 3D Point Cloud Classification Neural Network. (76%)
Boosting Source Code Learning with Data Augmentation: An Empirical Study. (11%)
2023-03-11
Improving the Robustness of Deep Convolutional Neural Networks Through Feature Learning. (99%)
SHIELD: An Adaptive and Lightweight Defense against the Remote Power Side-Channel Attacks on Multi-tenant FPGAs. (8%)
2023-03-10
Turning Strengths into Weaknesses: A Certified Robustness Inspired Attack Framework against Graph Neural Networks. (99%)
Boosting Adversarial Attacks by Leveraging Decision Boundary Information. (99%)
Adversarial Attacks and Defenses in Machine Learning-Powered Networks: A Contemporary Survey. (99%)
Investigating Stateful Defenses Against Black-Box Adversarial Examples. (99%)
Do we need entire training data for adversarial training? (99%)
MIXPGD: Hybrid Adversarial Training for Speech Recognition Systems. (99%)
TrojDiff: Trojan Attacks on Diffusion Models with Diverse Targets. (61%)
2023-03-09
NoiseCAM: Explainable AI for the Boundary Between Noise and Adversarial Attacks. (99%)
Evaluating the Robustness of Conversational Recommender Systems by Adversarial Examples. (92%)
Identification of Systematic Errors of Image Classifiers on Rare Subgroups. (83%)
Learning the Legibility of Visual Text Perturbations. (78%)
Efficient Certified Training and Robustness Verification of Neural ODEs. (75%)
2023-03-08
Decision-BADGE: Decision-based Adversarial Batch Attack with Directional Gradient Estimation. (99%)
Immune Defense: A Novel Adversarial Defense Mechanism for Preventing the Generation of Adversarial Examples. (99%)
Exploring Adversarial Attacks on Neural Networks: An Explainable Approach. (99%)
BeamAttack: Generating High-quality Textual Adversarial Examples through Beam Search and Mixed Semantic Spaces. (99%)
DeepGD: A Multi-Objective Black-Box Test Selection Approach for Deep Neural Networks. (3%)
2023-03-07
Logit Margin Matters: Improving Transferable Targeted Adversarial Attack by Logit Calibration. (99%)
Robustness-preserving Lifelong Learning via Dataset Condensation. (96%)
Patch of Invisibility: Naturalistic Black-Box Adversarial Attacks on Object Detectors. (93%)
CUDA: Convolution-based Unlearnable Datasets. (82%)
EavesDroid: Eavesdropping User Behaviors via OS Side-Channels on Smartphones. (11%)
Stabilized training of joint energy-based models and their practical applications. (2%)
2023-03-06
CleanCLIP: Mitigating Data Poisoning Attacks in Multimodal Contrastive Learning. (33%)
Students Parrot Their Teachers: Membership Inference on Model Distillation. (31%)
A Unified Algebraic Perspective on Lipschitz Neural Networks. (15%)
Learning to Backdoor Federated Learning. (15%)
On the Feasibility of Specialized Ability Stealing for Large Language Code Models. (2%)
ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning. (1%)
Rethinking Confidence Calibration for Failure Prediction. (1%)
2023-03-05
Consistent Valid Physically-Realizable Adversarial Attack against Crowd-flow Prediction Models. (99%)
Visual Analytics of Neuron Vulnerability to Adversarial Attacks on Convolutional Neural Networks. (99%)
Adversarial Sampling for Fairness Testing in Deep Neural Network. (98%)
Local Environment Poisoning Attacks on Federated Reinforcement Learning. (12%)
Robustness, Evaluation and Adaptation of Machine Learning Models in the Wild. (10%)
Knowledge-Based Counterfactual Queries for Visual Question Answering. (3%)
2023-03-04
Improved Robustness Against Adaptive Attacks With Ensembles and Error-Correcting Output Codes. (68%)
2023-03-03
PointCert: Point Cloud Classification with Deterministic Certified Robustness Guarantees. (91%)
Certified Robust Neural Networks: Generalization and Corruption Resistance. (69%)
Backdoor Attacks and Defenses in Federated Learning: Survey, Challenges and Future Research Directions. (47%)
Adversarial Attacks on Machine Learning in Embedded and IoT Platforms. (38%)
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat Models. (33%)
Stealthy Perception-based Attacks on Unmanned Aerial Vehicles. (16%)
AdvART: Adversarial Art for Camouflaged Object Detection Attacks. (15%)
TrojText: Test-time Invisible Textual Trojan Insertion. (2%)
2023-03-02
Defending against Adversarial Audio via Diffusion Model. (99%)
Demystifying Causal Features on Adversarial Examples and Causal Inoculation for Robust Network by Adversarial Instrumental Variable Regression. (99%)
APARATE: Adaptive Adversarial Patch for CNN-based Monocular Depth Estimation for Autonomous Navigation. (99%)
AdvRain: Adversarial Raindrops to Attack Camera-based Smart Vision Systems. (99%)
Targeted Adversarial Attacks against Neural Machine Translation. (98%)
The Double-Edged Sword of Implicit Bias: Generalization vs. Robustness in ReLU Networks. (93%)
Feature Perturbation Augmentation for Reliable Evaluation of Importance Estimators. (10%)
D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks. (3%)
Interpretable System Identification and Long-term Prediction on Time-Series Data. (1%)
Consistency Models. (1%)
CADeSH: Collaborative Anomaly Detection for Smart Homes. (1%)
Conflict-Based Cross-View Consistency for Semi-Supervised Semantic Segmentation. (1%)
2023-03-01
To Make Yourself Invisible with Adversarial Semantic Contours. (99%)
Adversarial Examples Exist in Two-Layer ReLU Networks for Low Dimensional Data Manifolds. (98%)
Frauds Bargain Attack: Generating Adversarial Text Samples via Word Manipulation Process. (95%)
A Practical Upper Bound for the Worst-Case Attribution Deviations. (70%)
Combating Exacerbated Heterogeneity for Robust Models in Federated Learning. (54%)
Poster: Sponge ML Model Attacks of Mobile Apps. (8%)
DOLOS: A Novel Architecture for Moving Target Defense. (8%)
Mitigating Backdoors in Federated Learning with FLD. (2%)
Competence-Based Analysis of Language Models. (1%)
2023-02-28
A semantic backdoor attack against Graph Convolutional Networks. (98%)
Feature Extraction Matters More: Universal Deepfake Disruption through Attacking Ensemble Feature Extractors. (67%)
Single Image Backdoor Inversion via Robust Smoothed Classifiers. (22%)
Backdoor Attacks Against Deep Image Compression via Adaptive Frequency Trigger. (11%)
FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases. (1%)
2023-02-27
A Comprehensive Study on Robustness of Image Classification Models: Benchmarking and Rethinking. (99%)
Adversarial Attack with Raindrops. (99%)
Physical Adversarial Attacks on Deep Neural Networks for Traffic Sign Recognition: A Feasibility Study. (99%)
Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks. (98%)
CBA: Contextual Background Attack against Optical Aerial Detection in the Physical World. (98%)
Improving Model Generalization by On-manifold Adversarial Augmentation in the Frequency Domain. (96%)
Efficient and Low Overhead Website Fingerprinting Attacks and Defenses based on TCP/IP Traffic. (83%)
GLOW: Global Layout Aware Attacks on Object Detection. (81%)
Online Black-Box Confidence Estimation of Deep Neural Networks. (16%)
Implicit Poisoning Attacks in Two-Agent Reinforcement Learning: Adversarial Policies for Training-Time Attacks. (15%)
Differentially Private Diffusion Models Generate Useful Synthetic Images. (10%)
Learning to Retain while Acquiring: Combating Distribution-Shift in Adversarial Data-Free Knowledge Distillation. (5%)
2023-02-26
Contextual adversarial attack against aerial detection in the physical world. (99%)
Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators. (96%)
2023-02-25
Deep Learning-based Multi-Organ CT Segmentation with Adversarial Data Augmentation. (99%)
Scalable Attribution of Adversarial Attacks via Multi-Task Learning. (99%)
SATBA: An Invisible Backdoor Attack Based On Spatial Attention. (67%)
2023-02-24
Defending Against Backdoor Attacks by Layer-wise Feature Analysis. (68%)
Chaotic Variational Auto encoder-based Adversarial Machine Learning. (54%)
Robust Weight Signatures: Gaining Robustness as Easy as Patching Weights? (12%)
2023-02-23
Less is More: Data Pruning for Faster Adversarial Training. (99%)
A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots. (99%)
Boosting Adversarial Transferability using Dynamic Cues. (99%)
HyperAttack: Multi-Gradient-Guided White-box Adversarial Structure Attack of Hypergraph Neural Networks. (98%)
Investigating Catastrophic Overfitting in Fast Adversarial Training: A Self-fitting Perspective. (84%)
More than you've asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models. (70%)
On the Hardness of Robustness Transfer: A Perspective from Rademacher Complexity over Symmetric Difference Hypothesis Space. (68%)
Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity. (2%)
2023-02-22
Mitigating Adversarial Attacks in Deepfake Detection: An Exploration of Perturbation and AI Techniques. (98%)
PAD: Towards Principled Adversarial Malware Detection Against Evasion Attacks. (98%)
Feature Partition Aggregation: A Fast Certified Defense Against a Union of Sparse Adversarial Attacks. (97%)
ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning Paradigms. (33%)
On the Robustness of ChatGPT: An Adversarial and Out-of-distribution Perspective. (12%)
2023-02-21
MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-based Malware Detection. (99%)
MultiRobustBench: Benchmarking Robustness Against Multiple Attacks. (99%)
Interpretable Spectrum Transformation Attacks to Speaker Recognition. (98%)
Characterizing the Optimal 0-1 Loss for Multi-class Classification with a Test-time Attacker. (97%)
Generalization Bounds for Adversarial Contrastive Learning. (31%)
2023-02-20
An Incremental Gray-box Physical Adversarial Attack on Neural Network Training. (98%)
Variation Enhanced Attacks Against RRAM-based Neuromorphic Computing System. (97%)
Seasoning Model Soups for Robustness to Adversarial and Natural Distribution Shifts. (88%)
Poisoning Web-Scale Training Datasets is Practical. (83%)
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network. (47%)
Model-based feature selection for neural networks: A mixed-integer programming approach. (22%)
Take Me Home: Reversing Distribution Shifts using Reinforcement Learning. (8%)
2023-02-19
X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection. (99%)
Stationary Point Losses for Robust Model. (93%)
On Feasibility of Server-side Backdoor Attacks on Split Learning. (76%)
2023-02-18
Adversarial Machine Learning: A Systematic Survey of Backdoor Attack, Weight Attack and Adversarial Example. (99%)
Delving into the Adversarial Robustness of Federated Learning. (98%)
Meta Style Adversarial Training for Cross-Domain Few-Shot Learning. (78%)
MedViT: A Robust Vision Transformer for Generalized Medical Image Classification. (12%)
RobustNLP: A Technique to Defend NLP Models Against Backdoor Attacks. (11%)
2023-02-17
Measuring Equality in Machine Learning Security Defenses. (81%)
Function Composition in Trustworthy Machine Learning: Implementation Choices, Insights, and Questions. (5%)
RetVec: Resilient and Efficient Text Vectorizer. (1%)
2023-02-16
On the Effect of Adversarial Training Against Invariance-based Adversarial Examples. (99%)
High-frequency Matters: An Overwriting Attack and defense for Image-processing Neural Network Watermarking. (67%)
Marich: A Query-efficient Distributionally Equivalent Model Extraction Attack using Public Data. (3%)
A Novel Noise Injection-based Training Scheme for Better Model Robustness. (2%)
2023-02-15
Masking and Mixing Adversarial Training. (99%)
Robust Mid-Pass Filtering Graph Convolutional Networks. (98%)
Graph Adversarial Immunization for Certifiable Robustness. (98%)
XploreNAS: Explore Adversarially Robust & Hardware-efficient Neural Architectures for Non-ideal Xbars. (87%)
Tight Auditing of Differentially Private Machine Learning. (41%)
Field-sensitive Data Flow Integrity. (1%)
Uncertainty-Estimation with Normalized Logits for Out-of-Distribution Detection. (1%)
2023-02-14
Randomization for adversarial robustness: the Good, the Bad and the Ugly. (99%)
Regret-Based Optimization for Robust Reinforcement Learning. (99%)
Attacking Fake News Detectors via Manipulating News Social Engagement. (83%)
An Experimental Study of Byzantine-Robust Aggregation Schemes in Federated Learning. (31%)
A modern look at the relationship between sharpness and generalization. (10%)
Bounding Training Data Reconstruction in DP-SGD. (8%)
READIN: A Chinese Multi-Task Benchmark with Realistic and Diverse Input Noises. (1%)
2023-02-13
Sneaky Spikes: Uncovering Stealthy Backdoor Attacks in Spiking Neural Networks with Neuromorphic Data. (98%)
Raising the Cost of Malicious AI-Powered Image Editing. (82%)
Targeted Attack on GPT-Neo for the SATML Language Model Data Extraction Challenge. (8%)
Backdoor Learning for NLP: Recent Advances, Challenges, and Future Research Directions. (1%)
2023-02-12
TextDefense: Adversarial Text Detection based on Word Importance Entropy. (99%)
2023-02-11
Mutation-Based Adversarial Attacks on Neural Text Detectors. (69%)
HateProof: Are Hateful Meme Detection Systems really Robust? (13%)
MTTM: Metamorphic Testing for Textual Content Moderation Software. (2%)
Pushing the Accuracy-Group Robustness Frontier with Introspective Self-play. (1%)
High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption. (1%)
2023-02-10
Making Substitute Models More Bayesian Can Enhance Transferability of Adversarial Examples. (98%)
Unnoticeable Backdoor Attacks on Graph Neural Networks. (80%)
Step by Step Loss Goes Very Far: Multi-Step Quantization for Adversarial Text Attacks. (73%)
2023-02-09
IB-RAR: Information Bottleneck as Regularizer for Adversarial Robustness. (98%)
Adversarial Example Does Good: Preventing Painting Imitation from Diffusion Models via Adversarial Examples. (98%)
Hyperparameter Search Is All You Need For Training-Agnostic Backdoor Robustness. (75%)
Imperceptible Sample-Specific Backdoor to DNN with Denoising Autoencoder. (62%)
Augmenting NLP data to counter Annotation Artifacts for NLI Tasks. (16%)
Better Diffusion Models Further Improve Adversarial Training. (12%)
Incremental Satisfiability Modulo Theory for Verification of Deep Neural Networks. (1%)
2023-02-08
WAT: Improve the Worst-class Robustness in Adversarial Training. (99%)
Exploiting Certified Defences to Attack Randomised Smoothing. (99%)
Shortcut Detection with Variational Autoencoders. (13%)
Continuous Learning for Android Malware Detection. (13%)
Training-free Lexical Backdoor Attacks on Language Models. (8%)
On Function-Coupled Watermarks for Deep Neural Networks. (2%)
Unsupervised Learning of Initialization in Deep Neural Networks via Maximum Mean Discrepancy. (1%)
2023-02-07
Toward Face Biometric De-identification using Adversarial Examples. (98%)
Attacking Cooperative Multi-Agent Reinforcement Learning by Adversarial Minority Influence. (83%)
Membership Inference Attacks against Diffusion Models. (64%)
Temporal Robustness against Data Poisoning. (12%)
Robustness Implies Fairness in Casual Algorithmic Recourse. (2%)
Low-Latency Communication using Delay-Aware Relays Against Reactive Adversaries. (1%)
2023-02-06
Less is More: Understanding Word-level Textual Adversarial Attack via n-gram Frequency Descend. (99%)
SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction Consistency. (92%)
Exploring and Exploiting Decision Boundary Dynamics for Adversarial Robustness. (87%)
Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks. (75%)
GAT: Guided Adversarial Training with Pareto-optimal Auxiliary Tasks. (67%)
Target-based Surrogates for Stochastic Optimization. (1%)
Dropout Injection at Test Time for Post Hoc Uncertainty Quantification in Neural Networks. (1%)
2023-02-05
On the Role of Contrastive Representation Learning in Adversarial Robustness: An Empirical Study. (54%)
2023-02-04
CosPGD: a unified white-box adversarial attack for pixel-wise prediction tasks. (98%)
A Minimax Approach Against Multi-Armed Adversarial Attacks Detection. (86%)
Run-Off Election: Improved Provable Defense against Data Poisoning Attacks. (81%)
Certified Robust Control under Adversarial Perturbations. (78%)
AUTOLYCUS: Exploiting Explainable AI (XAI) for Model Extraction Attacks against Decision Tree Models. (1%)
2023-02-03
TextShield: Beyond Successfully Detecting Adversarial Sentences in Text Classification. (96%)
DeTorrent: An Adversarial Padding-only Traffic Analysis Defense. (73%)
A Systematic Evaluation of Backdoor Trigger Characteristics in Image Classification. (56%)
Beyond the Universal Law of Robustness: Sharper Laws for Random Features and Neural Tangent Kernels. (15%)
Asymmetric Certified Robustness via Feature-Convex Neural Networks. (8%)
BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers. (2%)
From Robustness to Privacy and Back. (2%)
Augmenting Rule-based DNS Censorship Detection at Scale with Machine Learning. (1%)
2023-02-02
Beyond Pretrained Features: Noisy Image Modeling Provides Adversarial Defense. (99%)
TransFool: An Adversarial Attack against Neural Machine Translation Models. (99%)
On the Robustness of Randomized Ensembles to Adversarial Perturbations. (75%)
A sliced-Wasserstein distance-based approach for out-of-class-distribution detection. (62%)
Effective Robustness against Natural Distribution Shifts for Models with Different Training Data. (13%)
SPECWANDS: An Efficient Priority-based Scheduler Against Speculation Contention Attacks. (10%)
Provably Bounding Neural Network Preimages. (8%)
Defensive ML: Defending Architectural Side-channels with Adversarial Obfuscation. (2%)
Generalized Uncertainty of Deep Neural Networks: Taxonomy and Applications. (1%)
Dataset Distillation Fixes Dataset Reconstruction Attacks. (1%)
2023-02-01
Universal Soldier: Using Universal Adversarial Perturbations for Detecting Backdoor Attacks. (99%)
Effectiveness of Moving Target Defenses for Adversarial Attacks in ML-based Malware Detection. (92%)
Exploring Semantic Perturbations on Grover. (56%)
BackdoorBox: A Python Toolbox for Backdoor Learning. (10%)
2023-01-31
Reverse engineering adversarial attacks with fingerprints from adversarial examples. (99%)
The Impacts of Unanswerable Questions on the Robustness of Machine Reading Comprehension Models. (97%)
Are Defenses for Graph Neural Networks Robust? (80%)
Adversarial Training of Self-supervised Monocular Depth Estimation against Physical-World Attacks. (75%)
Robust Linear Regression: Gradient-descent, Early-stopping, and Beyond. (47%)
Fairness-aware Vision Transformer via Debiased Self-Attention. (47%)
Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression. (12%)
Identifying the Hazard Boundary of ML-enabled Autonomous Systems Using Cooperative Co-Evolutionary Search. (1%)
2023-01-30
Feature-Space Bayesian Adversarial Learning Improved Malware Detector Robustness. (99%)
Improving Adversarial Transferability with Scheduled Step Size and Dual Example. (99%)
Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification. (99%)
Certified Robustness of Learning-based Static Malware Detectors. (99%)
Identifying Adversarially Attackable and Robust Samples. (99%)
On Robustness of Prompt-based Semantic Parsing with Large Pre-trained Language Model: An Empirical Study on Codex. (98%)
Anchor-Based Adversarially Robust Zero-Shot Learning Driven by Language. (96%)
Inference Time Evidences of Adversarial Attacks for Forensic on Transformers. (87%)
On the Efficacy of Metrics to Describe Adversarial Attacks. (82%)
Benchmarking Robustness to Adversarial Image Obfuscations. (74%)
Extracting Training Data from Diffusion Models. (5%)
M3FAS: An Accurate and Robust MultiModal Mobile Face Anti-Spoofing System. (1%)
2023-01-29
Scaling in Depth: Unlocking Robustness Certification on ImageNet. (98%)
Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid. (93%)
Uncovering Adversarial Risks of Test-Time Adaptation. (82%)
Improving the Accuracy-Robustness Trade-off of Classifiers via Adaptive Smoothing. (75%)
Adversarial Attacks on Adversarial Bandits. (69%)
Towards Verifying the Geometric Robustness of Large-scale Neural Networks. (54%)
Lateralized Learning for Multi-Class Visual Classification Tasks. (13%)
Diverse, Difficult, and Odd Instances (D2O): A New Test Set for Object Classification. (3%)
Adversarial Style Augmentation for Domain Generalization. (2%)
Confidence-Aware Calibration and Scoring Functions for Curriculum Learning. (1%)
2023-01-28
Node Injection for Class-specific Network Poisoning. (82%)
Out-of-distribution Detection with Energy-based Models. (82%)
Gradient Shaping: Enhancing Backdoor Attack Against Reverse Engineering. (13%)
Selecting Models based on the Risk of Damage Caused by Adversarial Attacks. (1%)
2023-01-27
Semantic Adversarial Attacks on Face Recognition through Significant Attributes. (99%)
Targeted Attacks on Timeseries Forecasting. (99%)
Adapting Step-size: A Unified Perspective to Analyze and Improve Gradient-based Methods for Adversarial Attacks. (98%)
PECAN: A Deterministic Certified Defense Against Backdoor Attacks. (97%)
Vertex-based reachability analysis for verifying ReLU deep neural networks. (93%)
OccRob: Efficient SMT-Based Occlusion Robustness Verification of Deep Neural Networks. (92%)
PCV: A Point Cloud-Based Network Verifier. (88%)
Robust Transformer with Locality Inductive Bias and Feature Normalization. (88%)
Analyzing Robustness of the Deep Reinforcement Learning Algorithm in Ramp Metering Applications Considering False Data Injection Attack and Defense. (87%)
Learning to Unlearn: Instance-wise Unlearning for Pre-trained Classifiers. (80%)
Certified Invertibility in Neural Networks via Mixed-Integer Programming. (62%)
2023-01-26
Attacking Important Pixels for Anchor-free Detectors. (99%)
Certified Interpretability Robustness for Class Activation Mapping. (92%)
Interaction-level Membership Inference Attack Against Federated Recommender Systems. (31%)
Minerva: A File-Based Ransomware Detector. (13%)
2023-01-25
RobustPdM: Designing Robust Predictive Maintenance against Adversarial Attacks. (99%)
BDMMT: Backdoor Sample Detection for Language Models through Model Mutation Testing. (98%)
A Data-Centric Approach for Improving Adversarial Training Through the Lens of Out-of-Distribution Detection. (96%)
On the Adversarial Robustness of Camera-based 3D Object Detection. (81%)
A Study on FGSM Adversarial Training for Neural Retrieval. (75%)
Distilling Cognitive Backdoor Patterns within an Image. (2%)
Connecting metrics for shape-texture knowledge in computer vision. (1%)
2023-01-24
Blockchain-aided Secure Semantic Communication for AI-Generated Content in Metaverse. (13%)
Learning Effective Strategies for Moving Target Defense with Switching Costs. (1%)
Data Augmentation Alone Can Improve Adversarial Training. (1%)
2023-01-23
DODEM: DOuble DEfense Mechanism Against Adversarial Attacks Towards Secure Industrial Internet of Things Analytics. (99%)
Practical Adversarial Attacks Against AI-Driven Power Allocation in a Distributed MIMO Network. (92%)
BayBFed: Bayesian Backdoor Defense for Federated Learning. (78%)
Backdoor Attacks in Peer-to-Peer Federated Learning. (31%)
2023-01-22
Provable Unrestricted Adversarial Training without Compromise with Generalizability. (99%)
ContraBERT: Enhancing Code Pre-trained Models via Contrastive Learning. (8%)
2023-01-20
Limitations of Piecewise Linearity for Efficient Robustness Certification. (95%)
Towards Understanding How Self-training Tolerates Data Backdoor Poisoning. (16%)
Dr.Spider: A Diagnostic Evaluation Benchmark towards Text-to-SQL Robustness. (8%)
Defending SDN against packet injection attacks using deep learning. (2%)
2023-01-19
On the Vulnerability of Backdoor Defenses for Federated Learning. (62%)
On the Relationship Between Information-Theoretic Privacy Metrics And Probabilistic Information Privacy. (31%)
RNAS-CL: Robust Neural Architecture Search by Cross-Layer Knowledge Distillation. (16%)
Enhancing Deep Learning with Scenario-Based Override Rules: a Case Study. (1%)
2023-01-17
Denoising Diffusion Probabilistic Models as a Defense against Adversarial Attacks. (98%)
Adversarial Robust Deep Reinforcement Learning Requires Redefining Robustness. (68%)
Label Inference Attack against Split Learning under Regression Setting. (8%)
2023-01-16
$\beta$-DARTS++: Bi-level Regularization for Proxy-robust Differentiable Architecture Search. (1%)
Modeling Uncertain Feature Representation for Domain Generalization. (1%)
2023-01-15
BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense. (4%)
2023-01-13
On the feasibility of attacking Thai LPR systems with adversarial examples. (99%)
2023-01-12
Security-Aware Approximate Spiking Neural Networks. (87%)
Jamming Attacks on Decentralized Federated Learning in General Multi-Hop Wireless Networks. (3%)
2023-01-11
Phase-shifted Adversarial Training. (82%)
Universal Detection of Backdoor Attacks via Density-based Clustering and Centroids Analysis. (68%)
2023-01-10
On the Robustness of AlphaFold: A COVID-19 Case Study. (73%)
CDA: Contrastive-adversarial Domain Adaptation. (38%)
User-Centered Security in Natural Language Processing. (12%)
Diffusion Models For Stronger Face Morphing Attacks. (3%)
2023-01-09
Over-The-Air Adversarial Attacks on Deep Learning Wi-Fi Fingerprinting. (99%)
On the Susceptibility and Robustness of Time Series Models through Adversarial Attack and Defense. (98%)
Is Federated Learning a Practical PET Yet? (4%)
SoK: Hardware Defenses Against Speculative Execution Attacks. (1%)
2023-01-08
RobArch: Designing Robust Architectures against Adversarial Attacks. (76%)
MoreauGrad: Sparse and Robust Interpretation of Neural Networks via Moreau Envelope. (1%)
2023-01-07
REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service. (99%)
Adversarial training with informed data selection. (99%)
2023-01-06
Adversarial Attacks on Neural Models of Code via Code Difference Reduction. (99%)
Stealthy Backdoor Attack for Code Models. (98%)
2023-01-05
Silent Killer: Optimizing Backdoor Trigger Yields a Stealthy and Powerful Data Poisoning Attack. (98%)
gRoMA: a Tool for Measuring Deep Neural Networks Global Robustness. (96%)
Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks. (61%)
Can Large Language Models Change User Preference Adversarially? (1%)
TrojanPuzzle: Covertly Poisoning Code-Suggestion Models. (1%)
2023-01-04
Availability Adversarial Attack and Countermeasures for Deep Learning-based Load Forecasting. (98%)
Beckman Defense. (84%)
GUAP: Graph Universal Attack Through Adversarial Patching. (81%)
Enhancement attacks in biomedical machine learning. (1%)
2023-01-03
Explainability and Robustness of Deep Visual Classification Models. (92%)
Look, Listen, and Attack: Backdoor Attacks Against Video Action Recognition. (83%)
Backdoor Attacks Against Dataset Distillation. (50%)
Analysis of Label-Flip Poisoning Attack on Machine Learning Based Malware Detector. (33%)
2023-01-02
Efficient Robustness Assessment via Adversarial Spatial-Temporal Focus on Videos. (92%)
2023-01-01
Generalizable Black-Box Adversarial Attack with Meta Learning. (99%)
ExploreADV: Towards exploratory attack for Neural Networks. (99%)
Trojaning semi-supervised learning model via poisoning wild images on the web. (47%)
2022-12-30
Tracing the Origin of Adversarial Attack for Forensic Investigation and Deterrence. (99%)
Guidance Through Surrogate: Towards a Generic Diagnostic Attack. (99%)
Defense Against Adversarial Attacks on Audio DeepFake Detection. (86%)
Adversarial attacks and defenses on ML- and hardware-based IoT device fingerprinting and identification. (82%)
Unlearnable Clusters: Towards Label-agnostic Unlearnable Examples. (22%)
Targeted k-node Collapse Problem: Towards Understanding the Robustness of Local k-core Structure. (1%)
2022-12-29
"Real Attackers Don't Compute Gradients": Bridging the Gap Between Adversarial ML Research and Practice. (68%)
Detection of out-of-distribution samples using binary neuron activation patterns. (11%)
2022-12-28
Thermal Heating in ReRAM Crossbar Arrays: Challenges and Solutions. (99%)
Certifying Safety in Reinforcement Learning under Adversarial Perturbation Attacks. (98%)
Publishing Efficient On-device Models Increases Adversarial Vulnerability. (95%)
Differentiable Search of Accurate and Robust Architectures. (92%)
Robust Ranking Explanations. (76%)
Evaluating Generalizability of Deep Learning Models Using Indian-COVID-19 CT Dataset. (1%)
2022-12-27
EDoG: Adversarial Edge Detection For Graph Neural Networks. (98%)
Learning When to Use Adaptive Adversarial Image Perturbations against Autonomous Vehicles. (86%)
Sparse Mixture Once-for-all Adversarial Training for Efficient In-Situ Trade-Off Between Accuracy and Robustness of DNNs. (62%)
XMAM:X-raying Models with A Matrix to Reveal Backdoor Attacks for Federated Learning. (56%)
2022-12-25
Simultaneously Optimizing Perturbations and Positions for Black-box Adversarial Patch Attacks. (99%)
2022-12-24
Frequency Regularization for Improving Adversarial Robustness. (99%)
2022-12-23
Out-of-Distribution Detection with Reconstruction Error and Typicality-based Penalty. (61%)
Towards Scalable Physically Consistent Neural Networks: an Application to Data-driven Multi-zone Thermal Building Models. (1%)
2022-12-22
Adversarial Machine Learning and Defense Game for NextG Signal Classification with Deep Learning. (98%)
Aliasing is a Driver of Adversarial Attacks. (80%)
GAN-based Domain Inference Attack. (2%)
Hybrid Quantum-Classical Generative Adversarial Network for High Resolution Image Generation. (1%)
2022-12-21
Revisiting Residual Networks for Adversarial Robustness: An Architectural Perspective. (80%)
Vulnerabilities of Deep Learning-Driven Semantic Communications to Backdoor (Trojan) Attacks. (67%)
A Theoretical Study of The Effects of Adversarial Attacks on Sparse Regression. (13%)
2022-12-20
A Comprehensive Study and Comparison of the Robustness of 3D Object Detectors Against Adversarial Attacks. (98%)
Multi-head Uncertainty Inference for Adversarial Attack Detection. (98%)
In and Out-of-Domain Text Adversarial Robustness via Label Smoothing. (98%)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks. (96%)
Unleashing the Power of Visual Prompting At the Pixel Level. (92%)
Learned Systems Security. (78%)
Hidden Poison: Machine Unlearning Enables Camouflaged Poisoning Attacks. (22%)
ReCode: Robustness Evaluation of Code Generation Models. (10%)
SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations. (5%)
Defending Against Poisoning Attacks in Open-Domain Question Answering. (2%)
DISCO: Distilling Phrasal Counterfactuals with Large Language Models. (1%)
2022-12-19
TextGrad: Advancing Robustness Evaluation in NLP by Gradient-Driven Optimization. (99%)
Towards Robustness of Text-to-SQL Models Against Natural and Realistic Adversarial Table Perturbation. (75%)
AI Security for Geoscience and Remote Sensing: Challenges and Future Trends. (50%)
Task-Oriented Communications for NextG: End-to-End Deep Learning and AI Security Aspects. (26%)
Flareon: Stealthy any2any Backdoor Injection via Poisoned Augmentation. (2%)
Exploring Optimal Substructure for Out-of-distribution Generalization via Feature-targeted Model Pruning. (1%)
2022-12-18
Estimating the Adversarial Robustness of Attributions in Text with Transformers. (99%)
Minimizing Maximum Model Discrepancy for Transferable Black-box Targeted Attacks. (99%)
Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition. (99%)
Fine-Tuning Is All You Need to Mitigate Backdoor Attacks. (4%)
2022-12-17
Confidence-aware Training of Smoothed Classifiers for Certified Robustness. (86%)
A Review of Speech-centric Trustworthy Machine Learning: Privacy, Safety, and Fairness. (2%)
HyPe: Better Pre-trained Language Model Fine-tuning with Hidden Representation Perturbation. (1%)
2022-12-16
Adversarial Example Defense via Perturbation Grading Strategy. (99%)
Biomedical image analysis competitions: The state of current participation practice. (4%)
Better May Not Be Fairer: Can Data Augmentation Mitigate Subgroup Degradation? (1%)
On Human Visual Contrast Sensitivity and Machine Vision Robustness: A Comparative Study. (1%)
2022-12-15
Alternating Objectives Generates Stronger PGD-Based Adversarial Attacks. (98%)
On Evaluating Adversarial Robustness of Chest X-ray Classification: Pitfalls and Best Practices. (84%)
Are Multimodal Models Robust to Image and Text Perturbations? (5%)
Holistic risk assessment of inference attacks in machine learning. (4%)
Defending against cybersecurity threats to the payments and banking system. (2%)
White-box Inference Attacks against Centralized Machine Learning and Federated Learning. (1%)
2022-12-14
SAIF: Sparse Adversarial and Interpretable Attack Framework. (98%)
Dissecting Distribution Inference. (88%)
Generative Robust Classification. (11%)
Synthesis of Adversarial DDOS Attacks Using Tabular Generative Adversarial Networks. (8%)
DOC-NAD: A Hybrid Deep One-class Classifier for Network Anomaly Detection. (1%)
2022-12-13
Unfolding Local Growth Rate Estimates for (Almost) Perfect Adversarial Detection. (99%)
Object-fabrication Targeted Attack for Object Detection. (99%)
Adversarial Attacks and Defences for Skin Cancer Classification. (99%)
Towards Efficient and Domain-Agnostic Evasion Attack with High-dimensional Categorical Inputs. (80%)
Understanding Zero-Shot Adversarial Robustness for Large-Scale Models. (73%)
Pixel is All You Need: Adversarial Trajectory-Ensemble Active Learning for Salient Object Detection. (56%)
AdvCat: Domain-Agnostic Robustness Assessment for Cybersecurity-Critical Applications with Categorical Inputs. (56%)
Privacy-preserving Security Inference Towards Cloud-Edge Collaborative Using Differential Privacy. (1%)
Boosting Semi-Supervised Learning with Contrastive Complementary Labeling. (1%)
2022-12-12
SRoUDA: Meta Self-training for Robust Unsupervised Domain Adaptation. (98%)
Adversarially Robust Video Perception by Seeing Motion. (98%)
A Survey on Reinforcement Learning Security with Application to Autonomous Driving. (96%)
HOTCOLD Block: Fooling Thermal Infrared Detectors with a Novel Wearable Design. (96%)
Robust Perception through Equivariance. (96%)
Despite "super-human" performance, current LLMs are unsuited for decisions about ethics and safety. (75%)
AFLGuard: Byzantine-robust Asynchronous Federated Learning. (15%)
Carpet-bombing patch: attacking a deep network without usual requirements. (2%)
2022-12-11
DISCO: Adversarial Defense with Local Implicit Functions. (99%)
REAP: A Large-Scale Realistic Adversarial Patch Benchmark. (98%)
2022-12-10
General Adversarial Defense Against Black-box Attacks via Pixel Level and Feature Level Distribution Alignments. (99%)
Untargeted Attack against Federated Recommendation Systems via Poisonous Item Embeddings and the Defense. (93%)
Targeted Adversarial Attacks on Deep Reinforcement Learning Policies via Model Checking. (93%)
Mitigating Adversarial Gray-Box Attacks Against Phishing Detectors. (54%)
How to Backdoor Diffusion Models? (10%)
Identifying the Source of Vulnerability in Explanation Discrepancy: A Case Study in Neural Text Classification. (1%)
2022-12-09
Understanding and Combating Robust Overfitting via Input Loss Landscape Analysis and Regularization. (98%)
Expeditious Saliency-guided Mix-up through Random Gradient Thresholding. (2%)
Robustness Implies Privacy in Statistical Estimation. (1%)
Selective Amnesia: On Efficient, High-Fidelity and Blind Suppression of Backdoor Effects in Trojaned Machine Learning Models. (1%)
QVIP: An ILP-based Formal Verification Approach for Quantized Neural Networks. (1%)
2022-12-08
Targeted Adversarial Attacks against Neural Network Trajectory Predictors. (99%)
XRand: Differentially Private Defense against Explanation-Guided Attacks. (68%)
Robust Graph Representation Learning via Predictive Coding. (22%)
2022-12-06
Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning. (96%)
2022-12-05
Enhancing Quantum Adversarial Robustness by Randomized Encodings. (99%)
Multiple Perturbation Attack: Attack Pixelwise Under Different $\ell_p$-norms For Better Adversarial Performance. (99%)
FaceQAN: Face Image Quality Assessment Through Adversarial Noise Exploration. (92%)
Refiner: Data Refining against Gradient Leakage Attacks in Federated Learning. (47%)
Blessings and Curses of Covariate Shifts: Adversarial Learning Dynamics, Directional Convergence, and Equilibria. (8%)
What is the Solution for State-Adversarial Multi-Agent Reinforcement Learning? (3%)
Spuriosity Rankings: Sorting Data for Spurious Correlation Robustness. (1%)
Efficient Malware Analysis Using Metric Embeddings. (1%)
2022-12-04
Bayesian Learning with Information Gain Provably Bounds Risk for a Robust Adversarial Defense. (98%)
Recognizing Object by Components with Human Prior Knowledge Enhances Adversarial Robustness of Deep Neural Networks. (88%)
CSTAR: Towards Compact and STructured Deep Neural Networks with Adversarial Robustness. (82%)
FedCC: Robust Federated Learning against Model Poisoning Attacks. (45%)
ConfounderGAN: Protecting Image Data Privacy with Causal Confounder. (8%)
2022-12-03
LDL: A Defense for Label-Based Membership Inference Attacks. (83%)
Security Analysis of SplitFed Learning. (8%)
2022-12-02
Membership Inference Attacks Against Semantic Segmentation Models. (45%)
Guaranteed Conformance of Neurosymbolic Models to Natural Constraints. (1%)
2022-12-01
Purifier: Defending Data Inference Attacks via Transforming Confidence Scores. (89%)
Pareto Regret Analyses in Multi-objective Multi-armed Bandit. (31%)
All You Need Is Hashing: Defending Against Data Reconstruction Attack in Vertical Federated Learning. (2%)
Generalizing and Improving Jacobian and Hessian Regularization. (1%)
On the Limit of Explaining Black-box Temporal Graph Neural Networks. (1%)
SimpleMind adds thinking to deep neural networks. (1%)
2022-11-30
Towards Interpreting Vulnerability of Multi-Instance Learning via Customized and Universal Adversarial Perturbations. (97%)
Interpretation of Neural Networks is Susceptible to Universal Adversarial Perturbations. (84%)
Efficient Adversarial Input Generation via Neural Net Patching. (73%)
Toward Robust Diagnosis: A Contour Attention Preserving Adversarial Defense for COVID-19 Detection. (69%)
Tight Certification of Adversarially Trained Neural Networks via Nonconvex Low-Rank Semidefinite Relaxations. (38%)
Improved Smoothed Analysis of 2-Opt for the Euclidean TSP. (8%)
2022-11-29
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion. (99%)
Understanding and Enhancing Robustness of Concept-based Models. (99%)
Advancing Deep Metric Learning Through Multiple Batch Norms And Multi-Targeted Adversarial Examples. (88%)
Penalizing Confident Predictions on Largely Perturbed Inputs Does Not Improve Out-of-Distribution Generalization in Question Answering. (83%)
Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks. (73%)
AdvMask: A Sparse Adversarial Attack Based Data Augmentation Method for Image Classification. (54%)
A3T: Accuracy Aware Adversarial Training. (10%)
Building Resilience to Out-of-Distribution Visual Data via Input Optimization and Model Finetuning. (1%)
2022-11-28
Adversarial Artifact Detection in EEG-Based Brain-Computer Interfaces. (99%)
Interpretations Cannot Be Trusted: Stealthy and Effective Adversarial Perturbations against Interpretable Deep Learning. (95%)
Training Time Adversarial Attack Aiming the Vulnerability of Continual Learning. (83%)
Towards More Robust Interpretation via Local Gradient Alignment. (76%)
Understanding the Impact of Adversarial Robustness on Accuracy Disparity. (15%)
How Important are Good Method Names in Neural Code Generation? A Model Robustness Perspective. (13%)
Rethinking the Number of Shots in Robust Model-Agnostic Meta-Learning. (8%)
Attack on Unfair ToS Clause Detection: A Case Study using Universal Adversarial Triggers. (8%)
Gamma-convergence of a nonlocal perimeter arising in adversarial machine learning. (3%)
CoNAL: Anticipating Outliers with Large Language Models. (1%)
Learning Antidote Data to Individual Unfairness. (1%)
2022-11-27
Imperceptible Adversarial Attack via Invertible Neural Networks. (99%)
Foiling Explanations in Deep Neural Networks. (98%)
Navigation as the Attacker Wishes? Towards Building Byzantine-Robust Embodied Agents under Federated Learning. (84%)
Traditional Classification Neural Networks are Good Generators: They are Competitive with DDPMs and GANs. (50%)
Federated Learning Attacks and Defenses: A Survey. (47%)
Adversarial Rademacher Complexity of Deep Neural Networks. (47%)
2022-11-26
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning. (99%)
2022-11-25
Boundary Adversarial Examples Against Adversarial Overfitting. (99%)
Supervised Contrastive Prototype Learning: Augmentation Free Robust Neural Network. (98%)
Beyond Smoothing: Unsupervised Graph Representation Learning with Edge Heterophily Discriminating. (3%)
TrustGAN: Training safe and trustworthy deep learning models through generative adversarial networks. (1%)
2022-11-24
SAGA: Spectral Adversarial Geometric Attack on 3D Meshes. (98%)
Explainable and Safe Reinforcement Learning for Autonomous Air Mobility. (92%)
Tracking Dataset IP Use in Deep Neural Networks. (76%)
Seeds Don't Lie: An Adaptive Watermarking Framework for Computer Vision Models. (8%)
Generative Joint Source-Channel Coding for Semantic Image Transmission. (1%)
CycleGANWM: A CycleGAN watermarking method for ownership verification. (1%)
2022-11-23
Query Efficient Cross-Dataset Transferable Black-Box Attack on Action Recognition. (99%)
Adversarial Attacks are a Surprisingly Strong Baseline for Poisoning Few-Shot Meta-Learners. (99%)
Reliable Robustness Evaluation via Automatically Constructed Attack Ensembles. (76%)
Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. (62%)
Privacy-Enhancing Optical Embeddings for Lensless Classification. (11%)
Principled Data-Driven Decision Support for Cyber-Forensic Investigations. (1%)
Data Provenance Inference in Machine Learning. (1%)
2022-11-22
Benchmarking Adversarially Robust Quantum Machine Learning at Scale. (99%)
PointCA: Evaluating the Robustness of 3D Point Cloud Completion Models Against Adversarial Examples. (99%)
Attacking Image Splicing Detection and Localization Algorithms Using Synthetic Traces. (98%)
Improving Robust Generalization by Direct PAC-Bayesian Bound Minimization. (70%)
Backdoor Cleansing with Unlabeled Data. (70%)
SoK: Inference Attacks and Defenses in Human-Centered Wireless Sensing. (69%)
2022-11-21
Self-Ensemble Protection: Training Checkpoints Are Good Data Protectors. (99%)
Boosting the Transferability of Adversarial Attacks with Global Momentum Initialization. (99%)
Understanding the Vulnerability of Skeleton-based Human Activity Recognition via Black-box Attack. (99%)
Addressing Mistake Severity in Neural Networks with Semantic Knowledge. (92%)
Efficient Generalization Improvement Guided by Random Weight Perturbation. (68%)
CLAWSAT: Towards Both Robust and Accurate Code Models. (56%)
Fairness Increases Adversarial Vulnerability. (54%)
Don't Watch Me: A Spatio-Temporal Trojan Attack on Deep-Reinforcement-Learning-Augment Autonomous Driving. (10%)
SPIN: Simulated Poisoning and Inversion Network for Federated Learning-Based 6G Vehicular Networks. (8%)
A Survey on Backdoor Attack and Defense in Natural Language Processing. (2%)
Understanding and Improving Visual Prompting: A Label-Mapping Perspective. (2%)
Privacy in Practice: Private COVID-19 Detection in X-Ray Images. (1%)
A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers. (1%)
2022-11-20
Spectral Adversarial Training for Robust Graph Neural Network. (99%)
Invisible Backdoor Attack with Dynamic Triggers against Person Re-identification. (81%)
Adversarial Cheap Talk. (4%)
Deep Composite Face Image Attacks: Generation, Vulnerability and Detection. (2%)
AI-KD: Adversarial learning and Implicit regularization for self-Knowledge Distillation. (2%)
2022-11-19
Towards Adversarial Robustness of Deep Vision Algorithms. (92%)
Phonemic Adversarial Attack against Audio Recognition in Real World. (87%)
Towards Robust Dataset Learning. (82%)
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning. (80%)
Mask Off: Analytic-based Malware Detection By Transfer Learning and Model Personalization. (9%)
Investigating the Security of EV Charging Mobile Applications As an Attack Surface. (1%)
2022-11-18
Adversarial Stimuli: Attacking Brain-Computer Interfaces via Perturbed Sensory Events. (98%)
Adversarial Detection by Approximation of Ensemble Boundary. (75%)
Leveraging Algorithmic Fairness to Mitigate Blackbox Attribute Inference Attacks. (68%)
Invariant Learning via Diffusion Dreamed Distribution Shifts. (10%)
Improving Robustness of TCM-based Robust Steganography with Variable Robustness. (1%)
Intrusion Detection in Internet of Things using Convolutional Neural Networks. (1%)
Provable Defense against Backdoor Policies in Reinforcement Learning. (1%)
2022-11-17
Diagnostics for Deep Neural Networks with Automated Copy/Paste Attacks. (99%)
Towards Good Practices in Evaluating Transfer Adversarial Attacks. (93%)
Assessing Neural Network Robustness via Adversarial Pivotal Tuning. (92%)
UPTON: Unattributable Authorship Text via Data Poisoning. (86%)
Generalizable Deepfake Detection with Phase-Based Motion Analysis. (50%)
More Effective Centrality-Based Attacks on Weighted Networks. (15%)
Potential Auto-driving Threat: Universal Rain-removal Attack. (2%)
Data-Centric Debugging: mitigating model failures via targeted data collection. (1%)
A Tale of Two Cities: Data and Configuration Variances in Robust Deep Learning. (1%)
VeriSparse: Training Verified Locally Robust Sparse Neural Networks from Scratch. (1%)
2022-11-16
T-SEA: Transfer-based Self-Ensemble Attack on Object Detection. (99%)
Efficiently Finding Adversarial Examples with DNN Preprocessing. (99%)
Improving Interpretability via Regularization of Neural Activation Sensitivity. (92%)
Attacking Object Detector Using A Universal Targeted Label-Switch Patch. (86%)
Differentially Private Optimizers Can Learn Adversarially Robust Models. (83%)
Interpretable Dimensionality Reduction by Feature Preserving Manifold Approximation and Projection. (56%)
Privacy against Real-Time Speech Emotion Detection via Acoustic Adversarial Evasion of Machine Learning. (38%)
Holistic Evaluation of Language Models. (2%)
Analysis and Detectability of Offline Data Poisoning Attacks on Linear Systems. (1%)
2022-11-15
Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation. (99%)
Universal Distributional Decision-based Black-box Adversarial Attack with Reinforcement Learning. (99%)
MORA: Improving Ensemble Robustness Evaluation with Model-Reweighing Attack. (99%)
Person Text-Image Matching via Text-Featur Interpretability Embedding and External Attack Node Implantation. (92%)
Backdoor Attacks on Time Series: A Generative Approach. (70%)
Improved techniques for deterministic l2 robustness. (22%)
CorruptEncoder: Data Poisoning based Backdoor Attacks to Contrastive Learning. (22%)
Backdoor Attacks for Remote Sensing Data with Wavelet Transform. (12%)
2022-11-14
Efficient Adversarial Training with Robust Early-Bird Tickets. (92%)
Attacking Face Recognition with T-shirts: Database, Vulnerability Assessment and Detection. (13%)
Towards Robust Numerical Question Answering: Diagnosing Numerical Capabilities of NLP Systems. (5%)
Explainer Divergence Scores (EDS): Some Post-Hoc Explanations May be Effective for Detecting Unknown Spurious Correlations. (5%)
Robustifying Deep Vision Models Through Shape Sensitization. (2%)
2022-11-13
Certifying Robustness of Convolutional Neural Networks with Tight Linear Approximation. (26%)
2022-11-12
Adversarial and Random Transformations for Robust Domain Adaptation and Generalization. (75%)
2022-11-11
Generating Textual Adversaries with Minimal Perturbation. (98%)
On the robustness of non-intrusive speech quality model by adversarial examples. (98%)
An investigation of security controls and MITRE ATT\&CK techniques. (47%)
Investigating co-occurrences of MITRE ATT\&CK Techniques. (12%)
Remapped Cache Layout: Thwarting Cache-Based Side-Channel Attacks with a Hardware Defense. (9%)
2022-11-10
Test-time adversarial detection and robustness for localizing humans using ultra wide band channel impulse responses. (99%)
Impact of Adversarial Training on Robustness and Generalizability of Language Models. (99%)
Privacy-Utility Balanced Voice De-Identification Using Adversarial Examples. (98%)
Stay Home Safe with Starving Federated Data. (80%)
MSDT: Masked Language Model Scoring Defense in Text Domain. (38%)
Robust DNN Surrogate Models with Uncertainty Quantification via Adversarial Training. (3%)
Mitigating Forgetting in Online Continual Learning via Contrasting Semantically Distinct Augmentations. (1%)
2022-11-09
On the Robustness of Explanations of Deep Neural Network Models: A Survey. (50%)
Are All Edges Necessary? A Unified Framework for Graph Purification. (5%)
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. (3%)
Accountable and Explainable Methods for Complex Reasoning over Text. (2%)
2022-11-08
Preserving Semantics in Textual Adversarial Attacks. (99%)
NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries? (98%)
How Fraudster Detection Contributes to Robust Recommendation. (54%)
Lipschitz Continuous Algorithms for Graph Problems. (16%)
Learning advisor networks for noisy image classification. (1%)
2022-11-07
Are AlphaZero-like Agents Robust to Adversarial Perturbations? (99%)
Black-Box Attack against GAN-Generated Image Detector with Contrastive Perturbation. (82%)
Deviations in Representations Induced by Adversarial Attacks. (70%)
Interpreting deep learning output for out-of-distribution detection. (1%)
Resilience of Wireless Ad Hoc Federated Learning against Model Poisoning Attacks. (1%)
2022-11-06
Contrastive Weighted Learning for Near-Infrared Gaze Estimation. (31%)
2022-11-05
Textual Manifold-based Defense Against Natural Language Adversarial Examples. (99%)
Stateful Detection of Adversarial Reprogramming. (96%)
Robust Lottery Tickets for Pre-trained Language Models. (83%)
2022-11-04
Improving Adversarial Robustness to Sensitivity and Invariance Attacks with Deep Metric Learning. (99%)
Logits are predictive of network type. (68%)
An Adversarial Robustness Perspective on the Topology of Neural Networks. (64%)
Fairness-aware Regression Robust to Adversarial Attacks. (38%)
Extension of Simple Algorithms to the Matroid Secretary Problem. (9%)
Robustness of Fusion-based Multimodal Classifiers to Cross-Modal Content Dilutions. (3%)
Data Models for Dataset Drift Controls in Machine Learning With Images. (1%)
2022-11-03
Physically Adversarial Attacks and Defenses in Computer Vision: A Survey. (99%)
Adversarial Defense via Neural Oscillation inspired Gradient Masking. (98%)
M-to-N Backdoor Paradigm: A Stealthy and Fuzzy Attack to Deep Learning Models. (98%)
Robust Few-shot Learning Without Using any Adversarial Samples. (89%)
Data-free Defense of Black Box Models Against Adversarial Attacks. (84%)
Leveraging Domain Features for Detecting Adversarial Attacks Against Deep Speech Recognition in Noise. (38%)
Try to Avoid Attacks: A Federated Data Sanitization Defense for Healthcare IoMT Systems. (33%)
Unintended Memorization and Timing Attacks in Named Entity Recognition Models. (12%)
2022-11-02
Certified Robustness of Quantum Classifiers against Adversarial Examples through Quantum Noise. (99%)
Defending with Errors: Approximate Computing for Robustness of Deep Neural Networks. (99%)
Improving transferability of 3D adversarial attacks with scale and shear transformations. (99%)
Adversarial Attack on Radar-based Environment Perception Systems. (99%)
Isometric Representations in Neural Networks Improve Robustness. (62%)
BATT: Backdoor Attack with Transformation-based Triggers. (56%)
Untargeted Backdoor Attack against Object Detection. (50%)
Generative Adversarial Training Can Improve Neural Language Models. (33%)
Backdoor Defense via Suppressing Model Shortcuts. (3%)
Human-in-the-Loop Mixup. (1%)
2022-11-01
LMD: A Learnable Mask Network to Detect Adversarial Examples for Speaker Verification. (99%)
The Enemy of My Enemy is My Friend: Exploring Inverse Adversaries for Improving Adversarial Training. (99%)
DensePure: Understanding Diffusion Models towards Adversarial Robustness. (98%)
Adversarial Training with Complementary Labels: On the Benefit of Gradually Informative Attacks. (87%)
Universal Perturbation Attack on Differentiable No-Reference Image- and Video-Quality Metrics. (82%)
The Perils of Learning From Unlabeled Data: Backdoor Attacks on Semi-supervised Learning. (80%)
Maximum Likelihood Distillation for Robust Modulation Classification. (69%)
FRSUM: Towards Faithful Abstractive Summarization via Enhancing Factual Robustness. (45%)
Amplifying Membership Exposure via Data Poisoning. (22%)
ActGraph: Prioritization of Test Cases Based on Deep Neural Network Activation Graph. (13%)
2022-10-31
Scoring Black-Box Models for Adversarial Robustness. (98%)
ARDIR: Improving Robustness using Knowledge Distillation of Internal Representation. (88%)
Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy. (16%)
2022-10-30
Poison Attack and Defense on Deep Source Code Processing Models. (99%)
Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution. (99%)
Benchmarking Adversarial Patch Against Aerial Detection. (99%)
Symmetric Saliency-based Adversarial Attack To Speaker Identification. (92%)
FI-ODE: Certified and Robust Forward Invariance in Neural ODEs. (61%)
Imitating Opponent to Win: Adversarial Policy Imitation Learning in Two-player Competitive Games. (9%)
2022-10-29
On the Need of Neuromorphic Twins to Detect Denial-of-Service Attacks on Communication Networks. (10%)
2022-10-28
Universal Adversarial Directions. (99%)
Improving the Transferability of Adversarial Attacks on Face Recognition with Beneficial Perturbation Feature Augmentation. (99%)
Improving Hyperspectral Adversarial Robustness using Ensemble Networks in the Presences of Multiple Attacks. (98%)
Distributed Black-box Attack against Image Classification Cloud Services. (89%)
RoChBert: Towards Robust BERT Fine-tuning for Chinese. (75%)
Robust Boosting Forests with Richer Deep Feature Hierarchy. (56%)
Localized Randomized Smoothing for Collective Robustness Certification. (26%)
Towards Reliable Neural Specifications. (11%)
On the Vulnerability of Data Points under Multiple Membership Inference Attacks and Target Models. (1%)
2022-10-27
TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems. (99%)
Isometric 3D Adversarial Examples in the Physical World. (99%)
LeNo: Adversarial Robust Salient Object Detection Networks with Learnable Noise. (92%)
TASA: Deceiving Question Answering Models by Twin Answer Sentences Attack. (92%)
Efficient and Effective Augmentation Strategy for Adversarial Training. (56%)
Noise Injection Node Regularization for Robust Learning. (2%)
Domain Adaptive Object Detection for Autonomous Driving under Foggy Weather. (1%)
2022-10-26
Improving Adversarial Robustness with Self-Paced Hard-Class Pair Reweighting. (99%)
There is more than one kind of robustness: Fooling Whisper with adversarial examples. (98%)
Disentangled Text Representation Learning with Information-Theoretic Perspective for Adversarial Robustness. (86%)
BioNLI: Generating a Biomedical NLI Dataset Using Lexico-semantic Constraints for Adversarial Examples. (75%)
EIPSIM: Modeling Secure IP Address Allocation at Cloud Scale. (11%)
V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization. (10%)
Rethinking the Reverse-engineering of Trojan Triggers. (5%)
Cover Reproducible Steganography via Deep Generative Models. (1%)
DEMIS: A Threat Model for Selectively Encrypted Visual Surveillance Data. (1%)
Privately Fine-Tuning Large Language Models with Differential Privacy. (1%)
2022-10-25
Adversarially Robust Medical Classification via Attentive Convolutional Neural Networks. (99%)
A White-Box Adversarial Attack Against a Digital Twin. (99%)
Adaptive Test-Time Defense with the Manifold Hypothesis. (98%)
LP-BFGS attack: An adversarial attack based on the Hessian with limited pixels. (98%)
Improving Adversarial Robustness via Joint Classification and Multiple Explicit Detection Classes. (98%)
Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. (98%)
Accelerating Certified Robustness Training via Knowledge Transfer. (73%)
Causal Information Bottleneck Boosts Adversarial Robustness of Deep Neural Network. (64%)
Towards Robust Recommender Systems via Triple Cooperative Defense. (61%)
Towards Formal Approximated Minimal Explanations of Neural Networks. (13%)
FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification. (13%)
A Streamlit-based Artificial Intelligence Trust Platform for Next-Generation Wireless Networks. (3%)
Robustness of Locally Differentially Private Graph Analysis Against Poisoning. (1%)
2022-10-24
Ares: A System-Oriented Wargame Framework for Adversarial ML. (99%)
SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning. (99%)
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs. (96%)
On the Robustness of Dataset Inference. (81%)
Flexible Android Malware Detection Model based on Generative Adversarial Networks with Code Tensor. (16%)
Revisiting Sparse Convolutional Model for Visual Recognition. (11%)
2022-10-23
FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning. (68%)
Adversarial Pretraining of Self-Supervised Deep Networks: Past, Present and Future. (45%)
2022-10-22
ADDMU: Detection of Far-Boundary Adversarial Examples with Data and Model Uncertainty Estimation. (99%)
Hindering Adversarial Attacks with Implicit Neural Representations. (92%)
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections. (81%)
Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games. (26%)
Precisely the Point: Adversarial Augmentations for Faithful and Informative Text Generation. (4%)
2022-10-21
Evolution of Neural Tangent Kernels under Benign and Adversarial Training. (99%)
The Dark Side of AutoML: Towards Architectural Backdoor Search. (68%)
Diffusion Visual Counterfactual Explanations. (10%)
TCAB: A Large-Scale Text Classification Attack Benchmark. (10%)
A critical review of cyber-physical security for building automation systems. (2%)
Extracted BERT Model Leaks More Information than You Think! (1%)
2022-10-20
Identifying Human Strategies for Generating Word-Level Adversarial Examples. (98%)
Are You Stealing My Model? Sample Correlation for Fingerprinting Deep Neural Networks. (98%)
Balanced Adversarial Training: Balancing Tradeoffs between Fickleness and Obstinacy in NLP Models. (98%)
Learning Sample Reweighting for Accuracy and Adversarial Robustness. (93%)
Similarity of Neural Architectures Based on Input Gradient Transferability. (86%)
New data poison attacks on machine learning classifiers for mobile exfiltration. (80%)
Attacking Motion Estimation with Adversarial Snow. (16%)
How Does a Deep Learning Model Architecture Impact Its Privacy? (5%)
Analyzing the Robustness of Decentralized Horizontal and Vertical Federated Learning Architectures in a Non-IID Scenario. (4%)
Apple of Sodom: Hidden Backdoors in Superior Sentence Embeddings via Contrastive Learning. (3%)
LOT: Layer-wise Orthogonal Training on Improving $\ell_2$ Certified Robustness. (3%)
2022-10-19
Few-shot Transferable Robust Representation Learning via Bilevel Attacks. (93%)
Targeted Adversarial Self-Supervised Learning. (86%)
Backdoor Attack and Defense in Federated Generative Adversarial Network-based Medical Image Synthesis. (83%)
Emerging Threats in Deep Learning-Based Autonomous Driving: A Comprehensive Survey. (69%)
Why Should Adversarial Perturbations be Imperceptible? Rethink the Research Paradigm in Adversarial NLP. (64%)
Model-Free Prediction of Adversarial Drop Points in 3D Point Clouds. (54%)
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information. (41%)
Chaos Theory and Adversarial Robustness. (22%)
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning. (16%)
Variational Model Perturbation for Source-Free Domain Adaptation. (1%)
2022-10-18
Scaling Adversarial Training to Large Perturbation Bounds. (98%)
Not All Poisons are Created Equal: Robust Training against Data Poisoning. (97%)
ROSE: Robust Selective Fine-tuning for Pre-trained Language Models. (73%)
Analysis of Master Vein Attacks on Finger Vein Recognition Systems. (56%)
Training set cleansing of backdoor poisoning by self-supervised representation learning. (56%)
On the Adversarial Robustness of Mixture of Experts. (13%)
Transferable Unlearnable Examples. (8%)
Automatic Detection of Fake Key Attacks in Secure Messaging. (8%)
Improving Adversarial Robustness by Contrastive Guided Diffusion Process. (2%)
2022-10-17
Towards Generating Adversarial Examples on Mixed-type Data. (99%)
Differential Evolution based Dual Adversarial Camouflage: Fooling Human Eyes and Object Detectors. (99%)
Probabilistic Categorical Adversarial Attack & Adversarial Training. (99%)
Marksman Backdoor: Backdoor Attacks with Arbitrary Target Class. (96%)
DE-CROP: Data-efficient Certified Robustness for Pretrained Classifiers. (87%)
Beyond Model Interpretability: On the Faithfulness and Adversarial Robustness of Contrastive Textual Explanations. (78%)
Towards Fair Classification against Poisoning Attacks. (76%)
Deepfake Text Detection: Limitations and Opportunities. (41%)
You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks. (15%)
Fine-mixing: Mitigating Backdoors in Fine-tuned Language Models. (9%)
Understanding CNN Fragility When Learning With Imbalanced Data. (1%)
2022-10-16
Object-Attentional Untargeted Adversarial Attack. (99%)
Nowhere to Hide: A Lightweight Unsupervised Detector against Adversarial Examples. (99%)
ODG-Q: Robust Quantization via Online Domain Generalization. (83%)
Interpretable Machine Learning for Detection and Classification of Ransomware Families Based on API Calls. (1%)
2022-10-15
RoS-KD: A Robust Stochastic Knowledge Distillation Approach for Noisy Medical Imaging. (2%)
2022-10-14
When Adversarial Training Meets Vision Transformers: Recipes from Training to Architecture. (87%)
Dynamics-aware Adversarial Attack of Adaptive Neural Networks. (86%)
Is Face Recognition Safe from Realizable Attacks? (84%)
Expose Backdoors on the Way: A Feature-Based Efficient Defense against Textual Backdoor Attacks. (76%)
Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. (67%)
2022-10-13
Adv-Attribute: Inconspicuous and Transferable Adversarial Attack on Face Recognition. (99%)
AccelAT: A Framework for Accelerating the Adversarial Training of Deep Neural Networks through Accuracy Gradient. (99%)
Demystifying Self-supervised Trojan Attacks. (87%)
Improving Out-of-Distribution Generalization by Adversarial Training with Structured Priors. (81%)
Efficiently Computing Local Lipschitz Constants of Neural Networks via Bound Propagation. (13%)
Large-Scale Open-Set Classification Protocols for ImageNet. (2%)
SoK: How Not to Architect Your Next-Generation TEE Malware? (1%)
Feature Reconstruction Attacks and Countermeasures of DNN training in Vertical Federated Learning. (1%)
Characterizing the Influence of Graph Elements. (1%)
2022-10-12
A Game Theoretical vulnerability analysis of Adversarial Attack. (99%)
Visual Prompting for Adversarial Robustness. (99%)
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation. (99%)
Robust Models are less Over-Confident. (96%)
Double Bubble, Toil and Trouble: Enhancing Certified Robustness through Transitivity. (86%)
Efficient Adversarial Training without Attacking: Worst-Case-Aware Robust Reinforcement Learning. (82%)
COLLIDER: A Robust Training Framework for Backdoor Data. (81%)
Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork. (76%)
Few-shot Backdoor Attacks via Neural Tangent Kernels. (62%)
How to Sift Out a Clean Data Subset in the Presence of Data Poisoning? (9%)
Understanding Impacts of Task Similarity on Backdoor Attack and Detection. (2%)
2022-10-11
What Can the Neural Tangent Kernel Tell Us About Adversarial Robustness? (99%)
Stable and Efficient Adversarial Training through Local Linearization. (91%)
RoHNAS: A Neural Architecture Search Framework with Conjoint Optimization for Adversarial Robustness and Hardware Efficiency of Convolutional and Capsule Networks. (86%)
Adversarial Attack Against Image-Based Localization Neural Networks. (78%)
Detecting Backdoors in Deep Text Classifiers. (76%)
Human Body Measurement Estimation with Adversarial Augmentation. (33%)
Curved Representation Space of Vision Transformers. (10%)
Zeroth-Order Hard-Thresholding: Gradient Error vs. Expansivity. (1%)
Make Sharpness-Aware Minimization Stronger: A Sparsified Perturbation Approach. (1%)
2022-10-10
Boosting Adversarial Robustness From The Perspective of Effective Margin Regularization. (92%)
Revisiting adapters with adversarial training. (88%)
Universal Adversarial Perturbations: Efficiency on a small image dataset. (81%)
Certified Training: Small Boxes are All You Need. (22%)
Denoising Masked AutoEncoders Help Robust Classification. (1%)
2022-10-09
Pruning Adversarially Robust Neural Networks without Adversarial Examples. (99%)
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective. (99%)
Online Training Through Time for Spiking Neural Networks. (1%)
2022-10-08
Symmetry Subgroup Defense Against Adversarial Attacks. (99%)
FedDef: Defense Against Gradient Leakage in Federated Learning-based Network Intrusion Detection Systems. (99%)
Robustness of Unsupervised Representation Learning without Labels. (54%)
2022-10-07
Adversarially Robust Prototypical Few-shot Segmentation with Neural-ODEs. (99%)
Pre-trained Adversarial Perturbations. (99%)
ViewFool: Evaluating the Robustness of Visual Recognition to Adversarial Viewpoints. (93%)
Game-Theoretic Understanding of Misclassification. (47%)
A2: Efficient Automated Attacker for Boosting Adversarial Training. (41%)
NMTSloth: Understanding and Testing Efficiency Degradation of Neural Machine Translation Systems. (13%)
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. (2%)
Improving Fine-Grain Segmentation via Interpretable Modifications: A Case Study in Fossil Segmentation. (1%)
Mind Your Data! Hiding Backdoors in Offline Reinforcement Learning Datasets. (1%)
2022-10-06
Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems. (99%)
Enhancing Code Classification by Mixup-Based Data Augmentation. (96%)
Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection. (92%)
On Optimal Learning Under Targeted Data Poisoning. (82%)
Towards Out-of-Distribution Adversarial Robustness. (73%)
InferES : A Natural Language Inference Corpus for Spanish Featuring Negation-Based Contrastive and Adversarial Examples. (61%)
Unsupervised Domain Adaptation for COVID-19 Information Service with Contrastive Adversarial Domain Mixup. (41%)
Synthetic Dataset Generation for Privacy-Preserving Machine Learning. (2%)
Enhancing Mixup-Based Graph Learning for Language Processing via Hybrid Pooling. (1%)
Bad Citrus: Reducing Adversarial Costs with Model Distances. (1%)
2022-10-05
Natural Color Fool: Towards Boosting Black-box Unrestricted Attacks. (99%)
Dynamic Stochastic Ensemble with Adversarial Robust Lottery Ticket Subnetworks. (98%)
On Adversarial Robustness of Deep Image Deblurring. (83%)
A Closer Look at Robustness to L-infinity and Spatial Perturbations and their Composition. (81%)
Jitter Does Matter: Adapting Gaze Estimation to New Domains. (78%)
Image Masking for Robust Self-Supervised Monocular Depth Estimation. (38%)
Over-the-Air Federated Learning with Privacy Protection via Correlated Additive Perturbations. (38%)
2022-10-04
Rethinking Lipschitz Neural Networks and Certified Robustness: A Boolean Function Perspective. (97%)
Robust Fair Clustering: A Novel Fairness Attack and Defense Framework. (93%)
A Study on the Efficiency and Generalization of Light Hybrid Retrievers. (86%)
Practical Adversarial Attacks on Spatiotemporal Traffic Forecasting Models. (81%)
On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses. (75%)
Robustness Certification of Visual Perception Models via Camera Motion Smoothing. (70%)
Backdoor Attacks in the Supply Chain of Masked Image Modeling. (68%)
CADet: Fully Self-Supervised Anomaly Detection With Contrastive Learning. (54%)
Invariant Aggregator for Defending Federated Backdoor Attacks. (22%)
2022-10-03
MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples. (99%)
Push-Pull: Characterizing the Adversarial Robustness for Audio-Visual Active Speaker Detection. (97%)
Stability Analysis and Generalization Bounds of Adversarial Training. (96%)
On Attacking Out-Domain Uncertainty Estimation in Deep Neural Networks. (92%)
Decompiling x86 Deep Neural Network Executables. (83%)
Strength-Adaptive Adversarial Training. (80%)
ASGNN: Graph Neural Networks with Adaptive Structure. (68%)
UnGANable: Defending Against GAN-based Face Manipulation. (2%)
2022-10-02
Adaptive Smoothness-weighted Adversarial Training for Multiple Perturbations with Its Stability Analysis. (99%)
Understanding Adversarial Robustness Against On-manifold Adversarial Examples. (99%)
FLCert: Provably Secure Federated Learning against Poisoning Attacks. (74%)
Optimization for Robustness Evaluation beyond $\ell_p$ Metrics. (16%)
Automated Security Analysis of Exposure Notification Systems. (1%)
2022-10-01
DeltaBound Attack: Efficient decision-based attack in low queries regime. (96%)
Adversarial Attacks on Transformers-Based Malware Detectors. (91%)
Voice Spoofing Countermeasures: Taxonomy, State-of-the-art, experimental analysis of generalizability, open challenges, and the way forward. (5%)
2022-09-30
Your Out-of-Distribution Detection Method is Not Robust! (99%)
Learning Robust Kernel Ensembles with Kernel Average Pooling. (99%)
Adversarial Robustness of Representation Learning for Knowledge Graphs. (95%)
Visual Privacy Protection Based on Type-I Adversarial Attack. (92%)
On the tightness of linear relaxation based robustness certification methods. (78%)
Data Poisoning Attacks Against Multimodal Encoders. (73%)
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. (70%)
2022-09-29
Physical Adversarial Attack meets Computer Vision: A Decade Survey. (99%)
Towards Lightweight Black-Box Attacks against Deep Neural Networks. (99%)
Generalizability of Adversarial Robustness Under Distribution Shifts. (83%)
Digital and Physical Face Attacks: Reviewing and One Step Further. (2%)
Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks. (1%)
2022-09-28
A Survey on Physical Adversarial Attack in Computer Vision. (99%)
Exploring the Relationship between Architecture and Adversarially Robust Generalization. (99%)
A Closer Look at Evaluating the Bit-Flip Attack Against Deep Neural Networks. (67%)
Supervised Contrastive Learning as Multi-Objective Optimization for Fine-Tuning Large Pre-trained Language Models. (47%)
On the Robustness of Ensemble-Based Machine Learning Against Data Poisoning. (12%)
CALIP: Zero-Shot Enhancement of CLIP with Parameter-free Attention. (1%)
Improving alignment of dialogue agents via targeted human judgements. (1%)
2022-09-27
Suppress with a Patch: Revisiting Universal Adversarial Patch Attacks against Object Detection. (74%)
Inducing Data Amplification Using Auxiliary Datasets in Adversarial Training. (33%)
Attacking Compressed Vision Transformers. (33%)
Mitigating Attacks on Artificial Intelligence-based Spectrum Sensing for Cellular Network Signals. (8%)
Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection. (5%)
Reconstruction-guided attention improves the robustness and shape processing of neural networks. (2%)
A Learning-based Honeypot Game for Collaborative Defense in UAV Networks. (1%)
Stability Via Adversarial Training of Neural Network Stochastic Control of Mean-Field Type. (1%)
Measuring Overfitting in Convolutional Neural Networks using Adversarial Perturbations and Label Noise. (1%)
2022-09-26
FG-UAP: Feature-Gathering Universal Adversarial Perturbation. (99%)
Activation Learning by Local Competitions. (64%)
Multi-Task Adversarial Training Algorithm for Multi-Speaker Neural Text-to-Speech. (1%)
Greybox XAI: a Neural-Symbolic learning framework to produce interpretable predictions for image classification. (1%)
2022-09-25
SPRITZ-1.5C: Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks. (81%)
2022-09-24
Approximate better, Attack stronger: Adversarial Example Generation via Asymptotically Gaussian Mixture Distribution. (99%)
2022-09-23
The "Beatrix'' Resurrections: Robust Backdoor Detection via Gram Matrices. (13%)
2022-09-22
Privacy Attacks Against Biometric Models with Fewer Samples: Incorporating the Output of Multiple Models. (50%)
2022-09-21
Fair Robust Active Learning by Joint Inconsistency. (99%)
Toy Models of Superposition. (45%)
DARTSRepair: Core-failure-set Guided DARTS for Network Robustness to Common Corruptions. (13%)
Fairness Reprogramming. (1%)
2022-09-20
Understanding Real-world Threats to Deep Learning Models in Android Apps. (99%)
Audit and Improve Robustness of Private Neural Networks on Encrypted Data. (99%)
GAMA: Generative Adversarial Multi-Object Scene Attacks. (99%)
Sparse Vicious Attacks on Graph Neural Networks. (98%)
Leveraging Local Patch Differences in Multi-Object Scenes for Generative Adversarial Attacks. (98%)
Rethinking Data Augmentation in Knowledge Distillation for Object Detection. (68%)
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. (1%)
EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware. (1%)
2022-09-19
Catoptric Light can be Dangerous: Effective Physical-World Attack by Natural Phenomenon. (99%)
Adversarial Color Projection: A Projector-Based Physical Attack to DNNs. (99%)
2022-09-18
On the Adversarial Transferability of ConvMixer Models. (99%)
AdvDO: Realistic Adversarial Attacks for Trajectory Prediction. (96%)
Distribution inference risks: Identifying and mitigating sources of leakage. (1%)
2022-09-17
Watch What You Pretrain For: Targeted, Transferable Adversarial Examples on Self-Supervised Speech Recognition models. (99%)
pFedDef: Defending Grey-Box Attacks for Personalized Federated Learning. (98%)
A study on the deviations in performance of FNNs and CNNs in the realm of grayscale adversarial images. (4%)
2022-09-16
Robust Ensemble Morph Detection with Domain Generalization. (99%)
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection. (99%)
Enhance the Visual Representation via Discrete Adversarial Training. (97%)
Model Inversion Attacks against Graph Neural Networks. (92%)
PointCAT: Contrastive Adversarial Training for Robust Point Cloud Recognition. (62%)
Cascading Failures in Power Grids. (33%)
Dataset Inference for Self-Supervised Models. (16%)
On the Robustness of Graph Neural Diffusion to Topology Perturbations. (15%)
A Systematic Evaluation of Node Embedding Robustness. (11%)
2022-09-15
Improving Robust Fairness via Balance Adversarial Training. (99%)
A Light Recipe to Train Robust Vision Transformers. (98%)
Part-Based Models Improve Adversarial Robustness. (92%)
Explicit Tradeoffs between Adversarial and Natural Distributional Robustness. (80%)
Adversarially Robust Learning: A Generic Minimax Optimal Learner and Characterization. (80%)
Defending Root DNS Servers Against DDoS Using Layered Defenses. (15%)
BadRes: Reveal the Backdoors through Residual Connection. (2%)
Adversarial Cross-View Disentangled Graph Contrastive Learning. (1%)
Towards Improving Calibration in Object Detection Under Domain Shift. (1%)
2022-09-14
Robust Transferable Feature Extractors: Learning to Defend Pre-Trained Networks Against White Box Adversaries. (99%)
PointACL:Adversarial Contrastive Learning for Robust Point Clouds Representation under Adversarial Attack. (99%)
Certified Robustness to Word Substitution Ranking Attack for Neural Ranking Models. (99%)
Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models. (97%)
On the interplay of adversarial robustness and architecture components: patches, convolution and attention. (67%)
M^4I: Multi-modal Models Membership Inference. (54%)
Finetuning Pretrained Vision-Language Models with Correlation Information Bottleneck for Robust Visual Question Answering. (12%)
Robust Constrained Reinforcement Learning. (9%)
2022-09-13
Adversarial Coreset Selection for Efficient Robust Training. (99%)
TSFool: Crafting High-quality Adversarial Time Series through Multi-objective Optimization to Fool Recurrent Neural Network Classifiers. (99%)
PINCH: An Adversarial Extraction Attack Framework for Deep Learning Models. (92%)
Certified Defences Against Adversarial Patch Attacks on Semantic Segmentation. (78%)
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks. (68%)
ADMM based Distributed State Observer Design under Sparse Sensor Attacks. (22%)
A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation Is the Fixed Point of Adversarial Game. (15%)
Defense against Privacy Leakage in Federated Learning. (12%)
Federated Learning based on Defending Against Data Poisoning Attacks in IoT. (1%)
2022-09-12
Adaptive Perturbation Generation for Multiple Backdoors Detection. (95%)
CARE: Certifiably Robust Learning with Reasoning via Variational Inference. (75%)
Sample Complexity of an Adversarial Attack on UCB-based Best-arm Identification Policy. (69%)
Boosting Robustness Verification of Semantic Feature Neighborhoods. (54%)
Semantic-Preserving Adversarial Code Comprehension. (1%)
Holistic Segmentation. (1%)
Class-Level Logit Perturbation. (1%)
2022-09-11
Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization. (99%)
Generate novel and robust samples from data: accessible sharing without privacy concerns. (5%)
2022-09-10
Scattering Model Guided Adversarial Examples for SAR Target Recognition: Attack and Defense. (99%)
2022-09-09
The Space of Adversarial Strategies. (99%)
Defend Data Poisoning Attacks on Voice Authentication. (54%)
Robust-by-Design Classification via Unitary-Gradient Neural Networks. (41%)
Robust and Lossless Fingerprinting of Deep Neural Networks via Pooled Membership Inference. (10%)
Saliency Guided Adversarial Training for Learning Generalizable Features with Applications to Medical Imaging Classification System. (1%)
2022-09-08
Incorporating Locality of Images to Generate Targeted Transferable Adversarial Examples. (99%)
Evaluating the Security of Aircraft Systems. (92%)
Uncovering the Connection Between Differential Privacy and Certified Robustness of Federated Learning against Poisoning Attacks. (62%)
A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms. (1%)
FADE: Enabling Large-Scale Federated Adversarial Training on Resource-Constrained Edge Devices. (1%)
2022-09-07
On the Transferability of Adversarial Examples between Encrypted Models. (99%)
Securing the Spike: On the Transferabilty and Security of Spiking Neural Networks to Adversarial Examples. (99%)
Reward Delay Attacks on Deep Reinforcement Learning. (70%)
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems. (47%)
Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. (15%)
Physics-Guided Adversarial Machine Learning for Aircraft Systems Simulation. (1%)
Hardware faults that matter: Understanding and Estimating the safety impact of hardware faults on object detection DNNs. (1%)
MalDetConv: Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques. (1%)
2022-09-06
Instance Attack:An Explanation-based Vulnerability Analysis Framework Against DNNs for Malware Detection. (99%)
Bag of Tricks for FGSM Adversarial Training. (96%)
Improving Robustness to Out-of-Distribution Data by Frequency-based Augmentation. (82%)
Defending Against Backdoor Attack on Graph Nerual Network by Explainability. (80%)
MACAB: Model-Agnostic Clean-Annotation Backdoor to Object Detection with Natural Trigger in Real-World. (54%)
Multimodal contrastive learning for remote sensing tasks. (1%)
Annealing Optimization for Progressive Learning with Stochastic Approximation. (1%)
Interpretations Steered Network Pruning via Amortized Inferred Saliency Maps. (1%)
A Survey of Machine Unlearning. (1%)
2022-09-05
Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples. (98%)
White-Box Adversarial Policies in Deep Reinforcement Learning. (98%)
"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. (69%)
Adversarial Detection: Attacking Object Detection in Real Time. (64%)
PromptAttack: Prompt-based Attack for Language Models via Gradient Search. (16%)
Federated Zero-Shot Learning for Visual Recognition. (2%)
Improving Out-of-Distribution Detection via Epistemic Uncertainty Adversarial Training. (2%)
2022-09-04
An Adaptive Black-box Defense against Trojan Attacks (TrojDef). (98%)
Hide & Seek: Seeking the (Un)-Hidden key in Provably-Secure Logic Locking Techniques. (11%)
Synergistic Redundancy: Towards Verifiable Safety for Autonomous Vehicles. (1%)
2022-09-02
Adversarial Color Film: Effective Physical-World Attack to DNNs. (98%)
Impact of Scaled Image on Robustness of Deep Neural Networks. (98%)
Property inference attack; Graph neural networks; Privacy attacks and defense; Trustworthy machine learning. (95%)
Impact of Colour Variation on Robustness of Deep Neural Networks. (92%)
Scalable Adversarial Attack Algorithms on Influence Maximization. (68%)
Are Attribute Inference Attacks Just Imputation? (31%)
Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well? (9%)
Revisiting Outer Optimization in Adversarial Training. (5%)
2022-09-01
Adversarial for Social Privacy: A Poisoning Strategy to Degrade User Identity Linkage. (98%)
Universal Fourier Attack for Time Series. (12%)
2022-08-31
Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning. (99%)
Unrestricted Adversarial Samples Based on Non-semantic Feature Clusters Substitution. (99%)
Membership Inference Attacks by Exploiting Loss Trajectory. (70%)
Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. (13%)
Feature Alignment by Uncertainty and Self-Training for Source-Free Unsupervised Domain Adaptation. (1%)
Vulnerability of Distributed Inverter VAR Control in PV Distributed Energy System. (1%)
2022-08-30
A Black-Box Attack on Optical Character Recognition Systems. (99%)
Robustness and invariance properties of image classifiers. (99%)
Solving the Capsulation Attack against Backdoor-based Deep Neural Network Watermarks by Reversing Triggers. (1%)
Constraining Representations Yields Models That Know What They Don't Know. (1%)
2022-08-29
Towards Adversarial Purification using Denoising AutoEncoders. (99%)
Reducing Certified Regression to Certified Classification for General Poisoning Attacks. (54%)
Interpreting Black-box Machine Learning Models for High Dimensional Datasets. (1%)
2022-08-28
Cross-domain Cross-architecture Black-box Attacks on Fine-tuned Models with Transferred Evolutionary Strategies. (99%)
2022-08-27
Adversarial Robustness for Tabular Data through Cost and Utility Awareness. (99%)
SA: Sliding attack for synthetic speech detection with resistance to clipping and self-splicing. (99%)
Overparameterized (robust) models from computational constraints. (13%)
TrojViT: Trojan Insertion in Vision Transformers. (11%)
RL-DistPrivacy: Privacy-Aware Distributed Deep Inference for low latency IoT systems. (1%)
2022-08-26
What Does the Gradient Tell When Attacking the Graph Structure. (69%)
Network-Level Adversaries in Federated Learning. (54%)
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. (45%)
Lower Difficulty and Better Robustness: A Bregman Divergence Perspective for Adversarial Training. (4%)
2022-08-25
Semantic Preserving Adversarial Attack Generation with Autoencoder and Genetic Algorithm. (99%)
SNAP: Efficient Extraction of Private Properties with Poisoning. (86%)
FuncFooler: A Practical Black-box Attack Against Learning-based Binary Code Similarity Detection Methods. (78%)
Robust Prototypical Few-Shot Organ Segmentation with Regularized Neural-ODEs. (31%)
Calibrated Selective Classification. (15%)
XDRI Attacks - and - How to Enhance Resilience of Residential Routers. (4%)
FedPrompt: Communication-Efficient and Privacy Preserving Prompt Tuning in Federated Learning. (1%)
2022-08-24
Unrestricted Black-box Adversarial Attack Using GAN with Limited Queries. (99%)
Trace and Detect Adversarial Attacks on CNNs using Feature Response Maps. (98%)
Attacking Neural Binary Function Detection. (98%)
A Perturbation Resistant Transformation and Classification System for Deep Neural Networks. (98%)
Rethinking Cost-sensitive Classification in Deep Learning via Adversarial Data Augmentation. (92%)
2022-08-23
Towards an Awareness of Time Series Anomaly Detection Models' Adversarial Vulnerability. (99%)
Adversarial Vulnerability of Temporal Feature Networks for Object Detection. (99%)
Transferability Ranking of Adversarial Examples. (99%)
Auditing Membership Leakages of Multi-Exit Networks. (76%)
A Comprehensive Study of Real-Time Object Detection Networks Across Multiple Domains: A Survey. (13%)
Robust DNN Watermarking via Fixed Embedding Weights with Optimized Distribution. (10%)
2022-08-22
Fight Fire With Fire: Reversing Skin Adversarial Examples by Multiscale Diffusive and Denoising Aggregation Mechanism. (99%)
Hierarchical Perceptual Noise Injection for Social Media Fingerprint Privacy Protection. (98%)
Different Spectral Representations in Optimized Artificial Neural Networks and Brains. (93%)
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models. (87%)
BARReL: Bottleneck Attention for Adversarial Robustness in Vision-Based Reinforcement Learning. (86%)
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN. (62%)
Toward Better Target Representation for Source-Free and Black-Box Domain Adaptation. (31%)
Optimal Bootstrapping of PoW Blockchains. (1%)
2022-08-21
PointDP: Diffusion-driven Purification against Adversarial Attacks on 3D Point Cloud Recognition. (99%)
Inferring Sensitive Attributes from Model Explanations. (56%)
Byzantines can also Learn from History: Fall of Centered Clipping in Federated Learning. (10%)
MockingBERT: A Method for Retroactively Adding Resilience to NLP Models. (4%)
NOSMOG: Learning Noise-robust and Structure-aware MLPs on Graphs. (1%)
A Unified Analysis of Mixed Sample Data Augmentation: A Loss Function Perspective. (1%)
2022-08-20
Analyzing Adversarial Robustness of Vision Transformers against Spatial and Spectral Attacks. (86%)
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes. (33%)
Sensor Security: Current Progress, Research Challenges, and Future Roadmap. (10%)
Evaluating Out-of-Distribution Detectors Through Adversarial Generation of Outliers. (5%)
Adversarial contamination of networks in the setting of vertex nomination: a new trimming method. (1%)
2022-08-19
Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks. (99%)
Gender Bias and Universal Substitution Adversarial Attacks on Grammatical Error Correction Systems for Automated Assessment. (92%)
Dispersed Pixel Perturbation-based Imperceptible Backdoor Trigger for Image Classifier Models. (76%)
A Novel Plug-and-Play Approach for Adversarially Robust Generalization. (54%)
SAFARI: Versatile and Efficient Evaluations for Robustness of Interpretability. (8%)
UKP-SQuARE v2 Explainability and Adversarial Attacks for Trustworthy QA. (1%)
2022-08-18
Resisting Adversarial Attacks in Deep Neural Networks using Diverse Decision Boundaries. (99%)
Enhancing Targeted Attack Transferability via Diversified Weight Pruning. (99%)
Enhancing Diffusion-Based Image Synthesis with Robust Classifier Guidance. (45%)
Reverse Engineering of Integrated Circuits: Tools and Techniques. (33%)
DAFT: Distilling Adversarially Fine-tuned Models for Better OOD Generalization. (10%)
Discovering Bugs in Vision Models using Off-the-shelf Image Generation and Captioning. (3%)
Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy. (2%)
Profiler: Profile-Based Model to Detect Phishing Emails. (1%)
2022-08-17
Two Heads are Better than One: Robust Learning Meets Multi-branch Models. (99%)
An Evolutionary, Gradient-Free, Query-Efficient, Black-Box Algorithm for Generating Adversarial Instances in Deep Networks. (99%)
Shadows Aren't So Dangerous After All: A Fast and Robust Defense Against Shadow-Based Adversarial Attacks. (98%)
Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System. (70%)
An Efficient Multi-Step Framework for Malware Packing Identification. (41%)
An Empirical Study on the Membership Inference Attack against Tabular Data Synthesis Models. (26%)
Efficient Detection and Filtering Systems for Distributed Training. (13%)
On the Privacy Effect of Data Enhancement via the Lens of Memorization. (10%)
ObfuNAS: A Neural Architecture Search-based DNN Obfuscation Approach. (2%)
DF-Captcha: A Deepfake Captcha for Preventing Fake Calls. (1%)
Analyzing Robustness of End-to-End Neural Models for Automatic Speech Recognition. (1%)
2022-08-16
A Context-Aware Approach for Textual Adversarial Attack through Probability Difference Guided Beam Search. (82%)
Imperceptible and Robust Backdoor Attack in 3D Point Cloud. (68%)
AutoCAT: Reinforcement Learning for Automated Exploration of Cache-Timing Attacks. (13%)
2022-08-15
MENLI: Robust Evaluation Metrics from Natural Language Inference. (92%)
Man-in-the-Middle Attack against Object Detection Systems. (86%)
Training-Time Attacks against k-Nearest Neighbors. (2%)
CTI4AI: Threat Intelligence Generation and Sharing after Red Teaming AI Models. (1%)
2022-08-14
A Multi-objective Memetic Algorithm for Auto Adversarial Attack Optimization Design. (99%)
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection. (92%)
InvisibiliTee: Angle-agnostic Cloaking from Person-Tracking Systems with a Tee. (92%)
Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning. (67%)
2022-08-13
Friendly Noise against Adversarial Noise: A Powerful Defense against Data Poisoning Attacks. (99%)
Revisiting Adversarial Attacks on Graph Neural Networks for Graph Classification. (95%)
Confidence Matters: Inspecting Backdoors in Deep Neural Networks via Distribution Transfer. (62%)
2022-08-12
Scale-free and Task-agnostic Attack: Generating Photo-realistic Adversarial Patterns with Patch Quilting Generator. (99%)
MaskBlock: Transferable Adversarial Examples with Bayes Approach. (99%)
Defensive Distillation based Adversarial Attacks Mitigation Method for Channel Estimation using Deep Learning Models in Next-Generation Wireless Networks. (98%)
A Knowledge Distillation-Based Backdoor Attack in Federated Learning. (93%)
Unifying Gradients to Improve Real-world Robustness for Deep Networks. (92%)
Dropout is NOT All You Need to Prevent Gradient Leakage. (62%)
Defense against Backdoor Attacks via Identifying and Purifying Bad Neurons. (2%)
PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data. (2%)
2022-08-11
Diverse Generative Perturbations on Attention Space for Transferable Adversarial Attacks. (99%)
General Cutting Planes for Bound-Propagation-Based Neural Network Verification. (68%)
On deceiving malware classification with section injection. (5%)
A Probabilistic Framework for Mutation Testing in Deep Neural Networks. (1%)
Safety and Performance, Why not Both? Bi-Objective Optimized Model Compression toward AI Software Deployment. (1%)
Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone. (1%)
2022-08-10
Explaining Machine Learning DGA Detectors from DNS Traffic Data. (13%)
A Sublinear Adversarial Training Algorithm. (3%)
DVR: Micro-Video Recommendation Optimizing Watch-Time-Gain under Duration Bias. (1%)
2022-08-09
Adversarial Machine Learning-Based Anticipation of Threats Against Vehicle-to-Microgrid Services. (98%)
Reducing Exploitability with Population Based Training. (67%)
Robust Machine Learning for Malware Detection over Time. (9%)
2022-08-08
Robust and Imperceptible Black-box DNN Watermarking Based on Fourier Perturbation Analysis and Frequency Sensitivity Clustering. (75%)
PerD: Perturbation Sensitivity-based Neural Trojan Detection Framework on NLP Applications. (67%)
Adversarial robustness of $\beta-$VAE through the lens of local geometry. (47%)
AWEncoder: Adversarial Watermarking Pre-trained Encoders in Contrastive Learning. (26%)
Abutting Grating Illusion: Cognitive Challenge to Neural Network Models. (1%)
Testing of Machine Learning Models with Limited Samples: An Industrial Vacuum Pumping Application. (1%)
2022-08-07
Federated Adversarial Learning: A Framework with Convergence Analysis. (80%)
Are Gradients on Graph Structure Reliable in Gray-box Attacks? (13%)
2022-08-06
Blackbox Attacks via Surrogate Ensemble Search. (99%)
On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning. (22%)
Preventing or Mitigating Adversarial Supply Chain Attacks; a legal analysis. (3%)
2022-08-05
Adversarial Robustness of MR Image Reconstruction under Realistic Perturbations. (73%)
Data-free Backdoor Removal based on Channel Lipschitzness. (64%)
Lethal Dose Conjecture on Data Poisoning. (2%)
LCCDE: A Decision-Based Ensemble Framework for Intrusion Detection in The Internet of Vehicles. (1%)
Almost-Orthogonal Layers for Efficient General-Purpose Lipschitz Networks. (1%)
2022-08-04
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image Classification. (99%)
2022-08-03
Spectrum Focused Frequency Adversarial Attacks for Automatic Modulation Classification. (99%)
Design of secure and robust cognitive system for malware detection. (99%)
A New Kind of Adversarial Example. (99%)
Adversarial Attacks on ASR Systems: An Overview. (98%)
Multiclass ASMA vs Targeted PGD Attack in Image Segmentation. (96%)
MOVE: Effective and Harmless Ownership Verification via Embedded External Features. (84%)
Robust Graph Neural Networks using Weighted Graph Laplacian. (13%)
2022-08-02
Adversarial Camouflage for Node Injection Attack on Graphs. (81%)
Success of Uncertainty-Aware Deep Models Depends on Data Manifold Geometry. (2%)
SCFI: State Machine Control-Flow Hardening Against Fault Attacks. (1%)
2022-08-01
GeoECG: Data Augmentation via Wasserstein Geodesic Perturbation for Robust Electrocardiogram Prediction. (98%)
Understanding Adversarial Robustness of Vision Transformers via Cauchy Problem. (81%)
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel. (75%)
Attacking Adversarial Defences by Smoothing the Loss Landscape. (26%)
2022-07-31
DNNShield: Dynamic Randomized Model Sparsification, A Defense Against Adversarial Machine Learning. (99%)
Robust Real-World Image Super-Resolution against Adversarial Attacks. (99%)
Is current research on adversarial robustness addressing the right problem? (97%)
2022-07-30
enpheeph: A Fault Injection Framework for Spiking and Compressed Deep Neural Networks. (5%)
CoNLoCNN: Exploiting Correlation and Non-Uniform Quantization for Energy-Efficient Low-precision Deep Convolutional Neural Networks. (2%)
2022-07-29
Robust Trajectory Prediction against Adversarial Attacks. (99%)
Sampling Attacks on Meta Reinforcement Learning: A Minimax Formulation and Complexity Analysis. (56%)
2022-07-28
Pro-tuning: Unified Prompt Tuning for Vision Tasks. (1%)
2022-07-27
Point Cloud Attacks in Graph Spectral Domain: When 3D Geometry Meets Graph Signal Processing. (96%)
Look Closer to Your Enemy: Learning to Attack via Teacher-student Mimicking. (91%)
Membership Inference Attacks via Adversarial Examples. (73%)
Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips. (69%)
DynaMarks: Defending Against Deep Learning Model Extraction Using Dynamic Watermarking. (47%)
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks. (22%)
Generative Steganography Network. (1%)
2022-07-26
LGV: Boosting Adversarial Example Transferability from Large Geometric Vicinity. (99%)
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. (99%)
Generative Extraction of Audio Classifiers for Speaker Identification. (73%)
Toward Transparent AI: A Survey on Interpreting the Inner Structures of Deep Neural Networks. (8%)
2022-07-25
$p$-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations. (99%)
Improving Adversarial Robustness via Mutual Information Estimation. (99%)
SegPGD: An Effective and Efficient Adversarial Attack for Evaluating and Boosting Segmentation Robustness. (99%)
Jigsaw-ViT: Learning Jigsaw Puzzles in Vision Transformer. (75%)
Technical Report: Assisting Backdoor Federated Learning with Whole Population Knowledge Alignment. (9%)
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning. (2%)
2022-07-24
Versatile Weight Attack via Flipping Limited Bits. (86%)
Can we achieve robustness from data alone? (82%)
Proving Common Mechanisms Shared by Twelve Methods of Boosting Adversarial Transferability. (69%)
Privacy Against Inference Attacks in Vertical Federated Learning. (2%)
Semantic-guided Multi-Mask Image Harmonization. (1%)
2022-07-22
Do Perceptually Aligned Gradients Imply Adversarial Robustness? (99%)
Provable Defense Against Geometric Transformations. (47%)
Aries: Efficient Testing of Deep Neural Networks via Labeling-Free Accuracy Estimation. (41%)
Learning from Multiple Annotator Noisy Labels via Sample-wise Label Fusion. (1%)
2022-07-21
Synthetic Dataset Generation for Adversarial Machine Learning Research. (99%)
Careful What You Wish For: on the Extraction of Adversarially Trained Models. (99%)
Rethinking Textual Adversarial Defense for Pre-trained Language Models. (99%)
AugRmixAT: A Data Processing and Training Method for Improving Multiple Robustness and Generalization Performance. (98%)
Knowledge-enhanced Black-box Attacks for Recommendations. (92%)
Towards Efficient Adversarial Training on Vision Transformers. (92%)
Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation. (87%)
Contrastive Self-Supervised Learning Leads to Higher Adversarial Susceptibility. (83%)
A Forgotten Danger in DNN Supervision Testing: Generating and Detecting True Ambiguity. (1%)
2022-07-20
Switching One-Versus-the-Rest Loss to Increase the Margin of Logits for Adversarial Robustness. (99%)
Illusionary Attacks on Sequential Decision Makers and Countermeasures. (98%)
Test-Time Adaptation via Conjugate Pseudo-labels. (10%)
Malware Triage Approach using a Task Memory based on Meta-Transfer Learning Framework. (9%)
2022-07-19
Towards Robust Multivariate Time-Series Forecasting: Adversarial Attacks and Defense Mechanisms. (99%)
FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients. (41%)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond. (26%)
Assaying Out-Of-Distribution Generalization in Transfer Learning. (1%)
2022-07-18
Defending Substitution-Based Profile Pollution Attacks on Sequential Recommenders. (99%)
Prior-Guided Adversarial Initialization for Fast Adversarial Training. (99%)
Decorrelative Network Architecture for Robust Electrocardiogram Classification. (99%)
Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence. (96%)
Adversarial Pixel Restoration as a Pretext Task for Transferable Perturbations. (91%)
Easy Batch Normalization. (69%)
Adversarial Contrastive Learning via Asymmetric InfoNCE. (61%)
Detection of Poisoning Attacks with Anomaly Detection in Federated Learning for Healthcare Applications: A Machine Learning Approach. (22%)
A Certifiable Security Patch for Object Tracking in Self-Driving Systems via Historical Deviation Modeling. (10%)
Benchmarking Machine Learning Robustness in Covid-19 Genome Sequence Classification. (2%)
2022-07-17
Watermark Vaccine: Adversarial Attacks to Prevent Watermark Removal. (99%)
Threat Model-Agnostic Adversarial Defense using Diffusion Models. (99%)
Achieve Optimal Adversarial Accuracy for Adversarial Deep Learning using Stackelberg Game. (96%)
Automated Repair of Neural Networks. (16%)
2022-07-16
DIMBA: Discretely Masked Black-Box Attack in Single Object Tracking. (99%)
Certified Neural Network Watermarks with Randomized Smoothing. (1%)
Progress and limitations of deep networks to recognize objects in unusual poses. (1%)
Exploring The Resilience of Control Execution Skips against False Data Injection Attacks. (1%)
MixTailor: Mixed Gradient Aggregation for Robust Learning Against Tailored Attacks. (1%)
2022-07-15
Towards the Desirable Decision Boundary by Moderate-Margin Adversarial Training. (99%)
CARBEN: Composite Adversarial Robustness Benchmark. (98%)
Masked Spatial-Spectral Autoencoders Are Excellent Hyperspectral Defenders. (68%)
Feasibility of Inconspicuous GAN-generated Adversarial Patches against Object Detection. (10%)
PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. (5%)
3DVerifier: Efficient Robustness Verification for 3D Point Cloud Models. (1%)
2022-07-14
Adversarial Examples for Model-Based Control: A Sensitivity Analysis. (98%)
Adversarial Attacks on Monocular Pose Estimation. (98%)
Provably Adversarially Robust Nearest Prototype Classifiers. (83%)
Improving Task-free Continual Learning by Distributionally Robust Memory Evolution. (70%)
RSD-GAN: Regularized Sobolev Defense GAN Against Speech-to-Text Adversarial Attacks. (67%)
Sound Randomized Smoothing in Floating-Point Arithmetics. (50%)
Audio-guided Album Cover Art Generation with Genetic Algorithms. (38%)
Distance Learner: Incorporating Manifold Prior to Model Training. (16%)
Active Data Pattern Extraction Attacks on Generative Language Models. (11%)
Contrastive Adapters for Foundation Model Group Robustness. (1%)
Lipschitz Bound Analysis of Neural Networks. (1%)
2022-07-13
Perturbation Inactivation Based Adversarial Defense for Face Recognition. (99%)
On the Robustness of Bayesian Neural Networks to Adversarial Attacks. (93%)
Adversarially-Aware Robust Object Detector. (91%)
PIAT: Physics Informed Adversarial Training for Solving Partial Differential Equations. (15%)
Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities. (10%)
Interactive Machine Learning: A State of the Art Review. (4%)
Sample-dependent Adaptive Temperature Scaling for Improved Calibration. (2%)
DiverGet: A Search-Based Software Testing Approach for Deep Neural Network Quantization Assessment. (1%)
2022-07-12
Exploring Adversarial Examples and Adversarial Robustness of Convolutional Neural Networks by Mutual Information. (99%)
Adversarial Robustness Assessment of NeuroEvolution Approaches. (99%)
Frequency Domain Model Augmentation for Adversarial Attack. (99%)
Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware. (92%)
Game of Trojans: A Submodular Byzantine Approach. (87%)
Bi-fidelity Evolutionary Multiobjective Search for Adversarially Robust Deep Neural Architectures. (84%)
Certified Adversarial Robustness via Anisotropic Randomized Smoothing. (76%)
RelaxLoss: Defending Membership Inference Attacks without Losing Utility. (26%)
Verifying Attention Robustness of Deep Neural Networks against Semantic Perturbations. (5%)
Markov Decision Process For Automatic Cyber Defense. (4%)
Estimating Test Performance for AI Medical Devices under Distribution Shift with Conformal Prediction. (1%)
Backdoor Attacks on Crowd Counting. (1%)
2022-07-11
Statistical Detection of Adversarial examples in Blockchain-based Federated Forest In-vehicle Network Intrusion Detection Systems. (99%)
RUSH: Robust Contrastive Learning via Randomized Smoothing. (98%)
Physical Passive Patch Adversarial Attacks on Visual Odometry Systems. (98%)
Towards Effective Multi-Label Recognition Attacks via Knowledge Graph Consistency. (83%)
"Why do so?" -- A Practical Perspective on Machine Learning Security. (64%)
Susceptibility of Continual Learning Against Adversarial Attacks. (45%)
Physical Attack on Monocular Depth Estimation with Optimal Adversarial Patches. (22%)
Adversarial Style Augmentation for Domain Generalized Urban-Scene Segmentation. (1%)
2022-07-10
One-shot Neural Backdoor Erasing via Adversarial Weight Masking. (33%)
Hiding Your Signals: A Security Analysis of PPG-based Biometric Authentication. (4%)
2022-07-09
Adversarial Framework with Certified Robustness for Time-Series Domain via Statistical Features. (98%)
Invisible Backdoor Attacks Using Data Poisoning in the Frequency Domain. (98%)
Dynamic Time Warping based Adversarial Framework for Time-Series Domain. (97%)
Training Robust Deep Models for Time-Series Domain: Novel Algorithms and Theoretical Analysis. (67%)
2022-07-08
Not all broken defenses are equal: The dead angles of adversarial accuracy. (99%)
Improved and Interpretable Defense to Transferred Adversarial Examples by Jacobian Norm with Selective Input Gradient Regularization. (99%)
Defense Against Multi-target Trojan Attacks. (80%)
Guiding the retraining of convolutional neural networks against adversarial inputs. (80%)
Online Evasion Attacks on Recurrent Models:The Power of Hallucinating the Future. (68%)
Models Out of Line: A Fourier Lens on Distribution Shift Robustness. (10%)
A law of adversarial risk, interpolation, and label noise. (1%)
2022-07-07
On the Relationship Between Adversarial Robustness and Decision Region in Deep Neural Network. (99%)
Harnessing Out-Of-Distribution Examples via Augmenting Content and Style. (11%)
CausalAgents: A Robustness Benchmark for Motion Forecasting using Causal Relationships. (5%)
2022-07-06
The Weaknesses of Adversarial Camouflage in Overhead Imagery. (83%)
Adversarial Robustness of Visual Dialog. (64%)
Enhancing Adversarial Attacks on Single-Layer NVM Crossbar-Based Neural Networks with Power Consumption Information. (54%)
When does Bias Transfer in Transfer Learning? (10%)
Privacy-preserving Reflection Rendering for Augmented Reality. (2%)
Not All Models Are Equal: Predicting Model Transferability in a Self-challenging Fisher Space. (1%)
2022-07-05
Query-Efficient Adversarial Attack Based on Latin Hypercube Sampling. (99%)
Defending against the Label-flipping Attack in Federated Learning. (98%)
UniCR: Universally Approximated Certified Robustness via Randomized Smoothing. (93%)
PRoA: A Probabilistic Robustness Assessment against Functional Perturbations. (92%)
Learning to Accelerate Approximate Methods for Solving Integer Programming via Early Fixing. (38%)
Robustness Analysis of Video-Language Models Against Visual and Language Perturbations. (1%)
Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. (1%)
PoF: Post-Training of Feature Extractor for Improving Generalization. (1%)
Class-Specific Semantic Reconstruction for Open Set Recognition. (1%)
2022-07-04
Hessian-Free Second-Order Adversarial Examples for Adversarial Learning. (99%)
Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples. (98%)
Task-agnostic Defense against Adversarial Patch Attacks. (98%)
Large-scale Robustness Analysis of Video Action Recognition Models. (70%)
Counterbalancing Teacher: Regularizing Batch Normalized Models for Robustness. (1%)
2022-07-03
RAF: Recursive Adversarial Attacks on Face Recognition Using Extremely Limited Queries. (99%)
Removing Batch Normalization Boosts Adversarial Training. (98%)
Anomaly Detection with Adversarially Learned Perturbations of Latent Space. (13%)
Identifying the Context Shift between Test Benchmarks and Production Data. (1%)
2022-07-02
FL-Defender: Combating Targeted Attacks in Federated Learning. (80%)
Backdoor Attack is a Devil in Federated GAN-based Medical Image Synthesis. (11%)
PhilaeX: Explaining the Failure and Success of AI Models in Malware Detection. (1%)
2022-07-01
Efficient Adversarial Training With Data Pruning. (99%)
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label. (99%)
2022-06-30
Detecting and Recovering Adversarial Examples from Extracting Non-robust and Highly Predictive Adversarial Perturbations. (99%)
Measuring Forgetting of Memorized Training Examples. (83%)
MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. (80%)
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN. (16%)
Threat Assessment in Machine Learning based Systems. (13%)
Robustness of Epinets against Distributional Shifts. (1%)
ProSelfLC: Progressive Self Label Correction Towards A Low-Temperature Entropy State. (1%)
No Reason for No Supervision: Improved Generalization in Supervised Models. (1%)
Augment like there's no tomorrow: Consistently performing neural networks for medical imaging. (1%)
2022-06-29
IBP Regularization for Verified Adversarial Robustness via Branch-and-Bound. (92%)
Adversarial Ensemble Training by Jointly Learning Label Dependencies and Member Models. (33%)
longhorns at DADC 2022: How many linguists does it take to fool a Question Answering model? A systematic approach to adversarial attacks. (10%)
Private Graph Extraction via Feature Explanations. (4%)
RegMixup: Mixup as a Regularizer Can Surprisingly Improve Accuracy and Out Distribution Robustness. (2%)
2022-06-28
Increasing Confidence in Adversarial Robustness Evaluations. (99%)
Rethinking Adversarial Examples for Location Privacy Protection. (93%)
A Deep Learning Approach to Create DNS Amplification Attacks. (92%)
On the amplification of security and privacy risks by post-hoc explanations in machine learning models. (31%)
How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection. (12%)
An Empirical Study of Challenges in Converting Deep Learning Models. (5%)
Reasoning about Moving Target Defense in Attack Modeling Formalisms. (2%)
AS-IntroVAE: Adversarial Similarity Distance Makes Robust IntroVAE. (1%)
2022-06-27
Adversarial Example Detection in Deployed Tree Ensembles. (99%)
Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs. (31%)
Utilizing Class Separation Distance for the Evaluation of Corruption Robustness of Machine Learning Classifiers. (15%)
Cyber Network Resilience against Self-Propagating Malware Attacks. (13%)
Quantification of Deep Neural Network Prediction Uncertainties for VVUQ of Machine Learning Models. (4%)
2022-06-26
Self-Healing Robust Neural Networks via Closed-Loop Control. (45%)
De-END: Decoder-driven Watermarking Network. (1%)
2022-06-25
Empirical Evaluation of Physical Adversarial Patch Attacks Against Overhead Object Detection Models. (99%)
Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising. (99%)
RSTAM: An Effective Black-Box Impersonation Attack on Face Recognition using a Mobile and Compact Printer. (99%)
Defending Multimodal Fusion Models against Single-Source Adversaries. (81%)
BackdoorBench: A Comprehensive Benchmark of Backdoor Learning. (12%)
Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks. (1%)
2022-06-24
Defending Backdoor Attacks on Vision Transformer via Patch Processing. (99%)
AdAUC: End-to-end Adversarial AUC Optimization Against Long-tail Problems. (96%)
Adversarial Robustness of Deep Neural Networks: A Survey from a Formal Verification Perspective. (92%)
Robustness of Explanation Methods for NLP Models. (82%)
zPROBE: Zero Peek Robustness Checks for Federated Learning. (4%)
Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems. (2%)
2022-06-23
Adversarial Zoom Lens: A Novel Physical-World Attack to DNNs. (99%)
A Framework for Understanding Model Extraction Attack and Defense. (98%)
Towards End-to-End Private Automatic Speaker Recognition. (76%)
BERT Rankers are Brittle: a Study using Adversarial Document Perturbations. (75%)
Never trust, always verify : a roadmap for Trustworthy AI? (1%)
Measuring Representational Robustness of Neural Networks Through Shared Invariances. (1%)
2022-06-22
AdvSmo: Black-box Adversarial Attack by Smoothing Linear Structure of Texture. (99%)
InfoAT: Improving Adversarial Training Using the Information Bottleneck Principle. (98%)
Robust Universal Adversarial Perturbations. (97%)
Guided Diffusion Model for Adversarial Purification from Random Noise. (68%)
Understanding the effect of sparsity on neural networks robustness. (61%)
Shilling Black-box Recommender Systems by Learning to Generate Fake User Profiles. (41%)
2022-06-21
SSMI: How to Make Objects of Interest Disappear without Accessing Object Detectors? (99%)
Transferable Graph Backdoor Attack. (99%)
(Certified!!) Adversarial Robustness for Free! (84%)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems. (81%)
FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. (68%)
Natural Backdoor Datasets. (33%)
The Privacy Onion Effect: Memorization is Relative. (22%)
ProML: A Decentralised Platform for Provenance Management of Machine Learning Software Systems. (1%)
2022-06-20
Understanding Robust Learning through the Lens of Representation Similarities. (99%)
Diversified Adversarial Attacks based on Conjugate Gradient Method. (98%)
Robust Deep Reinforcement Learning through Bootstrapped Opportunistic Curriculum. (76%)
SafeBench: A Benchmarking Platform for Safety Evaluation of Autonomous Vehicles. (5%)
Breaking Down Out-of-Distribution Detection: Many Methods Based on OOD Training Data Estimate a Combination of the Same Core Quantities. (1%)
2022-06-19
On the Limitations of Stochastic Pre-processing Defenses. (99%)
Towards Adversarial Attack on Vision-Language Pre-training Models. (98%)
A Universal Adversarial Policy for Text Classifiers. (98%)
JPEG Compression-Resistant Low-Mid Adversarial Perturbation against Unauthorized Face Recognition System. (68%)
Adversarially trained neural representations may already be as robust as corresponding biological neural representations. (31%)
2022-06-18
Demystifying the Adversarial Robustness of Random Transformation Defenses. (99%)
On the Role of Generalization in Transferability of Adversarial Examples. (99%)
DECK: Model Hardening for Defending Pervasive Backdoors. (98%)
Measuring Lower Bounds of Local Differential Privacy via Adversary Instantiations in Federated Learning. (10%)
Adversarial Scrutiny of Evidentiary Statistical Software. (2%)
2022-06-17
Detecting Adversarial Examples in Batches -- a geometrical approach. (99%)
Minimum Noticeable Difference based Adversarial Privacy Preserving Image Generation. (99%)
Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization. (99%)
Comment on Transferability and Input Transformation with Additive Noise. (99%)
Adversarial Robustness is at Odds with Lazy Training. (98%)
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection. (83%)
RetrievalGuard: Provably Robust 1-Nearest Neighbor Image Retrieval. (81%)
The Consistency of Adversarial Training for Binary Classification. (26%)
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification. (15%)
Understanding Robust Overfitting of Adversarial Training and Beyond. (8%)
2022-06-16
Adversarial Privacy Protection on Speech Enhancement. (99%)
Boosting the Adversarial Transferability of Surrogate Model with Dark Knowledge. (99%)
Analysis and Extensions of Adversarial Training for Video Classification. (93%)
Double Sampling Randomized Smoothing. (89%)
Adversarial Robustness of Graph-based Anomaly Detection. (76%)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks. (68%)
Backdoor Attacks on Vision Transformers. (31%)
Adversarial Patch Attacks and Defences in Vision-Based Tasks: A Survey. (22%)
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences. (5%)
Catastrophic overfitting is a bug but also a feature. (2%)
Gradient-Based Adversarial and Out-of-Distribution Detection. (2%)
"Understanding Robustness Lottery": A Comparative Visual Analysis of Neural Network Pruning Approaches. (1%)
2022-06-15
Fast and Reliable Evaluation of Adversarial Robustness with Minimum-Margin Attack. (99%)
Morphence-2.0: Evasion-Resilient Moving Target Defense Powered by Out-of-Distribution Detection. (99%)
Architectural Backdoors in Neural Networks. (83%)
Hardening DNNs against Transfer Attacks during Network Compression using Greedy Adversarial Pruning. (75%)
Linearity Grafting: Relaxed Neuron Pruning Helps Certifiable Robustness. (74%)
A Search-Based Testing Approach for Deep Reinforcement Learning Agents. (62%)
Can pruning improve certified robustness of neural networks? (56%)
Improving Diversity with Adversarially Learned Transformations for Domain Generalization. (33%)
Queried Unlabeled Data Improves and Robustifies Class-Incremental Learning. (11%)
The Manifold Hypothesis for Gradient-Based Explanations. (2%)
READ: Aggregating Reconstruction Error into Out-of-distribution Detection. (1%)
2022-06-14
Adversarial Vulnerability of Randomized Ensembles. (99%)
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training. (99%)
Proximal Splitting Adversarial Attacks for Semantic Segmentation. (92%)
Efficiently Training Low-Curvature Neural Networks. (92%)
Defending Observation Attacks in Deep Reinforcement Learning via Detection and Denoising. (88%)
Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO. (86%)
Turning a Curse Into a Blessing: Enabling Clean-Data-Free Defenses by Model Inversion. (68%)
Human Eyes Inspired Recurrent Neural Networks are More Robust Against Adversarial Noises. (62%)
When adversarial attacks become interpretable counterfactual explanations. (62%)
Attacks on Perception-Based Control Systems: Modeling and Fundamental Limits. (2%)
A Gift from Label Smoothing: Robust Training with Adaptive Label Smoothing via Auxiliary Classifier under Label Noise. (1%)
A Survey on Gradient Inversion: Attacks, Defenses and Future Directions. (1%)
2022-06-13
Towards Alternative Techniques for Improving Adversarial Robustness: Analysis of Adversarial Training at a Spectrum of Perturbations. (99%)
Distributed Adversarial Training to Robustify Deep Neural Networks at Scale. (99%)
Pixel to Binary Embedding Towards Robustness for CNNs. (47%)
Towards Understanding Sharpness-Aware Minimization. (1%)
Efficient Human-in-the-loop System for Guiding DNNs Attention. (1%)
2022-06-12
Consistent Attack: Universal Adversarial Perturbation on Embodied Vision Navigation. (98%)
Security of Machine Learning-Based Anomaly Detection in Cyber Physical Systems. (92%)
Darknet Traffic Classification and Adversarial Attacks. (81%)
InBiaseD: Inductive Bias Distillation to Improve Generalization and Robustness through Shape-awareness. (26%)
RSSD: Defend against Ransomware with Hardware-Isolated Network-Storage Codesign and Post-Attack Analysis. (9%)
Neurotoxin: Durable Backdoors in Federated Learning. (5%)
An Efficient Method for Sample Adversarial Perturbations against Nonlinear Support Vector Machines. (4%)
2022-06-11
Improving the Adversarial Robustness of NLP Models by Information Bottleneck. (99%)
Defending Adversarial Examples by Negative Correlation Ensemble. (99%)
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks. (81%)
Bilateral Dependency Optimization: Defending Against Model-inversion Attacks. (69%)
2022-06-10
Localized adversarial artifacts for compressed sensing MRI. (76%)
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency. (70%)
Blades: A Simulator for Attacks and Defenses in Federated Learning. (33%)
Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers. (9%)
Deep Leakage from Model in Federated Learning. (3%)
Adversarial Counterfactual Environment Model Learning. (1%)
2022-06-09
CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models. (99%)
ReFace: Real-time Adversarial Attacks on Face Recognition Systems. (99%)
Adversarial Noises Are Linearly Separable for (Nearly) Random Neural Networks. (98%)
Meet You Halfway: Explaining Deep Learning Mysteries. (92%)
Early Transferability of Adversarial Examples in Deep Neural Networks. (86%)
GSmooth: Certified Robustness against Semantic Transformations via Generalized Randomized Smoothing. (86%)
Beyond the Imitation Game: Quantifying and extrapolating the capabilities of language models. (84%)
Data-Efficient Double-Win Lottery Tickets from Robust Pre-training. (41%)
DORA: Exploring outlier representations in Deep Neural Networks. (1%)
Membership Inference via Backdooring. (1%)
2022-06-08
Wavelet Regularization Benefits Adversarial Training. (99%)
Latent Boundary-guided Adversarial Training. (99%)
Adversarial Text Normalization. (73%)
Autoregressive Perturbations for Data Poisoning. (70%)
Toward Certified Robustness Against Real-World Distribution Shifts. (5%)
Generative Adversarial Networks and Image-Based Malware Classification. (1%)
Robust Deep Ensemble Method for Real-world Image Denoising. (1%)
2022-06-07
Fooling Explanations in Text Classifiers. (99%)
AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems. (99%)
Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition. (99%)
Adaptive Regularization for Adversarial Training. (98%)
Building Robust Ensembles via Margin Boosting. (83%)
On the Permanence of Backdoors in Evolving Models. (67%)
Subject Membership Inference Attacks in Federated Learning. (4%)
Adversarial Reprogramming Revisited. (3%)
Certifying Data-Bias Robustness in Linear Regression. (1%)
Parametric Chordal Sparsity for SDP-based Neural Network Verification. (1%)
Can CNNs Be More Robust Than Transformers? (1%)
2022-06-06
Robust Adversarial Attacks Detection based on Explainable Deep Reinforcement Learning For UAV Guidance and Planning. (99%)
Fast Adversarial Training with Adaptive Step Size. (98%)
Certified Robustness in Federated Learning. (87%)
Robust Image Protection Countering Cropping Manipulation. (12%)
PCPT and ACPT: Copyright Protection and Traceability Scheme for DNN Model. (3%)
Tackling covariate shift with node-based Bayesian neural networks. (1%)
Anomaly Detection with Test Time Augmentation and Consistency Evaluation. (1%)
2022-06-05
Federated Adversarial Training with Transformers. (98%)
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training. (98%)
Which models are innately best at uncertainty estimation? (1%)
2022-06-04
Soft Adversarial Training Can Retain Natural Accuracy. (76%)
2022-06-03
Saliency Attack: Towards Imperceptible Black-box Adversarial Attack. (99%)
Towards Evading the Limits of Randomized Smoothing: A Theoretical Analysis. (96%)
Evaluating Transfer-based Targeted Adversarial Perturbations against Real-World Computer Vision Systems based on Human Judgments. (92%)
A Robust Backpropagation-Free Framework for Images. (80%)
Gradient Obfuscation Checklist Test Gives a False Sense of Security. (73%)
Kallima: A Clean-label Framework for Textual Backdoor Attacks. (26%)
2022-06-02
FACM: Correct the Output of Deep Neural Network with Middle Layers Features against Adversarial Samples. (99%)
Improving the Robustness and Generalization of Deep Neural Network with Confidence Threshold Reduction. (99%)
Adaptive Adversarial Training to Improve Adversarial Robustness of DNNs for Medical Image Segmentation and Detection. (99%)
Adversarial RAW: Image-Scaling Attack Against Imaging Pipeline. (99%)
Adversarial Laser Spot: Robust and Covert Physical Adversarial Attack to DNNs. (98%)
Adversarial Unlearning: Reducing Confidence Along Adversarial Directions. (31%)
MaxStyle: Adversarial Style Composition for Robust Medical Image Segmentation. (8%)
A temporal chrominance trigger for clean-label backdoor attack against anti-spoof rebroadcast detection. (4%)
Learning Unbiased Transferability for Domain Adaptation by Uncertainty Modeling. (1%)
2022-06-01
On the reversibility of adversarial attacks. (99%)
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks. (99%)
Attack-Agnostic Adversarial Detection. (99%)
On the Perils of Cascading Robust Classifiers. (98%)
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations. (98%)
Support Vector Machines under Adversarial Label Contamination. (97%)
Defense Against Gradient Leakage Attacks via Learning to Obscure Data. (80%)
The robust way to stack and bag: the local Lipschitz way. (70%)
Robustness Evaluation and Adversarial Training of an Instance Segmentation Model. (54%)
RoCourseNet: Distributionally Robust Training of a Prediction Aware Recourse Model. (1%)
2022-05-31
Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems. (99%)
Exact Feature Collisions in Neural Networks. (95%)
CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. (93%)
CASSOCK: Viable Backdoor Attacks against DNN in The Wall of Source-Specific Backdoor Defences. (83%)
Semantic Autoencoder and Its Potential Usage for Adversarial Attack. (81%)
An Effective Fusion Method to Enhance the Robustness of CNN. (80%)
Order-sensitive Shapley Values for Evaluating Conceptual Soundness of NLP Models. (64%)
Generative Models with Information-Theoretic Protection Against Membership Inference Attacks. (10%)
Likelihood-Free Inference with Generative Neural Networks via Scoring Rule Minimization. (1%)
2022-05-30
Exposing Fine-grained Adversarial Vulnerability of Face Anti-spoofing Models. (99%)
Searching for the Essence of Adversarial Perturbations. (99%)
Guided Diffusion Model for Adversarial Purification. (99%)
Domain Constraints in Feature Space: Strengthening Robustness of Android Malware Detection against Realizable Adversarial Examples. (98%)
Why Adversarial Training of ReLU Networks Is Difficult? (68%)
CalFAT: Calibrated Federated Adversarial Training with Label Skewness. (67%)
Securing AI-based Healthcare Systems using Blockchain Technology: A State-of-the-Art Systematic Literature Review and Future Research Directions. (15%)
Efficient Reward Poisoning Attacks on Online Deep Reinforcement Learning. (13%)
White-box Membership Attack Against Machine Learning Based Retinopathy Classification. (10%)
Fool SHAP with Stealthily Biased Sampling. (2%)
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance. (2%)
2022-05-29
Robust Weight Perturbation for Adversarial Training. (99%)
Mixture GAN For Modulation Classification Resiliency Against Adversarial Attacks. (99%)
Unfooling Perturbation-Based Post Hoc Explainers. (98%)
On the Robustness of Safe Reinforcement Learning under Observational Perturbations. (93%)
Superclass Adversarial Attack. (80%)
Problem-Space Evasion Attacks in the Android OS: a Survey. (50%)
Context-based Virtual Adversarial Training for Text Classification with Noisy Labels. (11%)
A General Multiple Data Augmentation Based Framework for Training Deep Neural Networks. (1%)
2022-05-28
Contributor-Aware Defenses Against Adversarial Backdoor Attacks. (98%)
BadDet: Backdoor Attacks on Object Detection. (92%)
Syntax-Guided Program Reduction for Understanding Neural Code Intelligence Models. (62%)
2022-05-27
fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems. (96%)
Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power. (95%)
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction. (93%)
Defending Against Stealthy Backdoor Attacks. (73%)
EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks. (13%)
2022-05-26
A Physical-World Adversarial Attack Against 3D Face Recognition. (99%)
Transferable Adversarial Attack based on Integrated Gradients. (99%)
MALICE: Manipulation Attacks on Learned Image ComprEssion. (99%)
Phantom Sponges: Exploiting Non-Maximum Suppression to Attack Deep Object Detectors. (98%)
Circumventing Backdoor Defenses That Are Based on Latent Separability. (96%)
An Analytic Framework for Robust Training of Artificial Neural Networks. (93%)
Adversarial attacks and defenses in Speaker Recognition Systems: A survey. (81%)
PerDoor: Persistent Non-Uniform Backdoors in Federated Learning using Adversarial Perturbations. (81%)
BppAttack: Stealthy and Efficient Trojan Attacks against Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning. (81%)
R-HTDetector: Robust Hardware-Trojan Detection Based on Adversarial Training. (80%)
BagFlip: A Certified Defense against Data Poisoning. (75%)
Fight Poison with Poison: Detecting Backdoor Poison Samples via Decoupling Benign Correlations. (67%)
Membership Inference Attack Using Self Influence Functions. (45%)
MemeTector: Enforcing deep focus for meme detection. (1%)
2022-05-25
Surprises in adversarially-trained linear regression. (87%)
Textual Backdoor Attacks with Iterative Trigger Injection. (61%)
How explainable are adversarially-robust CNNs? (8%)
2022-05-24
Defending a Music Recommender Against Hubness-Based Adversarial Attacks. (99%)
Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks. (99%)
Certified Robustness Against Natural Language Attacks by Causal Intervention. (98%)
One-Pixel Shortcut: on the Learning Preference of Deep Neural Networks. (92%)
Fine-grained Poisoning Attacks to Local Differential Privacy Protocols for Mean and Variance Estimation. (64%)
WeDef: Weakly Supervised Backdoor Defense for Text Classification. (56%)
Recipe2Vec: Multi-modal Recipe Representation Learning with Graph Neural Networks. (50%)
EBM Life Cycle: MCMC Strategies for Synthesis, Defense, and Density Modeling. (10%)
Comprehensive Privacy Analysis on Federated Recommender System against Attribute Inference Attacks. (9%)
Fast & Furious: Modelling Malware Detection as Evolving Data Streams. (2%)
Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free. (2%)
CDFKD-MFS: Collaborative Data-free Knowledge Distillation via Multi-level Feature Sharing. (1%)
2022-05-23
Collaborative Adversarial Training. (98%)
Alleviating Robust Overfitting of Adversarial Training With Consistency Regularization. (98%)
Learning to Ignore Adversarial Attacks. (95%)
Towards a Defense against Backdoor Attacks in Continual Federated Learning. (50%)
Compressing Deep Graph Neural Networks via Adversarial Knowledge Distillation. (10%)
RCC-GAN: Regularized Compound Conditional GAN for Large-Scale Tabular Data Synthesis. (1%)
2022-05-22
AutoJoin: Efficient Adversarial Training for Robust Maneuvering via Denoising Autoencoder and Joint Learning. (26%)
Robust Quantity-Aware Aggregation for Federated Learning. (13%)
Analysis of functional neural codes of deep learning models. (10%)
2022-05-21
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. (99%)
Gradient Concealment: Free Lunch for Defending Adversarial Attacks. (99%)
Phrase-level Textual Adversarial Attack with Label Preservation. (99%)
On the Feasibility and Generality of Patch-based Adversarial Attacks on Semantic Segmentation Problems. (16%)
2022-05-20
Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness. (99%)
Robust Sensible Adversarial Learning of Deep Neural Networks for Image Classification. (98%)
Adversarial joint attacks on legged robots. (86%)
Towards Consistency in Adversarial Classification. (82%)
Adversarial Body Shape Search for Legged Robots. (80%)
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning. (64%)
The developmental trajectory of object recognition robustness: children are like small adults but unlike big deep neural networks. (11%)
Vulnerability Analysis and Performance Enhancement of Authentication Protocol in Dynamic Wireless Power Transfer Systems. (10%)
Exploring the Trade-off between Plausibility, Change Intensity and Adversarial Power in Counterfactual Explanations using Multi-objective Optimization. (4%)
2022-05-19
Focused Adversarial Attacks. (99%)
Transferable Physical Attack against Object Detection with Separable Attention. (99%)
Enhancing the Transferability of Adversarial Examples via a Few Queries. (99%)
On Trace of PGD-Like Adversarial Attacks. (99%)
Improving Robustness against Real-World and Worst-Case Distribution Shifts through Decision Region Quantification. (98%)
Defending Against Adversarial Attacks by Energy Storage Facility. (96%)
Sparse Adversarial Attack in Multi-agent Reinforcement Learning. (82%)
Data Valuation for Offline Reinforcement Learning. (1%)
2022-05-18
Passive Defense Against 3D Adversarial Point Clouds Through the Lens of 3D Steganalysis. (99%)
Property Unlearning: A Defense Strategy Against Property Inference Attacks. (84%)
Backdoor Attacks on Bayesian Neural Networks using Reverse Distribution. (56%)
Empirical Advocacy of Bio-inspired Models for Robust Image Recognition. (38%)
Constraining the Attack Space of Machine Learning Models with Distribution Clamping Preprocessing. (1%)
Mitigating Neural Network Overconfidence with Logit Normalization. (1%)
2022-05-17
Hierarchical Distribution-Aware Testing of Deep Learning. (98%)
Bankrupting DoS Attackers Despite Uncertainty. (12%)
A two-steps approach to improve the performance of Android malware detectors. (10%)
Policy Distillation with Selective Input Gradient Regularization for Efficient Interpretability. (2%)
Recovering Private Text in Federated Learning of Language Models. (2%)
Semi-Supervised Building Footprint Generation with Feature and Output Consistency Training. (1%)
2022-05-16
Attacking and Defending Deep Reinforcement Learning Policies. (99%)
Diffusion Models for Adversarial Purification. (99%)
Robust Representation via Dynamic Feature Aggregation. (84%)
Sparse Visual Counterfactual Explanations in Image Space. (83%)
On the Difficulty of Defending Self-Supervised Learning against Model Extraction. (67%)
Transferability of Adversarial Attacks on Synthetic Speech Detection. (47%)
2022-05-15
Learn2Weight: Parameter Adaptation against Similar-domain Adversarial Attacks. (99%)
Exploiting the Relationship Between Kendall's Rank Correlation and Cosine Similarity for Attribution Protection. (64%)
RoMFAC: A Robust Mean-Field Actor-Critic Reinforcement Learning against Adversarial Perturbations on States. (38%)
Automation Slicing and Testing for in-App Deep Learning Models. (1%)
2022-05-14
Evaluating Membership Inference Through Adversarial Robustness. (98%)
Verifying Neural Networks Against Backdoor Attacks. (2%)
2022-05-13
Universal Post-Training Backdoor Detection. (98%)
l-Leaks: Membership Inference Attacks with Logits. (41%)
DualCF: Efficient Model Extraction Attack from Counterfactual Explanations. (26%)
Millimeter-Wave Automotive Radar Spoofing. (2%)
2022-05-12
Sample Complexity Bounds for Robustly Learning Decision Lists against Evasion Attacks. (75%)
PoisonedEncoder: Poisoning the Unlabeled Pre-training Data in Contrastive Learning. (61%)
How to Combine Membership-Inference Attacks on Multiple Updated Models. (11%)
Infrared Invisible Clothing:Hiding from Infrared Detectors at Multiple Angles in Real World. (4%)
Smooth-Reduce: Leveraging Patches for Improved Certified Robustness. (2%)
Stalloris: RPKI Downgrade Attack. (1%)
2022-05-11
Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. (1%)
The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. (1%)
A Longitudinal Study of Cryptographic API: a Decade of Android Malware. (1%)
2022-05-10
Robust Medical Image Classification from Noisy Labeled Data with Global and Local Representation Guided Co-training. (1%)
White-box Testing of NLP models with Mask Neuron Coverage. (1%)
2022-05-09
Btech thesis report on adversarial attack detection and purification of adverserially attacked images. (99%)
Using Frequency Attention to Make Adversarial Patch Powerful Against Person Detector. (98%)
Do You Think You Can Hold Me? The Real Challenge of Problem-Space Evasion Attacks. (97%)
Model-Contrastive Learning for Backdoor Defense. (87%)
How Does Frequency Bias Affect the Robustness of Neural Image Classifiers against Common Corruption and Adversarial Perturbations? (61%)
Federated Multi-Armed Bandits Under Byzantine Attacks. (2%)
Verifying Integrity of Deep Ensemble Models by Lossless Black-box Watermarking with Sensitive Samples. (2%)
2022-05-08
Fingerprint Template Invertibility: Minutiae vs. Deep Templates. (68%)
ResSFL: A Resistance Transfer Framework for Defending Model Inversion Attack in Split Federated Learning. (22%)
VPN: Verification of Poisoning in Neural Networks. (9%)
FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks. (4%)
PGADA: Perturbation-Guided Adversarial Alignment for Few-shot Learning Under the Support-Query Shift. (1%)
2022-05-07
A Simple Yet Efficient Method for Adversarial Word-Substitute Attack. (99%)
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees. (92%)
2022-05-06
Imperceptible Backdoor Attack: From Input Space to Feature Representation. (68%)
Defending against Reconstruction Attacks through Differentially Private Federated Learning for Classification of Heterogeneous Chest X-Ray Data. (26%)
Unlimited Lives: Secure In-Process Rollback with Isolated Domains. (1%)
LPGNet: Link Private Graph Networks for Node Classification. (1%)
2022-05-05
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems. (99%)
Structural Extensions of Basis Pursuit: Guarantees on Adversarial Robustness. (78%)
Can collaborative learning be private, robust and scalable? (61%)
Large Scale Transfer Learning for Differentially Private Image Classification. (2%)
Heterogeneous Domain Adaptation with Adversarial Neural Representation Learning: Experiments on E-Commerce and Cybersecurity. (1%)
Are GAN-based Morphs Threatening Face Recognition? (1%)
2022-05-04
Based-CE white-box adversarial attack will not work using super-fitting. (99%)
Rethinking Classifier And Adversarial Attack. (98%)
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. (98%)
Robust Conversational Agents against Imperceptible Toxicity Triggers. (92%)
Subverting Fair Image Search with Generative Adversarial Perturbations. (83%)
2022-05-03
Adversarial Training for High-Stakes Reliability. (98%)
Don't sweat the small stuff, classify the rest: Sample Shielding to protect text classifiers against adversarial attacks. (96%)
On the uncertainty principle of neural networks. (3%)
Meta-Cognition. An Inverse-Inverse Reinforcement Learning Approach for Cognitive Radars. (1%)
2022-05-02
SemAttack: Natural Textual Attacks via Different Semantic Spaces. (96%)
Deep-Attack over the Deep Reinforcement Learning. (93%)
Enhancing Adversarial Training with Feature Separability. (92%)
BERTops: Studying BERT Representations under a Topological Lens. (92%)
MIRST-DM: Multi-Instance RST with Drop-Max Layer for Robust Classification of Breast Cancer. (83%)
Revisiting Gaussian Neurons for Online Clustering with Unknown Number of Clusters. (1%)
2022-05-01
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction. (98%)
DDDM: a Brain-Inspired Framework for Robust Classification. (76%)
Robust Fine-tuning via Perturbation and Interpolation from In-batch Instances. (9%)
A Simple Approach to Improve Single-Model Deep Uncertainty via Distance-Awareness. (3%)
Adversarial Plannning. (2%)
2022-04-30
Optimizing One-pixel Black-box Adversarial Attacks. (82%)
Cracking White-box DNN Watermarks via Invariant Neuron Transforms. (26%)
Adapting and Evaluating Influence-Estimation Methods for Gradient-Boosted Decision Trees. (1%)
Loss Function Entropy Regularization for Diverse Decision Boundaries. (1%)
2022-04-29
Adversarial attacks on an optical neural network. (92%)
Logically Consistent Adversarial Attacks for Soft Theorem Provers. (2%)
Bridging Differential Privacy and Byzantine-Robustness via Model Aggregation. (1%)
2022-04-28
Detecting Textual Adversarial Examples Based on Distributional Characteristics of Data Representations. (99%)
Formulating Robustness Against Unforeseen Attacks. (99%)
Randomized Smoothing under Attack: How Good is it in Pratice? (84%)
Improving robustness of language models from a geometry-aware perspective. (68%)
Mixup-based Deep Metric Learning Approaches for Incomplete Supervision. (50%)
AGIC: Approximate Gradient Inversion Attack on Federated Learning. (16%)
An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks. (1%)
2022-04-27
Adversarial Fine-tune with Dynamically Regulated Adversary. (99%)
Defending Against Person Hiding Adversarial Patch Attack with a Universal White Frame. (98%)
An Adversarial Attack Analysis on Malicious Advertisement URL Detection Framework. (81%)
2022-04-26
Boosting Adversarial Transferability of MLP-Mixer. (99%)
Restricted Black-box Adversarial Attack Against DeepFake Face Swapping. (99%)
Improving the Transferability of Adversarial Examples with Restructure Embedded Patches. (99%)
On Fragile Features and Batch Normalization in Adversarial Training. (97%)
Mixed Strategies for Security Games with General Defending Requirements. (75%)
Poisoning Deep Learning based Recommender Model in Federated Learning Scenarios. (26%)
Designing Perceptual Puzzles by Differentiating Probabilistic Programs. (13%)
Enhancing Privacy against Inversion Attacks in Federated Learning by using Mixing Gradients Strategies. (8%)
Performance Analysis of Out-of-Distribution Detection on Trained Neural Networks. (4%)
2022-04-25
Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks. (99%)
When adversarial examples are excusable. (89%)
A Simple Structure For Building A Robust Model. (81%)
Real or Virtual: A Video Conferencing Background Manipulation-Detection System. (67%)
Can Rationalization Improve Robustness? (12%)
PhysioGAN: Training High Fidelity Generative Model for Physiological Sensor Readings. (1%)
VITA: A Multi-Source Vicinal Transfer Augmentation Method for Out-of-Distribution Generalization. (1%)
Enable Deep Learning on Mobile Devices: Methods, Systems, and Applications. (1%)
2022-04-24
A Hybrid Defense Method against Adversarial Attacks on Traffic Sign Classifiers in Autonomous Vehicles. (99%)
Improving Deep Learning Model Robustness Against Adversarial Attack by Increasing the Network Capacity. (81%)
2022-04-23
Smart App Attack: Hacking Deep Learning Models in Android Apps. (98%)
Towards Data-Free Model Stealing in a Hard Label Setting. (13%)
Reinforced Causal Explainer for Graph Neural Networks. (1%)
2022-04-22
How Sampling Impacts the Robustness of Stochastic Neural Networks. (99%)
A Tale of Two Models: Constructing Evasive Attacks on Edge Models. (83%)
Enhancing the Transferability via Feature-Momentum Adversarial Attack. (82%)
Data-Efficient Backdoor Attacks. (76%)
2022-04-21
A Mask-Based Adversarial Defense Scheme. (99%)
Is Neuron Coverage Needed to Make Person Detection More Robust? (98%)
Testing robustness of predictions of trained classifiers against naturally occurring perturbations. (98%)
Adversarial Contrastive Learning by Permuting Cluster Assignments. (15%)
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation. (4%)
Detecting Topology Attacks against Graph Neural Networks. (1%)
2022-04-20
GUARD: Graph Universal Adversarial Defense. (99%)
Adversarial Scratches: Deployable Attacks to CNN Classifiers. (99%)
Fast AdvProp. (98%)
Case-Aware Adversarial Training. (98%)
Improved Worst-Group Robustness via Classifier Retraining on Independent Splits. (1%)
2022-04-19
Jacobian Ensembles Improve Robustness Trade-offs to Adversarial Attacks. (99%)
Robustness Testing of Data and Knowledge Driven Anomaly Detection in Cyber-Physical Systems. (86%)
Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation. (83%)
2022-04-18
UNBUS: Uncertainty-aware Deep Botnet Detection System in Presence of Perturbed Samples. (99%)
Sardino: Ultra-Fast Dynamic Ensemble for Secure Visual Sensing at Mobile Edge. (99%)
CgAT: Center-Guided Adversarial Training for Deep Hashing-Based Retrieval. (99%)
Metamorphic Testing-based Adversarial Attack to Fool Deepfake Detectors. (98%)
A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability. (75%)
CorrGAN: Input Transformation Technique Against Natural Corruptions. (70%)
Poisons that are learned faster are more effective. (64%)
2022-04-17
Residue-Based Natural Language Adversarial Attack Detection. (99%)
Towards Comprehensive Testing on the Robustness of Cooperative Multi-agent Reinforcement Learning. (95%)
2022-04-16
SETTI: A Self-supervised Adversarial Malware Detection Architecture in an IoT Environment. (95%)
Homomorphic Encryption and Federated Learning based Privacy-Preserving CNN Training: COVID-19 Detection Use-Case. (67%)
2022-04-15
Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning. (92%)
2022-04-14
From Environmental Sound Representation to Robustness of 2D CNN Models Against Adversarial Attacks. (99%)
Planting Undetectable Backdoors in Machine Learning Models. (99%)
Q-TART: Quickly Training for Adversarial Robustness and in-Transferability. (50%)
Robotic and Generative Adversarial Attacks in Offline Writer-independent Signature Verification. (41%)
2022-04-13
Task-Driven Data Augmentation for Vision-Based Robotic Control. (96%)
Stealing Malware Classifiers and AVs at Low False Positive Conditions. (82%)
Defensive Patches for Robust Recognition in the Physical World. (80%)
A Novel Approach to Train Diverse Types of Language Models for Health Mention Classification of Tweets. (78%)
Overparameterized Linear Regression under Adversarial Attacks. (76%)
Towards A Critical Evaluation of Robustness for Deep Learning Backdoor Countermeasures. (38%)
A Natural Language Processing Approach for Instruction Set Architecture Identification. (1%)
2022-04-12
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS. (99%)
Examining the Proximity of Adversarial Examples to Class Manifolds in Deep Networks. (98%)
Toward Robust Spiking Neural Network Against Adversarial Perturbation. (98%)
Machine Learning Security against Data Poisoning: Are We There Yet? (92%)
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms. (11%)
3DeformRS: Certifying Spatial Deformations on Point Clouds. (9%)
2022-04-11
A Simple Approach to Adversarial Robustness in Few-shot Image Classification. (98%)
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. (92%)
Generalizing Adversarial Explanations with Grad-CAM. (84%)
Anti-Adversarially Manipulated Attributions for Weakly Supervised Semantic Segmentation and Object Localization. (83%)
Exploring the Universal Vulnerability of Prompt-based Learning Paradigm. (47%)
medXGAN: Visual Explanations for Medical Classifiers through a Generative Latent Space. (1%)
2022-04-10
"That Is a Suspicious Reaction!": Interpreting Logits Variation to Detect NLP Adversarial Attacks. (88%)
Analysis of Power-Oriented Fault Injection Attacks on Spiking Neural Networks. (54%)
Measuring the False Sense of Security. (26%)
2022-04-08
Defense against Adversarial Attacks on Hybrid Speech Recognition using Joint Adversarial Fine-tuning with Denoiser. (99%)
AdvEst: Adversarial Perturbation Estimation to Classify and Detect Adversarial Attacks against Speaker Identification. (99%)
Evaluating the Adversarial Robustness for Fourier Neural Operators. (92%)
Backdoor Attack against NLP models with Robustness-Aware Perturbation defense. (87%)
An Adaptive Black-box Backdoor Detection Method for Deep Neural Networks. (45%)
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment. (13%)
Neural Tangent Generalization Attacks. (12%)
Labeling-Free Comparison Testing of Deep Learning Models. (11%)
Does Robustness on ImageNet Transfer to Downstream Tasks? (2%)
The self-learning AI controller for adaptive power beaming with fiber-array laser transmitter system. (1%)
2022-04-07
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. (99%)
Adaptive-Gravity: A Defense Against Adversarial Samples. (99%)
Using Multiple Self-Supervised Tasks Improves Model Robustness. (81%)
Transformer-Based Language Models for Software Vulnerability Detection: Performance, Model's Security and Platforms. (69%)
Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation. (1%)
2022-04-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
Masking Adversarial Damage: Finding Adversarial Saliency for Robust and Sparse Network. (95%)
Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck. (93%)
Optimization Models and Interpretations for Three Types of Adversarial Perturbations against Support Vector Machines. (68%)
Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems. (62%)
Adversarial Analysis of the Differentially-Private Federated Learning in Cyber-Physical Critical Infrastructures. (33%)
2022-04-05
Hear No Evil: Towards Adversarial Robustness of Automatic Speech Recognition via Multi-Task Learning. (98%)
Adversarial Robustness through the Lens of Convolutional Filters. (87%)
User-Level Differential Privacy against Attribute Inference Attack of Speech Emotion Recognition in Federated Learning. (2%)
SwapMix: Diagnosing and Regularizing the Over-Reliance on Visual Context in Visual Question Answering. (1%)
GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning. (1%)
2022-04-04
DAD: Data-free Adversarial Defense at Test Time. (99%)
SecureSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition. (99%)
Experimental quantum adversarial learning with programmable superconducting qubits. (99%)
PRADA: Practical Black-Box Adversarial Attacks against Neural Ranking Models. (99%)
FaceSigns: Semi-Fragile Neural Watermarks for Media Authentication and Countering Deepfakes. (98%)
2022-04-03
Breaking the De-Pois Poisoning Defense. (98%)
Adversarially robust segmentation models learn perceptually-aligned gradients. (16%)
Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders. (1%)
Improving Vision Transformers by Revisiting High-frequency Components. (1%)
2022-04-02
Adversarial Neon Beam: Robust Physical-World Adversarial Attack to DNNs. (98%)
DST: Dynamic Substitute Training for Data-free Black-box Attack. (98%)
2022-04-01
SkeleVision: Towards Adversarial Resiliency of Person Tracking with Multi-Task Learning. (47%)
Robust and Accurate -- Compositional Architectures for Randomized Smoothing. (31%)
FrequencyLowCut Pooling -- Plug & Play against Catastrophic Overfitting. (16%)
Preventing Distillation-based Attacks on Neural Network IP. (2%)
FedRecAttack: Model Poisoning Attack to Federated Recommendation. (1%)
2022-03-31
Improving Adversarial Transferability via Neuron Attribution-Based Attacks. (99%)
Adversarial Examples in Random Neural Networks with General Activations. (98%)
Scalable Whitebox Attacks on Tree-based Models. (96%)
Towards Robust Rain Removal Against Adversarial Attacks: A Comprehensive Benchmark Analysis and Beyond. (86%)
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. (81%)
2022-03-30
Investigating Top-$k$ White-Box and Transferable Black-box Attack. (87%)
Sensor Data Validation and Driving Safety in Autonomous Driving Systems. (83%)
Example-based Explanations with Adversarial Attacks for Respiratory Sound Analysis. (56%)
2022-03-29
Mel Frequency Spectral Domain Defenses against Adversarial Attacks on Speech Recognition Systems. (99%)
Zero-Query Transfer Attacks on Context-Aware Object Detectors. (99%)
Exploring Frequency Adversarial Attacks for Face Forgery Detection. (99%)
StyleFool: Fooling Video Classification Systems via Style Transfer. (99%)
Recent improvements of ASR models in the face of adversarial attacks. (98%)
Robust Structured Declarative Classifiers for 3D Point Clouds: Defending Adversarial Attacks with Implicit Gradients. (83%)
Treatment Learning Transformer for Noisy Image Classification. (26%)
Can NMT Understand Me? Towards Perturbation-based Evaluation of NMT Models for Code Generation. (11%)
2022-03-28
Boosting Black-Box Adversarial Attacks with Meta Learning. (99%)
A Fast and Efficient Conditional Learning for Tunable Trade-Off between Accuracy and Robustness. (62%)
Robust Unlearnable Examples: Protecting Data Against Adversarial Learning. (16%)
Neurosymbolic hybrid approach to driver collision warning. (15%)
Attacker Attribution of Audio Deepfakes. (1%)
2022-03-27
Rebuild and Ensemble: Exploring Defense Against Text Adversaries. (76%)
Adversarial Representation Sharing: A Quantitative and Secure Collaborative Learning Framework. (8%)
2022-03-26
How to Robustify Black-Box ML Models? A Zeroth-Order Optimization Perspective. (99%)
A Survey of Robust Adversarial Training in Pattern Recognition: Fundamental, Theory, and Methodologies. (99%)
Reverse Engineering of Imperceptible Adversarial Image Perturbations. (99%)
Efficient Global Robustness Certification of Neural Networks via Interleaving Twin-Network Encoding. (33%)
A Systematic Survey of Attack Detection and Prevention in Connected and Autonomous Vehicles. (1%)
A Roadmap for Big Model. (1%)
2022-03-25
Enhancing Transferability of Adversarial Examples with Spatial Momentum. (99%)
Origins of Low-dimensional Adversarial Perturbations. (98%)
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch Robustness. (89%)
Improving Robustness of Jet Tagging Algorithms with Adversarial Training. (10%)
A Unified Contrastive Energy-based Model for Understanding the Generative Ability of Adversarial Training. (5%)
A Stitch in Time Saves Nine: A Train-Time Regularizing Loss for Improved Neural Network Calibration. (1%)
2022-03-24
Trojan Horse Training for Breaking Defenses against Backdoor Attacks in Deep Learning. (99%)
A Perturbation Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow. (99%)
NPC: Neuron Path Coverage via Characterizing Decision Logic of Deep Neural Networks. (93%)
MERLIN -- Malware Evasion with Reinforcement LearnINg. (56%)
Repairing Group-Level Errors for DNNs Using Weighted Regularization. (13%)
A Manifold View of Adversarial Risk. (11%)
2022-03-23
Powerful Physical Adversarial Examples Against Practical Face Recognition Systems. (99%)
Adversarial Training for Improving Model Robustness? Look at Both Prediction and Interpretation. (99%)
Input-specific Attention Subnetworks for Adversarial Detection. (99%)
Self-supervised Learning of Adversarial Example: Towards Good Generalizations for Deepfake Detection. (69%)
Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion. (3%)
On the (Limited) Generalization of MasterFace Attacks and Its Relation to the Capacity of Face Representations. (3%)
2022-03-22
Exploring High-Order Structure for Robust Graph Structure Learning. (99%)
On Adversarial Robustness of Large-scale Audio Visual Learning. (93%)
On the (Non-)Robustness of Two-Layer Neural Networks in Different Learning Regimes. (86%)
Semi-Targeted Model Poisoning Attack on Federated Learning via Backward Error Analysis. (78%)
A Girl Has A Name, And It's ... Adversarial Authorship Attribution for Deobfuscation. (2%)
GradViT: Gradient Inversion of Vision Transformers. (1%)
On Robust Classification using Contractive Hamiltonian Neural ODEs. (1%)
2022-03-21
Making DeepFakes more spurious: evading deep face forgery detection via trace removal attack. (92%)
Integrity Fingerprinting of DNN with Double Black-box Design and Verification. (10%)
On The Robustness of Offensive Language Classifiers. (2%)
Defending against Co-residence Attack in Energy-Efficient Cloud: An Optimization based Real-time Secure VM Allocation Strategy. (1%)
2022-03-20
An Intermediate-level Attack Framework on The Basis of Linear Regression. (99%)
A Prompting-based Approach for Adversarial Example Generation and Robustness Enhancement. (99%)
Leveraging Expert Guided Adversarial Augmentation For Improving Generalization in Named Entity Recognition. (82%)
Adversarial Parameter Attack on Deep Neural Networks. (62%)
2022-03-19
Adversarial Defense via Image Denoising with Chaotic Encryption. (99%)
Perturbations in the Wild: Leveraging Human-Written Text Perturbations for Realistic Adversarial Attack and Defense. (98%)
Distinguishing Non-natural from Natural Adversarial Samples for More Robust Pre-trained Language Model. (84%)
Efficient Neural Network Analysis with Sum-of-Infeasibilities. (74%)
Deep Learning Generalization, Extrapolation, and Over-parameterization. (68%)
On Robust Prefix-Tuning for Text Classification. (10%)
2022-03-18
Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike. (99%)
Adversarial Attacks on Deep Learning-based Video Compression and Classification Systems. (99%)
Neural Predictor for Black-Box Adversarial Attacks on Speech Recognition. (99%)
AutoAdversary: A Pixel Pruning Method for Sparse Adversarial Attack. (99%)
Alleviating Adversarial Attacks on Variational Autoencoders with MCMC. (96%)
DTA: Physical Camouflage Attacks using Differentiable Transformation Network. (83%)
AdIoTack: Quantifying and Refining Resilience of Decision Tree Ensemble Inference Models against Adversarial Volumetric Attacks on IoT Networks. (78%)
Towards Robust 2D Convolution for Reliable Visual Recognition. (9%)
2022-03-17
Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input. (99%)
Self-Ensemble Adversarial Training for Improved Robustness. (99%)
Leveraging Adversarial Examples to Quantify Membership Information Leakage. (98%)
On the Properties of Adversarially-Trained CNNs. (93%)
PiDAn: A Coherence Optimization Approach for Backdoor Attack Detection and Mitigation in Deep Neural Networks. (89%)
HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing. (1%)
2022-03-16
Robustness through Cognitive Dissociation Mitigation in Contrastive Adversarial Training. (99%)
Towards Practical Certifiable Patch Defense with Vision Transformer. (98%)
Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations? (97%)
Provable Adversarial Robustness for Fractional Lp Threat Models. (87%)
What Do Adversarially trained Neural Networks Focus: A Fourier Domain-based Study. (83%)
COPA: Certifying Robust Policies for Offline Reinforcement Learning against Poisoning Attacks. (82%)
Sniper Backdoor: Single Client Targeted Backdoor Attack in Federated Learning. (70%)
Reducing Flipping Errors in Deep Neural Networks. (68%)
Attacking deep networks with surrogate-based adversarial black-box methods is easy. (45%)
On the Convergence of Certified Robust Training with Interval Bound Propagation. (15%)
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. (15%)
Understanding robustness and generalization of artificial neural networks through Fourier masks. (2%)
2022-03-15
Generalized but not Robust? Comparing the Effects of Data Modification Methods on Out-of-Domain Generalization and Adversarial Robustness. (76%)
Internet-based Social Engineering Attacks, Defenses and Psychology: A Survey. (13%)
Towards Adversarial Control Loops in Sensor Attacks: A Case Study to Control the Kinematics and Actuation of Embedded Systems. (10%)
LDP: Learnable Dynamic Precision for Efficient Deep Neural Network Training and Inference. (1%)
Adversarial Counterfactual Augmentation: Application in Alzheimer's Disease Classification. (1%)
2022-03-14
Efficient universal shuffle attack for visual object tracking. (99%)
Defending Against Adversarial Attack in ECG Classification with Adversarial Distillation Training. (99%)
Task-Agnostic Robust Representation Learning. (98%)
Energy-Latency Attacks via Sponge Poisoning. (91%)
Adversarial amplitude swap towards robust image classifiers. (83%)
On the benefits of knowledge distillation for adversarial robustness. (82%)
RES-HD: Resilient Intelligent Fault Diagnosis Against Adversarial Attacks Using Hyper-Dimensional Computing. (82%)
Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis. (54%)
2022-03-13
LAS-AT: Adversarial Training with Learnable Attack Strategy. (99%)
Generating Practical Adversarial Network Traffic Flows Using NIDSGAN. (99%)
Model Inversion Attack against Transfer Learning: Inverting a Model without Accessing It. (92%)
One Parameter Defense -- Defending against Data Inference Attacks via Differential Privacy. (67%)
Policy Learning for Robust Markov Decision Process with a Mismatched Generative Model. (3%)
2022-03-12
Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior. (99%)
A survey in Adversarial Defences and Robustness in NLP. (99%)
Label-only Model Inversion Attack: The Attack that Requires the Least Information. (47%)
2022-03-11
Block-Sparse Adversarial Attack to Fool Transformer-Based Text Classifiers. (99%)
Learning from Attacks: Attacking Variational Autoencoder for Improving Image Classification. (98%)
An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks. (96%)
Enhancing Adversarial Training with Second-Order Statistics of Weights. (38%)
ROOD-MRI: Benchmarking the robustness of deep learning segmentation models to out-of-distribution and corrupted data in MRI. (33%)
Perception Over Time: Temporal Dynamics for Robust Image Understanding. (16%)
Reinforcement Learning for Linear Quadratic Control is Vulnerable Under Cost Manipulation. (15%)
2022-03-10
Exploiting the Potential of Datasets: A Data-Centric Approach for Model Robustness. (92%)
Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation. (75%)
Attack Analysis of Face Recognition Authentication Systems Using Fast Gradient Sign Method. (69%)
Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition Systems. (64%)
SoK: On the Semantic AI Security in Autonomous Driving. (10%)
2022-03-09
Practical No-box Adversarial Attacks with Training-free Hybrid Image Transformation. (99%)
Practical Evaluation of Adversarial Robustness via Adaptive Auto Attack. (99%)
Frequency-driven Imperceptible Adversarial Attack on Semantic Similarity. (99%)
Binary Classification Under $\ell_0$ Attacks for General Noise Distribution. (98%)
Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition. (97%)
Reverse Engineering $\ell_p$ attacks: A block-sparse optimization approach with recovery guarantees. (92%)
Defending Black-box Skeleton-based Human Activity Classifiers. (92%)
Robust Federated Learning Against Adversarial Attacks for Speech Emotion Recognition. (81%)
Improving Neural ODEs via Knowledge Distillation. (80%)
Physics-aware Complex-valued Adversarial Machine Learning in Reconfigurable Diffractive All-optical Neural Network. (22%)
On the surprising tradeoff between ImageNet accuracy and perceptual similarity. (1%)
2022-03-08
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust NIDS. (99%)
Shape-invariant 3D Adversarial Point Clouds. (99%)
ART-Point: Improving Rotation Robustness of Point Cloud Classifiers via Adversarial Rotation. (92%)
Robustly-reliable learners under poisoning attacks. (13%)
DeepSE-WF: Unified Security Estimation for Website Fingerprinting Defenses. (2%)
Joint rotational invariance and adversarial training of a dual-stream Transformer yields state of the art Brain-Score for Area V4. (1%)
Harmonicity Plays a Critical Role in DNN Based Versus in Biologically-Inspired Monaural Speech Segregation Systems. (1%)
2022-03-07
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches. (99%)
Art-Attack: Black-Box Adversarial Attack via Evolutionary Art. (99%)
Shadows can be Dangerous: Stealthy and Effective Physical-world Adversarial Attack by Natural Phenomenon. (99%)
Adversarial Texture for Fooling Person Detectors in the Physical World. (98%)
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision. (83%)
Towards Efficient Data-Centric Robust Machine Learning with Noise-based Augmentation. (31%)
2022-03-06
$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks. (99%)
Protecting Facial Privacy: Generating Adversarial Identity Masks via Style-robust Makeup Transfer. (98%)
Scalable Uncertainty Quantification for Deep Operator Networks using Randomized Priors. (45%)
Evaluation of Interpretability Methods and Perturbation Artifacts in Deep Neural Networks. (2%)
2022-03-05
aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA. (92%)
2022-03-04
Targeted Data Poisoning Attack on News Recommendation System by Content Perturbation. (82%)
2022-03-03
Ad2Attack: Adaptive Adversarial Attack on Real-Time UAV Tracking. (99%)
Detection of Word Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation. (98%)
Adversarial Patterns: Building Robust Android Malware Classifiers. (98%)
Improving Health Mentioning Classification of Tweets using Contrastive Adversarial Training. (84%)
Label-Only Model Inversion Attacks via Boundary Repulsion. (74%)
Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models. (56%)
Why adversarial training can hurt robust accuracy. (22%)
Understanding Failure Modes of Self-Supervised Learning. (4%)
Ensemble Methods for Robust Support Vector Machines using Integer Programming. (2%)
Autonomous and Resilient Control for Optimal LEO Satellite Constellation Coverage Against Space Threats. (1%)
2022-03-02
Enhancing Adversarial Robustness for Deep Metric Learning. (99%)
Detecting Adversarial Perturbations in Multi-Task Perception. (98%)
Canonical foliations of neural networks: application to robustness. (82%)
Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers. (69%)
Video is All You Need: Attacking PPG-based Biometric Authentication. (13%)
MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members. (2%)
A Quantitative Geometric Approach to Neural-Network Smoothness. (2%)
2022-03-01
Adversarial samples for deep monocular 6D object pose estimation. (99%)
Physical Backdoor Attacks to Lane Detection Systems in Autonomous Driving. (87%)
Global-Local Regularization Via Distributional Robustness. (86%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (11%)
Signature Correction Attack on Dilithium Signature Scheme. (1%)
2022-02-28
Enhance transferability of adversarial examples with model architecture. (99%)
Towards Robust Stacked Capsule Autoencoder with Hybrid Adversarial Training. (99%)
Evaluating the Adversarial Robustness of Adaptive Test-time Defenses. (98%)
MaMaDroid2.0 -- The Holes of Control Flow Graphs. (88%)
Improving Lexical Embeddings for Robust Question Answering. (67%)
Robust Textual Embedding against Word-level Adversarial Attacks. (26%)
Artificial Intelligence for Cyber Security (AICS). (1%)
Explaining RADAR features for detecting spoofing attacks in Connected Autonomous Vehicles. (1%)
2022-02-27
A Unified Wasserstein Distributional Robustness Framework for Adversarial Training. (99%)
Robust Control of Partially Specified Boolean Networks. (1%)
2022-02-26
Adversarial robustness of sparse local Lipschitz predictors. (87%)
Neuro-Inspired Deep Neural Networks with Sparse, Strong Activations. (45%)
Automation of reversible steganographic coding with nonlinear discrete optimisation. (1%)
2022-02-25
ARIA: Adversarially Robust Image Attribution for Content Provenance. (99%)
Projective Ranking-based GNN Evasion Attacks. (97%)
On the Effectiveness of Dataset Watermarking in Adversarial Settings. (56%)
2022-02-24
Towards Effective and Robust Neural Trojan Defenses via Input Filtering. (92%)
Robust Probabilistic Time Series Forecasting. (76%)
Understanding Adversarial Robustness from Feature Maps of Convolutional Layers. (50%)
Measuring CLEVRness: Blackbox testing of Visual Reasoning Models. (16%)
Bounding Membership Inference. (11%)
Fourier-Based Augmentations for Improved Robustness and Uncertainty Calibration. (3%)
Threading the Needle of On and Off-Manifold Value Functions for Shapley Explanations. (2%)
Interpolation-based Contrastive Learning for Few-Label Semi-Supervised Learning. (1%)
2022-02-23
Improving Robustness of Convolutional Neural Networks Using Element-Wise Activation Scaling. (96%)
Using calibrator to improve robustness in Machine Reading Comprehension. (13%)
2022-02-22
LPF-Defense: 3D Adversarial Defense based on Frequency Analysis. (99%)
Universal adversarial perturbation for remote sensing images. (95%)
Seeing is Living? Rethinking the Security of Facial Liveness Verification in the Deepfake Era. (84%)
Indiscriminate Poisoning Attacks on Unsupervised Contrastive Learning. (1%)
2022-02-21
Adversarial Attacks on Speech Recognition Systems for Mission-Critical Applications: A Survey. (99%)
Semi-Implicit Hybrid Gradient Methods with Application to Adversarial Robustness. (99%)
HoneyModels: Machine Learning Honeypots. (99%)
Transferring Adversarial Robustness Through Robust Representation Matching. (99%)
On the Effectiveness of Adversarial Training against Backdoor Attacks. (96%)
Poisoning Attacks and Defenses on Artificial Intelligence: A Survey. (83%)
A Tutorial on Adversarial Learning Attacks and Countermeasures. (75%)
Backdoor Defense in Federated Learning Using Differential Testing and Outlier Detection. (41%)
Privacy Leakage of Adversarial Training Models in Federated Learning Systems. (38%)
Robustness and Accuracy Could Be Reconcilable by (Proper) Definition. (11%)
Cyber-Physical Defense in the Quantum Era. (2%)
2022-02-20
Real-time Over-the-air Adversarial Perturbations for Digital Communications using Deep Neural Networks. (93%)
Sparsity Winning Twice: Better Robust Generaliztion from More Efficient Training. (26%)
Overparametrization improves robustness against adversarial attacks: A replication study. (3%)
2022-02-18
Exploring Adversarially Robust Training for Unsupervised Domain Adaptation. (99%)
Learning Representations Robust to Group Shifts and Adversarial Examples. (93%)
Critical Checkpoints for Evaluating Defence Models Against Adversarial Attack and Robustness. (92%)
Resurrecting Trust in Facial Recognition: Mitigating Backdoor Attacks in Face Recognition to Prevent Potential Privacy Breaches. (80%)
Data-Driven Mitigation of Adversarial Text Perturbation. (75%)
Debiasing Backdoor Attack: A Benign Application of Backdoor Attack in Eliminating Data Bias. (68%)
Stochastic Perturbations of Tabular Features for Non-Deterministic Inference with Automunge. (38%)
Label-Smoothed Backdoor Attack. (33%)
Black-box Node Injection Attack for Graph Neural Networks. (33%)
Robust Reinforcement Learning as a Stackelberg Game via Adaptively-Regularized Adversarial Training. (9%)
Attacks, Defenses, And Tools: A Framework To Facilitate Robust AI/ML Systems. (4%)
Synthetic Disinformation Attacks on Automated Fact Verification Systems. (1%)
2022-02-17
Rethinking Machine Learning Robustness via its Link with the Out-of-Distribution Problem. (99%)
Mitigating Closed-model Adversarial Examples with Bayesian Neural Modeling for Enhanced End-to-End Speech Recognition. (98%)
Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies. (98%)
Fingerprinting Deep Neural Networks Globally via Universal Adversarial Perturbations. (78%)
2022-02-16
The Adversarial Security Mitigations of mmWave Beamforming Prediction Models using Defensive Distillation and Adversarial Retraining. (99%)
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability. (10%)
Gradient Based Activations for Accurate Bias-Free Learning. (1%)
2022-02-15
Unreasonable Effectiveness of Last Hidden Layer Activations. (99%)
Exploring the Devil in Graph Spectral Domain for 3D Point Cloud Attacks. (99%)
StratDef: Strategic Defense Against Adversarial Attacks in ML-based Malware Detection. (99%)
Random Walks for Adversarial Meshes. (97%)
Generative Adversarial Network-Driven Detection of Adversarial Tasks in Mobile Crowdsensing. (93%)
Applying adversarial networks to increase the data efficiency and reliability of Self-Driving Cars. (89%)
Improving the repeatability of deep learning models with Monte Carlo dropout. (1%)
Holistic Adversarial Robustness of Deep Learning Models. (1%)
Taking a Step Back with KCal: Multi-Class Kernel-Based Calibration for Deep Neural Networks. (1%)
2022-02-14
Universal Adversarial Examples in Remote Sensing: Methodology and Benchmark. (99%)
Finding Dynamics Preserving Adversarial Winning Tickets. (86%)
Recent Advances in Reliable Deep Graph Learning: Adversarial Attack, Inherent Noise, and Distribution Shift. (83%)
UA-FedRec: Untargeted Attack on Federated News Recommendation. (1%)
PFGE: Parsimonious Fast Geometric Ensembling of DNNs. (1%)
2022-02-13
Progressive Backdoor Erasing via connecting Backdoor and Adversarial Attacks. (99%)
Training with More Confidence: Mitigating Injected and Natural Backdoors During Training. (92%)
Extracting Label-specific Key Input Features for Neural Code Intelligence Models. (9%)
Defense Strategies Toward Model Poisoning Attacks in Federated Learning: A Survey. (2%)
SQuant: On-the-Fly Data-Free Quantization via Diagonal Hessian Approximation. (1%)
2022-02-12
RoPGen: Towards Robust Code Authorship Attribution via Automatic Coding Style Transformation. (98%)
Excitement Surfeited Turns to Errors: Deep Learning Testing Framework Based on Excitable Neurons. (98%)
2022-02-11
Adversarial Attacks and Defense Methods for Power Quality Recognition. (99%)
Towards Adversarially Robust Deepfake Detection: An Ensemble Approach. (99%)
Open-set Adversarial Defense with Clean-Adversarial Mutual Learning. (98%)
Using Random Perturbations to Mitigate Adversarial Attacks on Sentiment Analysis Models. (92%)
Fast Adversarial Training with Noise Augmentation: A Unified Perspective on RandStart and GradAlign. (74%)
Predicting Out-of-Distribution Error with the Projection Norm. (62%)
Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. (62%)
White-Box Attacks on Hate-speech BERT Classifiers in German with Explicit and Implicit Character Level Defense. (12%)
On the Detection of Adaptive Adversarial Attacks in Speaker Verification Systems. (10%)
Improving Generalization via Uncertainty Driven Perturbations. (2%)
CMW-Net: Learning a Class-Aware Sample Weighting Mapping for Robust Deep Learning. (1%)
2022-02-10
FAAG: Fast Adversarial Audio Generation through Interactive Attack Optimisation. (99%)
Towards Assessing and Characterizing the Semantic Robustness of Face Recognition. (76%)
Controlling the Complexity and Lipschitz Constant improves polynomial nets. (12%)
FedAttack: Effective and Covert Poisoning Attack on Federated Recommendation via Hard Sampling. (8%)
A Field of Experts Prior for Adapting Neural Networks at Test Time. (1%)
2022-02-09
Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios. (99%)
Gradient Methods Provably Converge to Non-Robust Networks. (82%)
False Memory Formation in Continual Learners Through Imperceptible Backdoor Trigger. (22%)
Learning to Bootstrap for Combating Label Noise. (2%)
Model Architecture Adaption for Bayesian Neural Networks. (1%)
ARIBA: Towards Accurate and Robust Identification of Backdoor Attacks in Federated Learning. (1%)
2022-02-08
Towards Compositional Adversarial Robustness: Generalizing Adversarial Training to Composite Semantic Perturbations. (99%)
Verification-Aided Deep Ensemble Selection. (96%)
Adversarial Detection without Model Information. (87%)
Towards Making a Trojan-horse Attack on Text-to-Image Retrieval. (68%)
Robust, Deep, and Reinforcement Learning for Management of Communication and Power Networks. (1%)
2022-02-07
On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attacks. (99%)
Blind leads Blind: A Zero-Knowledge Attack on Federated Learning. (98%)
Adversarial Attacks and Defense for Non-Parametric Two-Sample Tests. (98%)
Evaluating Robustness of Cooperative MARL: A Model-based Approach. (97%)
More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks. (68%)
Membership Inference Attacks and Defenses in Neural Network Pruning. (50%)
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation. (4%)
Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning. (3%)
2022-02-06
Pipe Overflow: Smashing Voice Authentication for Fun and Profit. (99%)
Redactor: A Data-centric and Individualized Defense Against Inference Attacks. (8%)
2022-02-05
Layer-wise Regularized Adversarial Training using Layers Sustainability Analysis (LSA) framework. (99%)
Adversarial Detector with Robust Classifier. (93%)
Memory Defense: More Robust Classification via a Memory-Masking Autoencoder. (76%)
Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation. (75%)
2022-02-04
Pixle: a fast and effective black-box attack based on rearranging pixels. (98%)
Backdoor Defense via Decoupling the Training Process. (80%)
LTU Attacker for Membership Inference. (67%)
A Survey on Safety-Critical Driving Scenario Generation -- A Methodological Perspective. (1%)
2022-02-03
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking. (93%)
Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization. (75%)
2022-02-02
An Eye for an Eye: Defending against Gradient-based Attacks with Gradients. (99%)
Smoothed Embeddings for Certified Few-Shot Learning. (76%)
Probabilistically Robust Learning: Balancing Average- and Worst-case Performance. (75%)
Make Some Noise: Reliable and Efficient Single-Step Adversarial Training. (70%)
Robust Binary Models by Pruning Randomly-initialized Networks. (10%)
NoisyMix: Boosting Robustness by Combining Data Augmentations, Stability Training, and Noise Injections. (10%)
2022-02-01
Language Dependencies in Adversarial Attacks on Speech Recognition Systems. (98%)
Finding Biological Plausibility for Adversarially Robust Features via Metameric Tasks. (80%)
Visualizing Automatic Speech Recognition -- Means for a Better Understanding? (64%)
Datamodels: Predicting Predictions from Training Data. (2%)
2022-01-31
Adversarial Robustness in Deep Learning: Attacks on Fragile Neurons. (99%)
Boundary Defense Against Black-box Adversarial Attacks. (99%)
Query Efficient Decision Based Sparse Attacks Against Black-Box Deep Learning Models. (99%)
Can Adversarial Training Be Manipulated By Non-Robust Features? (98%)
GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection. (96%)
Rate Coding or Direct Coding: Which One is Better for Accurate, Robust, and Energy-efficient Spiking Neural Networks? (93%)
AntidoteRT: Run-time Detection and Correction of Poison Attacks on Neural Networks. (89%)
Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks. (81%)
On the Robustness of Quality Measures for GANs. (80%)
MEGA: Model Stealing via Collaborative Generator-Substitute Networks. (76%)
Learning Robust Representation through Graph Adversarial Contrastive Learning. (26%)
UQGAN: A Unified Model for Uncertainty Quantification of Deep Classifiers trained via Conditional GANs. (16%)
Few-Shot Backdoor Attacks on Visual Object Tracking. (10%)
Studying the Robustness of Anti-adversarial Federated Learning Models Detecting Cyberattacks in IoT Spectrum Sensors. (5%)
Securing Federated Sensitive Topic Classification against Poisoning Attacks. (1%)
2022-01-30
Improving Corruption and Adversarial Robustness by Enhancing Weak Subnets. (92%)
GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks. (84%)
TPC: Transformation-Specific Smoothing for Point Cloud Models. (75%)
2022-01-29
Scale-Invariant Adversarial Attack for Evaluating and Enhancing Adversarial Defenses. (99%)
Robustness of Deep Recommendation Systems to Untargeted Interaction Perturbations. (82%)
Coordinated Attacks against Contextual Bandits: Fundamental Limits and Defense Mechanisms. (1%)
2022-01-28
Adversarial Examples for Good: Adversarial Examples Guided Imbalanced Learning. (87%)
Feature Visualization within an Automated Design Assessment leveraging Explainable Artificial Intelligence Methods. (81%)
Certifying Model Accuracy under Distribution Shifts. (74%)
Benchmarking Robustness of 3D Point Cloud Recognition Against Common Corruptions. (13%)
Plug & Play Attacks: Towards Robust and Flexible Model Inversion Attacks. (8%)
Backdoors Stuck At The Frontdoor: Multi-Agent Backdoor Attacks That Backfire. (3%)
Toward Training at ImageNet Scale with Differential Privacy. (1%)
2022-01-27
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains. (99%)
Vision Checklist: Towards Testable Error Analysis of Image Models to Help System Designers Interrogate Model Capabilities. (10%)
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. (2%)
CacheFX: A Framework for Evaluating Cache Security. (1%)
2022-01-26
Boosting 3D Adversarial Attacks with Attacking On Frequency. (98%)
How Robust are Discriminatively Trained Zero-Shot Learning Models? (98%)
Autonomous Cyber Defense Introduces Risk: Can We Manage the Risk? (2%)
Automatic detection of access control vulnerabilities via API specification processing. (1%)
2022-01-25
Virtual Adversarial Training for Semi-supervised Breast Mass Classification. (3%)
Class-Aware Adversarial Transformers for Medical Image Segmentation. (1%)
SPIRAL: Self-supervised Perturbation-Invariant Representation Learning for Speech Pre-Training. (1%)
2022-01-24
What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction. (99%)
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. (95%)
Attacks and Defenses for Free-Riders in Multi-Discriminator GAN. (76%)
Backdoor Defense with Machine Unlearning. (33%)
On the Complexity of Attacking Elliptic Curve Based Authentication Chips. (1%)
2022-01-23
Efficient and Robust Classification for Sparse Attacks. (83%)
Gradient-guided Unsupervised Text Style Transfer via Contrastive Learning. (78%)
Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models. (56%)
Increasing the Cost of Model Extraction with Calibrated Proof of Work. (22%)
2022-01-22
Parallel Rectangle Flip Attack: A Query-based Black-box Attack against Object Detection. (99%)
Robust Unpaired Single Image Super-Resolution of Faces. (98%)
On the Robustness of Counterfactual Explanations to Adverse Perturbations. (10%)
2022-01-21
Robust Unsupervised Graph Representation Learning via Mutual Information Maximization. (99%)
Natural Attack for Pre-trained Models of Code. (99%)
The Security of Deep Learning Defences for Medical Imaging. (80%)
Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. (75%)
Identifying Adversarial Attacks on Text Classifiers. (73%)
The Many Faces of Adversarial Risk. (47%)
2022-01-20
TextHacker: Learning based Hybrid Local Search Algorithm for Text Hard-label Adversarial Attack. (99%)
Cheating Automatic Short Answer Grading: On the Adversarial Usage of Adjectives and Adverbs. (95%)
Survey on Federated Learning Threats: concepts, taxonomy on attacks and defences, experimental study and challenges. (93%)
Low-Interception Waveform: To Prevent the Recognition of Spectrum Waveform Modulation via Adversarial Examples. (83%)
Post-Training Detection of Backdoor Attacks for Two-Class and Multi-Attack Scenarios. (70%)
Adversarial Jamming for a More Effective Constellation Attack. (56%)
Steerable Pyramid Transform Enables Robust Left Ventricle Quantification. (13%)
Black-box Prompt Learning for Pre-trained Language Models. (13%)
DeepGalaxy: Testing Neural Network Verifiers via Two-Dimensional Input Space Exploration. (1%)
2022-01-19
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation. (96%)
Can't Steal? Cont-Steal! Contrastive Stealing Attacks Against Image Encoders. (8%)
2022-01-18
MetaV: A Meta-Verifier Approach to Task-Agnostic Model Fingerprinting. (99%)
Adversarial vulnerability of powerful near out-of-distribution detection. (78%)
Model Transferring Attacks to Backdoor HyperNetwork in Personalized Federated Learning. (13%)
Secure IoT Routing: Selective Forwarding Attacks and Trust-based Defenses in RPL Network. (2%)
Lung Swapping Autoencoder: Learning a Disentangled Structure-texture Representation of Chest Radiographs. (1%)
2022-01-17
Masked Faces with Faced Masks. (81%)
Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbations. (56%)
AugLy: Data Augmentations for Robustness. (3%)
2022-01-16
Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems. (99%)
ALA: Adversarial Lightness Attack via Naturalness-aware Regularizations. (99%)
Adversarial Machine Learning Threat Analysis in Open Radio Access Networks. (64%)
Neighboring Backdoor Attacks on Graph Convolutional Network. (22%)
2022-01-15
Interpretable and Effective Reinforcement Learning for Attacking against Graph-based Rumor Detection. (26%)
StolenEncoder: Stealing Pre-trained Encoders. (13%)
2022-01-14
CommonsenseQA 2.0: Exposing the Limits of AI through Gamification. (56%)
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots. (1%)
2022-01-13
Evaluation of Four Black-box Adversarial Attacks and Some Query-efficient Improvement Analysis. (96%)
The curse of overparametrization in adversarial training: Precise analysis of robust generalization for random features regression. (93%)
On Adversarial Robustness of Trajectory Prediction for Autonomous Vehicles. (83%)
Reconstructing Training Data with Informed Adversaries. (54%)
Jamming Attacks on Federated Learning in Wireless Networks. (2%)
2022-01-12
Adversarially Robust Classification by Conditional Generative Model Inversion. (99%)
Towards Adversarially Robust Deep Image Denoising. (99%)
Get your Foes Fooled: Proximal Gradient Split Learning for Defense against Model Inversion Attacks on IoMT data. (70%)
2022-01-11
Quantifying Robustness to Adversarial Word Substitutions. (99%)
Similarity-based Gray-box Adversarial Attack Against Deep Face Recognition. (99%)
2022-01-10
Evaluation of Neural Networks Defenses and Attacks using NDCG and Reciprocal Rank Metrics. (98%)
IoTGAN: GAN Powered Camouflage Against Machine Learning Based IoT Device Identification. (89%)
Reciprocal Adversarial Learning for Brain Tumor Segmentation: A Solution to BraTS Challenge 2021 Segmentation Task. (73%)
GMFIM: A Generative Mask-guided Facial Image Manipulation Model for Privacy Preservation. (3%)
Towards Group Robustness in the presence of Partial Group Labels. (1%)
2022-01-09
Rethink Stealthy Backdoor Attacks in Natural Language Processing. (89%)
A Retrospective and Futurespective of Rowhammer Attacks and Defenses on DRAM. (76%)
Privacy-aware Early Detection of COVID-19 through Adversarial Training. (10%)
2022-01-08
LoMar: A Local Defense Against Poisoning Attack on Federated Learning. (9%)
PocketNN: Integer-only Training and Inference of Neural Networks via Direct Feedback Alignment and Pocket Activations in Pure C++. (1%)
2022-01-07
iDECODe: In-distribution Equivariance for Conformal Out-of-distribution Detection. (93%)
Asymptotic Security using Bayesian Defense Mechanisms with Application to Cyber Deception. (11%)
Negative Evidence Matters in Interpretable Histology Image Classification. (1%)
2022-01-06
PAEG: Phrase-level Adversarial Example Generation for Neural Machine Translation. (98%)
Learning to be adversarially robust and differentially private. (31%)
Efficient Global Optimization of Two-layer ReLU Networks: Quadratic-time Algorithms and Adversarial Training. (2%)
2022-01-05
On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving. (99%)
ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints. (99%)
Adversarial Robustness in Cognitive Radio Networks. (1%)
2022-01-04
Towards Transferable Unrestricted Adversarial Examples with Minimum Changes. (99%)
Towards Understanding and Harnessing the Effect of Image Transformation in Adversarial Detection. (99%)
On the Minimal Adversarial Perturbation for Deep Neural Networks with Provable Estimation Error. (86%)
Towards Understanding Quality Challenges of the Federated Learning for Neural Networks: A First Look from the Lens of Robustness. (31%)
Corrupting Data to Remove Deceptive Perturbation: Using Preprocessing Method to Improve System Robustness. (10%)
2022-01-03
Compression-Resistant Backdoor Attack against Deep Neural Networks. (75%)
DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. (68%)
Revisiting PGD Attacks for Stability Analysis of Large-Scale Nonlinear Systems and Perception-Based Control. (11%)
2022-01-02
Actor-Critic Network for Q&A in an Adversarial Environment. (33%)
On Sensitivity of Deep Learning Based Text Classification Algorithms to Practical Input Perturbations. (12%)
2022-01-01
Rethinking Feature Uncertainty in Stochastic Neural Networks for Adversarial Robustness. (87%)
Revisiting Neuron Coverage Metrics and Quality of Deep Neural Networks. (41%)
Generating Adversarial Samples For Training Wake-up Word Detection Systems Against Confusing Words. (1%)
2021-12-31
Adversarial Attack via Dual-Stage Network Erosion. (99%)
On Distinctive Properties of Universal Perturbations. (83%)
2021-12-30
Benign Overfitting in Adversarially Robust Linear Classification. (99%)
Causal Attention for Interpretable and Generalizable Graph Classification. (1%)
2021-12-29
Invertible Image Dataset Protection. (92%)
Challenges and Approaches for Mitigating Byzantine Attacks in Federated Learning. (4%)
2021-12-28
Constrained Gradient Descent: A Powerful and Principled Evasion Attack Against Neural Networks. (99%)
Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently. (99%)
Repairing Adversarial Texts through Perturbation. (99%)
DeepAdversaries: Examining the Robustness of Deep Learning Models for Galaxy Morphology Classification. (91%)
Super-Efficient Super Resolution for Fast Adversarial Defense at the Edge. (88%)
A General Framework for Evaluating Robustness of Combinatorial Optimization Solvers on Graphs. (86%)
Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities. (1%)
2021-12-27
Adversarial Attack for Asynchronous Event-based Data. (99%)
PRIME: A Few Primitives Can Boost Robustness to Common Corruptions. (81%)
Associative Adversarial Learning Based on Selective Attack. (26%)
Learning Robust and Lightweight Model through Separable Structured Transformations. (8%)
2021-12-26
Perlin Noise Improve Adversarial Robustness. (99%)
2021-12-25
Task and Model Agnostic Adversarial Attack on Graph Neural Networks. (99%)
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification. (50%)
2021-12-24
Stealthy Attack on Algorithmic-Protected DNNs via Smart Bit Flipping. (99%)
NIP: Neuron-level Inverse Perturbation Against Adversarial Attacks. (98%)
CatchBackdoor: Backdoor Testing by Critical Trojan Neural Path Identification via Differential Fuzzing. (82%)
SoK: A Study of the Security on Voice Processing Systems. (9%)
DP-UTIL: Comprehensive Utility Analysis of Differential Privacy in Machine Learning. (1%)
Gradient Leakage Attack Resilient Deep Learning. (1%)
2021-12-23
Adaptive Modeling Against Adversarial Attacks. (99%)
Revisiting and Advancing Fast Adversarial Training Through The Lens of Bi-Level Optimization. (99%)
Robust Secretary and Prophet Algorithms for Packing Integer Programs. (2%)
Counterfactual Memorization in Neural Language Models. (2%)
2021-12-22
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. (99%)
How Should Pre-Trained Language Models Be Fine-Tuned Towards Adversarial Robustness? (98%)
Detect & Reject for Transferability of Black-box Adversarial Attacks Against Network Intrusion Detection Systems. (98%)
Adversarial Deep Reinforcement Learning for Improving the Robustness of Multi-agent Autonomous Driving Policies. (96%)
Understanding and Measuring Robustness of Multimodal Learning. (69%)
Evaluating the Robustness of Deep Reinforcement Learning for Autonomous and Adversarial Policies in a Multi-agent Urban Driving Environment. (41%)
2021-12-21
A Theoretical View of Linear Backpropagation and Its Convergence. (99%)
An Attention Score Based Attacker for Black-box NLP Classifier. (91%)
Covert Communications via Adversarial Machine Learning and Reconfigurable Intelligent Surfaces. (81%)
Mind the Gap! A Study on the Transferability of Virtual vs Physical-world Testing of Autonomous Driving Systems. (76%)
Input-Specific Robustness Certification for Randomized Smoothing. (68%)
Improving Robustness with Image Filtering. (68%)
On the Adversarial Robustness of Causal Algorithmic Recourse. (10%)
MIA-Former: Efficient and Robust Vision Transformers via Multi-grained Input-Adaptation. (4%)
Exploring Credibility Scoring Metrics of Perception Systems for Autonomous Driving. (2%)
Adversarial Gradient Driven Exploration for Deep Click-Through Rate Prediction. (2%)
Longitudinal Study of the Prevalence of Malware Evasive Techniques. (1%)
2021-12-20
Certified Federated Adversarial Training. (98%)
Energy-bounded Learning for Robust Models of Code. (83%)
Black-Box Testing of Deep Neural Networks through Test Case Diversity. (82%)
Unifying Model Explainability and Robustness for Joint Text Classification and Rationale Extraction. (80%)
Adversarially Robust Stability Certificates can be Sample-Efficient. (2%)
2021-12-19
Initiative Defense against Facial Manipulation. (67%)
2021-12-18
Being Friends Instead of Adversaries: Deep Networks Learn from Data Simplified by Other Networks. (12%)
Android-COCO: Android Malware Detection with Graph Neural Network for Byte- and Native-Code. (1%)
2021-12-17
Reasoning Chain Based Adversarial Attack for Multi-hop Question Answering. (92%)
Deep Bayesian Learning for Car Hacking Detection. (81%)
Explain, Edit, and Understand: Rethinking User Study Design for Evaluating Model Explanations. (81%)
Dynamics-aware Adversarial Attack of 3D Sparse Convolution Network. (80%)
Provable Adversarial Robustness in the Quantum Model. (62%)
Domain Adaptation on Point Clouds via Geometry-Aware Implicits. (1%)
2021-12-16
Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives. (99%)
Towards Robust Neural Image Compression: Adversarial Attack and Model Finetuning. (99%)
All You Need is RAW: Defending Against Adversarial Attacks with Camera Image Pipelines. (99%)
TAFIM: Targeted Adversarial Attacks against Facial Image Manipulations. (64%)
A Robust Optimization Approach to Deep Learning. (45%)
Sharpness-Aware Minimization with Dynamic Reweighting. (31%)
APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts. (16%)
Correlation inference attacks against machine learning models. (13%)
Models in the Loop: Aiding Crowdworkers with Generative Annotation Assistants. (2%)
Pure Noise to the Rescue of Insufficient Data: Improving Imbalanced Classification by Training on Random Noise Images. (2%)
2021-12-15
On the Convergence and Robustness of Adversarial Training. (99%)
Temporal Shuffling for Defending Deep Action Recognition Models against Adversarial Attacks. (97%)
DuQM: A Chinese Dataset of Linguistically Perturbed Natural Questions for Evaluating the Robustness of Question Matching Models. (75%)
Robust Neural Network Classification via Double Regularization. (1%)
2021-12-14
Robustifying automatic speech recognition by extracting slowly varying features. (99%)
Adversarial Examples for Extreme Multilabel Text Classification. (99%)
Dual-Key Multimodal Backdoors for Visual Question Answering. (81%)
On the Impact of Hard Adversarial Instances on Overfitting in Adversarial Training. (76%)
MuxLink: Circumventing Learning-Resilient MUX-Locking Using Graph Neural Network-based Link Prediction. (4%)
2021-12-13
Detecting Audio Adversarial Examples with Logit Noising. (99%)
Triangle Attack: A Query-efficient Decision-based Adversarial Attack. (99%)
2021-12-12
Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses. (98%)
Quantifying and Understanding Adversarial Examples in Discrete Input Spaces. (91%)
SparseFed: Mitigating Model Poisoning Attacks in Federated Learning with Sparsification. (91%)
WOOD: Wasserstein-based Out-of-Distribution Detection. (12%)
2021-12-11
MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare. (99%)
Improving the Transferability of Adversarial Examples with Resized-Diverse-Inputs, Diversity-Ensemble and Region Fitting. (98%)
Stereoscopic Universal Perturbations across Different Architectures and Datasets. (98%)
2021-12-10
Learning to Learn Transferable Attack. (99%)
Cross-Modal Transferable Adversarial Attacks from Images to Videos. (99%)
Attacking Point Cloud Segmentation with Color-only Perturbation. (99%)
Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks. (92%)
Batch Label Inference and Replacement Attacks in Black-Boxed Vertical Federated Learning. (75%)
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models. (68%)
Efficient Action Poisoning Attacks on Linear Contextual Bandits. (67%)
How Private Is Your RL Policy? An Inverse RL Based Analysis Framework. (41%)
SoK: On the Security & Privacy in Federated Learning. (5%)
2021-12-09
Amicable Aid: Turning Adversarial Attack to Benefit Classification. (99%)
Mutual Adversarial Training: Learning together is better than going alone. (99%)
PARL: Enhancing Diversity of Ensemble Networks to Resist Adversarial Attacks via Pairwise Adversarially Robust Loss Function. (99%)
RamBoAttack: A Robust Query Efficient Deep Neural Network Decision Exploit. (99%)
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures. (69%)
Robustness Certificates for Implicit Neural Networks: A Mixed Monotone Contractive Approach. (38%)
PixMix: Dreamlike Pictures Comprehensively Improve Safety Measures. (10%)
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems. (2%)
3D-VField: Learning to Adversarially Deform Point Clouds for Robust 3D Object Detection. (1%)
2021-12-08
Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection. (99%)
On visual self-supervision and its effect on model robustness. (99%)
SNEAK: Synonymous Sentences-Aware Adversarial Attack on Natural Language Video Localization. (93%)
Revisiting Contrastive Learning through the Lens of Neighborhood Component Analysis: an Integrated Framework. (8%)
2021-12-07
Saliency Diversified Deep Ensemble for Robustness to Adversaries. (99%)
Vehicle trajectory prediction works, but not everywhere. (50%)
Lightning: Striking the Secure Isolation on GPU Clouds with Transient Hardware Faults. (11%)
Membership Inference Attacks From First Principles. (2%)
Training Deep Models to be Explained with Fewer Examples. (1%)
Presentation Attack Detection Methods based on Gaze Tracking and Pupil Dynamic: A Comprehensive Survey. (1%)
2021-12-06
Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review. (99%)
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial Removal. (84%)
ML Attack Models: Adversarial Attacks and Data Poisoning Attacks. (82%)
Test-Time Detection of Backdoor Triggers for Poisoned Deep Neural Networks. (82%)
When the Curious Abandon Honesty: Federated Learning Is Not Private. (68%)
Defending against Model Stealing via Verifying Embedded External Features. (33%)
Context-Aware Transfer Attacks for Object Detection. (1%)
2021-12-05
Robust Active Learning: Sample-Efficient Training of Robust Deep Learning Models. (96%)
Stochastic Local Winner-Takes-All Networks Enable Profound Adversarial Robustness. (88%)
Beyond Robustness: Resilience Verification of Tree-Based Classifiers. (2%)
On Impact of Semantically Similar Apps in Android Malware Datasets. (1%)
2021-12-04
RADA: Robust Adversarial Data Augmentation for Camera Localization in Challenging Weather. (10%)
2021-12-03
Single-Shot Black-Box Adversarial Attacks Against Malware Detectors: A Causal Language Model Approach. (99%)
Generalized Likelihood Ratio Test for Adversarially Robust Hypothesis Testing. (99%)
Blackbox Untargeted Adversarial Testing of Automatic Speech Recognition Systems. (98%)
Attack-Centric Approach for Evaluating Transferability of Adversarial Samples in Machine Learning Models. (54%)
Adversarial Attacks against a Satellite-borne Multispectral Cloud Detector. (13%)
A Game-Theoretic Approach for AI-based Botnet Attack Defence. (9%)
2021-12-02
A Unified Framework for Adversarial Attack and Defense in Constrained Feature Space. (99%)
Is Approximation Universally Defensive Against Adversarial Attacks in Deep Neural Networks? (93%)
Is RobustBench/AutoAttack a suitable Benchmark for Adversarial Robustness? (75%)
Training Efficiency and Robustness in Deep Learning. (41%)
FedRAD: Federated Robust Adaptive Distillation. (10%)
FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis. (3%)
On the Existence of the Adversarial Bayes Classifier (Extended Version). (2%)
Editing a classifier by rewriting its prediction rules. (1%)
2021-12-01
Adversarial Robustness of Deep Reinforcement Learning based Dynamic Recommender Systems. (99%)
Push Stricter to Decide Better: A Class-Conditional Feature Adaptive Framework for Improving Adversarial Robustness. (99%)
$\ell_\infty$-Robustness and Beyond: Unleashing Efficient Adversarial Training. (99%)
Certified Adversarial Defenses Meet Out-of-Distribution Corruptions: Benchmarking Robustness and Simple Baselines. (96%)
Adv-4-Adv: Thwarting Changing Adversarial Perturbations via Adversarial Domain Adaptation. (95%)
Robustness in Deep Learning for Computer Vision: Mind the gap? (31%)
CYBORG: Blending Human Saliency Into the Loss Improves Deep Learning. (1%)
2021-11-30
Using a GAN to Generate Adversarial Examples to Facial Image Recognition. (99%)
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users. (86%)
Human Imperceptible Attacks and Applications to Improve Fairness. (83%)
Evaluating Gradient Inversion Attacks and Defenses in Federated Learning. (81%)
FROB: Few-shot ROBust Model for Classification and Out-of-Distribution Detection. (78%)
COREATTACK: Breaking Up the Core Structure of Graphs. (78%)
Adversarial Attacks Against Deep Generative Models on Data: A Survey. (12%)
A Face Recognition System's Worst Morph Nightmare, Theoretically. (1%)
New Datasets for Dynamic Malware Classification. (1%)
Reliability Assessment and Safety Arguments for Machine Learning Components in Assuring Learning-Enabled Autonomous Systems. (1%)
2021-11-29
MedRDF: A Robust and Retrain-Less Diagnostic Framework for Medical Pretrained Models Against Adversarial Attack. (99%)
Adversarial Attacks in Cooperative AI. (82%)
Living-Off-The-Land Command Detection Using Active Learning. (10%)
Do Invariances in Deep Neural Networks Align with Human Perception? (9%)
A Simple Long-Tailed Recognition Baseline via Vision-Language Model. (1%)
ROBIN : A Benchmark for Robustness to Individual Nuisances in Real-World Out-of-Distribution Shifts. (1%)
Pyramid Adversarial Training Improves ViT Performance. (1%)
2021-11-28
Detecting Adversaries, yet Faltering to Noise? Leveraging Conditional Variational AutoEncoders for Adversary Detection in the Presence of Noisy Images. (96%)
MALIGN: Adversarially Robust Malware Family Detection using Sequence Alignment. (54%)
Automated Runtime-Aware Scheduling for Multi-Tenant DNN Inference on GPU. (1%)
ExCon: Explanation-driven Supervised Contrastive Learning for Image Classification. (1%)
2021-11-27
Adaptive Image Transformations for Transfer-based Adversarial Attack. (99%)
Adaptive Perturbation for Adversarial Attack. (99%)
Statically Detecting Adversarial Malware through Randomised Chaining. (98%)
Dissecting Malware in the Wild. (1%)
2021-11-26
ArchRepair: Block-Level Architecture-Oriented Repairing for Deep Neural Networks. (50%)
2021-11-25
AdvBokeh: Learning to Adversarially Defocus Blur. (99%)
Clustering Effect of (Linearized) Adversarial Robust Models. (97%)
Simple Contrastive Representation Adversarial Learning for NLP Tasks. (93%)
Going Grayscale: The Road to Understanding and Improving Unlearnable Examples. (92%)
Towards Practical Deployment-Stage Backdoor Attack on Deep Neural Networks. (92%)
Gradient Inversion Attack: Leaking Private Labels in Two-Party Split Learning. (3%)
Joint inference and input optimization in equilibrium networks. (1%)
2021-11-24
Thundernna: a white box adversarial attack. (99%)
Unity is strength: Improving the Detection of Adversarial Examples with Ensemble Approaches. (99%)
Robustness against Adversarial Attacks in Neural Networks using Incremental Dissipativity. (92%)
WFDefProxy: Modularly Implementing and Empirically Evaluating Website Fingerprinting Defenses. (15%)
Sharpness-aware Quantization for Deep Neural Networks. (10%)
SLA$^2$P: Self-supervised Anomaly Detection with Adversarial Perturbation. (5%)
An Attack on Facial Soft-biometric Privacy Enhancement. (2%)
Accelerating Deep Learning with Dynamic Data Pruning. (1%)
2021-11-23
Adversarial machine learning for protecting against online manipulation. (92%)
Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS. (84%)
Subspace Adversarial Training. (69%)
HERO: Hessian-Enhanced Robust Optimization for Unifying and Improving Generalization and Quantization Performance. (1%)
2021-11-22
Adversarial Examples on Segmentation Models Can be Easy to Transfer. (99%)
Evaluating Adversarial Attacks on ImageNet: A Reality Check on Misclassification Classes. (99%)
Imperceptible Transfer Attack and Defense on 3D Point Cloud Classification. (99%)
Backdoor Attack through Frequency Domain. (92%)
NTD: Non-Transferability Enabled Backdoor Detection. (69%)
A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries. (33%)
Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data. (13%)
Automatic Mapping of the Best-Suited DNN Pruning Schemes for Real-Time Mobile Acceleration. (1%)
Electric Vehicle Attack Impact on Power Grid Operation. (1%)
2021-11-21
Stochastic Variance Reduced Ensemble Adversarial Attack for Boosting the Adversarial Transferability. (99%)
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model. (99%)
Medical Aegis: Robust adversarial protectors for medical images. (99%)
Local Linearity and Double Descent in Catastrophic Overfitting. (73%)
Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks. (62%)
2021-11-20
Are Vision Transformers Robust to Patch Perturbations? (98%)
2021-11-19
Zero-Shot Certified Defense against Adversarial Patches with Vision Transformers. (99%)
Towards Efficiently Evaluating the Robustness of Deep Neural Networks in IoT Systems: A GAN-based Method. (99%)
Meta Adversarial Perturbations. (99%)
Resilience from Diversity: Population-based approach to harden models against adversarial attacks. (99%)
Enhanced countering adversarial attacks via input denoising and feature restoring. (99%)
Fooling Adversarial Training with Inducing Noise. (98%)
Exposing Weaknesses of Malware Detectors with Explainability-Guided Evasion Attacks. (86%)
2021-11-18
TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems. (99%)
A Review of Adversarial Attack and Defense for Classification Methods. (99%)
Robust Person Re-identification with Multi-Modal Joint Defence. (98%)
Enhancing the Insertion of NOP Instructions to Obfuscate Malware via Deep Reinforcement Learning. (96%)
How to Build Robust FAQ Chatbot with Controllable Question Generator? (80%)
Adversarial attacks on voter model dynamics in complex networks. (76%)
Enhanced Membership Inference Attacks against Machine Learning Models. (12%)
Wiggling Weights to Improve the Robustness of Classifiers. (2%)
Improving Transferability of Representations via Augmentation-Aware Self-Supervision. (1%)
2021-11-17
TraSw: Tracklet-Switch Adversarial Attacks against Multi-Object Tracking. (99%)
Generating Unrestricted 3D Adversarial Point Clouds. (99%)
SmoothMix: Training Confidence-calibrated Smoothed Classifiers for Certified Robustness. (93%)
Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation. (92%)
Do Not Trust Prediction Scores for Membership Inference Attacks. (33%)
2021-11-16
Robustness of Bayesian Neural Networks to White-Box Adversarial Attacks. (99%)
Improving the robustness and accuracy of biomedical language models through adversarial training. (99%)
Detecting AutoAttack Perturbations in the Frequency Domain. (99%)
Adversarial Tradeoffs in Linear Inverse Problems and Robust StateEstimation. (92%)
Consistent Semantic Attacks on Optical Flow. (81%)
An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences. (54%)
Enabling equivariance for arbitrary Lie groups. (1%)
2021-11-15
A Survey on Adversarial Attacks for Malware Analysis. (98%)
Triggerless Backdoor Attack for NLP Tasks with Clean Labels. (68%)
Property Inference Attacks Against GANs. (67%)
2021-11-14
Generating Band-Limited Adversarial Surfaces Using Neural Networks. (99%)
Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks. (76%)
Towards Interpretability of Speech Pause in Dementia Detection using Adversarial Learning. (75%)
Improving Compound Activity Classification via Deep Transfer and Representation Learning. (1%)
2021-11-13
Robust and Accurate Object Detection via Self-Knowledge Distillation. (62%)
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction. (2%)
2021-11-12
Neural Population Geometry Reveals the Role of Stochasticity in Robust Perception. (99%)
Measuring the Contribution of Multiple Model Representations in Detecting Adversarial Instances. (98%)
Adversarially Robust Learning for Security-Constrained Optimal Power Flow. (10%)
On Transferability of Prompt Tuning for Natural Language Understanding. (8%)
A Bayesian Nash equilibrium-based moving target defense against stealthy sensor attacks. (1%)
Resilient Consensus-based Multi-agent Reinforcement Learning. (1%)
2021-11-11
On the Equivalence between Neural Network and Support Vector Machine. (1%)
2021-11-10
Trustworthy Medical Segmentation with Uncertainty Estimation. (93%)
Robust Learning via Ensemble Density Propagation in Deep Neural Networks. (2%)
2021-11-09
Tightening the Approximation Error of Adversarial Risk with Auto Loss Function Search. (99%)
MixACM: Mixup-Based Robustness Transfer via Distillation of Activated Channel Maps. (99%)
Sparse Adversarial Video Attacks with Spatial Transformations. (98%)
A Statistical Difference Reduction Method for Escaping Backdoor Detection. (97%)
Data Augmentation Can Improve Robustness. (73%)
Are Transformers More Robust Than CNNs? (67%)
2021-11-08
Geometrically Adaptive Dictionary Attack on Face Recognition. (99%)
Defense Against Explanation Manipulation. (98%)
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. (98%)
On Assessing The Safety of Reinforcement Learning algorithms Using Formal Methods. (75%)
Get a Model! Model Hijacking Attack Against Machine Learning Models. (69%)
Robust and Information-theoretically Safe Bias Classifier against Adversarial Attacks. (69%)
Characterizing the adversarial vulnerability of speech self-supervised learning. (68%)
HAPSSA: Holistic Approach to PDF Malware Detection Using Signal and Statistical Analysis. (67%)
Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning. (67%)
BARFED: Byzantine Attack-Resistant Federated Averaging Based on Outlier Elimination. (1%)
2021-11-07
Generative Dynamic Patch Attack. (99%)
Natural Adversarial Objects. (81%)
2021-11-06
"How Does It Detect A Malicious App?" Explaining the Predictions of AI-based Android Malware Detector. (11%)
2021-11-05
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Sequential Randomized Smoothing for Adversarially Robust Speech Recognition. (96%)
Federated Learning Attacks Revisited: A Critical Discussion of Gaps, Assumptions, and Evaluation Setups. (2%)
2021-11-04
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models. (99%)
Adversarial Attacks on Graph Classification via Bayesian Optimisation. (87%)
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods. (47%)
Attacking Deep Reinforcement Learning-Based Traffic Signal Control Systems with Colluding Vehicles. (3%)
2021-11-03
LTD: Low Temperature Distillation for Robust Adversarial Training. (54%)
Multi-Glimpse Network: A Robust and Efficient Classification Architecture based on Recurrent Downsampled Attention. (41%)
2021-11-02
Effective and Imperceptible Adversarial Textual Attack via Multi-objectivization. (99%)
Meta-Learning the Search Distribution of Black-Box Random Search Based Adversarial Attacks. (96%)
Training Certifiably Robust Neural Networks with Efficient Local Lipschitz Bounds. (70%)
Pareto Adversarial Robustness: Balancing Spatial Robustness and Sensitivity-based Robustness. (68%)
Knowledge Cross-Distillation for Membership Privacy. (38%)
Adversarially Perturbed Wavelet-based Morphed Face Generation. (9%)
2021-11-01
Graph Structural Attack by Spectral Distance. (93%)
Availability Attacks Create Shortcuts. (89%)
Robustness of deep learning algorithms in astronomy -- galaxy morphology studies. (83%)
When Does Contrastive Learning Preserve Adversarial Robustness from Pretraining to Finetuning? (69%)
ZeBRA: Precisely Destroying Neural Networks with Zero-Data Based Repeated Bit Flip Attack. (9%)
2021-10-31
An Actor-Critic Method for Simulation-Based Optimization. (56%)
2021-10-30
Get Fooled for the Right Reason: Improving Adversarial Robustness through a Teacher-guided Curriculum Learning Approach. (97%)
AdvCodeMix: Adversarial Attack on Code-Mixed Data. (93%)
Backdoor Pre-trained Models Can Transfer to All. (3%)
Trojan Source: Invisible Vulnerabilities. (1%)
2021-10-29
Attacking Video Recognition Models with Bullet-Screen Comments. (99%)
Adversarial Robustness with Semi-Infinite Constrained Learning. (92%)
{\epsilon}-weakened Robustness of Deep Neural Networks. (62%)
You are caught stealing my winning lottery ticket! Making a lottery ticket claim its ownership. (11%)
2021-10-28
Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework. (99%)
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value Analysis. (92%)
The magnitude vector of images. (1%)
2021-10-27
Towards Evaluating the Robustness of Neural Networks Learned by Transduction. (98%)
CAP: Co-Adversarial Perturbation on Weights and Features for Improving Generalization of Graph Neural Networks. (98%)
Towards Robust Reasoning over Knowledge Graphs. (83%)
Generalized Depthwise-Separable Convolutions for Adversarially Robust and Efficient Neural Networks. (74%)
Adversarial Neuron Pruning Purifies Backdoored Deep Models. (15%)
From Intrinsic to Counterfactual: On the Explainability of Contextualized Recommender Systems. (5%)
Robust Contrastive Learning Using Negative Samples with Diminished Semantics. (1%)
RoMA: Robust Model Adaptation for Offline Model-based Optimization. (1%)
2021-10-26
Can't Fool Me: Adversarially Robust Transformer for Video Understanding. (99%)
Frequency Centric Defense Mechanisms against Adversarial Examples. (99%)
ScaleCert: Scalable Certified Defense against Adversarial Patches with Sparse Superficial Layers. (99%)
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks. (99%)
FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective. (98%)
A Frequency Perspective of Adversarial Robustness. (98%)
Disrupting Deep Uncertainty Estimation Without Harming Accuracy. (86%)
Improving Local Effectiveness for Global robust training. (83%)
Robustness of Graph Neural Networks at Scale. (76%)
Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions. (75%)
Adversarial Robustness in Multi-Task Learning: Promises and Illusions. (64%)
AugMax: Adversarial Composition of Random Augmentations for Robust Training. (56%)
Qu-ANTI-zation: Exploiting Quantization Artifacts for Achieving Adversarial Outcomes. (50%)
Semantic Host-free Trojan Attack. (10%)
CAFE: Catastrophic Data Leakage in Vertical Federated Learning. (3%)
MEST: Accurate and Fast Memory-Economic Sparse Training Framework on the Edge. (1%)
Reliable and Trustworthy Machine Learning for Health Using Dataset Shift Detection. (1%)
Defensive Tensorization. (1%)
Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware. (1%)
2021-10-25
Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks. (99%)
Generating Watermarked Adversarial Texts. (99%)
Beyond $L_p$ clipping: Equalization-based Psychoacoustic Attacks against ASRs. (92%)
Fast Gradient Non-sign Methods. (92%)
Ensemble Federated Adversarial Training with Non-IID data. (87%)
GANash -- A GAN approach to steganography. (81%)
A Dynamical System Perspective for Lipschitz Neural Networks. (81%)
An Adaptive Structural Learning of Deep Belief Network for Image-based Crack Detection in Concrete Structures Using SDNET2018. (13%)
2021-10-24
Towards A Conceptually Simple Defensive Approach for Few-shot classifiers Against Adversarial Support Samples. (80%)
2021-10-23
ADC: Adversarial attacks against object Detection that evade Context consistency checks. (99%)
A Layer-wise Adversarial-aware Quantization Optimization for Improving Robustness. (81%)
2021-10-22
Improving Robustness of Malware Classifiers using Adversarial Strings Generated from Perturbed Latent Representations. (99%)
How and When Adversarial Robustness Transfers in Knowledge Distillation? (91%)
Fairness Degrading Adversarial Attacks Against Clustering Algorithms. (86%)
Adversarial robustness for latent models: Revisiting the robust-standard accuracies tradeoff. (80%)
PRECAD: Privacy-Preserving and Robust Federated Learning via Crypto-Aided Differential Privacy. (15%)
ProtoShotXAI: Using Prototypical Few-Shot Architecture for Explainable AI. (15%)
Spoofing Detection on Hand Images Using Quality Assessment. (1%)
Text Counterfactuals via Latent Optimization and Shapley-Guided Search. (1%)
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. (1%)
MANDERA: Malicious Node Detection in Federated Learning via Ranking. (1%)
2021-10-21
CAPTIVE: Constrained Adversarial Perturbations to Thwart IC Reverse Engineering. (98%)
PROVES: Establishing Image Provenance using Semantic Signatures. (93%)
RoMA: a Method for Neural Network Robustness Measurement and Assessment. (92%)
Anti-Backdoor Learning: Training Clean Models on Poisoned Data. (83%)
PipAttack: Poisoning Federated Recommender Systems forManipulating Item Promotion. (68%)
Robustness through Data Augmentation Loss Consistency. (61%)
Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness. (61%)
Watermarking Graph Neural Networks based on Backdoor Attacks. (31%)
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey. (8%)
2021-10-20
Adversarial Socialbot Learning via Multi-Agent Deep Hierarchical Reinforcement Learning. (83%)
Surrogate Representation Learning with Isometric Mapping for Gray-box Graph Adversarial Attacks. (62%)
Moir\'e Attack (MA): A New Potential Risk of Screen Photos. (56%)
Adversarial attacks against Bayesian forecasting dynamic models. (13%)
No One Representation to Rule Them All: Overlapping Features of Training Methods. (1%)
2021-10-19
Multi-concept adversarial attacks. (99%)
A Regularization Method to Improve Adversarial Robustness of Neural Networks for ECG Signal Classification. (96%)
TESSERACT: Gradient Flip Score to Secure Federated Learning Against Model Poisoning Attacks. (69%)
Understanding Convolutional Neural Networks from Theoretical Perspective via Volterra Convolution. (61%)
Detecting Backdoor Attacks Against Point Cloud Classifiers. (26%)
Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition. (13%)
A Deeper Look into RowHammer`s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses. (5%)
2021-10-18
Boosting the Transferability of Video Adversarial Examples via Temporal Translation. (99%)
Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal Information. (99%)
Improving Robustness using Generated Data. (97%)
MEMO: Test Time Robustness via Adaptation and Augmentation. (13%)
Minimal Multi-Layer Modifications of Deep Neural Networks. (4%)
2021-10-17
Unrestricted Adversarial Attacks on ImageNet Competition. (99%)
Improving Robustness of Reinforcement Learning for Power System Control with Adversarial Training. (99%)
ECG-ATK-GAN: Robustness against Adversarial Attacks on ECGs using Conditional Generative Adversarial Networks. (99%)
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications. (22%)
Poisoning Attacks on Fair Machine Learning. (12%)
2021-10-16
Black-box Adversarial Attacks on Network-wide Multi-step Traffic State Prediction Models. (99%)
Analyzing Dynamic Adversarial Training Data in the Limit. (82%)
Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services. (5%)
Tackling the Imbalance for GNNs. (4%)
2021-10-15
Adversarial Attacks on Gaussian Process Bandits. (99%)
Generating Natural Language Adversarial Examples through An Improved Beam Search Algorithm. (99%)
Adversarial Attacks on ML Defense Models Competition. (99%)
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. (76%)
Robustness of different loss functions and their impact on networks learning capability. (76%)
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures. (22%)
Textual Backdoor Attacks Can Be More Harmful via Two Simple Tricks. (10%)
Understanding and Improving Robustness of Vision Transformers through Patch-based Negative Augmentation. (8%)
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand. (1%)
2021-10-14
Adversarial examples by perturbing high-level features in intermediate decoder layers. (99%)
DI-AA: An Interpretable White-box Attack for Fooling Deep Neural Networks. (99%)
Adversarial Purification through Representation Disentanglement. (99%)
RAP: Robustness-Aware Perturbations for Defending against Backdoor Attacks on NLP Models. (93%)
An Optimization Perspective on Realizing Backdoor Injection Attacks on Deep Neural Networks in Hardware. (87%)
Interactive Analysis of CNN Robustness. (80%)
On Adversarial Vulnerability of PHM algorithms: An Initial Study. (69%)
Identifying and Mitigating Spurious Correlations for Improving Robustness in NLP Models. (61%)
Toward Degradation-Robust Voice Conversion. (9%)
Interpreting the Robustness of Neural NLP Models to Textual Perturbations. (9%)
Retrieval-guided Counterfactual Generation for QA. (2%)
Effective Certification of Monotone Deep Equilibrium Models. (1%)
2021-10-13
A Framework for Verification of Wasserstein Adversarial Robustness. (99%)
Identification of Attack-Specific Signatures in Adversarial Examples. (99%)
Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness. (99%)
Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer. (98%)
Brittle interpretations: The Vulnerability of TCAV and Other Concept-based Explainability Tools to Adversarial Attack. (93%)
Poison Forensics: Traceback of Data Poisoning Attacks in Neural Networks. (92%)
Boosting the Certified Robustness of L-infinity Distance Nets. (1%)
Benchmarking the Robustness of Spatial-Temporal Models Against Corruptions. (1%)
2021-10-12
Adversarial Attack across Datasets. (99%)
Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning. (99%)
SEPP: Similarity Estimation of Predicted Probabilities for Defending and Detecting Adversarial Text. (92%)
On the Security Risks of AutoML. (45%)
Zero-bias Deep Neural Network for Quickest RF Signal Surveillance. (1%)
2021-10-11
Boosting Fast Adversarial Training with Learnable Adversarial Initialization. (99%)
Parameterizing Activation Functions for Adversarial Robustness. (98%)
Amicable examples for informed source separation. (86%)
Doubly-Trained Adversarial Data Augmentation for Neural Machine Translation. (12%)
Intriguing Properties of Input-dependent Randomized Smoothing. (1%)
Hiding Images into Images with Real-world Robustness. (1%)
Source Mixing and Separation Robust Audio Steganography. (1%)
Homogeneous Learning: Self-Attention Decentralized Deep Learning. (1%)
Large Language Models Can Be Strong Differentially Private Learners. (1%)
A Closer Look at Prototype Classifier for Few-shot Image Classification. (1%)
Certified Patch Robustness via Smoothed Vision Transformers. (1%)
2021-10-10
Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability. (98%)
Universal Adversarial Attacks on Neural Networks for Power Allocation in a Massive MIMO System. (92%)
2021-10-09
Demystifying the Transferability of Adversarial Attacks in Computer Networks. (99%)
Provably Efficient Black-Box Action Poisoning Attacks Against Reinforcement Learning. (93%)
Widen The Backdoor To Let More Attackers In. (13%)
2021-10-08
Explainability-Aware One Point Attack for Point Cloud Neural Networks. (99%)
Game Theory for Adversarial Attacks and Defenses. (98%)
Graphs as Tools to Improve Deep Learning Methods. (10%)
IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization. (3%)
A Wireless Intrusion Detection System for 802.11 WPA3 Networks. (1%)
Salient ImageNet: How to discover spurious features in Deep Learning? (1%)
2021-10-07
Robust Feature-Level Adversaries are Interpretability Tools. (99%)
EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection. (99%)
Adversarial Attack by Limited Point Cloud Surface Modifications. (98%)
Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks. (98%)
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction. (80%)
Fingerprinting Multi-exit Deep Neural Network Models via Inference Time. (62%)
Adversarial Unlearning of Backdoors via Implicit Hypergradient. (56%)
MPSN: Motion-aware Pseudo Siamese Network for Indoor Video Head Detection in Buildings. (1%)
2021-10-06
HIRE-SNN: Harnessing the Inherent Robustness of Energy-Efficient Deep Spiking Neural Networks by Training with Crafted Input Noise. (99%)
Reversible adversarial examples against local visual perturbation. (99%)
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack. (99%)
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs. (99%)
Adversarial Attacks on Machinery Fault Diagnosis. (99%)
Adversarial Attacks on Spiking Convolutional Networks for Event-based Vision. (98%)
A Uniform Framework for Anomaly Detection in Deep Neural Networks. (97%)
Double Descent in Adversarial Training: An Implicit Label Noise Perspective. (88%)
Improving Adversarial Robustness for Free with Snapshot Ensemble. (83%)
DoubleStar: Long-Range Attack Towards Depth Estimation based Obstacle Avoidance in Autonomous Systems. (45%)
Inference Attacks Against Graph Neural Networks. (2%)
Data-driven behavioural biometrics for continuous and adaptive user verification using Smartphone and Smartwatch. (1%)
On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks. (1%)
Efficient Sharpness-aware Minimization for Improved Training of Neural Networks. (1%)
Stegomalware: A Systematic Survey of MalwareHiding and Detection in Images, Machine LearningModels and Research Challenges. (1%)
Exploring the Common Principal Subspace of Deep Features in Neural Networks. (1%)
Generalizing Neural Networks by Reflecting Deviating Data in Production. (1%)
2021-10-05
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems. (99%)
Adversarial Attacks on Black Box Video Classifiers: Leveraging the Power of Geometric Transformations. (99%)
Adversarial defenses via a mixture of generators. (99%)
Neural Network Adversarial Attack Method Based on Improved Genetic Algorithm. (92%)
BadPre: Task-agnostic Backdoor Attacks to Pre-trained NLP Foundation Models. (33%)
Spectral Bias in Practice: The Role of Function Frequency in Generalization. (1%)
CADA: Multi-scale Collaborative Adversarial Domain Adaptation for Unsupervised Optic Disc and Cup Segmentation. (1%)
Noisy Feature Mixup. (1%)
2021-10-04
Benchmarking Safety Monitors for Image Classifiers with Machine Learning. (1%)
2021-10-03
Adversarial Examples Generation for Reducing Implicit Gender Bias in Pre-trained Models. (82%)
2021-10-02
Evaluating Deep Learning Models and Adversarial Attacks on Accelerometer-Based Gesture Authentication. (98%)
Anti-aliasing Deep Image Classifiers using Novel Depth Adaptive Blurring and Activation Function. (13%)
2021-10-01
Calibrated Adversarial Training. (98%)
Universal Adversarial Spoofing Attacks against Face Recognition. (87%)
Score-Based Generative Classifiers. (84%)
One Timestep is All You Need: Training Spiking Neural Networks with Ultra Low Latency. (1%)
2021-09-30
Mitigating Black-Box Adversarial Attacks via Output Noise Perturbation. (98%)
You Cannot Easily Catch Me: A Low-Detectable Adversarial Patch for Object Detectors. (95%)
Adversarial Semantic Contour for Object Detection. (92%)
From Zero-Shot Machine Learning to Zero-Day Attack Detection. (10%)
2021-09-29
On Brightness Agnostic Adversarial Examples Against Face Recognition Systems. (99%)
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks. (70%)
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining. (41%)
Mitigation of Adversarial Policy Imitation via Constrained Randomization of Policy (CRoP). (10%)
2021-09-28
slimTrain -- A Stochastic Approximation Method for Training Separable Deep Neural Networks. (1%)
2021-09-27
MUTEN: Boosting Gradient-Based Adversarial Attacks via Mutant-Based Ensembles. (99%)
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors. (99%)
Classification and Adversarial examples in an Overparameterized Linear Model: A Signal Processing Perspective. (98%)
GANG-MAM: GAN based enGine for Modifying Android Malware. (64%)
Distributionally Robust Multi-Output Regression Ranking. (3%)
Improving Uncertainty of Deep Learning-based Object Classification on Radar Spectra using Label Smoothing. (1%)
Federated Deep Learning with Bayesian Privacy. (1%)
2021-09-26
Distributionally Robust Multiclass Classification and Applications in Deep CNN Image Classifiers. (11%)
2021-09-25
Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency. (99%)
Contributions to Large Scale Bayesian Inference and Adversarial Machine Learning. (98%)
MINIMAL: Mining Models for Data Free Universal Adversarial Triggers. (93%)
2021-09-24
Local Intrinsic Dimensionality Signals Adversarial Perturbations. (98%)
2021-09-23
Breaking BERT: Understanding its Vulnerabilities for Biomedical Named Entity Recognition through Adversarial Attack. (98%)
FooBaR: Fault Fooling Backdoor Attack on Neural Network Training. (88%)
AES Systems Are Both Overstable And Oversensitive: Explaining Why And Proposing Defenses. (68%)
DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications. (1%)
2021-09-22
Exploring Adversarial Examples for Efficient Active Learning in Machine Learning Classifiers. (99%)
CC-Cert: A Probabilistic Approach to Certify General Robustness of Neural Networks. (81%)
Security Analysis of Capsule Network Inference using Horizontal Collaboration. (69%)
Adversarial Transfer Attacks With Unknown Data and Class Overlap. (62%)
Pushing the Right Buttons: Adversarial Evaluation of Quality Estimation. (1%)
Backdoor Attacks on Federated Learning with Lottery Ticket Hypothesis. (1%)
2021-09-21
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability. (99%)
3D Point Cloud Completion with Geometric-Aware Adversarial Augmentation. (93%)
DeSMP: Differential Privacy-exploited Stealthy Model Poisoning Attacks in Federated Learning. (76%)
Privacy, Security, and Utility Analysis of Differentially Private CPES Data. (13%)
2021-09-20
Robust Physical-World Attacks on Face Recognition. (99%)
Modeling Adversarial Noise for Adversarial Defense. (99%)
Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection? (99%)
Robustness Analysis of Deep Learning Frameworks on Mobile Platforms. (10%)
"Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real World. (2%)
Towards Energy-Efficient and Secure Edge AI: A Cross-Layer Framework. (1%)
2021-09-19
On the Noise Stability and Robustness of Adversarially Trained Networks on NVM Crossbars. (99%)
Adversarial Training with Contrastive Learning in NLP. (16%)
2021-09-18
Clean-label Backdoor Attack against Deep Hashing based Retrieval. (98%)
2021-09-17
Messing Up 3D Virtual Environments: Transferable Adversarial 3D Objects. (98%)
Exploring the Training Robustness of Distributional Reinforcement Learning against Noisy State Observations. (8%)
2021-09-16
Harnessing Perceptual Adversarial Patches for Crowd Counting. (99%)
KATANA: Simple Post-Training Robustness Using Test Time Augmentations. (98%)
Targeted Attack on Deep RL-based Autonomous Driving with Learned Visual Patterns. (96%)
Adversarial Attacks against Deep Learning Based Power Control in Wireless Communications. (95%)
Don't Search for a Search Method -- Simple Heuristics Suffice for Adversarial Text Attacks. (68%)
Membership Inference Attacks Against Recommender Systems. (3%)
2021-09-15
Universal Adversarial Attack on Deep Learning Based Prognostics. (99%)
Balancing detectability and performance of attacks on the control channel of Markov Decision Processes. (98%)
FCA: Learning a 3D Full-coverage Vehicle Camouflage for Multi-view Physical Adversarial Attack. (95%)
BERT is Robust! A Case Against Synonym-Based Adversarial Examples in Text Classification. (92%)
Adversarial Mixing Policy for Relaxing Locally Linear Constraints in Mixup. (13%)
Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side Channel. (10%)
2021-09-14
A Novel Data Encryption Method Inspired by Adversarial Attacks. (99%)
Improving Gradient-based Adversarial Training for Text Classification by Contrastive Learning and Auto-Encoder. (99%)
PETGEN: Personalized Text Generation Attack on Deep Sequence Embedding-based Classification Models. (99%)
EVAGAN: Evasion Generative Adversarial Network for Low Data Regimes. (76%)
Dodging Attack Using Carefully Crafted Natural Makeup. (47%)
Avengers Ensemble! Improving Transferability of Authorship Obfuscation. (12%)
ARCH: Efficient Adversarial Regularized Training with Caching. (8%)
2021-09-13
Adversarial Bone Length Attack on Action Recognition. (99%)
Randomized Substitution and Vote for Textual Adversarial Example Detection. (99%)
Improving the Robustness of Adversarial Attacks Using an Affine-Invariant Gradient Estimator. (99%)
Evolving Architectures with Gradient Misalignment toward Low Adversarial Transferability. (98%)
A Practical Adversarial Attack on Contingency Detection of Smart Energy Systems. (98%)
Adversarial Examples for Evaluating Math Word Problem Solvers. (96%)
PAT: Pseudo-Adversarial Training For Detecting Adversarial Videos. (86%)
SignGuard: Byzantine-robust Federated Learning through Collaborative Malicious Gradient Filtering. (81%)
Formalizing and Estimating Distribution Inference Risks. (62%)
Virtual Data Augmentation: A Robust and General Framework for Fine-tuning Pre-trained Models. (50%)
Sensor Adversarial Traits: Analyzing Robustness of 3D Object Detection Sensor Fusion Models. (16%)
Adversarially Trained Object Detector for Unsupervised Domain Adaptation. (3%)
Perturbation CheckLists for Evaluating NLG Evaluation Metrics. (1%)
How to Select One Among All? An Extensive Empirical Study Towards the Robustness of Knowledge Distillation in Natural Language Understanding. (1%)
Detecting Safety Problems of Multi-Sensor Fusion in Autonomous Driving. (1%)
2021-09-12
TREATED:Towards Universal Defense against Textual Adversarial Attacks. (99%)
CoG: a Two-View Co-training Framework for Defending Adversarial Attacks on Graph. (98%)
Check Your Other Door! Creating Backdoor Attacks in the Frequency Domain. (93%)
RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models. (84%)
Shape-Biased Domain Generalization via Shock Graph Embeddings. (2%)
Source Inference Attacks in Federated Learning. (1%)
2021-09-11
RobustART: Benchmarking Robustness on Architecture Design and Training Techniques. (98%)
2-in-1 Accelerator: Enabling Random Precision Switch for Winning Both Adversarial Robustness and Efficiency. (81%)
2021-09-10
A Strong Baseline for Query Efficient Attacks in a Black Box Setting. (99%)
2021-09-09
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification. (99%)
Energy Attack: On Transferring Adversarial Examples. (99%)
Protein Folding Neural Networks Are Not Robust. (99%)
Towards Transferable Adversarial Attacks on Vision Transformers. (99%)
Multi-granularity Textual Adversarial Attack with Behavior Cloning. (98%)
Spatially Focused Attack against Spatiotemporal Graph Neural Networks. (81%)
Differential Privacy in Personalized Pricing with Nonparametric Demand Models. (26%)
EvilModel 2.0: Bringing Neural Network Models into Malware Attacks. (5%)
2021-09-08
Membership Inference Attacks Against Temporally Correlated Data in Deep Reinforcement Learning. (89%)
Robust Optimal Classification Trees Against Adversarial Examples. (80%)
2021-09-07
Adversarial Parameter Defense by Multi-Step Risk Minimization. (98%)
POW-HOW: An enduring timing side-channel to evade online malware sandboxes. (12%)
Unpaired Adversarial Learning for Single Image Deraining with Rain-Space Contrastive Constraints. (1%)
2021-09-06
Robustness and Generalization via Generative Adversarial Training. (82%)
Trojan Signatures in DNN Weights. (33%)
Automated Robustness with Adversarial Training as a Post-Processing Step. (4%)
Exposing Length Divergence Bias of Textual Matching Models. (2%)
2021-09-05
Efficient Combinatorial Optimization for Word-level Adversarial Textual Attack. (98%)
Tolerating Adversarial Attacks and Byzantine Faults in Distributed Machine Learning. (2%)
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode. (1%)
2021-09-04
Real-World Adversarial Examples involving Makeup Application. (99%)
Utilizing Adversarial Targeted Attacks to Boost Adversarial Robustness. (99%)
Training Meta-Surrogate Model for Transferable Adversarial Attack. (99%)
2021-09-03
SEC4SR: A Security Analysis Platform for Speaker Recognition. (99%)
Risk Assessment for Connected Vehicles under Stealthy Attacks on Vehicle-to-Vehicle Networks. (1%)
2021-09-02
A Synergetic Attack against Neural Network Classifiers combining Backdoor and Adversarial Examples. (99%)
Impact of Attention on Adversarial Robustness of Image Classification Models. (99%)
Adversarial Robustness for Unsupervised Domain Adaptation. (98%)
Real World Robustness from Systematic Noise. (91%)
Building Compact and Robust Deep Neural Networks with Toeplitz Matrices. (61%)
2021-09-01
Towards Improving Adversarial Training of NLP Models. (98%)
Excess Capacity and Backdoor Poisoning. (97%)
Regional Adversarial Training for Better Robust Generalization. (96%)
R-SNN: An Analysis and Design Methodology for Robustifying Spiking Neural Networks against Adversarial Attacks through Noise Filters for Dynamic Vision Sensors. (86%)
Proof Transfer for Neural Network Verification. (9%)
Guarding Machine Learning Hardware Against Physical Side-Channel Attacks. (2%)
2021-08-31
EG-Booster: Explanation-Guided Booster of ML Evasion Attacks. (99%)
Morphence: Moving Target Defense Against Adversarial Examples. (99%)
DPA: Learning Robust Physical Adversarial Camouflages for Object Detectors. (93%)
Black-Box Attacks on Sequential Recommenders via Data-Free Model Extraction. (83%)
Segmentation Fault: A Cheap Defense Against Adversarial Machine Learning. (75%)
Backdoor Attacks on Pre-trained Models by Layerwise Weight Poisoning. (4%)
2021-08-30
Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings. (99%)
Investigating Vulnerabilities of Deep Neural Policies. (99%)
Adversarial Example Devastation and Detection on Speech Recognition System by Adding Random Noise. (99%)
Single Node Injection Attack against Graph Neural Networks. (68%)
Benchmarking the Accuracy and Robustness of Feedback Alignment Algorithms. (41%)
Adaptive perturbation adversarial training: based on reinforcement learning. (41%)
How Does Adversarial Fine-Tuning Benefit BERT? (33%)
ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation. (26%)
DuTrust: A Sentiment Analysis Dataset for Trustworthiness Evaluation. (1%)
2021-08-29
Searching for an Effective Defender: Benchmarking Defense against Adversarial Word Substitution. (99%)
Reinforcement Learning Based Sparse Black-box Adversarial Attack on Video Recognition Models. (98%)
DropAttack: A Masked Weight Adversarial Training Method to Improve Generalization of Neural Networks. (82%)
HAT4RD: Hierarchical Adversarial Training for Rumor Detection on Social Media. (81%)
2021-08-27
Mal2GCN: A Robust Malware Detection Approach Using Deep Graph Convolutional Networks With Non-Negative Weights. (99%)
Disrupting Adversarial Transferability in Deep Neural Networks. (98%)
Evaluating the Robustness of Neural Language Models to Input Perturbations. (16%)
Deep learning models are not robust against noise in clinical text. (1%)
2021-08-26
Understanding the Logit Distributions of Adversarially-Trained Deep Neural Networks. (99%)
A Hierarchical Assessment of Adversarial Severity. (98%)
Physical Adversarial Attacks on an Aerial Imagery Object Detector. (96%)
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference. (80%)
Detection and Continual Learning of Novel Face Presentation Attacks. (2%)
2021-08-25
Uncertify: Attacks Against Neural Network Certification. (99%)
Adversarially Robust One-class Novelty Detection. (99%)
Bridged Adversarial Training. (93%)
Generalized Real-World Super-Resolution through Adversarial Robustness. (93%)
2021-08-24
Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE. (99%)
Are socially-aware trajectory prediction models really socially-aware? (92%)
OOWL500: Overcoming Dataset Collection Bias in the Wild. (76%)
StyleAugment: Learning Texture De-biased Representations by Style Augmentation without Pre-defined Textures. (1%)
2021-08-23
Adversarial Robustness of Deep Learning: Theory, Algorithms, and Applications. (99%)
Semantic-Preserving Adversarial Text Attacks. (99%)
Deep Bayesian Image Set Classification: A Defence Approach against Adversarial Attacks. (99%)
Kryptonite: An Adversarial Attack Using Regional Focus. (99%)
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning. (73%)
SegMix: Co-occurrence Driven Mixup for Semantic Segmentation and Adversarial Robustness. (4%)
2021-08-22
Robustness-via-Synthesis: Robust Training with Generative Adversarial Perturbations. (99%)
Multi-Expert Adversarial Attack Detection in Person Re-identification Using Context Inconsistency. (98%)
Relating CNNs with brain: Challenges and findings. (10%)
2021-08-21
A Hard Label Black-box Adversarial Attack Against Graph Neural Networks. (99%)
"Adversarial Examples" for Proof-of-Learning. (98%)
Regularizing Instabilities in Image Reconstruction Arising from Learned Denoisers. (2%)
2021-08-20
AdvDrop: Adversarial Attack to DNNs by Dropping Information. (99%)
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier. (99%)
Integer-arithmetic-only Certified Robustness for Quantized Neural Networks. (98%)
Towards Understanding the Generative Capability of Adversarially Robust Classifiers. (98%)
Detecting and Segmenting Adversarial Graphics Patterns from Images. (93%)
UnSplit: Data-Oblivious Model Inversion, Model Stealing, and Label Inference Attacks Against Split Learning. (1%)
Early-exit deep neural networks for distorted images: providing an efficient edge offloading. (1%)
2021-08-19
Application of Adversarial Examples to Physical ECG Signals. (99%)
Pruning in the Face of Adversaries. (99%)
ASAT: Adaptively Scaled Adversarial Training in Time Series. (98%)
Amplitude-Phase Recombination: Rethinking Robustness of Convolutional Neural Networks in Frequency Domain. (80%)
2021-08-18
Revisiting Adversarial Robustness Distillation: Robust Soft Labels Make Student Better. (99%)
Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes. (98%)
MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression. (45%)
Proceedings of the 1st International Workshop on Adaptive Cyber Defense. (1%)
2021-08-17
When Should You Defend Your Classifier -- A Game-theoretical Analysis of Countermeasures against Adversarial Examples. (98%)
Adversarial Relighting Against Face Recognition. (98%)
Semantic Perturbations with Normalizing Flows for Improved Generalization. (13%)
Coalesced Multi-Output Tsetlin Machines with Clause Sharing. (1%)
Appearance Based Deep Domain Adaptation for the Classification of Aerial Images. (1%)
2021-08-16
Exploring Transferable and Robust Adversarial Perturbation Generation from the Perspective of Network Hierarchy. (99%)
Interpreting Attributions and Interactions of Adversarial Attacks. (83%)
Patch Attack Invariance: How Sensitive are Patch Attacks to 3D Pose? (62%)
NeuraCrypt is not private. (10%)
Identifying and Exploiting Structures for Reliable Deep Learning. (2%)
On the Opportunities and Risks of Foundation Models. (2%)
2021-08-15
Neural Architecture Dilation for Adversarial Robustness. (81%)
Deep Adversarially-Enhanced k-Nearest Neighbors. (74%)
IADA: Iterative Adversarial Data Augmentation Using Formal Verification and Expert Guidance. (1%)
2021-08-14
LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis. (1%)
2021-08-13
Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks. (99%)
Optical Adversarial Attack. (98%)
Understanding Structural Vulnerability in Graph Convolutional Networks. (96%)
The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs. (1%)
2021-08-12
AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-directional Metric Learning. (99%)
Deep adversarial attack on target detection systems. (99%)
Hatemoji: A Test Suite and Adversarially-Generated Dataset for Benchmarking and Detecting Emoji-based Hate. (69%)
2021-08-11
Turning Your Strength against You: Detecting and Mitigating Robust and Universal Adversarial Patch Attacks. (99%)
Attacks against Ranking Algorithms with Text Embeddings: a Case Study on Recruitment Algorithms. (78%)
Are Neural Ranking Models Robust? (4%)
Logic Explained Networks. (1%)
2021-08-10
Simple black-box universal adversarial attacks on medical image classification based on deep neural networks. (99%)
On the Effect of Pruning on Adversarial Robustness. (81%)
SoK: How Robust is Image Classification Deep Neural Network Watermarking? (Extended Version). (68%)
Perturbing Inputs for Fragile Interpretations in Deep Natural Language Processing. (64%)
UniNet: A Unified Scene Understanding Network and Exploring Multi-Task Relationships through the Lens of Adversarial Attacks. (2%)
Instance-wise Hard Negative Example Generation for Contrastive Learning in Unpaired Image-to-Image Translation. (1%)
2021-08-09
Meta Gradient Adversarial Attack. (99%)
On Procedural Adversarial Noise Attack And Defense. (99%)
Enhancing Knowledge Tracing via Adversarial Training. (98%)
Neural Network Repair with Reachability Analysis. (96%)
Classification Auto-Encoder based Detector against Diverse Data Poisoning Attacks. (92%)
Mis-spoke or mis-lead: Achieving Robustness in Multi-Agent Communicative Reinforcement Learning. (82%)
Privacy-Preserving Machine Learning: Methods, Challenges and Directions. (16%)
Explainable AI and susceptibility to adversarial attacks: a case study in classification of breast ultrasound images. (15%)
2021-08-07
Jointly Attacking Graph Neural Network and its Explanations. (96%)
Membership Inference Attacks on Lottery Ticket Networks. (33%)
Information Bottleneck Approach to Spatial Attention Learning. (1%)
2021-08-06
Evaluating Adversarial Attacks on Driving Safety in Vision-Based Autonomous Vehicles. (80%)
Ensemble Augmentation for Deep Neural Networks Using 1-D Time Series Vibration Data. (2%)
2021-08-05
BOSS: Bidirectional One-Shot Synthesis of Adversarial Examples. (99%)
Poison Ink: Robust and Invisible Backdoor Attack. (99%)
Imperceptible Adversarial Examples by Spatial Chroma-Shift. (99%)
Householder Activations for Provable Robustness against Adversarial Attacks. (83%)
Fairness Properties of Face Recognition and Obfuscation Systems. (68%)
Exploring Structure Consistency for Deep Model Watermarking. (10%)
Locally Interpretable One-Class Anomaly Detection for Credit Card Fraud Detection. (1%)
2021-08-04
Robust Transfer Learning with Pretrained Language Models through Adapters. (82%)
Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective. (31%)
2021-08-03
On the Robustness of Domain Adaption to Adversarial Attacks. (99%)
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples. (99%)
AdvRush: Searching for Adversarially Robust Neural Architectures. (99%)
The Devil is in the GAN: Backdoor Attacks and Defenses in Deep Generative Models. (88%)
DeepFreeze: Cold Boot Attacks and High Fidelity Model Recovery on Commercial EdgeML Device. (69%)
Tutorials on Testing Neural Networks. (1%)
2021-08-02
Hybrid Classical-Quantum Deep Learning Models for Autonomous Vehicle Traffic Image Classification Under Adversarial Attack. (98%)
Adversarial Attacks Against Deep Reinforcement Learning Framework in Internet of Vehicles. (10%)
Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. (9%)
Efficacy of Statistical and Artificial Intelligence-based False Information Cyberattack Detection Models for Connected Vehicles. (1%)
2021-08-01
Advances in adversarial attacks and defenses in computer vision: A survey. (92%)
Certified Defense via Latent Space Randomized Smoothing with Orthogonal Encoders. (80%)
An Effective and Robust Detector for Logo Detection. (70%)
Style Curriculum Learning for Robust Medical Image Segmentation. (2%)
2021-07-31
Delving into Deep Image Prior for Adversarial Defense: A Novel Reconstruction-based Defense Framework. (99%)
Adversarial Robustness of Deep Code Comment Generation. (99%)
Towards Adversarially Robust and Domain Generalizable Stereo Matching by Rethinking DNN Feature Backbones. (93%)
T$_k$ML-AP: Adversarial Attacks to Top-$k$ Multi-Label Learning. (81%)
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning. (67%)
Fair Representation Learning using Interpolation Enabled Disentanglement. (1%)
2021-07-30
Who's Afraid of Thomas Bayes? (92%)
Practical Attacks on Voice Spoofing Countermeasures. (86%)
Can You Hear It? Backdoor Attacks via Ultrasonic Triggers. (50%)
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection. (13%)
2021-07-29
Feature Importance-aware Transferable Adversarial Attacks. (99%)
Enhancing Adversarial Robustness via Test-time Transformation Ensembling. (98%)
The Robustness of Graph k-shell Structure under Adversarial Attacks. (93%)
Understanding the Effects of Adversarial Personalized Ranking Optimization Method on Recommendation Quality. (31%)
Towards robust vision by multi-task learning on monkey visual cortex. (3%)
2021-07-28
Imbalanced Adversarial Training with Reweighting. (86%)
Towards Robustness Against Natural Language Word Substitutions. (73%)
Models of Computational Profiles to Study the Likelihood of DNN Metamorphic Test Cases. (67%)
WaveCNet: Wavelet Integrated CNNs to Suppress Aliasing Effect for Noise-Robust Image Classification. (15%)
TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data Releasing. (2%)
2021-07-27
Towards Black-box Attacks on Deep Learning Apps. (89%)
Poisoning Online Learning Filters: DDoS Attacks and Countermeasures. (50%)
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks. (8%)
2021-07-26
Benign Adversarial Attack: Tricking Models for Goodness. (99%)
Learning to Adversarially Blur Visual Object Tracking. (98%)
Adversarial Attacks with Time-Scale Representations. (96%)
2021-07-24
Adversarial training may be a double-edged sword. (99%)
Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them. (98%)
Stress Test Evaluation of Biomedical Word Embeddings. (73%)
X-GGM: Graph Generative Modeling for Out-of-Distribution Generalization in Visual Question Answering. (1%)
2021-07-23
A Differentiable Language Model Adversarial Attack on Text Classifiers. (99%)
Structack: Structure-based Adversarial Attacks on Graph Neural Networks. (86%)
Adversarial Reinforced Instruction Attacker for Robust Vision-Language Navigation. (45%)
Clipped Hyperbolic Classifiers Are Super-Hyperbolic Classifiers. (8%)
2021-07-22
On the Certified Robustness for Ensemble Models and Beyond. (99%)
Unsupervised Detection of Adversarial Examples with Model Explanations. (99%)
Membership Inference Attack and Defense for Wireless Signal Classifiers with Deep Learning. (83%)
Towards Explaining Adversarial Examples Phenomenon in Artificial Neural Networks. (75%)
Estimating Predictive Uncertainty Under Program Data Distribution Shift. (1%)
Ready for Emerging Threats to Recommender Systems? A Graph Convolution-based Generative Shilling Attack. (1%)
2021-07-21
Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients. (98%)
Improved Text Classification via Contrastive Adversarial Training. (84%)
Black-box Probe for Unsupervised Domain Adaptation without Model Transferring. (81%)
Defending against Reconstruction Attack in Vertical Federated Learning. (10%)
Generative Models for Security: Attacks, Defenses, and Opportunities. (10%)
A Tandem Framework Balancing Privacy and Security for Voice User Interfaces. (5%)
Spinning Sequence-to-Sequence Models with Meta-Backdoors. (4%)
On the Convergence of Prior-Guided Zeroth-Order Optimization Algorithms. (2%)
2021-07-20
Using Undervolting as an On-Device Defense Against Adversarial Machine Learning Attacks. (99%)
A Markov Game Model for AI-based Cyber Security Attack Mitigation. (10%)
Leaking Secrets through Modern Branch Predictor in the Speculative World. (1%)
2021-07-19
Discriminator-Free Generative Adversarial Attack. (99%)
Feature-Filter: Detecting Adversarial Examples through Filtering off Recessive Features. (99%)
Examining the Human Perceptibility of Black-Box Adversarial Attacks on Face Recognition. (98%)
On the Veracity of Local, Model-agnostic Explanations in Audio Classification: Targeted Investigations with Adversarial Examples. (80%)
MEGEX: Data-Free Model Extraction Attack against Gradient-Based Explainable AI. (33%)
Structural Watermarking to Deep Neural Networks via Network Channel Pruning. (11%)
Generative Adversarial Neural Cellular Automata. (1%)
Improving Interpretability of Deep Neural Networks in Medical Diagnosis by Investigating the Individual Units. (1%)
Just Train Twice: Improving Group Robustness without Training Group Information. (1%)
2021-07-18
RobustFed: A Truth Inference Approach for Robust Federated Learning. (1%)
2021-07-17
BEDS-Bench: Behavior of EHR-models under Distributional Shift--A Benchmark. (9%)
2021-07-16
EGC2: Enhanced Graph Classification with Easy Graph Compression. (89%)
Proceedings of ICML 2021 Workshop on Theoretic Foundation, Criticism, and Application Trend of Explainable AI. (1%)
2021-07-15
Self-Supervised Contrastive Learning with Adversarial Perturbations for Defending Word Substitution-based Attacks. (99%)
Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving. (98%)
ECG-Adv-GAN: Detecting ECG Adversarial Examples with Conditional Generative Adversarial Networks. (92%)
Adversarial Attack for Uncertainty Estimation: Identifying Critical Regions in Neural Networks. (80%)
Subnet Replacement: Deployment-stage backdoor attack against deep neural networks in gray-box setting. (16%)
Tailor: Generating and Perturbing Text with Semantic Controls. (3%)
Shifts: A Dataset of Real Distributional Shift Across Multiple Large-Scale Tasks. (1%)
2021-07-14
AdvFilter: Predictive Perturbation-aware Filtering against Adversarial Attack via Multi-domain Learning. (99%)
Conservative Objective Models for Effective Offline Model-Based Optimization. (67%)
2021-07-13
AID-Purifier: A Light Auxiliary Network for Boosting Adversarial Defense. (88%)
Using BERT Encoding to Tackle the Mad-lib Attack in SMS Spam Detection. (69%)
Correlation Analysis between the Robustness of Sparse Neural Networks and their Random Hidden Structural Priors. (41%)
What classifiers know what they don't? (1%)
2021-07-12
EvoBA: An Evolution Strategy as a Strong Baseline forBlack-Box Adversarial Attacks. (99%)
Detect and Defense Against Adversarial Examples in Deep Learning using Natural Scene Statistics and Adaptive Denoising. (99%)
Perceptual-based deep-learning denoiser as a defense against adversarial attacks on ASR systems. (96%)
Putting words into the system's mouth: A targeted attack on neural machine translation using monolingual data poisoning. (81%)
A Closer Look at the Adversarial Robustness of Information Bottleneck Models. (70%)
SoftHebb: Bayesian inference in unsupervised Hebbian soft winner-take-all networks. (56%)
2021-07-11
Adversarial for Good? How the Adversarial ML Community's Values Impede Socially Beneficial Uses of Attacks. (76%)
Stateful Detection of Model Extraction Attacks. (2%)
Attack Rules: An Adversarial Approach to Generate Attacks for Industrial Control Systems using Machine Learning. (1%)
2021-07-10
Hack The Box: Fooling Deep Learning Abstraction-Based Monitors. (91%)
HOMRS: High Order Metamorphic Relations Selector for Deep Neural Networks. (88%)
Identifying Layers Susceptible to Adversarial Attacks. (83%)
Out of Distribution Detection and Adversarial Attacks on Deep Neural Networks for Robust Medical Image Analysis. (22%)
Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. (1%)
2021-07-09
Learning to Detect Adversarial Examples Based on Class Scores. (99%)
Resilience of Autonomous Vehicle Object Category Detection to Universal Adversarial Perturbations. (99%)
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems. (99%)
GGT: Graph-Guided Testing for Adversarial Sample Detection of Deep Neural Network. (98%)
Towards Robust General Medical Image Segmentation. (83%)
ARC: Adversarially Robust Control Policies for Autonomous Vehicles. (38%)
2021-07-08
Output Randomization: A Novel Defense for both White-box and Black-box Adversarial Models. (99%)
Improving Model Robustness with Latent Distribution Locally and Globally. (99%)
Analytically Tractable Hidden-States Inference in Bayesian Neural Networks. (50%)
Understanding the Limits of Unsupervised Domain Adaptation via Data Poisoning. (33%)
2021-07-07
Controlled Caption Generation for Images Through Adversarial Attacks. (99%)
Incorporating Label Uncertainty in Understanding Adversarial Robustness. (38%)
RoFL: Attestable Robustness for Secure Federated Learning. (2%)
2021-07-06
GradDiv: Adversarial Robustness of Randomized Neural Networks via Gradient Diversity Regularization. (99%)
Self-Adversarial Training incorporating Forgery Attention for Image Forgery Localization. (95%)
ROPUST: Improving Robustness through Fine-tuning with Photonic Processors and Synthetic Gradients. (76%)
On Generalization of Graph Autoencoders with Adversarial Training. (12%)
On Robustness of Lane Detection Models to Physical-World Adversarial Attacks in Autonomous Driving. (1%)
2021-07-05
When and How to Fool Explainable Models (and Humans) with Adversarial Examples. (99%)
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks. (99%)
Adversarial Robustness of Probabilistic Network Embedding for Link Prediction. (87%)
Dealing with Adversarial Player Strategies in the Neural Network Game iNNk through Ensemble Learning. (69%)
Understanding the Security of Deepfake Detection. (33%)
Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems. (15%)
Poisoning Attack against Estimating from Pairwise Comparisons. (15%)
Confidence Conditioned Knowledge Distillation. (10%)
2021-07-04
Certifiably Robust Interpretation via Renyi Differential Privacy. (67%)
Mirror Mirror on the Wall: Next-Generation Wireless Jamming Attacks Based on Software-Controlled Surfaces. (1%)
2021-07-03
Demiguise Attack: Crafting Invisible Semantic Adversarial Perturbations with Perceptual Similarity. (99%)
2021-07-01
Using Anomaly Feature Vectors for Detecting, Classifying and Warning of Outlier Adversarial Examples. (99%)
DVS-Attacks: Adversarial Attacks on Dynamic Vision Sensors for Spiking Neural Networks. (99%)
CLINE: Contrastive Learning with Semantic Negative Examples for Natural Language Understanding. (68%)
Adversarial Sample Detection for Speaker Verification by Neural Vocoders. (41%)
The Interplay between Distribution Parameters and the Accuracy-Robustness Tradeoff in Classification. (16%)
Reinforcement Learning for Feedback-Enabled Cyber Resilience. (10%)
2021-06-30
Single-Step Adversarial Training for Semantic Segmentation. (96%)
Adversarial examples within the training distribution: A widespread challenge. (93%)
Understanding Adversarial Attacks on Observations in Deep Reinforcement Learning. (84%)
Explanation-Guided Diagnosis of Machine Learning Evasion Attacks. (82%)
Bi-Level Poisoning Attack Model and Countermeasure for Appliance Consumption Data of Smart Homes. (8%)
Exploring Robustness of Neural Networks through Graph Measures. (8%)
A Context-Aware Information-Based Clone Node Attack Detection Scheme in Internet of Things. (1%)
Understanding and Improving Early Stopping for Learning with Noisy Labels. (1%)
2021-06-29
Adversarial Machine Learning for Cybersecurity and Computer Vision: Current Developments and Challenges. (99%)
Understanding Adversarial Examples Through Deep Neural Network's Response Surface and Uncertainty Regions. (99%)
Attack Transferability Characterization for Adversarially Robust Multi-label Classification. (99%)
Inconspicuous Adversarial Patches for Fooling Image Recognition Systems on Mobile Devices. (99%)
Bio-Inspired Adversarial Attack Against Deep Neural Networks. (98%)
Do Not Deceive Your Employer with a Virtual Background: A Video Conferencing Manipulation-Detection System. (62%)
The Threat of Offensive AI to Organizations. (54%)
Local Reweighting for Adversarial Training. (22%)
On the Interaction of Belief Bias and Explanations. (15%)
2021-06-28
Feature Importance Guided Attack: A Model Agnostic Adversarial Attack. (99%)
Evading Adversarial Example Detection Defenses with Orthogonal Projected Gradient Descent. (99%)
Improving Transferability of Adversarial Patches on Face Recognition with Generative Models. (99%)
Data Poisoning Won't Save You From Facial Recognition. (97%)
Adversarial Robustness of Streaming Algorithms through Importance Sampling. (61%)
Test-Time Adaptation to Distribution Shift by Confidence Maximization and Input Transformation. (2%)
Certified Robustness via Randomized Smoothing over Multiplicative Parameters. (1%)
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis. (1%)
2021-06-27
RAILS: A Robust Adversarial Immune-inspired Learning System. (98%)
Who is Responsible for Adversarial Defense? (93%)
ASK: Adversarial Soft k-Nearest Neighbor Attack and Defense. (82%)
Immuno-mimetic Deep Neural Networks (Immuno-Net). (64%)
Stabilizing Equilibrium Models by Jacobian Regularization. (1%)
2021-06-26
Multi-stage Optimization based Adversarial Training. (99%)
The Feasibility and Inevitability of Stealth Attacks. (69%)
2021-06-24
On the (Un-)Avoidability of Adversarial Examples. (99%)
Countering Adversarial Examples: Combining Input Transformation and Noisy Training. (99%)
Break it, Fix it: Attack and Defense for "Add-on'' Access Control Solutions in Distributed Data Analytics Platforms. (8%)
2021-06-23
Adversarial Examples in Multi-Layer Random ReLU Networks. (81%)
Teacher Model Fingerprinting Attacks Against Transfer Learning. (2%)
Meaningfully Explaining Model Mistakes Using Conceptual Counterfactuals. (1%)
Feature Attributions and Counterfactual Explanations Can Be Manipulated. (1%)
2021-06-22
DetectX -- Adversarial Input Detection using Current Signatures in Memristive XBar Arrays. (99%)
Self-Supervised Iterative Contextual Smoothing for Efficient Adversarial Defense against Gray- and Black-Box Attack. (99%)
Long-term Cross Adversarial Training: A Robust Meta-learning Method for Few-shot Classification Tasks. (83%)
On Adversarial Robustness of Synthetic Code Generation. (81%)
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data. (67%)
FLEA: Provably Robust Fair Multisource Learning from Unreliable Training Data. (1%)
2021-06-21
Policy Smoothing for Provably Robust Reinforcement Learning. (99%)
Delving into the pixels of adversarial samples. (98%)
HODA: Hardness-Oriented Detection of Model Extraction Attacks. (98%)
Friendly Training: Neural Networks Can Adapt Data To Make Learning Easier. (91%)
Membership Inference on Word Embedding and Beyond. (38%)
An Alternative Auxiliary Task for Enhancing Image Classification. (11%)
Zero-shot learning approach to adaptive Cybersecurity using Explainable AI. (1%)
2021-06-20
Adversarial Examples Make Strong Poisons. (98%)
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem. (95%)
Generative Model Adversarial Training for Deep Compressed Sensing. (8%)
2021-06-19
Attack to Fool and Explain Deep Networks. (99%)
A Stealthy and Robust Fingerprinting Scheme for Generative Models. (47%)
2021-06-18
Residual Error: a New Performance Measure for Adversarial Robustness. (99%)
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. (99%)
The Dimpled Manifold Model of Adversarial Examples in Machine Learning. (99%)
Exploring Counterfactual Explanations Through the Lens of Adversarial Examples: A Theoretical and Empirical Analysis. (99%)
Light Lies: Optical Adversarial Attack. (92%)
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection. (82%)
Less is More: Feature Selection for Adversarial Robustness with Compressive Counter-Adversarial Attacks. (80%)
Group-Structured Adversarial Training. (68%)
Accumulative Poisoning Attacks on Real-time Data. (45%)
Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks. (45%)
Federated Robustness Propagation: Sharing Adversarial Robustness in Federated Learning. (5%)
2021-06-17
Analyzing Adversarial Robustness of Deep Neural Networks in Pixel Space: a Semantic Perspective. (99%)
Bad Characters: Imperceptible NLP Attacks. (99%)
DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs. (99%)
Adversarial Visual Robustness by Causal Intervention. (99%)
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. (92%)
Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks. (91%)
Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems. (82%)
Poisoning and Backdooring Contrastive Learning. (70%)
CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing. (69%)
CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing. (64%)
On Deep Neural Network Calibration by Regularization and its Impact on Refinement. (3%)
Effective Model Sparsification by Scheduled Grow-and-Prune Methods. (1%)
2021-06-16
Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses. (99%)
Localized Uncertainty Attacks. (99%)
Evaluating the Robustness of Bayesian Neural Networks Against Different Types of Attacks. (67%)
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch. (38%)
Explainable AI for Natural Adversarial Images. (13%)
A Winning Hand: Compressing Deep Networks Can Improve Out-Of-Distribution Robustness. (2%)
Scaling-up Diverse Orthogonal Convolutional Networks with a Paraunitary Framework. (1%)
Loki: Hardening Code Obfuscation Against Automated Attacks. (1%)
2021-06-15
Adversarial Attacks on Deep Models for Financial Transaction Records. (99%)
Model Extraction and Adversarial Attacks on Neural Networks using Switching Power Information. (99%)
Towards Adversarial Robustness via Transductive Learning. (80%)
Voting for the right answer: Adversarial defense for speaker verification. (78%)
Detect and remove watermark in deep neural networks via generative adversarial networks. (68%)
CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. (13%)
Securing Face Liveness Detection Using Unforgeable Lip Motion Patterns. (12%)
Probabilistic Margins for Instance Reweighting in Adversarial Training. (8%)
CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals. (1%)
2021-06-14
PopSkipJump: Decision-Based Attack for Probabilistic Classifiers. (99%)
Now You See It, Now You Dont: Adversarial Vulnerabilities in Computational Pathology. (99%)
Audio Attacks and Defenses against AED Systems -- A Practical Study. (99%)
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions. (92%)
Evading Malware Classifiers via Monte Carlo Mutant Feature Discovery. (81%)
On the Relationship between Heterophily and Robustness of Graph Neural Networks. (81%)
Partial success in closing the gap between human and machine vision. (15%)
Text Generation with Efficient (Soft) Q-Learning. (2%)
Resilient Control of Platooning Networked Robitic Systems via Dynamic Watermarking. (1%)
Self-training Guided Adversarial Domain Adaptation For Thermal Imagery. (1%)
Code Integrity Attestation for PLCs using Black Box Neural Network Predictions. (1%)
2021-06-13
Target Model Agnostic Adversarial Attacks with Query Budgets on Language Understanding Models. (99%)
Selection of Source Images Heavily Influences the Effectiveness of Adversarial Attacks. (99%)
ATRAS: Adversarially Trained Robust Architecture Search. (96%)
Security Analysis of Camera-LiDAR Semantic-Level Fusion Against Black-Box Attacks on Autonomous Vehicles. (64%)
Weakly-supervised High-resolution Segmentation of Mammography Images for Breast Cancer Diagnosis. (1%)
HistoTransfer: Understanding Transfer Learning for Histopathology. (1%)
2021-06-12
Adversarial Robustness via Fisher-Rao Regularization. (67%)
What can linearized neural networks actually say about generalization? (31%)
FeSHI: Feature Map Based Stealthy Hardware Intrinsic Attack. (2%)
2021-06-11
CausalAdv: Adversarial Robustness through the Lens of Causality. (99%)
Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks. (99%)
Adversarial purification with Score-based generative models. (89%)
Relaxing Local Robustness. (80%)
TDGIA:Effective Injection Attacks on Graph Neural Networks. (76%)
Turn the Combination Lock: Learnable Textual Backdoor Attacks via Word Substitution. (56%)
CARTL: Cooperative Adversarially-Robust Transfer Learning. (8%)
A Shuffling Framework for Local Differential Privacy. (1%)
2021-06-10
Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm. (99%)
Deep neural network loses attention to adversarial images. (99%)
Verifying Quantized Neural Networks using SMT-Based Model Checking. (92%)
Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation. (80%)
An Ensemble Approach Towards Adversarial Robustness. (41%)
Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning. (1%)
Fair Classification with Adversarial Perturbations. (1%)
2021-06-09
HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks. (99%)
Towards Defending against Adversarial Examples via Attack-Invariant Features. (99%)
Improving White-box Robustness of Pre-processing Defenses via Joint Adversarial Training. (99%)
Attacking Adversarial Attacks as A Defense. (99%)
We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature. (98%)
Who Is the Strongest Enemy? Towards Optimal and Efficient Evasion Attacks in Deep RL. (97%)
URLTran: Improving Phishing URL Detection Using Transformers. (10%)
ZoPE: A Fast Optimizer for ReLU Networks with Low-Dimensional Inputs. (5%)
Practical Machine Learning Safety: A Survey and Primer. (4%)
Network insensitivity to parameter noise via adversarial regularization. (2%)
2021-06-08
On Improving Adversarial Transferability of Vision Transformers. (99%)
Simulated Adversarial Testing of Face Recognition Models. (99%)
Towards the Memorization Effect of Neural Networks in Adversarial Training. (93%)
Handcrafted Backdoors in Deep Neural Networks. (