A Complete List of All (arXiv) Adversarial Example Papers
by Nicholas Carlini 2019-06-15
It can be hard to stay up-to-date on the published papers in the field of adversarial examples, where we have seen massive growth in the number of papers written each year. I have been somewhat religiously keeping track of these papers for the last few years, and realized it may be helpful for others to release this list.
The only requirement I used for selecting papers for this list is that it is primarily a paper about adversarial examples, or extensively uses adversarial examples. Due to the sheer quantity of papers, I can't guarantee that I actually have found all of them.
But I did try.
I also may have included papers that don't match these criteria (and are about something different instead), or made inconsistent judgement calls as to whether or not any given paper is mainly an adversarial example paper. Send me an email if something is wrong and I'll correct it.
As a result, this list is completely un-filtered. Everything that mainly presents itself as an adversarial example paper is listed here; I pass no judgement of quality. For a curated list of papers that I think are excellent and worth reading, see the Adversarial Machine Learning Reading List.
One final note about the data. This list automatically updates with new papers, even before I get a chance to manually filter through them. I do this filtering roughly twice a week, and it's then that I'll remove the ones that aren't related to adversarial examples. As a result, there may be some false positives on the most recent few entries. The new un-verified entries will have a probability indicated that my simplistic (but reasonably well calibrated) bag-of-words classifier believes the given paper is actually about adversarial examples.
The full paper list appears below. I've also released a TXT file (and a TXT file with abstracts) and a JSON file with the same data. If you do anything interesting with this data I'd be happy to hear from you what it was.
Paper List
2022-11-30
Towards Interpreting Vulnerability of Multi-Instance Learning via Customized and Universal Adversarial Perturbations. (87%)
Efficient Adversarial Input Generation via Neural Net Patching. (73%)
Toward Robust Diagnosis: A Contour Attention Preserving Adversarial Defense for COVID-19 Detection. (69%)
Improved Smoothed Analysis of 2-Opt for the Euclidean TSP. (8%)
2022-11-29
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion. (99%)
Understanding and Enhancing Robustness of Concept-based Models. (99%)
Advancing Deep Metric Learning Through Multiple Batch Norms And Multi-Targeted Adversarial Examples. (88%)
Penalizing Confident Predictions on Largely Perturbed Inputs Does Not Improve Out-of-Distribution Generalization in Question Answering. (83%)
Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks. (73%)
AdvMask: A Sparse Adversarial Attack Based Data Augmentation Method for Image Classification. (54%)
A3T: Accuracy Aware Adversarial Training. (10%)
Building Resilience to Out-of-Distribution Visual Data via Input Optimization and Model Finetuning. (1%)
2022-11-28
Interpretations Cannot Be Trusted: Stealthy and Effective Adversarial Perturbations against Interpretable Deep Learning. (95%)
Training Time Adversarial Attack Aiming the Vulnerability of Continual Learning. (83%)
Towards More Robust Interpretation via Local Gradient Alignment. (76%)
Understanding the Impact of Adversarial Robustness on Accuracy Disparity. (15%)
How Important are Good Method Names in Neural Code Generation? A Model Robustness Perspective. (13%)
Rethinking the Number of Shots in Robust Model-Agnostic Meta-Learning. (8%)
Attack on Unfair ToS Clause Detection: A Case Study using Universal Adversarial Triggers. (8%)
Gamma-convergence of a nonlocal perimeter arising in adversarial machine learning. (3%)
CoNAL: Anticipating Outliers with Large Language Models. (1%)
2022-11-27
Imperceptible Adversarial Attack via Invertible Neural Networks. (99%)
Foiling Explanations in Deep Neural Networks. (98%)
Navigation as the Attacker Wishes? Towards Building Byzantine-Robust Embodied Agents under Federated Learning. (84%)
Federated Learning Attacks and Defenses: A Survey. (47%)
Adversarial Rademacher Complexity of Deep Neural Networks. (47%)
Traditional Classification Neural Networks are Good Generators: They are Competitive with DDPMs and GANs. (38%)
2022-11-26
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning. (99%)
2022-11-25
Boundary Adversarial Examples Against Adversarial Overfitting. (99%)
Supervised Contrastive Prototype Learning: Augmentation Free Robust Neural Network. (98%)
Beyond Smoothing: Unsupervised Graph Representation Learning with Edge Heterophily Discriminating. (3%)
TrustGAN: Training safe and trustworthy deep learning models through generative adversarial networks. (1%)
2022-11-24
SAGA: Spectral Adversarial Geometric Attack on 3D Meshes. (98%)
Explainable and Safe Reinforcement Learning for Autonomous Air Mobility. (92%)
Tracking Dataset IP Use in Deep Neural Networks. (76%)
Seeds Don't Lie: An Adaptive Watermarking Framework for Computer Vision Models. (8%)
Generative Joint Source-Channel Coding for Semantic Image Transmission. (1%)
CycleGANWM: A CycleGAN watermarking method for ownership verification. (1%)
2022-11-23
Query Efficient Cross-Dataset Transferable Black-Box Attack on Action Recognition. (99%)
Adversarial Attacks are a Surprisingly Strong Baseline for Poisoning Few-Shot Meta-Learners. (99%)
Reliable Robustness Evaluation via Automatically Constructed Attack Ensembles. (76%)
Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. (62%)
Privacy-Enhancing Optical Embeddings for Lensless Classification. (11%)
Principled Data-Driven Decision Support for Cyber-Forensic Investigations. (1%)
Data Provenance Inference in Machine Learning. (1%)
2022-11-22
Benchmarking Adversarially Robust Quantum Machine Learning at Scale. (99%)
PointCA: Evaluating the Robustness of 3D Point Cloud Completion Models Against Adversarial Examples. (99%)
Attacking Image Splicing Detection and Localization Algorithms Using Synthetic Traces. (98%)
Improving Robust Generalization by Direct PAC-Bayesian Bound Minimization. (70%)
Backdoor Cleansing with Unlabeled Data. (70%)
SoK: Inference Attacks and Defenses in Human-Centered Wireless Sensing. (69%)
2022-11-21
Self-Ensemble Protection: Training Checkpoints Are Good Data Protectors. (99%)
Boosting the Transferability of Adversarial Attacks with Global Momentum Initialization. (99%)
Understanding the Vulnerability of Skeleton-based Human Activity Recognition via Black-box Attack. (99%)
Addressing Mistake Severity in Neural Networks with Semantic Knowledge. (92%)
Efficient Generalization Improvement Guided by Random Weight Perturbation. (68%)
CLAWSAT: Towards Both Robust and Accurate Code Models. (56%)
Fairness Increases Adversarial Vulnerability. (54%)
Don't Watch Me: A Spatio-Temporal Trojan Attack on Deep-Reinforcement-Learning-Augment Autonomous Driving. (10%)
SPIN: Simulated Poisoning and Inversion Network for Federated Learning-Based 6G Vehicular Networks. (8%)
Understanding and Improving Visual Prompting: A Label-Mapping Perspective. (2%)
A Survey on Backdoor Attack and Defense in Natural Language Processing. (2%)
Privacy in Practice: Private COVID-19 Detection in X-Ray Images. (1%)
A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers. (1%)
2022-11-20
Spectral Adversarial Training for Robust Graph Neural Network. (99%)
Invisible Backdoor Attack with Dynamic Triggers against Person Re-identification. (81%)
Adversarial Cheap Talk. (4%)
Deep Composite Face Image Attacks: Generation, Vulnerability and Detection. (2%)
AI-KD: Adversarial learning and Implicit regularization for self-Knowledge Distillation. (2%)
2022-11-19
Towards Adversarial Robustness of Deep Vision Algorithms. (92%)
Phonemic Adversarial Attack against Audio Recognition in Real World. (87%)
Towards Robust Dataset Learning. (82%)
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning. (80%)
Mask Off: Analytic-based Malware Detection By Transfer Learning and Model Personalization. (9%)
2022-11-18
Adversarial Stimuli: Attacking Brain-Computer Interfaces via Perturbed Sensory Events. (98%)
Adversarial Detection by Approximation of Ensemble Boundary. (75%)
Leveraging Algorithmic Fairness to Mitigate Blackbox Attribute Inference Attacks. (68%)
Invariant Learning via Diffusion Dreamed Distribution Shifts. (10%)
Improving Robustness of TCM-based Robust Steganography with Variable Robustness. (1%)
Intrusion Detection in Internet of Things using Convolutional Neural Networks. (1%)
Provable Defense against Backdoor Policies in Reinforcement Learning. (1%)
2022-11-17
Diagnostics for Deep Neural Networks with Automated Copy/Paste Attacks. (99%)
Towards Good Practices in Evaluating Transfer Adversarial Attacks. (93%)
Assessing Neural Network Robustness via Adversarial Pivotal Tuning. (92%)
UPTON: Unattributable Authorship Text via Data Poisoning. (86%)
Generalizable Deepfake Detection with Phase-Based Motion Analysis. (50%)
More Effective Centrality-Based Attacks on Weighted Networks. (15%)
Potential Auto-driving Threat: Universal Rain-removal Attack. (2%)
Data-Centric Debugging: mitigating model failures via targeted data collection. (1%)
A Tale of Two Cities: Data and Configuration Variances in Robust Deep Learning. (1%)
2022-11-16
T-SEA: Transfer-based Self-Ensemble Attack on Object Detection. (99%)
Efficiently Finding Adversarial Examples with DNN Preprocessing. (99%)
Improving Interpretability via Regularization of Neural Activation Sensitivity. (92%)
Attacking Object Detector Using A Universal Targeted Label-Switch Patch. (86%)
Differentially Private Optimizers Can Learn Adversarially Robust Models. (83%)
Interpretable Dimensionality Reduction by Feature Preserving Manifold Approximation and Projection. (56%)
Privacy against Real-Time Speech Emotion Detection via Acoustic Adversarial Evasion of Machine Learning. (38%)
Holistic Evaluation of Language Models. (2%)
Analysis and Detectability of Offline Data Poisoning Attacks on Linear Systems. (1%)
2022-11-15
Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation. (99%)
Universal Distributional Decision-based Black-box Adversarial Attack with Reinforcement Learning. (99%)
MORA: Improving Ensemble Robustness Evaluation with Model-Reweighing Attack. (99%)
Person Text-Image Matching via Text-Featur Interpretability Embedding and External Attack Node Implantation. (92%)
Backdoor Attacks on Time Series: A Generative Approach. (70%)
Improved techniques for deterministic l2 robustness. (22%)
CorruptEncoder: Data Poisoning based Backdoor Attacks to Contrastive Learning. (22%)
Backdoor Attacks for Remote Sensing Data with Wavelet Transform. (12%)
2022-11-14
Efficient Adversarial Training with Robust Early-Bird Tickets. (92%)
Attacking Face Recognition with T-shirts: Database, Vulnerability Assessment and Detection. (13%)
Towards Robust Numerical Question Answering: Diagnosing Numerical Capabilities of NLP Systems. (5%)
Explainer Divergence Scores (EDS): Some Post-Hoc Explanations May be Effective for Detecting Unknown Spurious Correlations. (5%)
Robustifying Deep Vision Models Through Shape Sensitization. (2%)
2022-11-13
Certifying Robustness of Convolutional Neural Networks with Tight Linear Approximation. (26%)
2022-11-12
Adversarial and Random Transformations for Robust Domain Adaptation and Generalization. (75%)
2022-11-11
Generating Textual Adversaries with Minimal Perturbation. (98%)
On the robustness of non-intrusive speech quality model by adversarial examples. (98%)
An investigation of security controls and MITRE ATT\&CK techniques. (47%)
Investigating co-occurrences of MITRE ATT\&CK Techniques. (12%)
Remapped Cache Layout: Thwarting Cache-Based Side-Channel Attacks with a Hardware Defense. (9%)
2022-11-10
Test-time adversarial detection and robustness for localizing humans using ultra wide band channel impulse responses. (99%)
Impact of Adversarial Training on Robustness and Generalizability of Language Models. (99%)
Privacy-Utility Balanced Voice De-Identification Using Adversarial Examples. (98%)
Stay Home Safe with Starving Federated Data. (80%)
MSDT: Masked Language Model Scoring Defense in Text Domain. (38%)
Robust DNN Surrogate Models with Uncertainty Quantification via Adversarial Training. (3%)
Mitigating Forgetting in Online Continual Learning via Contrasting Semantically Distinct Augmentations. (1%)
2022-11-09
On the Robustness of Explanations of Deep Neural Network Models: A Survey. (50%)
Are All Edges Necessary? A Unified Framework for Graph Purification. (5%)
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. (3%)
Accountable and Explainable Methods for Complex Reasoning over Text. (2%)
2022-11-08
Preserving Semantics in Textual Adversarial Attacks. (99%)
NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries? (98%)
How Fraudster Detection Contributes to Robust Recommendation. (54%)
Lipschitz Continuous Algorithms for Graph Problems. (16%)
Learning advisor networks for noisy image classification. (1%)
2022-11-07
Are AlphaZero-like Agents Robust to Adversarial Perturbations? (99%)
Black-Box Attack against GAN-Generated Image Detector with Contrastive Perturbation. (82%)
Deviations in Representations Induced by Adversarial Attacks. (70%)
Interpreting deep learning output for out-of-distribution detection. (1%)
Resilience of Wireless Ad Hoc Federated Learning against Model Poisoning Attacks. (1%)
2022-11-06
Contrastive Weighted Learning for Near-Infrared Gaze Estimation. (31%)
2022-11-05
Textual Manifold-based Defense Against Natural Language Adversarial Examples. (99%)
Stateful Detection of Adversarial Reprogramming. (96%)
Robust Lottery Tickets for Pre-trained Language Models. (83%)
2022-11-04
Improving Adversarial Robustness to Sensitivity and Invariance Attacks with Deep Metric Learning. (99%)
Logits are predictive of network type. (68%)
An Adversarial Robustness Perspective on the Topology of Neural Networks. (64%)
Fairness-aware Regression Robust to Adversarial Attacks. (38%)
Extension of Simple Algorithms to the Matroid Secretary Problem. (9%)
Robustness of Fusion-based Multimodal Classifiers to Cross-Modal Content Dilutions. (3%)
Data Models for Dataset Drift Controls in Machine Learning With Images. (1%)
2022-11-03
Physically Adversarial Attacks and Defenses in Computer Vision: A Survey. (99%)
Adversarial Defense via Neural Oscillation inspired Gradient Masking. (98%)
M-to-N Backdoor Paradigm: A Stealthy and Fuzzy Attack to Deep Learning Models. (98%)
Robust Few-shot Learning Without Using any Adversarial Samples. (89%)
Data-free Defense of Black Box Models Against Adversarial Attacks. (84%)
Leveraging Domain Features for Detecting Adversarial Attacks Against Deep Speech Recognition in Noise. (38%)
Try to Avoid Attacks: A Federated Data Sanitization Defense for Healthcare IoMT Systems. (33%)
Unintended Memorization and Timing Attacks in Named Entity Recognition Models. (12%)
2022-11-02
Certified Robustness of Quantum Classifiers against Adversarial Examples through Quantum Noise. (99%)
Defending with Errors: Approximate Computing for Robustness of Deep Neural Networks. (99%)
Improving transferability of 3D adversarial attacks with scale and shear transformations. (99%)
Adversarial Attack on Radar-based Environment Perception Systems. (99%)
Isometric Representations in Neural Networks Improve Robustness. (62%)
BATT: Backdoor Attack with Transformation-based Triggers. (56%)
Untargeted Backdoor Attack against Object Detection. (50%)
Generative Adversarial Training Can Improve Neural Language Models. (33%)
Backdoor Defense via Suppressing Model Shortcuts. (3%)
2022-11-01
LMD: A Learnable Mask Network to Detect Adversarial Examples for Speaker Verification. (99%)
The Enemy of My Enemy is My Friend: Exploring Inverse Adversaries for Improving Adversarial Training. (99%)
DensePure: Understanding Diffusion Models towards Adversarial Robustness. (98%)
Adversarial Training with Complementary Labels: On the Benefit of Gradually Informative Attacks. (87%)
Universal Perturbation Attack on Differentiable No-Reference Image- and Video-Quality Metrics. (82%)
The Perils of Learning From Unlabeled Data: Backdoor Attacks on Semi-supervised Learning. (80%)
Maximum Likelihood Distillation for Robust Modulation Classification. (69%)
FRSUM: Towards Faithful Abstractive Summarization via Enhancing Factual Robustness. (45%)
Amplifying Membership Exposure via Data Poisoning. (22%)
ActGraph: Prioritization of Test Cases Based on Deep Neural Network Activation Graph. (13%)
2022-10-31
Scoring Black-Box Models for Adversarial Robustness. (98%)
ARDIR: Improving Robustness using Knowledge Distillation of Internal Representation. (88%)
Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy. (16%)
2022-10-30
Poison Attack and Defense on Deep Source Code Processing Models. (99%)
Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution. (99%)
Benchmarking Adversarial Patch Against Aerial Detection. (99%)
Symmetric Saliency-based Adversarial Attack To Speaker Identification. (92%)
FI-ODE: Certified and Robust Forward Invariance in Neural ODEs. (61%)
Imitating Opponent to Win: Adversarial Policy Imitation Learning in Two-player Competitive Games. (9%)
2022-10-29
On the Need of Neuromorphic Twins to Detect Denial-of-Service Attacks on Communication Networks. (10%)
2022-10-28
Universal Adversarial Directions. (99%)
Improving Transferability of Adversarial Examples on Face Recognition with Beneficial Perturbation Feature Augmentation. (99%)
Improving Hyperspectral Adversarial Robustness using Ensemble Networks in the Presences of Multiple Attacks. (98%)
Distributed Black-box Attack against Image Classification Cloud Services. (89%)
RoChBert: Towards Robust BERT Fine-tuning for Chinese. (75%)
Robust Boosting Forests with Richer Deep Feature Hierarchy. (56%)
Localized Randomized Smoothing for Collective Robustness Certification. (26%)
On the Vulnerability of Data Points under Multiple Membership Inference Attacks and Target Models. (1%)
Toward Reliable Neural Specifications. (1%)
2022-10-27
TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems. (99%)
Isometric 3D Adversarial Examples in the Physical World. (99%)
TASA: Deceiving Question Answering Models by Twin Answer Sentences Attack. (92%)
LeNo: Adversarial Robust Salient Object Detection Networks with Learnable Noise. (86%)
Efficient and Effective Augmentation Strategy for Adversarial Training. (56%)
Noise Injection Node Regularization for Robust Learning. (2%)
Domain Adaptive Object Detection for Autonomous Driving under Foggy Weather. (1%)
2022-10-26
Improving Adversarial Robustness with Self-Paced Hard-Class Pair Reweighting. (99%)
There is more than one kind of robustness: Fooling Whisper with adversarial examples. (98%)
Disentangled Text Representation Learning with Information-Theoretic Perspective for Adversarial Robustness. (86%)
BioNLI: Generating a Biomedical NLI Dataset Using Lexico-semantic Constraints for Adversarial Examples. (75%)
EIPSIM: Modeling Secure IP Address Allocation at Cloud Scale. (11%)
V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization. (10%)
Rethinking the Reverse-engineering of Trojan Triggers. (5%)
Cover Reproducible Steganography via Deep Generative Models. (1%)
EW-Tune: A Framework for Privately Fine-Tuning Large Language Models with Differential Privacy. (1%)
DEMIS: A Threat Model for Selectively Encrypted Visual Surveillance Data. (1%)
2022-10-25
Adversarially Robust Medical Classification via Attentive Convolutional Neural Networks. (99%)
A White-Box Adversarial Attack Against a Digital Twin. (99%)
Adaptive Test-Time Defense with the Manifold Hypothesis. (98%)
LP-BFGS attack: An adversarial attack based on the Hessian with limited pixels. (98%)
Improving Adversarial Robustness via Joint Classification and Multiple Explicit Detection Classes. (98%)
Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. (98%)
Accelerating Certified Robustness Training via Knowledge Transfer. (73%)
Causal Information Bottleneck Boosts Adversarial Robustness of Deep Neural Network. (64%)
Towards Robust Recommender Systems via Triple Cooperative Defense. (61%)
FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification. (13%)
Towards Formal Approximated Minimal Explanations of Neural Networks. (12%)
A Streamlit-based Artificial Intelligence Trust Platform for Next-Generation Wireless Networks. (3%)
Robustness of Locally Differentially Private Graph Analysis Against Poisoning. (1%)
2022-10-24
Ares: A System-Oriented Wargame Framework for Adversarial ML. (99%)
SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning. (99%)
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs. (96%)
On the Robustness of Dataset Inference. (81%)
Flexible Android Malware Detection Model based on Generative Adversarial Networks with Code Tensor. (16%)
Revisiting Sparse Convolutional Model for Visual Recognition. (11%)
2022-10-23
FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning. (68%)
Adversarial Pretraining of Self-Supervised Deep Networks: Past, Present and Future. (45%)
2022-10-22
ADDMU: Detection of Far-Boundary Adversarial Examples with Data and Model Uncertainty Estimation. (99%)
Hindering Adversarial Attacks with Implicit Neural Representations. (92%)
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections. (81%)
Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games. (26%)
Precisely the Point: Adversarial Augmentations for Faithful and Informative Text Generation. (4%)
2022-10-21
Evolution of Neural Tangent Kernels under Benign and Adversarial Training. (99%)
The Dark Side of AutoML: Towards Architectural Backdoor Search. (68%)
Diffusion Visual Counterfactual Explanations. (10%)
TCAB: A Large-Scale Text Classification Attack Benchmark. (10%)
A critical review of cyber-physical security for building automation systems. (2%)
Extracted BERT Model Leaks More Information than You Think! (1%)
2022-10-20
Identifying Human Strategies for Generating Word-Level Adversarial Examples. (98%)
Are You Stealing My Model? Sample Correlation for Fingerprinting Deep Neural Networks. (98%)
Balanced Adversarial Training: Balancing Tradeoffs between Fickleness and Obstinacy in NLP Models. (98%)
Learning Sample Reweighting for Accuracy and Adversarial Robustness. (93%)
New data poison attacks on machine learning classifiers for mobile exfiltration. (80%)
Similarity of Neural Architectures Based on Input Gradient Transferability. (62%)
Attacking Motion Estimation with Adversarial Snow. (16%)
How Does a Deep Learning Model Architecture Impact Its Privacy? (5%)
Analyzing the Robustness of Decentralized Horizontal and Vertical Federated Learning Architectures in a Non-IID Scenario. (4%)
Apple of Sodom: Hidden Backdoors in Superior Sentence Embeddings via Contrastive Learning. (3%)
LOT: Layer-wise Orthogonal Training on Improving l2 Certified Robustness. (3%)
2022-10-19
Few-shot Transferable Robust Representation Learning via Bilevel Attacks. (93%)
Targeted Adversarial Self-Supervised Learning. (86%)
Backdoor Attack and Defense in Federated Generative Adversarial Network-based Medical Image Synthesis. (83%)
Emerging Threats in Deep Learning-Based Autonomous Driving: A Comprehensive Survey. (69%)
Why Should Adversarial Perturbations be Imperceptible? Rethink the Research Paradigm in Adversarial NLP. (64%)
Model-Free Prediction of Adversarial Drop Points in 3D Point Clouds. (54%)
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information. (41%)
Chaos Theory and Adversarial Robustness. (22%)
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning. (16%)
Variational Model Perturbation for Source-Free Domain Adaptation. (1%)
2022-10-18
Scaling Adversarial Training to Large Perturbation Bounds. (98%)
Not All Poisons are Created Equal: Robust Training against Data Poisoning. (97%)
ROSE: Robust Selective Fine-tuning for Pre-trained Language Models. (73%)
Analysis of Master Vein Attacks on Finger Vein Recognition Systems. (56%)
Training set cleansing of backdoor poisoning by self-supervised representation learning. (56%)
On the Adversarial Robustness of Mixture of Experts. (13%)
Transferable Unlearnable Examples. (8%)
Automatic Detection of Fake Key Attacks in Secure Messaging. (8%)
Improving Adversarial Robustness by Contrastive Guided Diffusion Process. (2%)
2022-10-17
Towards Generating Adversarial Examples on Mixed-type Data. (99%)
Differential Evolution based Dual Adversarial Camouflage: Fooling Human Eyes and Object Detectors. (99%)
Probabilistic Categorical Adversarial Attack & Adversarial Training. (99%)
Marksman Backdoor: Backdoor Attacks with Arbitrary Target Class. (96%)
DE-CROP: Data-efficient Certified Robustness for Pretrained Classifiers. (87%)
Beyond Model Interpretability: On the Faithfulness and Adversarial Robustness of Contrastive Textual Explanations. (78%)
Towards Fair Classification against Poisoning Attacks. (76%)
Deepfake Text Detection: Limitations and Opportunities. (41%)
You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks. (15%)
Fine-mixing: Mitigating Backdoors in Fine-tuned Language Models. (9%)
Understanding CNN Fragility When Learning With Imbalanced Data. (1%)
2022-10-16
Object-Attentional Untargeted Adversarial Attack. (99%)
Nowhere to Hide: A Lightweight Unsupervised Detector against Adversarial Examples. (99%)
ODG-Q: Robust Quantization via Online Domain Generalization. (83%)
Interpretable Machine Learning for Detection and Classification of Ransomware Families Based on API Calls. (1%)
2022-10-15
RoS-KD: A Robust Stochastic Knowledge Distillation Approach for Noisy Medical Imaging. (2%)
2022-10-14
When Adversarial Training Meets Vision Transformers: Recipes from Training to Architecture. (87%)
Dynamics-aware Adversarial Attack of Adaptive Neural Networks. (86%)
Is Face Recognition Safe from Realizable Attacks? (84%)
Expose Backdoors on the Way: A Feature-Based Efficient Defense against Textual Backdoor Attacks. (76%)
Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. (62%)
2022-10-13
Adv-Attribute: Inconspicuous and Transferable Adversarial Attack on Face Recognition. (99%)
AccelAT: A Framework for Accelerating the Adversarial Training of Deep Neural Networks through Accuracy Gradient. (99%)
Demystifying Self-supervised Trojan Attacks. (87%)
Improving Out-of-Distribution Generalization by Adversarial Training with Structured Priors. (81%)
Efficiently Computing Local Lipschitz Constants of Neural Networks via Bound Propagation. (13%)
Large-Scale Open-Set Classification Protocols for ImageNet. (2%)
SoK: How Not to Architect Your Next-Generation TEE Malware? (1%)
Feature Reconstruction Attacks and Countermeasures of DNN training in Vertical Federated Learning. (1%)
Characterizing the Influence of Graph Elements. (1%)
2022-10-12
A Game Theoretical vulnerability analysis of Adversarial Attack. (99%)
Visual Prompting for Adversarial Robustness. (99%)
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation. (99%)
Robust Models are less Over-Confident. (96%)
Double Bubble, Toil and Trouble: Enhancing Certified Robustness through Transitivity. (86%)
Efficient Adversarial Training without Attacking: Worst-Case-Aware Robust Reinforcement Learning. (82%)
COLLIDER: A Robust Training Framework for Backdoor Data. (81%)
Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork. (76%)
Few-shot Backdoor Attacks via Neural Tangent Kernels. (62%)
How to Sift Out a Clean Data Subset in the Presence of Data Poisoning? (9%)
Understanding Impacts of Task Similarity on Backdoor Attack and Detection. (2%)
2022-10-11
What Can the Neural Tangent Kernel Tell Us About Adversarial Robustness? (99%)
Stable and Efficient Adversarial Training through Local Linearization. (91%)
RoHNAS: A Neural Architecture Search Framework with Conjoint Optimization for Adversarial Robustness and Hardware Efficiency of Convolutional and Capsule Networks. (86%)
Adversarial Attack Against Image-Based Localization Neural Networks. (78%)
Detecting Backdoors in Deep Text Classifiers. (76%)
Human Body Measurement Estimation with Adversarial Augmentation. (33%)
Curved Representation Space of Vision Transformers. (10%)
Zeroth-Order Hard-Thresholding: Gradient Error vs. Expansivity. (1%)
Make Sharpness-Aware Minimization Stronger: A Sparsified Perturbation Approach. (1%)
2022-10-10
Boosting Adversarial Robustness From The Perspective of Effective Margin Regularization. (92%)
Revisiting adapters with adversarial training. (88%)
Universal Adversarial Perturbations: Efficiency on a small image dataset. (81%)
2022-10-09
Pruning Adversarially Robust Neural Networks without Adversarial Examples. (99%)
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective. (99%)
Online Training Through Time for Spiking Neural Networks. (1%)
2022-10-08
Symmetry Subgroup Defense Against Adversarial Attacks. (99%)
FedDef: Defense Against Gradient Leakage in Federated Learning-based Network Intrusion Detection Systems. (99%)
Robustness of Unsupervised Representation Learning without Labels. (54%)
2022-10-07
Adversarially Robust Prototypical Few-shot Segmentation with Neural-ODEs. (99%)
Pre-trained Adversarial Perturbations. (99%)
ViewFool: Evaluating the Robustness of Visual Recognition to Adversarial Viewpoints. (93%)
Game-Theoretic Understanding of Misclassification. (47%)
A2: Efficient Automated Attacker for Boosting Adversarial Training. (41%)
NMTSloth: Understanding and Testing Efficiency Degradation of Neural Machine Translation Systems. (13%)
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. (2%)
Improving Fine-Grain Segmentation via Interpretable Modifications: A Case Study in Fossil Segmentation. (1%)
Mind Your Data! Hiding Backdoors in Offline Reinforcement Learning Datasets. (1%)
2022-10-06
Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems. (99%)
Enhancing Code Classification by Mixup-Based Data Augmentation. (92%)
Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection. (92%)
On Optimal Learning Under Targeted Data Poisoning. (82%)
Towards Out-of-Distribution Adversarial Robustness. (73%)
InferES : A Natural Language Inference Corpus for Spanish Featuring Negation-Based Contrastive and Adversarial Examples. (61%)
Unsupervised Domain Adaptation for COVID-19 Information Service with Contrastive Adversarial Domain Mixup. (41%)
Synthetic Dataset Generation for Privacy-Preserving Machine Learning. (2%)
Enhancing Mixup-Based Graph Learning for Language Processing via Hybrid Pooling. (1%)
Bad Citrus: Reducing Adversarial Costs with Model Distances. (1%)
2022-10-05
Natural Color Fool: Towards Boosting Black-box Unrestricted Attacks. (99%)
Dynamic Stochastic Ensemble with Adversarial Robust Lottery Ticket Subnetworks. (98%)
On Adversarial Robustness of Deep Image Deblurring. (83%)
A Closer Look at Robustness to L-infinity and Spatial Perturbations and their Composition. (81%)
Jitter Does Matter: Adapting Gaze Estimation to New Domains. (78%)
Image Masking for Robust Self-Supervised Monocular Depth Estimation. (38%)
Over-the-Air Federated Learning with Privacy Protection via Correlated Additive Perturbations. (38%)
2022-10-04
Rethinking Lipschitz Neural Networks and Certified Robustness: A Boolean Function Perspective. (97%)
Robust Fair Clustering: A Novel Fairness Attack and Defense Framework. (93%)
A Study on the Efficiency and Generalization of Light Hybrid Retrievers. (86%)
Practical Adversarial Attacks on Spatiotemporal Traffic Forecasting Models. (81%)
On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses. (75%)
Robustness Certification of Visual Perception Models via Camera Motion Smoothing. (70%)
Backdoor Attacks in the Supply Chain of Masked Image Modeling. (68%)
CADet: Fully Self-Supervised Anomaly Detection With Contrastive Learning. (50%)
Invariant Aggregator for Defending Federated Backdoor Attacks. (22%)
2022-10-03
MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples. (99%)
Push-Pull: Characterizing the Adversarial Robustness for Audio-Visual Active Speaker Detection. (97%)
Stability Analysis and Generalization Bounds of Adversarial Training. (96%)
On Attacking Out-Domain Uncertainty Estimation in Deep Neural Networks. (92%)
Decompiling x86 Deep Neural Network Executables. (83%)
Strength-Adaptive Adversarial Training. (80%)
ASGNN: Graph Neural Networks with Adaptive Structure. (68%)
UnGANable: Defending Against GAN-based Face Manipulation. (2%)
2022-10-02
Adaptive Smoothness-weighted Adversarial Training for Multiple Perturbations with Its Stability Analysis. (99%)
Understanding Adversarial Robustness Against On-manifold Adversarial Examples. (99%)
FLCert: Provably Secure Federated Learning against Poisoning Attacks. (74%)
Optimization for Robustness Evaluation beyond $\ell_p$ Metrics. (16%)
Automated Security Analysis of Exposure Notification Systems. (1%)
2022-10-01
DeltaBound Attack: Efficient decision-based attack in low queries regime. (96%)
Adversarial Attacks on Transformers-Based Malware Detectors. (91%)
Voice Spoofing Countermeasures: Taxonomy, State-of-the-art, experimental analysis of generalizability, open challenges, and the way forward. (5%)
2022-09-30
Your Out-of-Distribution Detection Method is Not Robust! (99%)
Learning Robust Kernel Ensembles with Kernel Average Pooling. (99%)
Adversarial Robustness of Representation Learning for Knowledge Graphs. (95%)
Visual Privacy Protection Based on Type-I Adversarial Attack. (92%)
On the tightness of linear relaxation based robustness certification methods. (78%)
Data Poisoning Attacks Against Multimodal Encoders. (73%)
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. (70%)
2022-09-29
Physical Adversarial Attack meets Computer Vision: A Decade Survey. (99%)
Towards Lightweight Black-Box Attacks against Deep Neural Networks. (99%)
Generalizability of Adversarial Robustness Under Distribution Shifts. (70%)
Digital and Physical Face Attacks: Reviewing and One Step Further. (2%)
Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks. (1%)
2022-09-28
A Survey on Physical Adversarial Attack in Computer Vision. (99%)
Exploring the Relationship between Architecture and Adversarially Robust Generalization. (98%)
A Closer Look at Evaluating the Bit-Flip Attack Against Deep Neural Networks. (67%)
Supervised Contrastive Learning as Multi-Objective Optimization for Fine-Tuning Large Pre-trained Language Models. (47%)
On the Robustness of Ensemble-Based Machine Learning Against Data Poisoning. (12%)
CALIP: Zero-Shot Enhancement of CLIP with Parameter-free Attention. (1%)
Improving alignment of dialogue agents via targeted human judgements. (1%)
2022-09-27
Suppress with a Patch: Revisiting Universal Adversarial Patch Attacks against Object Detection. (74%)
Inducing Data Amplification Using Auxiliary Datasets in Adversarial Training. (33%)
Attacking Compressed Vision Transformers. (33%)
Mitigating Attacks on Artificial Intelligence-based Spectrum Sensing for Cellular Network Signals. (8%)
Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection. (5%)
Reconstruction-guided attention improves the robustness and shape processing of neural networks. (2%)
A Learning-based Honeypot Game for Collaborative Defense in UAV Networks. (1%)
Stability Via Adversarial Training of Neural Network Stochastic Control of Mean-Field Type. (1%)
Measuring Overfitting in Convolutional Neural Networks using Adversarial Perturbations and Label Noise. (1%)
2022-09-26
FG-UAP: Feature-Gathering Universal Adversarial Perturbation. (99%)
Activation Learning by Local Competitions. (64%)
Multi-Task Adversarial Training Algorithm for Multi-Speaker Neural Text-to-Speech. (1%)
Greybox XAI: a Neural-Symbolic learning framework to produce interpretable predictions for image classification. (1%)
2022-09-25
SPRITZ-1.5C: Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks. (81%)
2022-09-24
Approximate better, Attack stronger: Adversarial Example Generation via Asymptotically Gaussian Mixture Distribution. (99%)
2022-09-23
The "Beatrix'' Resurrections: Robust Backdoor Detection via Gram Matrices. (13%)
2022-09-22
Privacy Attacks Against Biometric Models with Fewer Samples: Incorporating the Output of Multiple Models. (50%)
2022-09-21
Fair Robust Active Learning by Joint Inconsistency. (99%)
Toy Models of Superposition. (45%)
DARTSRepair: Core-failure-set Guided DARTS for Network Robustness to Common Corruptions. (13%)
Fairness Reprogramming. (1%)
2022-09-20
Understanding Real-world Threats to Deep Learning Models in Android Apps. (99%)
Audit and Improve Robustness of Private Neural Networks on Encrypted Data. (99%)
GAMA: Generative Adversarial Multi-Object Scene Attacks. (99%)
Sparse Vicious Attacks on Graph Neural Networks. (98%)
Leveraging Local Patch Differences in Multi-Object Scenes for Generative Adversarial Attacks. (98%)
Rethinking Data Augmentation in Knowledge Distillation for Object Detection. (68%)
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. (1%)
EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware. (1%)
2022-09-19
Catoptric Light can be Dangerous: Effective Physical-World Attack by Natural Phenomenon. (99%)
Adversarial Color Projection: A Projector-Based Physical Attack to DNNs. (99%)
2022-09-18
On the Adversarial Transferability of ConvMixer Models. (99%)
AdvDO: Realistic Adversarial Attacks for Trajectory Prediction. (96%)
Distribution inference risks: Identifying and mitigating sources of leakage. (1%)
2022-09-17
Watch What You Pretrain For: Targeted, Transferable Adversarial Examples on Self-Supervised Speech Recognition models. (99%)
pFedDef: Defending Grey-Box Attacks for Personalized Federated Learning. (98%)
A study on the deviations in performance of FNNs and CNNs in the realm of grayscale adversarial images. (4%)
2022-09-16
Robust Ensemble Morph Detection with Domain Generalization. (99%)
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection. (99%)
Enhance the Visual Representation via Discrete Adversarial Training. (97%)
Model Inversion Attacks against Graph Neural Networks. (92%)
PointCAT: Contrastive Adversarial Training for Robust Point Cloud Recognition. (62%)
Cascading Failures in Power Grids. (33%)
Dataset Inference for Self-Supervised Models. (16%)
On the Robustness of Graph Neural Diffusion to Topology Perturbations. (15%)
A Systematic Evaluation of Node Embedding Robustness. (11%)
2022-09-15
Improving Robust Fairness via Balance Adversarial Training. (99%)
A Light Recipe to Train Robust Vision Transformers. (98%)
Part-Based Models Improve Adversarial Robustness. (92%)
Explicit Tradeoffs between Adversarial and Natural Distributional Robustness. (80%)
Adversarially Robust Learning: A Generic Minimax Optimal Learner and Characterization. (80%)
Defending Root DNS Servers Against DDoS Using Layered Defenses. (15%)
BadRes: Reveal the Backdoors through Residual Connection. (2%)
Adversarial Cross-View Disentangled Graph Contrastive Learning. (1%)
Towards Improving Calibration in Object Detection Under Domain Shift. (1%)
2022-09-14
Robust Transferable Feature Extractors: Learning to Defend Pre-Trained Networks Against White Box Adversaries. (99%)
PointACL:Adversarial Contrastive Learning for Robust Point Clouds Representation under Adversarial Attack. (99%)
Certified Robustness to Word Substitution Ranking Attack for Neural Ranking Models. (99%)
Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models. (97%)
On the interplay of adversarial robustness and architecture components: patches, convolution and attention. (67%)
M^4I: Multi-modal Models Membership Inference. (54%)
Finetuning Pretrained Vision-Language Models with Correlation Information Bottleneck for Robust Visual Question Answering. (12%)
Robust Constrained Reinforcement Learning. (9%)
2022-09-13
Adversarial Coreset Selection for Efficient Robust Training. (99%)
TSFool: Crafting High-quality Adversarial Time Series through Multi-objective Optimization to Fool Recurrent Neural Network Classifiers. (99%)
PINCH: An Adversarial Extraction Attack Framework for Deep Learning Models. (92%)
Certified Defences Against Adversarial Patch Attacks on Semantic Segmentation. (78%)
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks. (68%)
A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation Is the Fixed Point of Adversarial Game. (15%)
Defense against Privacy Leakage in Federated Learning. (12%)
Federated Learning based on Defending Against Data Poisoning Attacks in IoT. (1%)
2022-09-12
Adaptive Perturbation Generation for Multiple Backdoors Detection. (95%)
CARE: Certifiably Robust Learning with Reasoning via Variational Inference. (75%)
Sample Complexity of an Adversarial Attack on UCB-based Best-arm Identification Policy. (69%)
Boosting Robustness Verification of Semantic Feature Neighborhoods. (54%)
Semantic-Preserving Adversarial Code Comprehension. (1%)
Holistic Segmentation. (1%)
Class-Level Logit Perturbation. (1%)
2022-09-11
Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization. (99%)
Generate novel and robust samples from data: accessible sharing without privacy concerns. (5%)
2022-09-10
Scattering Model Guided Adversarial Examples for SAR Target Recognition: Attack and Defense. (99%)
2022-09-09
The Space of Adversarial Strategies. (99%)
Defend Data Poisoning Attacks on Voice Authentication. (54%)
Robust-by-Design Classification via Unitary-Gradient Neural Networks. (41%)
Robust and Lossless Fingerprinting of Deep Neural Networks via Pooled Membership Inference. (10%)
Saliency Guided Adversarial Training for Learning Generalizable Features with Applications to Medical Imaging Classification System. (1%)
2022-09-08
Incorporating Locality of Images to Generate Targeted Transferable Adversarial Examples. (99%)
Evaluating the Security of Aircraft Systems. (92%)
Uncovering the Connection Between Differential Privacy and Certified Robustness of Federated Learning against Poisoning Attacks. (62%)
A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms. (1%)
FADE: Enabling Large-Scale Federated Adversarial Training on Resource-Constrained Edge Devices. (1%)
2022-09-07
On the Transferability of Adversarial Examples between Encrypted Models. (99%)
Securing the Spike: On the Transferabilty and Security of Spiking Neural Networks to Adversarial Examples. (99%)
Reward Delay Attacks on Deep Reinforcement Learning. (70%)
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems. (47%)
Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. (15%)
Physics-Guided Adversarial Machine Learning for Aircraft Systems Simulation. (1%)
Hardware faults that matter: Understanding and Estimating the safety impact of hardware faults on object detection DNNs. (1%)
MalDetConv: Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques. (1%)
2022-09-06
Instance Attack:An Explanation-based Vulnerability Analysis Framework Against DNNs for Malware Detection. (99%)
Bag of Tricks for FGSM Adversarial Training. (96%)
Improving Robustness to Out-of-Distribution Data by Frequency-based Augmentation. (82%)
Defending Against Backdoor Attack on Graph Nerual Network by Explainability. (80%)
MACAB: Model-Agnostic Clean-Annotation Backdoor to Object Detection with Natural Trigger in Real-World. (54%)
Multimodal contrastive learning for remote sensing tasks. (1%)
Annealing Optimization for Progressive Learning with Stochastic Approximation. (1%)
Interpretations Steered Network Pruning via Amortized Inferred Saliency Maps. (1%)
A Survey of Machine Unlearning. (1%)
2022-09-05
Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples. (98%)
White-Box Adversarial Policies in Deep Reinforcement Learning. (98%)
"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. (69%)
Adversarial Detection: Attacking Object Detection in Real Time. (64%)
PromptAttack: Prompt-based Attack for Language Models via Gradient Search. (16%)
Federated Zero-Shot Learning for Visual Recognition. (2%)
Improving Out-of-Distribution Detection via Epistemic Uncertainty Adversarial Training. (2%)
2022-09-04
An Adaptive Black-box Defense against Trojan Attacks (TrojDef). (98%)
Hide & Seek: Seeking the (Un)-Hidden key in Provably-Secure Logic Locking Techniques. (11%)
Synergistic Redundancy: Towards Verifiable Safety for Autonomous Vehicles. (1%)
2022-09-02
Adversarial Color Film: Effective Physical-World Attack to DNNs. (98%)
Impact of Scaled Image on Robustness of Deep Neural Networks. (98%)
Property inference attack; Graph neural networks; Privacy attacks and defense; Trustworthy machine learning. (95%)
Impact of Colour Variation on Robustness of Deep Neural Networks. (92%)
Scalable Adversarial Attack Algorithms on Influence Maximization. (67%)
Are Attribute Inference Attacks Just Imputation? (31%)
Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well? (9%)
Revisiting Outer Optimization in Adversarial Training. (5%)
2022-09-01
Adversarial for Social Privacy: A Poisoning Strategy to Degrade User Identity Linkage. (98%)
Universal Fourier Attack for Time Series. (12%)
2022-08-31
Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning. (99%)
Unrestricted Adversarial Samples Based on Non-semantic Feature Clusters Substitution. (99%)
Membership Inference Attacks by Exploiting Loss Trajectory. (70%)
Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. (13%)
Vulnerability of Distributed Inverter VAR Control in PV Distributed Energy System. (1%)
2022-08-30
A Black-Box Attack on Optical Character Recognition Systems. (99%)
Robustness and invariance properties of image classifiers. (99%)
Solving the Capsulation Attack against Backdoor-based Deep Neural Network Watermarks by Reversing Triggers. (1%)
Constraining Representations Yields Models That Know What They Don't Know. (1%)
2022-08-29
Towards Adversarial Purification using Denoising AutoEncoders. (99%)
Reducing Certified Regression to Certified Classification. (8%)
Interpreting Black-box Machine Learning Models for High Dimensional Datasets. (1%)
2022-08-28
Cross-domain Cross-architecture Black-box Attacks on Fine-tuned Models with Transferred Evolutionary Strategies. (99%)
2022-08-27
SA: Sliding attack for synthetic speech detection with resistance to clipping and self-splicing. (99%)
Adversarial Robustness for Tabular Data through Cost and Utility Awareness. (98%)
Overparameterized (robust) models from computational constraints. (13%)
TrojViT: Trojan Insertion in Vision Transformers. (11%)
RL-DistPrivacy: Privacy-Aware Distributed Deep Inference for low latency IoT systems. (1%)
2022-08-26
What Does the Gradient Tell When Attacking the Graph Structure. (69%)
Network-Level Adversaries in Federated Learning. (54%)
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. (45%)
Lower Difficulty and Better Robustness: A Bregman Divergence Perspective for Adversarial Training. (4%)
2022-08-25
Semantic Preserving Adversarial Attack Generation with Autoencoder and Genetic Algorithm. (99%)
SNAP: Efficient Extraction of Private Properties with Poisoning. (86%)
FuncFooler: A Practical Black-box Attack Against Learning-based Binary Code Similarity Detection Methods. (78%)
Robust Prototypical Few-Shot Organ Segmentation with Regularized Neural-ODEs. (31%)
Calibrated Selective Classification. (15%)
XDRI Attacks - and - How to Enhance Resilience of Residential Routers. (4%)
FedPrompt: Communication-Efficient and Privacy Preserving Prompt Tuning in Federated Learning. (1%)
2022-08-24
Unrestricted Black-box Adversarial Attack Using GAN with Limited Queries. (99%)
Trace and Detect Adversarial Attacks on CNNs using Feature Response Maps. (98%)
Attacking Neural Binary Function Detection. (98%)
A Perturbation Resistant Transformation and Classification System for Deep Neural Networks. (98%)
Rethinking Cost-sensitive Classification in Deep Learning via Adversarial Data Augmentation. (92%)
2022-08-23
Towards an Awareness of Time Series Anomaly Detection Models' Adversarial Vulnerability. (99%)
Adversarial Vulnerability of Temporal Feature Networks for Object Detection. (99%)
Transferability Ranking of Adversarial Examples. (99%)
Auditing Membership Leakages of Multi-Exit Networks. (76%)
A Comprehensive Study of Real-Time Object Detection Networks Across Multiple Domains: A Survey. (13%)
Robust DNN Watermarking via Fixed Embedding Weights with Optimized Distribution. (10%)
2022-08-22
Fight Fire With Fire: Reversing Skin Adversarial Examples by Multiscale Diffusive and Denoising Aggregation Mechanism. (99%)
Hierarchical Perceptual Noise Injection for Social Media Fingerprint Privacy Protection. (98%)
Different Spectral Representations in Optimized Artificial Neural Networks and Brains. (93%)
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models. (87%)
BARReL: Bottleneck Attention for Adversarial Robustness in Vision-Based Reinforcement Learning. (86%)
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN. (62%)
Toward Better Target Representation for Source-Free and Black-Box Domain Adaptation. (31%)
Optimal Bootstrapping of PoW Blockchains. (1%)
2022-08-21
PointDP: Diffusion-driven Purification against Adversarial Attacks on 3D Point Cloud Recognition. (99%)
Inferring Sensitive Attributes from Model Explanations. (56%)
Byzantines can also Learn from History: Fall of Centered Clipping in Federated Learning. (10%)
MockingBERT: A Method for Retroactively Adding Resilience to NLP Models. (4%)
NOSMOG: Learning Noise-robust and Structure-aware MLPs on Graphs. (1%)
A Unified Analysis of Mixed Sample Data Augmentation: A Loss Function Perspective. (1%)
2022-08-20
Analyzing Adversarial Robustness of Vision Transformers against Spatial and Spectral Attacks. (86%)
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes. (33%)
Sensor Security: Current Progress, Research Challenges, and Future Roadmap. (10%)
Evaluating Out-of-Distribution Detectors Through Adversarial Generation of Outliers. (5%)
Adversarial contamination of networks in the setting of vertex nomination: a new trimming method. (1%)
2022-08-19
Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks. (99%)
Gender Bias and Universal Substitution Adversarial Attacks on Grammatical Error Correction Systems for Automated Assessment. (92%)
Dispersed Pixel Perturbation-based Imperceptible Backdoor Trigger for Image Classifier Models. (76%)
A Novel Plug-and-Play Approach for Adversarially Robust Generalization. (16%)
SAFARI: Versatile and Efficient Evaluations for Robustness of Interpretability. (8%)
UKP-SQuARE v2 Explainability and Adversarial Attacks for Trustworthy QA. (1%)
2022-08-18
Resisting Adversarial Attacks in Deep Neural Networks using Diverse Decision Boundaries. (99%)
Enhancing Targeted Attack Transferability via Diversified Weight Pruning. (99%)
Enhancing Diffusion-Based Image Synthesis with Robust Classifier Guidance. (45%)
Reverse Engineering of Integrated Circuits: Tools and Techniques. (33%)
DAFT: Distilling Adversarially Fine-tuned Models for Better OOD Generalization. (10%)
Discovering Bugs in Vision Models using Off-the-shelf Image Generation and Captioning. (3%)
Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy. (2%)
Profiler: Profile-Based Model to Detect Phishing Emails. (1%)
2022-08-17
Two Heads are Better than One: Robust Learning Meets Multi-branch Models. (99%)
An Evolutionary, Gradient-Free, Query-Efficient, Black-Box Algorithm for Generating Adversarial Instances in Deep Networks. (99%)
Shadows Aren't So Dangerous After All: A Fast and Robust Defense Against Shadow-Based Adversarial Attacks. (98%)
Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System. (70%)
An Efficient Multi-Step Framework for Malware Packing Identification. (41%)
An Empirical Study on the Membership Inference Attack against Tabular Data Synthesis Models. (26%)
Efficient Detection and Filtering Systems for Distributed Training. (13%)
On the Privacy Effect of Data Enhancement via the Lens of Memorization. (10%)
ObfuNAS: A Neural Architecture Search-based DNN Obfuscation Approach. (2%)
DF-Captcha: A Deepfake Captcha for Preventing Fake Calls. (1%)
Analyzing Robustness of End-to-End Neural Models for Automatic Speech Recognition. (1%)
2022-08-16
A Context-Aware Approach for Textual Adversarial Attack through Probability Difference Guided Beam Search. (82%)
Imperceptible and Robust Backdoor Attack in 3D Point Cloud. (68%)
AutoCAT: Reinforcement Learning for Automated Exploration of Cache Timing-Channel Attacks. (12%)
2022-08-15
MENLI: Robust Evaluation Metrics from Natural Language Inference. (92%)
Man-in-the-Middle Attack against Object Detection Systems. (86%)
Training-Time Attacks against k-Nearest Neighbors. (2%)
CTI4AI: Threat Intelligence Generation and Sharing after Red Teaming AI Models. (1%)
2022-08-14
A Multi-objective Memetic Algorithm for Auto Adversarial Attack Optimization Design. (99%)
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection. (92%)
InvisibiliTee: Angle-agnostic Cloaking from Person-Tracking Systems with a Tee. (92%)
Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning. (67%)
2022-08-13
Friendly Noise against Adversarial Noise: A Powerful Defense against Data Poisoning Attacks. (99%)
Revisiting Adversarial Attacks on Graph Neural Networks for Graph Classification. (95%)
Confidence Matters: Inspecting Backdoors in Deep Neural Networks via Distribution Transfer. (62%)
2022-08-12
Scale-free and Task-agnostic Attack: Generating Photo-realistic Adversarial Patterns with Patch Quilting Generator. (99%)
MaskBlock: Transferable Adversarial Examples with Bayes Approach. (99%)
Defensive Distillation based Adversarial Attacks Mitigation Method for Channel Estimation using Deep Learning Models in Next-Generation Wireless Networks. (98%)
A Knowledge Distillation-Based Backdoor Attack in Federated Learning. (93%)
Unifying Gradients to Improve Real-world Robustness for Deep Networks. (92%)
Dropout is NOT All You Need to Prevent Gradient Leakage. (62%)
Defense against Backdoor Attacks via Identifying and Purifying Bad Neurons. (2%)
PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data. (2%)
2022-08-11
Diverse Generative Adversarial Perturbations on Attention Space for Transferable Adversarial Attacks. (99%)
General Cutting Planes for Bound-Propagation-Based Neural Network Verification. (68%)
On deceiving malware classification with section injection. (5%)
A Probabilistic Framework for Mutation Testing in Deep Neural Networks. (1%)
Safety and Performance, Why not Both? Bi-Objective Optimized Model Compression toward AI Software Deployment. (1%)
Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone. (1%)
2022-08-10
Explaining Machine Learning DGA Detectors from DNS Traffic Data. (13%)
A Sublinear Adversarial Training Algorithm. (3%)
DVR: Micro-Video Recommendation Optimizing Watch-Time-Gain under Duration Bias. (1%)
2022-08-09
Adversarial Machine Learning-Based Anticipation of Threats Against Vehicle-to-Microgrid Services. (98%)
Reducing Exploitability with Population Based Training. (67%)
Robust Machine Learning for Malware Detection over Time. (9%)
2022-08-08
Robust and Imperceptible Black-box DNN Watermarking Based on Fourier Perturbation Analysis and Frequency Sensitivity Clustering. (75%)
PerD: Perturbation Sensitivity-based Neural Trojan Detection Framework on NLP Applications. (67%)
Adversarial robustness of $\beta-$VAE through the lens of local geometry. (47%)
AWEncoder: Adversarial Watermarking Pre-trained Encoders in Contrastive Learning. (26%)
Abutting Grating Illusion: Cognitive Challenge to Neural Network Models. (1%)
Testing of Machine Learning Models with Limited Samples: An Industrial Vacuum Pumping Application. (1%)
2022-08-07
Federated Adversarial Learning: A Framework with Convergence Analysis. (80%)
Are Gradients on Graph Structure Reliable in Gray-box Attacks? (13%)
2022-08-06
Blackbox Attacks via Surrogate Ensemble Search. (99%)
On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning. (22%)
Preventing or Mitigating Adversarial Supply Chain Attacks; a legal analysis. (3%)
2022-08-05
Adversarial Robustness of MR Image Reconstruction under Realistic Perturbations. (73%)
Data-free Backdoor Removal based on Channel Lipschitzness. (64%)
Lethal Dose Conjecture on Data Poisoning. (2%)
LCCDE: A Decision-Based Ensemble Framework for Intrusion Detection in The Internet of Vehicles. (1%)
Almost-Orthogonal Layers for Efficient General-Purpose Lipschitz Networks. (1%)
2022-08-04
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image Classification. (99%)
2022-08-03
Spectrum Focused Frequency Adversarial Attacks for Automatic Modulation Classification. (99%)
Design of secure and robust cognitive system for malware detection. (99%)
A New Kind of Adversarial Example. (99%)
Adversarial Attacks on ASR Systems: An Overview. (98%)
Multiclass ASMA vs Targeted PGD Attack in Image Segmentation. (96%)
MOVE: Effective and Harmless Ownership Verification via Embedded External Features. (84%)
Robust Graph Neural Networks using Weighted Graph Laplacian. (13%)
2022-08-02
Adversarial Camouflage for Node Injection Attack on Graphs. (81%)
Success of Uncertainty-Aware Deep Models Depends on Data Manifold Geometry. (2%)
SCFI: State Machine Control-Flow Hardening Against Fault Attacks. (1%)
2022-08-01
GeoECG: Data Augmentation via Wasserstein Geodesic Perturbation for Robust Electrocardiogram Prediction. (98%)
Understanding Adversarial Robustness of Vision Transformers via Cauchy Problem. (81%)
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel. (75%)
Attacking Adversarial Defences by Smoothing the Loss Landscape. (26%)
2022-07-31
DNNShield: Dynamic Randomized Model Sparsification, A Defense Against Adversarial Machine Learning. (99%)
Robust Real-World Image Super-Resolution against Adversarial Attacks. (99%)
Is current research on adversarial robustness addressing the right problem? (97%)
2022-07-30
enpheeph: A Fault Injection Framework for Spiking and Compressed Deep Neural Networks. (5%)
CoNLoCNN: Exploiting Correlation and Non-Uniform Quantization for Energy-Efficient Low-precision Deep Convolutional Neural Networks. (2%)
2022-07-29
Robust Trajectory Prediction against Adversarial Attacks. (99%)
Sampling Attacks on Meta Reinforcement Learning: A Minimax Formulation and Complexity Analysis. (56%)
2022-07-28
Pro-tuning: Unified Prompt Tuning for Vision Tasks. (1%)
2022-07-27
Point Cloud Attacks in Graph Spectral Domain: When 3D Geometry Meets Graph Signal Processing. (96%)
Look Closer to Your Enemy: Learning to Attack via Teacher-student Mimicking. (91%)
Membership Inference Attacks via Adversarial Examples. (73%)
Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips. (69%)
DynaMarks: Defending Against Deep Learning Model Extraction Using Dynamic Watermarking. (47%)
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks. (22%)
Generative Steganography Network. (1%)
2022-07-26
LGV: Boosting Adversarial Example Transferability from Large Geometric Vicinity. (99%)
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. (99%)
Generative Extraction of Audio Classifiers for Speaker Identification. (73%)
Toward Transparent AI: A Survey on Interpreting the Inner Structures of Deep Neural Networks. (2%)
2022-07-25
$p$-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations. (99%)
Improving Adversarial Robustness via Mutual Information Estimation. (99%)
SegPGD: An Effective and Efficient Adversarial Attack for Evaluating and Boosting Segmentation Robustness. (99%)
Jigsaw-ViT: Learning Jigsaw Puzzles in Vision Transformer. (75%)
Technical Report: Assisting Backdoor Federated Learning with Whole Population Knowledge Alignment. (9%)
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning. (2%)
2022-07-24
Versatile Weight Attack via Flipping Limited Bits. (86%)
Can we achieve robustness from data alone? (82%)
Proving Common Mechanisms Shared by Twelve Methods of Boosting Adversarial Transferability. (69%)
Privacy Against Inference Attacks in Vertical Federated Learning. (2%)
Semantic-guided Multi-Mask Image Harmonization. (1%)
2022-07-22
Do Perceptually Aligned Gradients Imply Adversarial Robustness? (99%)
Provable Defense Against Geometric Transformations. (47%)
Efficient Testing of Deep Neural Networks via Decision Boundary Analysis. (9%)
Learning from Multiple Annotator Noisy Labels via Sample-wise Label Fusion. (1%)
2022-07-21
Synthetic Dataset Generation for Adversarial Machine Learning Research. (99%)
Careful What You Wish For: on the Extraction of Adversarially Trained Models. (99%)
Rethinking Textual Adversarial Defense for Pre-trained Language Models. (99%)
AugRmixAT: A Data Processing and Training Method for Improving Multiple Robustness and Generalization Performance. (98%)
Knowledge-enhanced Black-box Attacks for Recommendations. (92%)
Towards Efficient Adversarial Training on Vision Transformers. (92%)
Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation. (87%)
Contrastive Self-Supervised Learning Leads to Higher Adversarial Susceptibility. (83%)
A Forgotten Danger in DNN Supervision Testing: Generating and Detecting True Ambiguity. (1%)
2022-07-20
Switching One-Versus-the-Rest Loss to Increase the Margin of Logits for Adversarial Robustness. (99%)
Illusionary Attacks on Sequential Decision Makers and Countermeasures. (15%)
Test-Time Adaptation via Conjugate Pseudo-labels. (10%)
2022-07-19
Towards Robust Multivariate Time-Series Forecasting: Adversarial Attacks and Defense Mechanisms. (99%)
FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients. (41%)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond. (26%)
Assaying Out-Of-Distribution Generalization in Transfer Learning. (1%)
2022-07-18
Defending Substitution-Based Profile Pollution Attacks on Sequential Recommenders. (99%)
Decorrelative Network Architecture for Robust Electrocardiogram Classification. (99%)
Prior-Guided Adversarial Initialization for Fast Adversarial Training. (99%)
Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence. (96%)
Adversarial Pixel Restoration as a Pretext Task for Transferable Perturbations. (91%)
Easy Batch Normalization. (69%)
Adversarial Contrastive Learning via Asymmetric InfoNCE. (61%)
Detection of Poisoning Attacks with Anomaly Detection in Federated Learning for Healthcare Applications: A Machine Learning Approach. (22%)
A Certifiable Security Patch for Object Tracking in Self-Driving Systems via Historical Deviation Modeling. (10%)
Benchmarking Machine Learning Robustness in Covid-19 Genome Sequence Classification. (2%)
2022-07-17
Watermark Vaccine: Adversarial Attacks to Prevent Watermark Removal. (99%)
Threat Model-Agnostic Adversarial Defense using Diffusion Models. (99%)
Achieve Optimal Adversarial Accuracy for Adversarial Deep Learning using Stackelberg Game. (96%)
Automated Repair of Neural Networks. (16%)
2022-07-16
DIMBA: Discretely Masked Black-Box Attack in Single Object Tracking. (99%)
Certified Neural Network Watermarks with Randomized Smoothing. (1%)
Progress and limitations of deep networks to recognize objects in unusual poses. (1%)
Exploring The Resilience of Control Execution Skips against False Data Injection Attacks. (1%)
MixTailor: Mixed Gradient Aggregation for Robust Learning Against Tailored Attacks. (1%)
2022-07-15
Towards the Desirable Decision Boundary by Moderate-Margin Adversarial Training. (99%)
CARBEN: Composite Adversarial Robustness Benchmark. (98%)
Masked Spatial-Spectral Autoencoders Are Excellent Hyperspectral Defenders. (68%)
Feasibility of Inconspicuous GAN-generated Adversarial Patches against Object Detection. (10%)
PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. (5%)
3DVerifier: Efficient Robustness Verification for 3D Point Cloud Models. (1%)
2022-07-14
Adversarial Attacks on Monocular Pose Estimation. (98%)
Adversarial Examples for Model-Based Control: A Sensitivity Analysis. (98%)
Provably Adversarially Robust Nearest Prototype Classifiers. (83%)
Improving Task-free Continual Learning by Distributionally Robust Memory Evolution. (70%)
RSD-GAN: Regularized Sobolev Defense GAN Against Speech-to-Text Adversarial Attacks. (67%)
Sound Randomized Smoothing in Floating-Point Arithmetics. (50%)
Audio-guided Album Cover Art Generation with Genetic Algorithms. (38%)
Distance Learner: Incorporating Manifold Prior to Model Training. (16%)
Active Data Pattern Extraction Attacks on Generative Language Models. (11%)
Contrastive Adapters for Foundation Model Group Robustness. (1%)
Lipschitz Bound Analysis of Neural Networks. (1%)
2022-07-13
Perturbation Inactivation Based Adversarial Defense for Face Recognition. (99%)
On the Robustness of Bayesian Neural Networks to Adversarial Attacks. (93%)
Adversarially-Aware Robust Object Detector. (91%)
PIAT: Physics Informed Adversarial Training for Solving Partial Differential Equations. (15%)
Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities. (10%)
Interactive Machine Learning: A State of the Art Review. (4%)
Sample-dependent Adaptive Temperature Scaling for Improved Calibration. (2%)
DiverGet: A Search-Based Software Testing Approach for Deep Neural Network Quantization Assessment. (1%)
2022-07-12
Exploring Adversarial Examples and Adversarial Robustness of Convolutional Neural Networks by Mutual Information. (99%)
Adversarial Robustness Assessment of NeuroEvolution Approaches. (99%)
Frequency Domain Model Augmentation for Adversarial Attack. (99%)
Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware. (92%)
Game of Trojans: A Submodular Byzantine Approach. (87%)
Bi-fidelity Evolutionary Multiobjective Search for Adversarially Robust Deep Neural Architectures. (84%)
Certified Adversarial Robustness via Anisotropic Randomized Smoothing. (76%)
RelaxLoss: Defending Membership Inference Attacks without Losing Utility. (26%)
Verifying Attention Robustness of Deep Neural Networks against Semantic Perturbations. (5%)
Markov Decision Process For Automatic Cyber Defense. (4%)
Estimating Test Performance for AI Medical Devices under Distribution Shift with Conformal Prediction. (1%)
Backdoor Attacks on Crowd Counting. (1%)
2022-07-11
Statistical Detection of Adversarial examples in Blockchain-based Federated Forest In-vehicle Network Intrusion Detection Systems. (99%)
RUSH: Robust Contrastive Learning via Randomized Smoothing. (98%)
Physical Passive Patch Adversarial Attacks on Visual Odometry Systems. (98%)
Towards Effective Multi-Label Recognition Attacks via Knowledge Graph Consistency. (83%)
"Why do so?" -- A Practical Perspective on Machine Learning Security. (64%)
Susceptibility of Continual Learning Against Adversarial Attacks. (45%)
Physical Attack on Monocular Depth Estimation with Optimal Adversarial Patches. (22%)
Adversarial Style Augmentation for Domain Generalized Urban-Scene Segmentation. (1%)
2022-07-10
One-shot Neural Backdoor Erasing via Adversarial Weight Masking. (33%)
Hiding Your Signals: A Security Analysis of PPG-based Biometric Authentication. (4%)
2022-07-09
Adversarial Framework with Certified Robustness for Time-Series Domain via Statistical Features. (98%)
Invisible Backdoor Attacks Using Data Poisoning in the Frequency Domain. (98%)
Dynamic Time Warping based Adversarial Framework for Time-Series Domain. (97%)
Training Robust Deep Models for Time-Series Domain: Novel Algorithms and Theoretical Analysis. (67%)
2022-07-08
Not all broken defenses are equal: The dead angles of adversarial accuracy. (99%)
Improved and Interpretable Defense to Transferred Adversarial Examples by Jacobian Norm with Selective Input Gradient Regularization. (99%)
Defense Against Multi-target Trojan Attacks. (80%)
Guiding the retraining of convolutional neural networks against adversarial inputs. (80%)
Online Evasion Attacks on Recurrent Models:The Power of Hallucinating the Future. (68%)
Models Out of Line: A Fourier Lens on Distribution Shift Robustness. (10%)
A law of adversarial risk, interpolation, and label noise. (1%)
2022-07-07
On the Relationship Between Adversarial Robustness and Decision Region in Deep Neural Network. (99%)
Harnessing Out-Of-Distribution Examples via Augmenting Content and Style. (11%)
CausalAgents: A Robustness Benchmark for Motion Forecasting using Causal Relationships. (5%)
2022-07-06
The Weaknesses of Adversarial Camouflage in Overhead Imagery. (83%)
Adversarial Robustness of Visual Dialog. (64%)
Enhancing Adversarial Attacks on Single-Layer NVM Crossbar-Based Neural Networks with Power Consumption Information. (54%)
When does Bias Transfer in Transfer Learning? (10%)
Privacy-preserving Reflection Rendering for Augmented Reality. (2%)
Not All Models Are Equal: Predicting Model Transferability in a Self-challenging Fisher Space. (1%)
2022-07-05
Query-Efficient Adversarial Attack Based on Latin Hypercube Sampling. (99%)
Defending against the Label-flipping Attack in Federated Learning. (98%)
UniCR: Universally Approximated Certified Robustness via Randomized Smoothing. (93%)
PRoA: A Probabilistic Robustness Assessment against Functional Perturbations. (92%)
Learning to Accelerate Approximate Methods for Solving Integer Programming via Early Fixing. (38%)
Robustness Analysis of Video-Language Models Against Visual and Language Perturbations. (1%)
Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. (1%)
PoF: Post-Training of Feature Extractor for Improving Generalization. (1%)
Class-Specific Semantic Reconstruction for Open Set Recognition. (1%)
2022-07-04
Hessian-Free Second-Order Adversarial Examples for Adversarial Learning. (99%)
Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples. (98%)
Task-agnostic Defense against Adversarial Patch Attacks. (98%)
Large-scale Robustness Analysis of Video Action Recognition Models. (70%)
Counterbalancing Teacher: Regularizing Batch Normalized Models for Robustness. (1%)
2022-07-03
RAF: Recursive Adversarial Attacks on Face Recognition Using Extremely Limited Queries. (99%)
Removing Batch Normalization Boosts Adversarial Training. (98%)
Anomaly Detection with Adversarially Learned Perturbations of Latent Space. (13%)
Identifying the Context Shift between Test Benchmarks and Production Data. (1%)
2022-07-02
FL-Defender: Combating Targeted Attacks in Federated Learning. (80%)
Backdoor Attack is a Devil in Federated GAN-based Medical Image Synthesis. (11%)
PhilaeX: Explaining the Failure and Success of AI Models in Malware Detection. (1%)
2022-07-01
Efficient Adversarial Training With Data Pruning. (99%)
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label. (99%)
2022-06-30
Detecting and Recovering Adversarial Examples from Extracting Non-robust and Highly Predictive Adversarial Perturbations. (99%)
Measuring Forgetting of Memorized Training Examples. (83%)
MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. (80%)
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN. (16%)
Threat Assessment in Machine Learning based Systems. (13%)
Robustness of Epinets against Distributional Shifts. (1%)
ProSelfLC: Progressive Self Label Correction Towards A Low-Temperature Entropy State. (1%)
2022-06-29
IBP Regularization for Verified Adversarial Robustness via Branch-and-Bound. (92%)
Adversarial Ensemble Training by Jointly Learning Label Dependencies and Member Models. (33%)
longhorns at DADC 2022: How many linguists does it take to fool a Question Answering model? A systematic approach to adversarial attacks. (10%)
Private Graph Extraction via Feature Explanations. (4%)
RegMixup: Mixup as a Regularizer Can Surprisingly Improve Accuracy and Out Distribution Robustness. (2%)
2022-06-28
Increasing Confidence in Adversarial Robustness Evaluations. (99%)
Rethinking Adversarial Examples for Location Privacy Protection. (93%)
A Deep Learning Approach to Create DNS Amplification Attacks. (92%)
On the amplification of security and privacy risks by post-hoc explanations in machine learning models. (31%)
How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection. (12%)
An Empirical Study of Challenges in Converting Deep Learning Models. (5%)
Reasoning about Moving Target Defense in Attack Modeling Formalisms. (2%)
AS-IntroVAE: Adversarial Similarity Distance Makes Robust IntroVAE. (1%)
2022-06-27
Adversarial Example Detection in Deployed Tree Ensembles. (99%)
Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs. (31%)
Utilizing Class Separation Distance for the Evaluation of Corruption Robustness of Machine Learning Classifiers. (15%)
Cyber Network Resilience against Self-Propagating Malware Attacks. (13%)
Quantification of Deep Neural Network Prediction Uncertainties for VVUQ of Machine Learning Models. (4%)
2022-06-26
Self-Healing Robust Neural Networks via Closed-Loop Control. (45%)
De-END: Decoder-driven Watermarking Network. (1%)
2022-06-25
Empirical Evaluation of Physical Adversarial Patch Attacks Against Overhead Object Detection Models. (99%)
Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising. (99%)
RSTAM: An Effective Black-Box Impersonation Attack on Face Recognition using a Mobile and Compact Printer. (99%)
Defending Multimodal Fusion Models against Single-Source Adversaries. (81%)
BackdoorBench: A Comprehensive Benchmark of Backdoor Learning. (12%)
Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks. (1%)
2022-06-24
Defending Backdoor Attacks on Vision Transformer via Patch Processing. (99%)
AdAUC: End-to-end Adversarial AUC Optimization Against Long-tail Problems. (96%)
Adversarial Robustness of Deep Neural Networks: A Survey from a Formal Verification Perspective. (92%)
Robustness of Explanation Methods for NLP Models. (82%)
zPROBE: Zero Peek Robustness Checks for Federated Learning. (4%)
Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems. (2%)
2022-06-23
Adversarial Zoom Lens: A Novel Physical-World Attack to DNNs. (99%)
A Framework for Understanding Model Extraction Attack and Defense. (98%)
Towards End-to-End Private Automatic Speaker Recognition. (76%)
BERT Rankers are Brittle: a Study using Adversarial Document Perturbations. (75%)
Never trust, always verify : a roadmap for Trustworthy AI? (1%)
Measuring Representational Robustness of Neural Networks Through Shared Invariances. (1%)
2022-06-22
AdvSmo: Black-box Adversarial Attack by Smoothing Linear Structure of Texture. (99%)
InfoAT: Improving Adversarial Training Using the Information Bottleneck Principle. (98%)
Robust Universal Adversarial Perturbations. (97%)
Guided Diffusion Model for Adversarial Purification from Random Noise. (68%)
Understanding the effect of sparsity on neural networks robustness. (61%)
Shilling Black-box Recommender Systems by Learning to Generate Fake User Profiles. (41%)
2022-06-21
SSMI: How to Make Objects of Interest Disappear without Accessing Object Detectors? (99%)
Transferable Graph Backdoor Attack. (99%)
(Certified!!) Adversarial Robustness for Free! (83%)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems. (81%)
FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. (68%)
Natural Backdoor Datasets. (33%)
The Privacy Onion Effect: Memorization is Relative. (22%)
ProML: A Decentralised Platform for Provenance Management of Machine Learning Software Systems. (1%)
2022-06-20
Understanding Robust Learning through the Lens of Representation Similarities. (99%)
Diversified Adversarial Attacks based on Conjugate Gradient Method. (98%)
Robust Deep Reinforcement Learning through Bootstrapped Opportunistic Curriculum. (76%)
SafeBench: A Benchmarking Platform for Safety Evaluation of Autonomous Vehicles. (5%)
Breaking Down Out-of-Distribution Detection: Many Methods Based on OOD Training Data Estimate a Combination of the Same Core Quantities. (1%)
2022-06-19
On the Limitations of Stochastic Pre-processing Defenses. (99%)
Towards Adversarial Attack on Vision-Language Pre-training Models. (98%)
A Universal Adversarial Policy for Text Classifiers. (98%)
JPEG Compression-Resistant Low-Mid Adversarial Perturbation against Unauthorized Face Recognition System. (68%)
Adversarially trained neural representations may already be as robust as corresponding biological neural representations. (31%)
2022-06-18
Demystifying the Adversarial Robustness of Random Transformation Defenses. (99%)
On the Role of Generalization in Transferability of Adversarial Examples. (99%)
DECK: Model Hardening for Defending Pervasive Backdoors. (98%)
Measuring Lower Bounds of Local Differential Privacy via Adversary Instantiations in Federated Learning. (10%)
Adversarial Scrutiny of Evidentiary Statistical Software. (2%)
2022-06-17
Detecting Adversarial Examples in Batches -- a geometrical approach. (99%)
Minimum Noticeable Difference based Adversarial Privacy Preserving Image Generation. (99%)
Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization. (99%)
Comment on Transferability and Input Transformation with Additive Noise. (99%)
Adversarial Robustness is at Odds with Lazy Training. (98%)
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection. (83%)
RetrievalGuard: Provably Robust 1-Nearest Neighbor Image Retrieval. (81%)
The Consistency of Adversarial Training for Binary Classification. (26%)
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification. (15%)
Understanding Robust Overfitting of Adversarial Training and Beyond. (8%)
2022-06-16
Adversarial Privacy Protection on Speech Enhancement. (99%)
Boosting the Adversarial Transferability of Surrogate Model with Dark Knowledge. (99%)
Analysis and Extensions of Adversarial Training for Video Classification. (93%)
Double Sampling Randomized Smoothing. (89%)
Adversarial Robustness of Graph-based Anomaly Detection. (76%)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks. (68%)
Backdoor Attacks on Vision Transformers. (31%)
Adversarial Patch Attacks and Defences in Vision-Based Tasks: A Survey. (22%)
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences. (5%)
Catastrophic overfitting is a bug but also a feature. (2%)
Gradient-Based Adversarial and Out-of-Distribution Detection. (2%)
"Understanding Robustness Lottery": A Comparative Visual Analysis of Neural Network Pruning Approaches. (1%)
2022-06-15
Fast and Reliable Evaluation of Adversarial Robustness with Minimum-Margin Attack. (99%)
Morphence-2.0: Evasion-Resilient Moving Target Defense Powered by Out-of-Distribution Detection. (99%)
Architectural Backdoors in Neural Networks. (83%)
Hardening DNNs against Transfer Attacks during Network Compression using Greedy Adversarial Pruning. (75%)
Linearity Grafting: Relaxed Neuron Pruning Helps Certifiable Robustness. (74%)
Search-Based Testing Approach for Deep Reinforcement Learning Agents. (61%)
Can pruning improve certified robustness of neural networks? (56%)
Improving Diversity with Adversarially Learned Transformations for Domain Generalization. (33%)
Queried Unlabeled Data Improves and Robustifies Class-Incremental Learning. (11%)
The Manifold Hypothesis for Gradient-Based Explanations. (2%)
READ: Aggregating Reconstruction Error into Out-of-distribution Detection. (1%)
2022-06-14
Adversarial Vulnerability of Randomized Ensembles. (99%)
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training. (99%)
Proximal Splitting Adversarial Attacks for Semantic Segmentation. (92%)
Flatten the Curve: Efficiently Training Low-Curvature Neural Networks. (92%)
Defending Observation Attacks in Deep Reinforcement Learning via Detection and Denoising. (88%)
Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO. (86%)
Turning a Curse Into a Blessing: Enabling Clean-Data-Free Defenses by Model Inversion. (68%)
Human Eyes Inspired Recurrent Neural Networks are More Robust Against Adversarial Noises. (62%)
When adversarial attacks become interpretable counterfactual explanations. (62%)
Attacks on Perception-Based Control Systems: Modeling and Fundamental Limits. (2%)
A Gift from Label Smoothing: Robust Training with Adaptive Label Smoothing via Auxiliary Classifier under Label Noise. (1%)
A Survey on Gradient Inversion: Attacks, Defenses and Future Directions. (1%)
2022-06-13
Towards Alternative Techniques for Improving Adversarial Robustness: Analysis of Adversarial Training at a Spectrum of Perturbations. (99%)
Distributed Adversarial Training to Robustify Deep Neural Networks at Scale. (99%)
Pixel to Binary Embedding Towards Robustness for CNNs. (47%)
Towards Understanding Sharpness-Aware Minimization. (1%)
Efficient Human-in-the-loop System for Guiding DNNs Attention. (1%)
2022-06-12
Consistent Attack: Universal Adversarial Perturbation on Embodied Vision Navigation. (98%)
Security of Machine Learning-Based Anomaly Detection in Cyber Physical Systems. (92%)
Darknet Traffic Classification and Adversarial Attacks. (81%)
InBiaseD: Inductive Bias Distillation to Improve Generalization and Robustness through Shape-awareness. (26%)
RSSD: Defend against Ransomware with Hardware-Isolated Network-Storage Codesign and Post-Attack Analysis. (9%)
Neurotoxin: Durable Backdoors in Federated Learning. (5%)
An Efficient Method for Sample Adversarial Perturbations against Nonlinear Support Vector Machines. (4%)
2022-06-11
Improving the Adversarial Robustness of NLP Models by Information Bottleneck. (99%)
Defending Adversarial Examples by Negative Correlation Ensemble. (99%)
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks. (81%)
Bilateral Dependency Optimization: Defending Against Model-inversion Attacks. (69%)
2022-06-10
Localized adversarial artifacts for compressed sensing MRI. (76%)
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency. (70%)
Blades: A Simulator for Attacks and Defenses in Federated Learning. (33%)
Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers. (9%)
Deep Leakage from Model in Federated Learning. (3%)
Adversarial Counterfactual Environment Model Learning. (1%)
2022-06-09
CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models. (99%)
ReFace: Real-time Adversarial Attacks on Face Recognition Systems. (99%)
Adversarial Noises Are Linearly Separable for (Nearly) Random Neural Networks. (98%)
Meet You Halfway: Explaining Deep Learning Mysteries. (92%)
Early Transferability of Adversarial Examples in Deep Neural Networks. (86%)
GSmooth: Certified Robustness against Semantic Transformations via Generalized Randomized Smoothing. (86%)
Beyond the Imitation Game: Quantifying and extrapolating the capabilities of language models. (84%)
Data-Efficient Double-Win Lottery Tickets from Robust Pre-training. (41%)
DORA: Exploring outlier representations in Deep Neural Networks. (1%)
Membership Inference via Backdooring. (1%)
2022-06-08
Wavelet Regularization Benefits Adversarial Training. (99%)
Latent Boundary-guided Adversarial Training. (99%)
Adversarial Text Normalization. (73%)
Autoregressive Perturbations for Data Poisoning. (70%)
Toward Certified Robustness Against Real-World Distribution Shifts. (5%)
Generative Adversarial Networks and Image-Based Malware Classification. (1%)
Robust Deep Ensemble Method for Real-world Image Denoising. (1%)
2022-06-07
Fooling Explanations in Text Classifiers. (99%)
AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems. (99%)
Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition. (99%)
Adaptive Regularization for Adversarial Training. (98%)
Building Robust Ensembles via Margin Boosting. (83%)
Can Backdoor Attacks Survive Time-Varying Models? (67%)
Subject Membership Inference Attacks in Federated Learning. (4%)
Adversarial Reprogramming Revisited. (3%)
Certifying Data-Bias Robustness in Linear Regression. (1%)
Parametric Chordal Sparsity for SDP-based Neural Network Verification. (1%)
Can CNNs Be More Robust Than Transformers? (1%)
2022-06-06
Robust Adversarial Attacks Detection based on Explainable Deep Reinforcement Learning For UAV Guidance and Planning. (99%)
Fast Adversarial Training with Adaptive Step Size. (98%)
Certified Robustness in Federated Learning. (87%)
Robust Image Protection Countering Cropping Manipulation. (12%)
PCPT and ACPT: Copyright Protection and Traceability Scheme for DNN Model. (3%)
Tackling covariate shift with node-based Bayesian neural networks. (1%)
Anomaly Detection with Test Time Augmentation and Consistency Evaluation. (1%)
2022-06-05
Federated Adversarial Training with Transformers. (98%)
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training. (98%)
2022-06-04
Soft Adversarial Training Can Retain Natural Accuracy. (76%)
2022-06-03
Saliency Attack: Towards Imperceptible Black-box Adversarial Attack. (99%)
Towards Evading the Limits of Randomized Smoothing: A Theoretical Analysis. (96%)
Evaluating Transfer-based Targeted Adversarial Perturbations against Real-World Computer Vision Systems based on Human Judgments. (92%)
A Robust Backpropagation-Free Framework for Images. (80%)
Gradient Obfuscation Checklist Test Gives a False Sense of Security. (73%)
Kallima: A Clean-label Framework for Textual Backdoor Attacks. (26%)
2022-06-02
FACM: Correct the Output of Deep Neural Network with Middle Layers Features against Adversarial Samples. (99%)
Improving the Robustness and Generalization of Deep Neural Network with Confidence Threshold Reduction. (99%)
Adaptive Adversarial Training to Improve Adversarial Robustness of DNNs for Medical Image Segmentation and Detection. (99%)
Adversarial RAW: Image-Scaling Attack Against Imaging Pipeline. (99%)
Adversarial Laser Spot: Robust and Covert Physical Adversarial Attack to DNNs. (98%)
Adversarial Unlearning: Reducing Confidence Along Adversarial Directions. (31%)
MaxStyle: Adversarial Style Composition for Robust Medical Image Segmentation. (8%)
A temporal chrominance trigger for clean-label backdoor attack against anti-spoof rebroadcast detection. (4%)
Learning Unbiased Transferability for Domain Adaptation by Uncertainty Modeling. (1%)
2022-06-01
On the reversibility of adversarial attacks. (99%)
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks. (99%)
Attack-Agnostic Adversarial Detection. (99%)
On the Perils of Cascading Robust Classifiers. (98%)
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations. (98%)
Support Vector Machines under Adversarial Label Contamination. (97%)
Defense Against Gradient Leakage Attacks via Learning to Obscure Data. (80%)
The robust way to stack and bag: the local Lipschitz way. (70%)
Robustness Evaluation and Adversarial Training of an Instance Segmentation Model. (54%)
RoCourseNet: Distributionally Robust Training of a Prediction Aware Recourse Model. (1%)
2022-05-31
Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems. (99%)
Exact Feature Collisions in Neural Networks. (95%)
CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. (86%)
CASSOCK: Viable Backdoor Attacks against DNN in The Wall of Source-Specific Backdoor Defences. (83%)
Semantic Autoencoder and Its Potential Usage for Adversarial Attack. (81%)
An Effective Fusion Method to Enhance the Robustness of CNN. (80%)
Order-sensitive Shapley Values for Evaluating Conceptual Soundness of NLP Models. (64%)
Generative Models with Information-Theoretic Protection Against Membership Inference Attacks. (10%)
Likelihood-Free Inference with Generative Neural Networks via Scoring Rule Minimization. (1%)
2022-05-30
Exposing Fine-grained Adversarial Vulnerability of Face Anti-spoofing Models. (99%)
Searching for the Essence of Adversarial Perturbations. (99%)
Guided Diffusion Model for Adversarial Purification. (99%)
Domain Constraints in Feature Space: Strengthening Robustness of Android Malware Detection against Realizable Adversarial Examples. (98%)
Why Adversarial Training of ReLU Networks Is Difficult? (68%)
CalFAT: Calibrated Federated Adversarial Training with Label Skewness. (67%)
Securing AI-based Healthcare Systems using Blockchain Technology: A State-of-the-Art Systematic Literature Review and Future Research Directions. (15%)
Efficient Reward Poisoning Attacks on Online Deep Reinforcement Learning. (13%)
White-box Membership Attack Against Machine Learning Based Retinopathy Classification. (10%)
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance. (2%)
2022-05-29
Robust Weight Perturbation for Adversarial Training. (99%)
Mixture GAN For Modulation Classification Resiliency Against Adversarial Attacks. (99%)
Unfooling Perturbation-Based Post Hoc Explainers. (98%)
On the Robustness of Safe Reinforcement Learning under Observational Perturbations. (93%)
Superclass Adversarial Attack. (80%)
Problem-Space Evasion Attacks in the Android OS: a Survey. (50%)
Context-based Virtual Adversarial Training for Text Classification with Noisy Labels. (11%)
A General Multiple Data Augmentation Based Framework for Training Deep Neural Networks. (1%)
2022-05-28
Contributor-Aware Defenses Against Adversarial Backdoor Attacks. (98%)
BadDet: Backdoor Attacks on Object Detection. (92%)
Syntax-Guided Program Reduction for Understanding Neural Code Intelligence Models. (62%)
2022-05-27
fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems. (96%)
Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power. (95%)
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction. (92%)
Defending Against Stealthy Backdoor Attacks. (73%)
EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks. (13%)
2022-05-26
A Physical-World Adversarial Attack Against 3D Face Recognition. (99%)
Transferable Adversarial Attack based on Integrated Gradients. (99%)
MALICE: Manipulation Attacks on Learned Image ComprEssion. (99%)
Phantom Sponges: Exploiting Non-Maximum Suppression to Attack Deep Object Detectors. (98%)
Circumventing Backdoor Defenses That Are Based on Latent Separability. (96%)
An Analytic Framework for Robust Training of Artificial Neural Networks. (93%)
Adversarial attacks and defenses in Speaker Recognition Systems: A survey. (81%)
PerDoor: Persistent Non-Uniform Backdoors in Federated Learning using Adversarial Perturbations. (81%)
BppAttack: Stealthy and Efficient Trojan Attacks against Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning. (81%)
R-HTDetector: Robust Hardware-Trojan Detection Based on Adversarial Training. (80%)
BagFlip: A Certified Defense against Data Poisoning. (75%)
Fight Poison with Poison: Detecting Backdoor Poison Samples via Decoupling Benign Correlations. (54%)
Membership Inference Attack Using Self Influence Functions. (45%)
2022-05-25
Surprises in adversarially-trained linear regression. (87%)
Textual Backdoor Attacks with Iterative Trigger Injection. (9%)
How explainable are adversarially-robust CNNs? (8%)
2022-05-24
Defending a Music Recommender Against Hubness-Based Adversarial Attacks. (99%)
Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks. (99%)
Certified Robustness Against Natural Language Attacks by Causal Intervention. (98%)
One-Pixel Shortcut: on the Learning Preference of Deep Neural Networks. (83%)
Fine-grained Poisoning Attacks to Local Differential Privacy Protocols for Mean and Variance Estimation. (64%)
WeDef: Weakly Supervised Backdoor Defense for Text Classification. (56%)
Recipe2Vec: Multi-modal Recipe Representation Learning with Graph Neural Networks. (50%)
EBM Life Cycle: MCMC Strategies for Synthesis, Defense, and Density Modeling. (10%)
Comprehensive Privacy Analysis on Federated Recommender System against Attribute Inference Attacks. (9%)
Fast & Furious: Modelling Malware Detection as Evolving Data Streams. (2%)
Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free. (2%)
CDFKD-MFS: Collaborative Data-free Knowledge Distillation via Multi-level Feature Sharing. (1%)
2022-05-23
Alleviating Robust Overfitting of Adversarial Training With Consistency Regularization. (98%)
Learning to Ignore Adversarial Attacks. (95%)
Collaborative Adversarial Training. (93%)
Towards a Defense against Backdoor Attacks in Continual Federated Learning. (50%)
Compressing Deep Graph Neural Networks via Adversarial Knowledge Distillation. (10%)
RCC-GAN: Regularized Compound Conditional GAN for Large-Scale Tabular Data Synthesis. (1%)
2022-05-22
AutoJoin: Efficient Adversarial Training for Robust Maneuvering via Denoising Autoencoder and Joint Learning. (26%)
Robust Quantity-Aware Aggregation for Federated Learning. (13%)
Analysis of functional neural codes of deep learning models. (10%)
2022-05-21
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. (99%)
Gradient Concealment: Free Lunch for Defending Adversarial Attacks. (99%)
Phrase-level Textual Adversarial Attack with Label Preservation. (99%)
On the Feasibility and Generality of Patch-based Adversarial Attacks on Semantic Segmentation Problems. (16%)
2022-05-20
Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness. (99%)
Robust Sensible Adversarial Learning of Deep Neural Networks for Image Classification. (98%)
Adversarial joint attacks on legged robots. (86%)
Towards Consistency in Adversarial Classification. (82%)
Adversarial Body Shape Search for Legged Robots. (80%)
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning. (64%)
The developmental trajectory of object recognition robustness: children are like small adults but unlike big deep neural networks. (11%)
Vulnerability Analysis and Performance Enhancement of Authentication Protocol in Dynamic Wireless Power Transfer Systems. (10%)
Exploring the Trade-off between Plausibility, Change Intensity and Adversarial Power in Counterfactual Explanations using Multi-objective Optimization. (4%)
2022-05-19
Focused Adversarial Attacks. (99%)
Transferable Physical Attack against Object Detection with Separable Attention. (99%)
Enhancing the Transferability of Adversarial Examples via a Few Queries. (99%)
On Trace of PGD-Like Adversarial Attacks. (99%)
Improving Robustness against Real-World and Worst-Case Distribution Shifts through Decision Region Quantification. (98%)
Defending Against Adversarial Attacks by Energy Storage Facility. (96%)
Sparse Adversarial Attack in Multi-agent Reinforcement Learning. (82%)
Data Valuation for Offline Reinforcement Learning. (1%)
2022-05-18
Passive Defense Against 3D Adversarial Point Clouds Through the Lens of 3D Steganalysis. (99%)
Property Unlearning: A Defense Strategy Against Property Inference Attacks. (84%)
Backdoor Attacks on Bayesian Neural Networks using Reverse Distribution. (56%)
Empirical Advocacy of Bio-inspired Models for Robust Image Recognition. (38%)
Constraining the Attack Space of Machine Learning Models with Distribution Clamping Preprocessing. (1%)
Mitigating Neural Network Overconfidence with Logit Normalization. (1%)
2022-05-17
Hierarchical Distribution-Aware Testing of Deep Learning. (98%)
Bankrupting DoS Attackers Despite Uncertainty. (12%)
A two-steps approach to improve the performance of Android malware detectors. (10%)
Policy Distillation with Selective Input Gradient Regularization for Efficient Interpretability. (2%)
Recovering Private Text in Federated Learning of Language Models. (2%)
Semi-Supervised Building Footprint Generation with Feature and Output Consistency Training. (1%)
2022-05-16
Attacking and Defending Deep Reinforcement Learning Policies. (99%)
Diffusion Models for Adversarial Purification. (99%)
Robust Representation via Dynamic Feature Aggregation. (84%)
Sparse Visual Counterfactual Explanations in Image Space. (83%)
On the Difficulty of Defending Self-Supervised Learning against Model Extraction. (67%)
Transferability of Adversarial Attacks on Synthetic Speech Detection. (47%)
2022-05-15
Learn2Weight: Parameter Adaptation against Similar-domain Adversarial Attacks. (99%)
Exploiting the Relationship Between Kendall's Rank Correlation and Cosine Similarity for Attribution Protection. (64%)
RoMFAC: A Robust Mean-Field Actor-Critic Reinforcement Learning against Adversarial Perturbations on States. (38%)
Automation Slicing and Testing for in-App Deep Learning Models. (1%)
2022-05-14
Evaluating Membership Inference Through Adversarial Robustness. (98%)
Verifying Neural Networks Against Backdoor Attacks. (2%)
2022-05-13
Universal Post-Training Backdoor Detection. (98%)
l-Leaks: Membership Inference Attacks with Logits. (41%)
DualCF: Efficient Model Extraction Attack from Counterfactual Explanations. (26%)
Millimeter-Wave Automotive Radar Spoofing. (2%)
2022-05-12
Sample Complexity Bounds for Robustly Learning Decision Lists against Evasion Attacks. (75%)
PoisonedEncoder: Poisoning the Unlabeled Pre-training Data in Contrastive Learning. (61%)
How to Combine Membership-Inference Attacks on Multiple Updated Models. (11%)
Infrared Invisible Clothing:Hiding from Infrared Detectors at Multiple Angles in Real World. (4%)
Smooth-Reduce: Leveraging Patches for Improved Certified Robustness. (2%)
Stalloris: RPKI Downgrade Attack. (1%)
2022-05-11
Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. (1%)
The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. (1%)
A Longitudinal Study of Cryptographic API: a Decade of Android Malware. (1%)
2022-05-10
Robust Medical Image Classification from Noisy Labeled Data with Global and Local Representation Guided Co-training. (1%)
White-box Testing of NLP models with Mask Neuron Coverage. (1%)
2022-05-09
Btech thesis report on adversarial attack detection and purification of adverserially attacked images. (99%)
Using Frequency Attention to Make Adversarial Patch Powerful Against Person Detector. (98%)
Do You Think You Can Hold Me? The Real Challenge of Problem-Space Evasion Attacks. (97%)
Model-Contrastive Learning for Backdoor Defense. (87%)
How Does Frequency Bias Affect the Robustness of Neural Image Classifiers against Common Corruption and Adversarial Perturbations? (61%)
Federated Multi-Armed Bandits Under Byzantine Attacks. (2%)
Verifying Integrity of Deep Ensemble Models by Lossless Black-box Watermarking with Sensitive Samples. (2%)
2022-05-08
Fingerprint Template Invertibility: Minutiae vs. Deep Templates. (68%)
ResSFL: A Resistance Transfer Framework for Defending Model Inversion Attack in Split Federated Learning. (22%)
VPN: Verification of Poisoning in Neural Networks. (9%)
FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks. (4%)
PGADA: Perturbation-Guided Adversarial Alignment for Few-shot Learning Under the Support-Query Shift. (1%)
2022-05-07
A Simple Yet Efficient Method for Adversarial Word-Substitute Attack. (99%)
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees. (92%)
2022-05-06
Imperceptible Backdoor Attack: From Input Space to Feature Representation. (68%)
Defending against Reconstruction Attacks through Differentially Private Federated Learning for Classification of Heterogeneous Chest X-Ray Data. (26%)
Unlimited Lives: Secure In-Process Rollback with Isolated Domains. (1%)
LPGNet: Link Private Graph Networks for Node Classification. (1%)
2022-05-05
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems. (99%)
Structural Extensions of Basis Pursuit: Guarantees on Adversarial Robustness. (78%)
Can collaborative learning be private, robust and scalable? (61%)
Large Scale Transfer Learning for Differentially Private Image Classification. (2%)
Heterogeneous Domain Adaptation with Adversarial Neural Representation Learning: Experiments on E-Commerce and Cybersecurity. (1%)
Are GAN-based Morphs Threatening Face Recognition? (1%)
2022-05-04
Based-CE white-box adversarial attack will not work using super-fitting. (99%)
Rethinking Classifier And Adversarial Attack. (98%)
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. (98%)
Robust Conversational Agents against Imperceptible Toxicity Triggers. (92%)
Subverting Fair Image Search with Generative Adversarial Perturbations. (83%)
2022-05-03
Adversarial Training for High-Stakes Reliability. (98%)
Don't sweat the small stuff, classify the rest: Sample Shielding to protect text classifiers against adversarial attacks. (96%)
On the uncertainty principle of neural networks. (3%)
Meta-Cognition. An Inverse-Inverse Reinforcement Learning Approach for Cognitive Radars. (1%)
2022-05-02
SemAttack: Natural Textual Attacks via Different Semantic Spaces. (96%)
Deep-Attack over the Deep Reinforcement Learning. (93%)
Enhancing Adversarial Training with Feature Separability. (92%)
BERTops: Studying BERT Representations under a Topological Lens. (92%)
MIRST-DM: Multi-Instance RST with Drop-Max Layer for Robust Classification of Breast Cancer. (83%)
Revisiting Gaussian Neurons for Online Clustering with Unknown Number of Clusters. (1%)
2022-05-01
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction. (98%)
DDDM: a Brain-Inspired Framework for Robust Classification. (76%)
Robust Fine-tuning via Perturbation and Interpolation from In-batch Instances. (9%)
A Simple Approach to Improve Single-Model Deep Uncertainty via Distance-Awareness. (3%)
Adversarial Plannning. (2%)
2022-04-30
Optimizing One-pixel Black-box Adversarial Attacks. (82%)
Cracking White-box DNN Watermarks via Invariant Neuron Transforms. (26%)
Adapting and Evaluating Influence-Estimation Methods for Gradient-Boosted Decision Trees. (1%)
Loss Function Entropy Regularization for Diverse Decision Boundaries. (1%)
2022-04-29
Adversarial attacks on an optical neural network. (92%)
Logically Consistent Adversarial Attacks for Soft Theorem Provers. (2%)
Bridging Differential Privacy and Byzantine-Robustness via Model Aggregation. (1%)
2022-04-28
Detecting Textual Adversarial Examples Based on Distributional Characteristics of Data Representations. (99%)
Formulating Robustness Against Unforeseen Attacks. (99%)
Randomized Smoothing under Attack: How Good is it in Pratice? (84%)
Improving robustness of language models from a geometry-aware perspective. (68%)
Mixup-based Deep Metric Learning Approaches for Incomplete Supervision. (50%)
AGIC: Approximate Gradient Inversion Attack on Federated Learning. (16%)
An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks. (1%)
2022-04-27
Adversarial Fine-tune with Dynamically Regulated Adversary. (99%)
Defending Against Person Hiding Adversarial Patch Attack with a Universal White Frame. (98%)
An Adversarial Attack Analysis on Malicious Advertisement URL Detection Framework. (81%)
2022-04-26
Boosting Adversarial Transferability of MLP-Mixer. (99%)
Restricted Black-box Adversarial Attack Against DeepFake Face Swapping. (99%)
Improving the Transferability of Adversarial Examples with Restructure Embedded Patches. (99%)
On Fragile Features and Batch Normalization in Adversarial Training. (97%)
Mixed Strategies for Security Games with General Defending Requirements. (75%)
Poisoning Deep Learning based Recommender Model in Federated Learning Scenarios. (26%)
Designing Perceptual Puzzles by Differentiating Probabilistic Programs. (13%)
Enhancing Privacy against Inversion Attacks in Federated Learning by using Mixing Gradients Strategies. (8%)
Performance Analysis of Out-of-Distribution Detection on Trained Neural Networks. (4%)
2022-04-25
Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks. (99%)
When adversarial examples are excusable. (89%)
A Simple Structure For Building A Robust Model. (81%)
Real or Virtual: A Video Conferencing Background Manipulation-Detection System. (67%)
Can Rationalization Improve Robustness? (12%)
PhysioGAN: Training High Fidelity Generative Model for Physiological Sensor Readings. (1%)
VITA: A Multi-Source Vicinal Transfer Augmentation Method for Out-of-Distribution Generalization. (1%)
Enable Deep Learning on Mobile Devices: Methods, Systems, and Applications. (1%)
2022-04-24
A Hybrid Defense Method against Adversarial Attacks on Traffic Sign Classifiers in Autonomous Vehicles. (99%)
Improving Deep Learning Model Robustness Against Adversarial Attack by Increasing the Network Capacity. (81%)
2022-04-23
Smart App Attack: Hacking Deep Learning Models in Android Apps. (98%)
Towards Data-Free Model Stealing in a Hard Label Setting. (13%)
Reinforced Causal Explainer for Graph Neural Networks. (1%)
2022-04-22
How Sampling Impacts the Robustness of Stochastic Neural Networks. (98%)
A Tale of Two Models: Constructing Evasive Attacks on Edge Models. (83%)
Enhancing the Transferability via Feature-Momentum Adversarial Attack. (82%)
Data-Efficient Backdoor Attacks. (76%)
2022-04-21
A Mask-Based Adversarial Defense Scheme. (99%)
Is Neuron Coverage Needed to Make Person Detection More Robust? (98%)
Robustness of Machine Learning Models Beyond Adversarial Attacks. (98%)
Adversarial Contrastive Learning by Permuting Cluster Assignments. (15%)
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation. (4%)
Detecting Topology Attacks against Graph Neural Networks. (1%)
2022-04-20
GUARD: Graph Universal Adversarial Defense. (99%)
Adversarial Scratches: Deployable Attacks to CNN Classifiers. (99%)
Fast AdvProp. (98%)
Case-Aware Adversarial Training. (98%)
Improved Worst-Group Robustness via Classifier Retraining on Independent Splits. (1%)
2022-04-19
Jacobian Ensembles Improve Robustness Trade-offs to Adversarial Attacks. (99%)
Robustness Testing of Data and Knowledge Driven Anomaly Detection in Cyber-Physical Systems. (86%)
Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation. (83%)
2022-04-18
UNBUS: Uncertainty-aware Deep Botnet Detection System in Presence of Perturbed Samples. (99%)
CgAT: Center-Guided Adversarial Training for Deep Hashing-Based Retrieval. (99%)
Sardino: Ultra-Fast Dynamic Ensemble for Secure Visual Sensing at Mobile Edge. (99%)
Metamorphic Testing-based Adversarial Attack to Fool Deepfake Detectors. (98%)
A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability. (75%)
CorrGAN: Input Transformation Technique Against Natural Corruptions. (70%)
Poisons that are learned faster are more effective. (64%)
2022-04-17
Residue-Based Natural Language Adversarial Attack Detection. (99%)
Towards Comprehensive Testing on the Robustness of Cooperative Multi-agent Reinforcement Learning. (95%)
2022-04-16
SETTI: A Self-supervised Adversarial Malware Detection Architecture in an IoT Environment. (95%)
Homomorphic Encryption and Federated Learning based Privacy-Preserving CNN Training: COVID-19 Detection Use-Case. (67%)
2022-04-15
Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning. (92%)
2022-04-14
From Environmental Sound Representation to Robustness of 2D CNN Models Against Adversarial Attacks. (99%)
Planting Undetectable Backdoors in Machine Learning Models. (99%)
Q-TART: Quickly Training for Adversarial Robustness and in-Transferability. (50%)
Robotic and Generative Adversarial Attacks in Offline Writer-independent Signature Verification. (41%)
2022-04-13
Task-Driven Data Augmentation for Vision-Based Robotic Control. (96%)
Stealing Malware Classifiers and AVs at Low False Positive Conditions. (82%)
Defensive Patches for Robust Recognition in the Physical World. (80%)
A Novel Approach to Train Diverse Types of Language Models for Health Mention Classification of Tweets. (78%)
Overparameterized Linear Regression under Adversarial Attacks. (76%)
Towards A Critical Evaluation of Robustness for Deep Learning Backdoor Countermeasures. (38%)
A Natural Language Processing Approach for Instruction Set Architecture Identification. (1%)
2022-04-12
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS. (99%)
Examining the Proximity of Adversarial Examples to Class Manifolds in Deep Networks. (98%)
Toward Robust Spiking Neural Network Against Adversarial Perturbation. (98%)
Machine Learning Security against Data Poisoning: Are We There Yet? (92%)
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms. (11%)
3DeformRS: Certifying Spatial Deformations on Point Clouds. (9%)
2022-04-11
A Simple Approach to Adversarial Robustness in Few-shot Image Classification. (98%)
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. (92%)
Generalizing Adversarial Explanations with Grad-CAM. (84%)
Anti-Adversarially Manipulated Attributions for Weakly Supervised Semantic Segmentation and Object Localization. (83%)
Exploring the Universal Vulnerability of Prompt-based Learning Paradigm. (47%)
medXGAN: Visual Explanations for Medical Classifiers through a Generative Latent Space. (1%)
2022-04-10
"That Is a Suspicious Reaction!": Interpreting Logits Variation to Detect NLP Adversarial Attacks. (88%)
Analysis of Power-Oriented Fault Injection Attacks on Spiking Neural Networks. (54%)
Measuring the False Sense of Security. (26%)
2022-04-08
Defense against Adversarial Attacks on Hybrid Speech Recognition using Joint Adversarial Fine-tuning with Denoiser. (99%)
AdvEst: Adversarial Perturbation Estimation to Classify and Detect Adversarial Attacks against Speaker Identification. (99%)
Evaluating the Adversarial Robustness for Fourier Neural Operators. (92%)
Backdoor Attack against NLP models with Robustness-Aware Perturbation defense. (87%)
An Adaptive Black-box Backdoor Detection Method for Deep Neural Networks. (45%)
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment. (13%)
Neural Tangent Generalization Attacks. (12%)
Labeling-Free Comparison Testing of Deep Learning Models. (11%)
Does Robustness on ImageNet Transfer to Downstream Tasks? (2%)
The self-learning AI controller for adaptive power beaming with fiber-array laser transmitter system. (1%)
2022-04-07
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. (99%)
Adaptive-Gravity: A Defense Against Adversarial Samples. (99%)
Using Multiple Self-Supervised Tasks Improves Model Robustness. (81%)
Transformer-Based Language Models for Software Vulnerability Detection: Performance, Model's Security and Platforms. (69%)
Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation. (1%)
2022-04-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
Masking Adversarial Damage: Finding Adversarial Saliency for Robust and Sparse Network. (95%)
Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck. (93%)
Optimization Models and Interpretations for Three Types of Adversarial Perturbations against Support Vector Machines. (68%)
Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems. (62%)
Adversarial Analysis of the Differentially-Private Federated Learning in Cyber-Physical Critical Infrastructures. (4%)
2022-04-05
Hear No Evil: Towards Adversarial Robustness of Automatic Speech Recognition via Multi-Task Learning. (98%)
Adversarial Robustness through the Lens of Convolutional Filters. (87%)
User-Level Differential Privacy against Attribute Inference Attack of Speech Emotion Recognition in Federated Learning. (2%)
SwapMix: Diagnosing and Regularizing the Over-Reliance on Visual Context in Visual Question Answering. (1%)
GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning. (1%)
2022-04-04
RobustSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition. (99%)
DAD: Data-free Adversarial Defense at Test Time. (99%)
Experimental quantum adversarial learning with programmable superconducting qubits. (99%)
PRADA: Practical Black-Box Adversarial Attacks against Neural Ranking Models. (99%)
FaceSigns: Semi-Fragile Neural Watermarks for Media Authentication and Countering Deepfakes. (98%)
2022-04-03
Breaking the De-Pois Poisoning Defense. (98%)
Adversarially robust segmentation models learn perceptually-aligned gradients. (16%)
Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders. (1%)
Improving Vision Transformers by Revisiting High-frequency Components. (1%)
2022-04-02
Adversarial Neon Beam: Robust Physical-World Adversarial Attack to DNNs. (98%)
DST: Dynamic Substitute Training for Data-free Black-box Attack. (98%)
2022-04-01
SkeleVision: Towards Adversarial Resiliency of Person Tracking with Multi-Task Learning. (47%)
Robust and Accurate -- Compositional Architectures for Randomized Smoothing. (31%)
FrequencyLowCut Pooling -- Plug & Play against Catastrophic Overfitting. (16%)
Preventing Distillation-based Attacks on Neural Network IP. (2%)
FedRecAttack: Model Poisoning Attack to Federated Recommendation. (1%)
2022-03-31
Improving Adversarial Transferability via Neuron Attribution-Based Attacks. (99%)
Adversarial Examples in Random Neural Networks with General Activations. (98%)
Scalable Whitebox Attacks on Tree-based Models. (96%)
Towards Robust Rain Removal Against Adversarial Attacks: A Comprehensive Benchmark Analysis and Beyond. (86%)
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. (81%)
2022-03-30
Investigating Top-$k$ White-Box and Transferable Black-box Attack. (87%)
Sensor Data Validation and Driving Safety in Autonomous Driving Systems. (83%)
Example-based Explanations with Adversarial Attacks for Respiratory Sound Analysis. (56%)
2022-03-29
Mel Frequency Spectral Domain Defenses against Adversarial Attacks on Speech Recognition Systems. (99%)
Zero-Query Transfer Attacks on Context-Aware Object Detectors. (99%)
Exploring Frequency Adversarial Attacks for Face Forgery Detection. (99%)
StyleFool: Fooling Video Classification Systems via Style Transfer. (99%)
Recent improvements of ASR models in the face of adversarial attacks. (98%)
Robust Structured Declarative Classifiers for 3D Point Clouds: Defending Adversarial Attacks with Implicit Gradients. (83%)
Treatment Learning Transformer for Noisy Image Classification. (26%)
Can NMT Understand Me? Towards Perturbation-based Evaluation of NMT Models for Code Generation. (11%)
2022-03-28
Boosting Black-Box Adversarial Attacks with Meta Learning. (99%)
A Fast and Efficient Conditional Learning for Tunable Trade-Off between Accuracy and Robustness. (62%)
Robust Unlearnable Examples: Protecting Data Against Adversarial Learning. (16%)
Neurosymbolic hybrid approach to driver collision warning. (15%)
Attacker Attribution of Audio Deepfakes. (1%)
2022-03-27
Rebuild and Ensemble: Exploring Defense Against Text Adversaries. (76%)
Adversarial Representation Sharing: A Quantitative and Secure Collaborative Learning Framework. (8%)
2022-03-26
How to Robustify Black-Box ML Models? A Zeroth-Order Optimization Perspective. (99%)
A Survey of Robust Adversarial Training in Pattern Recognition: Fundamental, Theory, and Methodologies. (99%)
Reverse Engineering of Imperceptible Adversarial Image Perturbations. (99%)
Efficient Global Robustness Certification of Neural Networks via Interleaving Twin-Network Encoding. (33%)
A Systematic Survey of Attack Detection and Prevention in Connected and Autonomous Vehicles. (1%)
A Roadmap for Big Model. (1%)
2022-03-25
Enhancing Transferability of Adversarial Examples with Spatial Momentum. (99%)
Origins of Low-dimensional Adversarial Perturbations. (98%)
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch Robustness. (89%)
Improving Robustness of Jet Tagging Algorithms with Adversarial Training. (10%)
A Unified Contrastive Energy-based Model for Understanding the Generative Ability of Adversarial Training. (5%)
A Stitch in Time Saves Nine: A Train-Time Regularizing Loss for Improved Neural Network Calibration. (1%)
2022-03-24
Trojan Horse Training for Breaking Defenses against Backdoor Attacks in Deep Learning. (99%)
A Perturbation Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow. (99%)
NPC: Neuron Path Coverage via Characterizing Decision Logic of Deep Neural Networks. (93%)
MERLIN -- Malware Evasion with Reinforcement LearnINg. (56%)
Repairing Group-Level Errors for DNNs Using Weighted Regularization. (13%)
A Manifold View of Adversarial Risk. (11%)
2022-03-23
Powerful Physical Adversarial Examples Against Practical Face Recognition Systems. (99%)
Adversarial Training for Improving Model Robustness? Look at Both Prediction and Interpretation. (99%)
Input-specific Attention Subnetworks for Adversarial Detection. (99%)
Self-supervised Learning of Adversarial Example: Towards Good Generalizations for Deepfake Detection. (69%)
Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion. (3%)
On the (Limited) Generalization of MasterFace Attacks and Its Relation to the Capacity of Face Representations. (3%)
2022-03-22
Exploring High-Order Structure for Robust Graph Structure Learning. (99%)
On Adversarial Robustness of Large-scale Audio Visual Learning. (93%)
On the (Non-)Robustness of Two-Layer Neural Networks in Different Learning Regimes. (86%)
Semi-Targeted Model Poisoning Attack on Federated Learning via Backward Error Analysis. (78%)
A Girl Has A Name, And It's ... Adversarial Authorship Attribution for Deobfuscation. (2%)
GradViT: Gradient Inversion of Vision Transformers. (1%)
On Robust Classification using Contractive Hamiltonian Neural ODEs. (1%)
2022-03-21
Making DeepFakes more spurious: evading deep face forgery detection via trace removal attack. (92%)
Integrity Fingerprinting of DNN with Double Black-box Design and Verification. (10%)
On The Robustness of Offensive Language Classifiers. (2%)
Defending against Co-residence Attack in Energy-Efficient Cloud: An Optimization based Real-time Secure VM Allocation Strategy. (1%)
2022-03-20
An Intermediate-level Attack Framework on The Basis of Linear Regression. (99%)
A Prompting-based Approach for Adversarial Example Generation and Robustness Enhancement. (99%)
Leveraging Expert Guided Adversarial Augmentation For Improving Generalization in Named Entity Recognition. (82%)
Adversarial Parameter Attack on Deep Neural Networks. (62%)
2022-03-19
Adversarial Defense via Image Denoising with Chaotic Encryption. (99%)
Perturbations in the Wild: Leveraging Human-Written Text Perturbations for Realistic Adversarial Attack and Defense. (98%)
Distinguishing Non-natural from Natural Adversarial Samples for More Robust Pre-trained Language Model. (84%)
Efficient Neural Network Analysis with Sum-of-Infeasibilities. (74%)
Deep Learning Generalization, Extrapolation, and Over-parameterization. (68%)
On Robust Prefix-Tuning for Text Classification. (10%)
2022-03-18
Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike. (99%)
Adversarial Attacks on Deep Learning-based Video Compression and Classification Systems. (99%)
Neural Predictor for Black-Box Adversarial Attacks on Speech Recognition. (99%)
AutoAdversary: A Pixel Pruning Method for Sparse Adversarial Attack. (99%)
Alleviating Adversarial Attacks on Variational Autoencoders with MCMC. (96%)
DTA: Physical Camouflage Attacks using Differentiable Transformation Network. (83%)
AdIoTack: Quantifying and Refining Resilience of Decision Tree Ensemble Inference Models against Adversarial Volumetric Attacks on IoT Networks. (78%)
Towards Robust 2D Convolution for Reliable Visual Recognition. (9%)
2022-03-17
Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input. (99%)
Self-Ensemble Adversarial Training for Improved Robustness. (99%)
Leveraging Adversarial Examples to Quantify Membership Information Leakage. (98%)
On the Properties of Adversarially-Trained CNNs. (93%)
PiDAn: A Coherence Optimization Approach for Backdoor Attack Detection and Mitigation in Deep Neural Networks. (89%)
HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing. (1%)
2022-03-16
Robustness through Cognitive Dissociation Mitigation in Contrastive Adversarial Training. (99%)
Towards Practical Certifiable Patch Defense with Vision Transformer. (98%)
Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations? (97%)
Provable Adversarial Robustness for Fractional Lp Threat Models. (87%)
What Do Adversarially trained Neural Networks Focus: A Fourier Domain-based Study. (83%)
COPA: Certifying Robust Policies for Offline Reinforcement Learning against Poisoning Attacks. (82%)
Reducing Flipping Errors in Deep Neural Networks. (68%)
Attacking deep networks with surrogate-based adversarial black-box methods is easy. (45%)
On the Convergence of Certified Robust Training with Interval Bound Propagation. (15%)
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. (15%)
Understanding robustness and generalization of artificial neural networks through Fourier masks. (2%)
2022-03-15
Generalized but not Robust? Comparing the Effects of Data Modification Methods on Out-of-Domain Generalization and Adversarial Robustness. (76%)
Internet-based Social Engineering Attacks, Defenses and Psychology: A Survey. (13%)
Towards Adversarial Control Loops in Sensor Attacks: A Case Study to Control the Kinematics and Actuation of Embedded Systems. (10%)
LDP: Learnable Dynamic Precision for Efficient Deep Neural Network Training and Inference. (1%)
Adversarial Counterfactual Augmentation: Application in Alzheimer's Disease Classification. (1%)
2022-03-14
Efficient universal shuffle attack for visual object tracking. (99%)
Defending Against Adversarial Attack in ECG Classification with Adversarial Distillation Training. (99%)
Task-Agnostic Robust Representation Learning. (98%)
Adversarial amplitude swap towards robust image classifiers. (83%)
On the benefits of knowledge distillation for adversarial robustness. (82%)
RES-HD: Resilient Intelligent Fault Diagnosis Against Adversarial Attacks Using Hyper-Dimensional Computing. (82%)
Energy-Latency Attacks via Sponge Poisoning. (80%)
Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis. (54%)
2022-03-13
LAS-AT: Adversarial Training with Learnable Attack Strategy. (99%)
Generating Practical Adversarial Network Traffic Flows Using NIDSGAN. (99%)
Model Inversion Attack against Transfer Learning: Inverting a Model without Accessing It. (92%)
One Parameter Defense -- Defending against Data Inference Attacks via Differential Privacy. (67%)
Policy Learning for Robust Markov Decision Process with a Mismatched Generative Model. (3%)
2022-03-12
Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior. (99%)
A survey in Adversarial Defences and Robustness in NLP. (99%)
Label-only Model Inversion Attack: The Attack that Requires the Least Information. (47%)
2022-03-11
Block-Sparse Adversarial Attack to Fool Transformer-Based Text Classifiers. (99%)
Learning from Attacks: Attacking Variational Autoencoder for Improving Image Classification. (98%)
An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks. (96%)
Enhancing Adversarial Training with Second-Order Statistics of Weights. (38%)
ROOD-MRI: Benchmarking the robustness of deep learning segmentation models to out-of-distribution and corrupted data in MRI. (33%)
Perception Over Time: Temporal Dynamics for Robust Image Understanding. (16%)
Reinforcement Learning for Linear Quadratic Control is Vulnerable Under Cost Manipulation. (15%)
2022-03-10
Exploiting the Potential of Datasets: A Data-Centric Approach for Model Robustness. (92%)
Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation. (75%)
Attack Analysis of Face Recognition Authentication Systems Using Fast Gradient Sign Method. (69%)
Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition Systems. (64%)
SoK: On the Semantic AI Security in Autonomous Driving. (10%)
2022-03-09
Practical No-box Adversarial Attacks with Training-free Hybrid Image Transformation. (99%)
Practical Evaluation of Adversarial Robustness via Adaptive Auto Attack. (99%)
Frequency-driven Imperceptible Adversarial Attack on Semantic Similarity. (99%)
Binary Classification Under $\ell_0$ Attacks for General Noise Distribution. (98%)
Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition. (97%)
Reverse Engineering $\ell_p$ attacks: A block-sparse optimization approach with recovery guarantees. (92%)
Defending Black-box Skeleton-based Human Activity Classifiers. (92%)
Robust Federated Learning Against Adversarial Attacks for Speech Emotion Recognition. (81%)
Improving Neural ODEs via Knowledge Distillation. (80%)
Physics-aware Complex-valued Adversarial Machine Learning in Reconfigurable Diffractive All-optical Neural Network. (22%)
On the surprising tradeoff between ImageNet accuracy and perceptual similarity. (1%)
2022-03-08
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust NIDS. (99%)
Shape-invariant 3D Adversarial Point Clouds. (99%)
ART-Point: Improving Rotation Robustness of Point Cloud Classifiers via Adversarial Rotation. (92%)
Robustly-reliable learners under poisoning attacks. (13%)
DeepSE-WF: Unified Security Estimation for Website Fingerprinting Defenses. (2%)
Joint rotational invariance and adversarial training of a dual-stream Transformer yields state of the art Brain-Score for Area V4. (1%)
Harmonicity Plays a Critical Role in DNN Based Versus in Biologically-Inspired Monaural Speech Segregation Systems. (1%)
2022-03-07
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches. (99%)
Art-Attack: Black-Box Adversarial Attack via Evolutionary Art. (99%)
Shadows can be Dangerous: Stealthy and Effective Physical-world Adversarial Attack by Natural Phenomenon. (99%)
Adversarial Texture for Fooling Person Detectors in the Physical World. (98%)
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision. (83%)
Towards Efficient Data-Centric Robust Machine Learning with Noise-based Augmentation. (31%)
2022-03-06
Searching for Robust Neural Architectures via Comprehensive and Reliable Evaluation. (99%)
Protecting Facial Privacy: Generating Adversarial Identity Masks via Style-robust Makeup Transfer. (98%)
Scalable Uncertainty Quantification for Deep Operator Networks using Randomized Priors. (45%)
2022-03-05
aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA. (92%)
2022-03-04
Targeted Data Poisoning Attack on News Recommendation System by Content Perturbation. (82%)
2022-03-03
Ad2Attack: Adaptive Adversarial Attack on Real-Time UAV Tracking. (99%)
Detection of Word Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation. (98%)
Adversarial Patterns: Building Robust Android Malware Classifiers. (98%)
Improving Health Mentioning Classification of Tweets using Contrastive Adversarial Training. (84%)
Label-Only Model Inversion Attacks via Boundary Repulsion. (74%)
Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models. (56%)
Why adversarial training can hurt robust accuracy. (22%)
Understanding Failure Modes of Self-Supervised Learning. (4%)
Ensemble Methods for Robust Support Vector Machines using Integer Programming. (2%)
Autonomous and Resilient Control for Optimal LEO Satellite Constellation Coverage Against Space Threats. (1%)
2022-03-02
Enhancing Adversarial Robustness for Deep Metric Learning. (99%)
Detecting Adversarial Perturbations in Multi-Task Perception. (98%)
Canonical foliations of neural networks: application to robustness. (82%)
Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers. (69%)
Video is All You Need: Attacking PPG-based Biometric Authentication. (13%)
MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members. (2%)
A Quantitative Geometric Approach to Neural-Network Smoothness. (2%)
2022-03-01
Adversarial samples for deep monocular 6D object pose estimation. (99%)
Physical Backdoor Attacks to Lane Detection Systems in Autonomous Driving. (87%)
Global-Local Regularization Via Distributional Robustness. (86%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (11%)
Signature Correction Attack on Dilithium Signature Scheme. (1%)
2022-02-28
Enhance transferability of adversarial examples with model architecture. (99%)
Towards Robust Stacked Capsule Autoencoder with Hybrid Adversarial Training. (99%)
Evaluating the Adversarial Robustness of Adaptive Test-time Defenses. (98%)
MaMaDroid2.0 -- The Holes of Control Flow Graphs. (88%)
Improving Lexical Embeddings for Robust Question Answering. (67%)
Robust Textual Embedding against Word-level Adversarial Attacks. (26%)
Artificial Intelligence for Cyber Security (AICS). (1%)
Explaining RADAR features for detecting spoofing attacks in Connected Autonomous Vehicles. (1%)
2022-02-27
A Unified Wasserstein Distributional Robustness Framework for Adversarial Training. (99%)
Robust Control of Partially Specified Boolean Networks. (1%)
2022-02-26
Adversarial robustness of sparse local Lipschitz predictors. (87%)
Neuro-Inspired Deep Neural Networks with Sparse, Strong Activations. (45%)
2022-02-25
ARIA: Adversarially Robust Image Attribution for Content Provenance. (99%)
Projective Ranking-based GNN Evasion Attacks. (97%)
On the Effectiveness of Dataset Watermarking in Adversarial Settings. (56%)
2022-02-24
Towards Effective and Robust Neural Trojan Defenses via Input Filtering. (92%)
Robust Probabilistic Time Series Forecasting. (76%)
Understanding Adversarial Robustness from Feature Maps of Convolutional Layers. (50%)
Measuring CLEVRness: Blackbox testing of Visual Reasoning Models. (16%)
Fourier-Based Augmentations for Improved Robustness and Uncertainty Calibration. (3%)
Threading the Needle of On and Off-Manifold Value Functions for Shapley Explanations. (2%)
Interpolation-based Contrastive Learning for Few-Label Semi-Supervised Learning. (1%)
2022-02-23
Improving Robustness of Convolutional Neural Networks Using Element-Wise Activation Scaling. (96%)
Using calibrator to improve robustness in Machine Reading Comprehension. (13%)
2022-02-22
LPF-Defense: 3D Adversarial Defense based on Frequency Analysis. (99%)
Universal adversarial perturbation for remote sensing images. (92%)
Seeing is Living? Rethinking the Security of Facial Liveness Verification in the Deepfake Era. (84%)
Indiscriminate Poisoning Attacks on Unsupervised Contrastive Learning. (1%)
2022-02-21
Adversarial Attacks on Speech Recognition Systems for Mission-Critical Applications: A Survey. (99%)
Semi-Implicit Hybrid Gradient Methods with Application to Adversarial Robustness. (99%)
HoneyModels: Machine Learning Honeypots. (99%)
Transferring Adversarial Robustness Through Robust Representation Matching. (99%)
On the Effectiveness of Adversarial Training against Backdoor Attacks. (96%)
Poisoning Attacks and Defenses on Artificial Intelligence: A Survey. (83%)
A Tutorial on Adversarial Learning Attacks and Countermeasures. (75%)
Backdoor Defense in Federated Learning Using Differential Testing and Outlier Detection. (41%)
Privacy Leakage of Adversarial Training Models in Federated Learning Systems. (38%)
Robustness and Accuracy Could Be Reconcilable by (Proper) Definition. (11%)
Cyber-Physical Defense in the Quantum Era. (2%)
2022-02-20
Real-time Over-the-air Adversarial Perturbations for Digital Communications using Deep Neural Networks. (93%)
Sparsity Winning Twice: Better Robust Generaliztion from More Efficient Training. (26%)
Overparametrization improves robustness against adversarial attacks: A replication study. (3%)
2022-02-18
Exploring Adversarially Robust Training for Unsupervised Domain Adaptation. (99%)
Learning Representations Robust to Group Shifts and Adversarial Examples. (93%)
Critical Checkpoints for Evaluating Defence Models Against Adversarial Attack and Robustness. (92%)
Resurrecting Trust in Facial Recognition: Mitigating Backdoor Attacks in Face Recognition to Prevent Potential Privacy Breaches. (80%)
Data-Driven Mitigation of Adversarial Text Perturbation. (75%)
Debiasing Backdoor Attack: A Benign Application of Backdoor Attack in Eliminating Data Bias. (68%)
Stochastic Perturbations of Tabular Features for Non-Deterministic Inference with Automunge. (38%)
Label-Smoothed Backdoor Attack. (33%)
Black-box Node Injection Attack for Graph Neural Networks. (33%)
Robust Reinforcement Learning as a Stackelberg Game via Adaptively-Regularized Adversarial Training. (9%)
Attacks, Defenses, And Tools: A Framework To Facilitate Robust AI/ML Systems. (4%)
Synthetic Disinformation Attacks on Automated Fact Verification Systems. (1%)
2022-02-17
Rethinking Machine Learning Robustness via its Link with the Out-of-Distribution Problem. (99%)
Mitigating Closed-model Adversarial Examples with Bayesian Neural Modeling for Enhanced End-to-End Speech Recognition. (98%)
Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies. (98%)
Fingerprinting Deep Neural Networks Globally via Universal Adversarial Perturbations. (78%)
2022-02-16
The Adversarial Security Mitigations of mmWave Beamforming Prediction Models using Defensive Distillation and Adversarial Retraining. (99%)
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability. (10%)
Gradient Based Activations for Accurate Bias-Free Learning. (1%)
2022-02-15
Unreasonable Effectiveness of Last Hidden Layer Activations. (99%)
StratDef: a strategic defense against adversarial attacks in malware detection. (99%)
Random Walks for Adversarial Meshes. (97%)
Generative Adversarial Network-Driven Detection of Adversarial Tasks in Mobile Crowdsensing. (93%)
Applying adversarial networks to increase the data efficiency and reliability of Self-Driving Cars. (89%)
Improving the repeatability of deep learning models with Monte Carlo dropout. (1%)
Taking a Step Back with KCal: Multi-Class Kernel-Based Calibration for Deep Neural Networks. (1%)
Holistic Adversarial Robustness of Deep Learning Models. (1%)
2022-02-14
Universal Adversarial Examples in Remote Sensing: Methodology and Benchmark. (99%)
Finding Dynamics Preserving Adversarial Winning Tickets. (86%)
Recent Advances in Reliable Deep Graph Learning: Adversarial Attack, Inherent Noise, and Distribution Shift. (83%)
UA-FedRec: Untargeted Attack on Federated News Recommendation. (1%)
PFGE: Parsimonious Fast Geometric Ensembling of DNNs. (1%)
2022-02-13
Adversarial Fine-tuning for Backdoor Defense: Connecting Backdoor Attacks to Adversarial Attacks. (99%)
Training with More Confidence: Mitigating Injected and Natural Backdoors During Training. (92%)
Extracting Label-specific Key Input Features for Neural Code Intelligence Models. (9%)
Defense Strategies Toward Model Poisoning Attacks in Federated Learning: A Survey. (2%)
SQuant: On-the-Fly Data-Free Quantization via Diagonal Hessian Approximation. (1%)
2022-02-12
RoPGen: Towards Robust Code Authorship Attribution via Automatic Coding Style Transformation. (98%)
Excitement Surfeited Turns to Errors: Deep Learning Testing Framework Based on Excitable Neurons. (98%)
2022-02-11
Adversarial Attacks and Defense Methods for Power Quality Recognition. (99%)
Towards Adversarially Robust Deepfake Detection: An Ensemble Approach. (99%)
Open-set Adversarial Defense with Clean-Adversarial Mutual Learning. (98%)
Using Random Perturbations to Mitigate Adversarial Attacks on Sentiment Analysis Models. (92%)
Fast Adversarial Training with Noise Augmentation: A Unified Perspective on RandStart and GradAlign. (74%)
Predicting Out-of-Distribution Error with the Projection Norm. (62%)
Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. (62%)
White-Box Attacks on Hate-speech BERT Classifiers in German with Explicit and Implicit Character Level Defense. (12%)
On the Detection of Adaptive Adversarial Attacks in Speaker Verification Systems. (10%)
Improving Generalization via Uncertainty Driven Perturbations. (2%)
CMW-Net: Learning a Class-Aware Sample Weighting Mapping for Robust Deep Learning. (1%)
2022-02-10
FAAG: Fast Adversarial Audio Generation through Interactive Attack Optimisation. (99%)
Towards Assessing and Characterizing the Semantic Robustness of Face Recognition. (76%)
Controlling the Complexity and Lipschitz Constant improves polynomial nets. (12%)
FedAttack: Effective and Covert Poisoning Attack on Federated Recommendation via Hard Sampling. (8%)
A Field of Experts Prior for Adapting Neural Networks at Test Time. (1%)
2022-02-09
Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios. (99%)
Gradient Methods Provably Converge to Non-Robust Networks. (82%)
False Memory Formation in Continual Learners Through Imperceptible Backdoor Trigger. (22%)
Learning to Bootstrap for Combating Label Noise. (2%)
Model Architecture Adaption for Bayesian Neural Networks. (1%)
ARIBA: Towards Accurate and Robust Identification of Backdoor Attacks in Federated Learning. (1%)
2022-02-08
Towards Compositional Adversarial Robustness: Generalizing Adversarial Training to Composite Semantic Perturbations. (99%)
Verification-Aided Deep Ensemble Selection. (96%)
Adversarial Detection without Model Information. (87%)
Robust, Deep, and Reinforcement Learning for Management of Communication and Power Networks. (1%)
2022-02-07
On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attacks. (99%)
Blind leads Blind: A Zero-Knowledge Attack on Federated Learning. (98%)
Adversarial Attacks and Defense for Non-Parametric Two-Sample Tests. (98%)
Evaluating Robustness of Cooperative MARL: A Model-based Approach. (97%)
More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks. (68%)
Membership Inference Attacks and Defenses in Neural Network Pruning. (50%)
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation. (4%)
Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning. (3%)
2022-02-06
Pipe Overflow: Smashing Voice Authentication for Fun and Profit. (99%)
Redactor: Targeted Disinformation Generation using Probabilistic Decision Boundaries. (8%)
2022-02-05
Layer-wise Regularized Adversarial Training using Layers Sustainability Analysis (LSA) framework. (99%)
Adversarial Detector with Robust Classifier. (93%)
Memory Defense: More Robust Classification via a Memory-Masking Autoencoder. (76%)
Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation. (75%)
2022-02-04
Pixle: a fast and effective black-box attack based on rearranging pixels. (98%)
Backdoor Defense via Decoupling the Training Process. (80%)
LTU Attacker for Membership Inference. (67%)
A Survey on Safety-Critical Driving Scenario Generation -- A Methodological Perspective. (1%)
2022-02-03
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking. (93%)
Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization. (75%)
2022-02-02
An Eye for an Eye: Defending against Gradient-based Attacks with Gradients. (99%)
Smoothed Embeddings for Certified Few-Shot Learning. (76%)
Probabilistically Robust Learning: Balancing Average- and Worst-case Performance. (75%)
Make Some Noise: Reliable and Efficient Single-Step Adversarial Training. (70%)
Robust Binary Models by Pruning Randomly-initialized Networks. (10%)
NoisyMix: Boosting Robustness by Combining Data Augmentations, Stability Training, and Noise Injections. (10%)
2022-02-01
Language Dependencies in Adversarial Attacks on Speech Recognition Systems. (98%)
Finding Biological Plausibility for Adversarially Robust Features via Metameric Tasks. (80%)
Visualizing Automatic Speech Recognition -- Means for a Better Understanding? (64%)
Datamodels: Predicting Predictions from Training Data. (2%)
2022-01-31
Adversarial Robustness in Deep Learning: Attacks on Fragile Neurons. (99%)
Boundary Defense Against Black-box Adversarial Attacks. (99%)
Query Efficient Decision Based Sparse Attacks Against Black-Box Deep Learning Models. (99%)
Can Adversarial Training Be Manipulated By Non-Robust Features? (98%)
GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection. (96%)
Rate Coding or Direct Coding: Which One is Better for Accurate, Robust, and Energy-efficient Spiking Neural Networks? (93%)
AntidoteRT: Run-time Detection and Correction of Poison Attacks on Neural Networks. (89%)
Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks. (81%)
On the Robustness of Quality Measures for GANs. (80%)
MEGA: Model Stealing via Collaborative Generator-Substitute Networks. (76%)
Learning Robust Representation through Graph Adversarial Contrastive Learning. (26%)
UQGAN: A Unified Model for Uncertainty Quantification of Deep Classifiers trained via Conditional GANs. (16%)
Few-Shot Backdoor Attacks on Visual Object Tracking. (10%)
Studying the Robustness of Anti-adversarial Federated Learning Models Detecting Cyberattacks in IoT Spectrum Sensors. (5%)
Securing Federated Sensitive Topic Classification against Poisoning Attacks. (1%)
2022-01-30
Improving Corruption and Adversarial Robustness by Enhancing Weak Subnets. (92%)
GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks. (84%)
TPC: Transformation-Specific Smoothing for Point Cloud Models. (75%)
2022-01-29
Scale-Invariant Adversarial Attack for Evaluating and Enhancing Adversarial Defenses. (99%)
Robustness of Deep Recommendation Systems to Untargeted Interaction Perturbations. (82%)
Coordinated Attacks against Contextual Bandits: Fundamental Limits and Defense Mechanisms. (1%)
2022-01-28
Adversarial Examples for Good: Adversarial Examples Guided Imbalanced Learning. (87%)
Feature Visualization within an Automated Design Assessment leveraging Explainable Artificial Intelligence Methods. (81%)
Certifying Model Accuracy under Distribution Shifts. (74%)
Benchmarking Robustness of 3D Point Cloud Recognition Against Common Corruptions. (13%)
Plug & Play Attacks: Towards Robust and Flexible Model Inversion Attacks. (8%)
Backdoors Stuck At The Frontdoor: Multi-Agent Backdoor Attacks That Backfire. (3%)
Toward Training at ImageNet Scale with Differential Privacy. (1%)
2022-01-27
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains. (99%)
Vision Checklist: Towards Testable Error Analysis of Image Models to Help System Designers Interrogate Model Capabilities. (10%)
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. (2%)
CacheFX: A Framework for Evaluating Cache Security. (1%)
2022-01-26
Boosting 3D Adversarial Attacks with Attacking On Frequency. (98%)
How Robust are Discriminatively Trained Zero-Shot Learning Models? (98%)
Autonomous Cyber Defense Introduces Risk: Can We Manage the Risk? (2%)
Automatic detection of access control vulnerabilities via API specification processing. (1%)
2022-01-25
Virtual Adversarial Training for Semi-supervised Breast Mass Classification. (3%)
Class-Aware Adversarial Transformers for Medical Image Segmentation. (1%)
SPIRAL: Self-supervised Perturbation-Invariant Representation Learning for Speech Pre-Training. (1%)
2022-01-24
What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction. (99%)
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. (95%)
Attacks and Defenses for Free-Riders in Multi-Discriminator GAN. (76%)
Backdoor Defense with Machine Unlearning. (33%)
On the Complexity of Attacking Elliptic Curve Based Authentication Chips. (1%)
2022-01-23
Efficient and Robust Classification for Sparse Attacks. (83%)
Gradient-guided Unsupervised Text Style Transfer via Contrastive Learning. (78%)
Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models. (56%)
Increasing the Cost of Model Extraction with Calibrated Proof of Work. (22%)
2022-01-22
Parallel Rectangle Flip Attack: A Query-based Black-box Attack against Object Detection. (99%)
Robust Unpaired Single Image Super-Resolution of Faces. (98%)
On the Robustness of Counterfactual Explanations to Adverse Perturbations. (10%)
2022-01-21
Robust Unsupervised Graph Representation Learning via Mutual Information Maximization. (99%)
Natural Attack for Pre-trained Models of Code. (99%)
The Security of Deep Learning Defences for Medical Imaging. (80%)
Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. (75%)
Identifying Adversarial Attacks on Text Classifiers. (73%)
The Many Faces of Adversarial Risk. (47%)
2022-01-20
TextHacker: Learning based Hybrid Local Search Algorithm for Text Hard-label Adversarial Attack. (99%)
Cheating Automatic Short Answer Grading: On the Adversarial Usage of Adjectives and Adverbs. (95%)
Survey on Federated Learning Threats: concepts, taxonomy on attacks and defences, experimental study and challenges. (93%)
Low-Interception Waveform: To Prevent the Recognition of Spectrum Waveform Modulation via Adversarial Examples. (83%)
Post-Training Detection of Backdoor Attacks for Two-Class and Multi-Attack Scenarios. (70%)
Adversarial Jamming for a More Effective Constellation Attack. (56%)
Black-box Prompt Learning for Pre-trained Language Models. (13%)
Steerable Pyramid Transform Enables Robust Left Ventricle Quantification. (13%)
DeepGalaxy: Testing Neural Network Verifiers via Two-Dimensional Input Space Exploration. (1%)
2022-01-19
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation. (96%)
Can't Steal? Cont-Steal! Contrastive Stealing Attacks Against Image Encoders. (8%)
2022-01-18
MetaV: A Meta-Verifier Approach to Task-Agnostic Model Fingerprinting. (99%)
Adversarial vulnerability of powerful near out-of-distribution detection. (78%)
Model Transferring Attacks to Backdoor HyperNetwork in Personalized Federated Learning. (13%)
Secure IoT Routing: Selective Forwarding Attacks and Trust-based Defenses in RPL Network. (2%)
Lung Swapping Autoencoder: Learning a Disentangled Structure-texture Representation of Chest Radiographs. (1%)
2022-01-17
Masked Faces with Faced Masks. (81%)
Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbations. (56%)
AugLy: Data Augmentations for Robustness. (3%)
2022-01-16
Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems. (99%)
ALA: Adversarial Lightness Attack via Naturalness-aware Regularizations. (99%)
Adversarial Machine Learning Threat Analysis in Open Radio Access Networks. (33%)
Neighboring Backdoor Attacks on Graph Convolutional Network. (22%)
2022-01-15
Interpretable and Effective Reinforcement Learning for Attacking against Graph-based Rumor Detection. (26%)
StolenEncoder: Stealing Pre-trained Encoders. (13%)
2022-01-14
CommonsenseQA 2.0: Exposing the Limits of AI through Gamification. (56%)
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots. (1%)
2022-01-13
Evaluation of Four Black-box Adversarial Attacks and Some Query-efficient Improvement Analysis. (96%)
The curse of overparametrization in adversarial training: Precise analysis of robust generalization for random features regression. (93%)
On Adversarial Robustness of Trajectory Prediction for Autonomous Vehicles. (83%)
Reconstructing Training Data with Informed Adversaries. (54%)
Jamming Attacks on Federated Learning in Wireless Networks. (2%)
2022-01-12
Adversarially Robust Classification by Conditional Generative Model Inversion. (99%)
Towards Adversarially Robust Deep Image Denoising. (99%)
Get your Foes Fooled: Proximal Gradient Split Learning for Defense against Model Inversion Attacks on IoMT data. (70%)
2022-01-11
Quantifying Robustness to Adversarial Word Substitutions. (99%)
Similarity-based Gray-box Adversarial Attack Against Deep Face Recognition. (99%)
2022-01-10
Evaluation of Neural Networks Defenses and Attacks using NDCG and Reciprocal Rank Metrics. (98%)
IoTGAN: GAN Powered Camouflage Against Machine Learning Based IoT Device Identification. (89%)
Reciprocal Adversarial Learning for Brain Tumor Segmentation: A Solution to BraTS Challenge 2021 Segmentation Task. (73%)
GMFIM: A Generative Mask-guided Facial Image Manipulation Model for Privacy Preservation. (3%)
Towards Group Robustness in the presence of Partial Group Labels. (1%)
2022-01-09
Rethink Stealthy Backdoor Attacks in Natural Language Processing. (89%)
A Retrospective and Futurespective of Rowhammer Attacks and Defenses on DRAM. (76%)
Privacy-aware Early Detection of COVID-19 through Adversarial Training. (10%)
2022-01-08
LoMar: A Local Defense Against Poisoning Attack on Federated Learning. (9%)
PocketNN: Integer-only Training and Inference of Neural Networks via Direct Feedback Alignment and Pocket Activations in Pure C++. (1%)
2022-01-07
iDECODe: In-distribution Equivariance for Conformal Out-of-distribution Detection. (93%)
Asymptotic Security using Bayesian Defense Mechanisms with Application to Cyber Deception. (11%)
Negative Evidence Matters in Interpretable Histology Image Classification. (1%)
2022-01-06
PAEG: Phrase-level Adversarial Example Generation for Neural Machine Translation. (98%)
Learning to be adversarially robust and differentially private. (31%)
Efficient Global Optimization of Two-layer ReLU Networks: Quadratic-time Algorithms and Adversarial Training. (2%)
2022-01-05
On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving. (99%)
ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints. (99%)
Adversarial Robustness in Cognitive Radio Networks. (1%)
2022-01-04
Towards Transferable Unrestricted Adversarial Examples with Minimum Changes. (99%)
Towards Understanding and Harnessing the Effect of Image Transformation in Adversarial Detection. (99%)
On the Minimal Adversarial Perturbation for Deep Neural Networks with Provable Estimation Error. (86%)
Corrupting Data to Remove Deceptive Perturbation: Using Preprocessing Method to Improve System Robustness. (10%)
Towards Understanding Quality Challenges of the Federated Learning: A First Look from the Lens of Robustness. (2%)
2022-01-03
Compression-Resistant Backdoor Attack against Deep Neural Networks. (75%)
DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. (68%)
Revisiting PGD Attacks for Stability Analysis of Large-Scale Nonlinear Systems and Perception-Based Control. (11%)
2022-01-02
Actor-Critic Network for Q&A in an Adversarial Environment. (33%)
On Sensitivity of Deep Learning Based Text Classification Algorithms to Practical Input Perturbations. (12%)
2022-01-01
Rethinking Feature Uncertainty in Stochastic Neural Networks for Adversarial Robustness. (87%)
Revisiting Neuron Coverage Metrics and Quality of Deep Neural Networks. (41%)
Generating Adversarial Samples For Training Wake-up Word Detection Systems Against Confusing Words. (1%)
2021-12-31
Adversarial Attack via Dual-Stage Network Erosion. (99%)
On Distinctive Properties of Universal Perturbations. (83%)
2021-12-30
Benign Overfitting in Adversarially Robust Linear Classification. (99%)
Causal Attention for Interpretable and Generalizable Graph Classification. (1%)
2021-12-29
Invertible Image Dataset Protection. (92%)
Challenges and Approaches for Mitigating Byzantine Attacks in Federated Learning. (4%)
2021-12-28
Constrained Gradient Descent: A Powerful and Principled Evasion Attack Against Neural Networks. (99%)
Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently. (99%)
Repairing Adversarial Texts through Perturbation. (99%)
DeepAdversaries: Examining the Robustness of Deep Learning Models for Galaxy Morphology Classification. (91%)
Super-Efficient Super Resolution for Fast Adversarial Defense at the Edge. (88%)
A General Framework for Evaluating Robustness of Combinatorial Optimization Solvers on Graphs. (86%)
Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities. (1%)
2021-12-27
Adversarial Attack for Asynchronous Event-based Data. (99%)
PRIME: A Few Primitives Can Boost Robustness to Common Corruptions. (81%)
Associative Adversarial Learning Based on Selective Attack. (26%)
Learning Robust and Lightweight Model through Separable Structured Transformations. (8%)
2021-12-26
Perlin Noise Improve Adversarial Robustness. (99%)
2021-12-25
Task and Model Agnostic Adversarial Attack on Graph Neural Networks. (93%)
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification. (50%)
2021-12-24
Stealthy Attack on Algorithmic-Protected DNNs via Smart Bit Flipping. (99%)
NIP: Neuron-level Inverse Perturbation Against Adversarial Attacks. (98%)
CatchBackdoor: Backdoor Testing by Critical Trojan Neural Path Identification via Differential Fuzzing. (82%)
SoK: A Study of the Security on Voice Processing Systems. (9%)
DP-UTIL: Comprehensive Utility Analysis of Differential Privacy in Machine Learning. (1%)
Gradient Leakage Attack Resilient Deep Learning. (1%)
2021-12-23
Adaptive Modeling Against Adversarial Attacks. (99%)
Revisiting and Advancing Fast Adversarial Training Through The Lens of Bi-Level Optimization. (99%)
Robust Secretary and Prophet Algorithms for Packing Integer Programs. (2%)
Counterfactual Memorization in Neural Language Models. (2%)
2021-12-22
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. (99%)
How Should Pre-Trained Language Models Be Fine-Tuned Towards Adversarial Robustness? (98%)
Detect & Reject for Transferability of Black-box Adversarial Attacks Against Network Intrusion Detection Systems. (98%)
Adversarial Deep Reinforcement Learning for Improving the Robustness of Multi-agent Autonomous Driving Policies. (96%)
Understanding and Measuring Robustness of Multimodal Learning. (69%)
Evaluating the Robustness of Deep Reinforcement Learning for Autonomous and Adversarial Policies in a Multi-agent Urban Driving Environment. (41%)
2021-12-21
A Theoretical View of Linear Backpropagation and Its Convergence. (99%)
An Attention Score Based Attacker for Black-box NLP Classifier. (91%)
Covert Communications via Adversarial Machine Learning and Reconfigurable Intelligent Surfaces. (81%)
Mind the Gap! A Study on the Transferability of Virtual vs Physical-world Testing of Autonomous Driving Systems. (76%)
Input-Specific Robustness Certification for Randomized Smoothing. (68%)
Improving Robustness with Image Filtering. (68%)
On the Adversarial Robustness of Causal Algorithmic Recourse. (10%)
MIA-Former: Efficient and Robust Vision Transformers via Multi-grained Input-Adaptation. (4%)
Exploring Credibility Scoring Metrics of Perception Systems for Autonomous Driving. (2%)
Adversarial Gradient Driven Exploration for Deep Click-Through Rate Prediction. (2%)
Longitudinal Study of the Prevalence of Malware Evasive Techniques. (1%)
2021-12-20
Certified Federated Adversarial Training. (98%)
Energy-bounded Learning for Robust Models of Code. (83%)
Black-Box Testing of Deep Neural Networks through Test Case Diversity. (82%)
Unifying Model Explainability and Robustness for Joint Text Classification and Rationale Extraction. (80%)
Adversarially Robust Stability Certificates can be Sample-Efficient. (2%)
2021-12-19
Initiative Defense against Facial Manipulation. (67%)
2021-12-18
Being Friends Instead of Adversaries: Deep Networks Learn from Data Simplified by Other Networks. (12%)
Android-COCO: Android Malware Detection with Graph Neural Network for Byte- and Native-Code. (1%)
2021-12-17
Reasoning Chain Based Adversarial Attack for Multi-hop Question Answering. (92%)
Deep Bayesian Learning for Car Hacking Detection. (81%)
Explain, Edit, and Understand: Rethinking User Study Design for Evaluating Model Explanations. (81%)
Dynamics-aware Adversarial Attack of 3D Sparse Convolution Network. (80%)
Provable Adversarial Robustness in the Quantum Model. (62%)
Domain Adaptation on Point Clouds via Geometry-Aware Implicits. (1%)
2021-12-16
Towards Robust Neural Image Compression: Adversarial Attack and Model Finetuning. (99%)
Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives. (99%)
All You Need is RAW: Defending Against Adversarial Attacks with Camera Image Pipelines. (99%)
TAFIM: Targeted Adversarial Attacks against Facial Image Manipulations. (64%)
A Robust Optimization Approach to Deep Learning. (45%)
Sharpness-Aware Minimization with Dynamic Reweighting. (31%)
APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts. (16%)
Dataset correlation inference attacks against machine learning models. (13%)
Models in the Loop: Aiding Crowdworkers with Generative Annotation Assistants. (2%)
Pure Noise to the Rescue of Insufficient Data: Improving Imbalanced Classification by Training on Random Noise Images. (2%)
2021-12-15
On the Convergence and Robustness of Adversarial Training. (99%)
Temporal Shuffling for Defending Deep Action Recognition Models against Adversarial Attacks. (97%)
DuQM: A Chinese Dataset of Linguistically Perturbed Natural Questions for Evaluating the Robustness of Question Matching Models. (75%)
Robust Neural Network Classification via Double Regularization. (1%)
2021-12-14
Robustifying automatic speech recognition by extracting slowly varying features. (99%)
Adversarial Examples for Extreme Multilabel Text Classification. (99%)
Dual-Key Multimodal Backdoors for Visual Question Answering. (81%)
On the Impact of Hard Adversarial Instances on Overfitting in Adversarial Training. (76%)
MuxLink: Circumventing Learning-Resilient MUX-Locking Using Graph Neural Network-based Link Prediction. (4%)
2021-12-13
Detecting Audio Adversarial Examples with Logit Noising. (99%)
Triangle Attack: A Query-efficient Decision-based Adversarial Attack. (99%)
2021-12-12
Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses. (98%)
Quantifying and Understanding Adversarial Examples in Discrete Input Spaces. (91%)
SparseFed: Mitigating Model Poisoning Attacks in Federated Learning with Sparsification. (91%)
WOOD: Wasserstein-based Out-of-Distribution Detection. (12%)
2021-12-11
MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare. (99%)
Improving the Transferability of Adversarial Examples with Resized-Diverse-Inputs, Diversity-Ensemble and Region Fitting. (98%)
Stereoscopic Universal Perturbations across Different Architectures and Datasets. (98%)
2021-12-10
Learning to Learn Transferable Attack. (99%)
Cross-Modal Transferable Adversarial Attacks from Images to Videos. (99%)
Attacking Point Cloud Segmentation with Color-only Perturbation. (99%)
Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks. (92%)
Batch Label Inference and Replacement Attacks in Black-Boxed Vertical Federated Learning. (75%)
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models. (68%)
Efficient Action Poisoning Attacks on Linear Contextual Bandits. (67%)
How Private Is Your RL Policy? An Inverse RL Based Analysis Framework. (41%)
SoK: On the Security & Privacy in Federated Learning. (5%)
2021-12-09
RamBoAttack: A Robust Query Efficient Deep Neural Network Decision Exploit. (99%)
Amicable Aid: Turning Adversarial Attack to Benefit Classification. (99%)
Mutual Adversarial Training: Learning together is better than going alone. (99%)
PARL: Enhancing Diversity of Ensemble Networks to Resist Adversarial Attacks via Pairwise Adversarially Robust Loss Function. (99%)
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures. (69%)
Robustness Certificates for Implicit Neural Networks: A Mixed Monotone Contractive Approach. (38%)
PixMix: Dreamlike Pictures Comprehensively Improve Safety Measures. (10%)
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems. (2%)
3D-VField: Learning to Adversarially Deform Point Clouds for Robust 3D Object Detection. (1%)
2021-12-08
Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection. (99%)
On visual self-supervision and its effect on model robustness. (99%)
SNEAK: Synonymous Sentences-Aware Adversarial Attack on Natural Language Video Localization. (93%)
Revisiting Contrastive Learning through the Lens of Neighborhood Component Analysis: an Integrated Framework. (8%)
2021-12-07
Saliency Diversified Deep Ensemble for Robustness to Adversaries. (99%)
Vehicle trajectory prediction works, but not everywhere. (50%)
Lightning: Striking the Secure Isolation on GPU Clouds with Transient Hardware Faults. (11%)
Membership Inference Attacks From First Principles. (2%)
Training Deep Models to be Explained with Fewer Examples. (1%)
Presentation Attack Detection Methods based on Gaze Tracking and Pupil Dynamic: A Comprehensive Survey. (1%)
2021-12-06
Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review. (99%)
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial Removal. (84%)
ML Attack Models: Adversarial Attacks and Data Poisoning Attacks. (82%)
Test-Time Detection of Backdoor Triggers for Poisoned Deep Neural Networks. (82%)
When the Curious Abandon Honesty: Federated Learning Is Not Private. (68%)
Defending against Model Stealing via Verifying Embedded External Features. (33%)
Context-Aware Transfer Attacks for Object Detection. (1%)
2021-12-05
Robust Active Learning: Sample-Efficient Training of Robust Deep Learning Models. (96%)
Stochastic Local Winner-Takes-All Networks Enable Profound Adversarial Robustness. (88%)
Beyond Robustness: Resilience Verification of Tree-Based Classifiers. (2%)
On Impact of Semantically Similar Apps in Android Malware Datasets. (1%)
2021-12-04
RADA: Robust Adversarial Data Augmentation for Camera Localization in Challenging Weather. (10%)
2021-12-03
Single-Shot Black-Box Adversarial Attacks Against Malware Detectors: A Causal Language Model Approach. (99%)
Generalized Likelihood Ratio Test for Adversarially Robust Hypothesis Testing. (99%)
Blackbox Untargeted Adversarial Testing of Automatic Speech Recognition Systems. (98%)
Attack-Centric Approach for Evaluating Transferability of Adversarial Samples in Machine Learning Models. (54%)
Adversarial Attacks against a Satellite-borne Multispectral Cloud Detector. (13%)
A Game-Theoretic Approach for AI-based Botnet Attack Defence. (9%)
2021-12-02
A Unified Framework for Adversarial Attack and Defense in Constrained Feature Space. (99%)
Is Approximation Universally Defensive Against Adversarial Attacks in Deep Neural Networks? (93%)
Is RobustBench/AutoAttack a suitable Benchmark for Adversarial Robustness? (75%)
Training Efficiency and Robustness in Deep Learning. (41%)
FedRAD: Federated Robust Adaptive Distillation. (10%)
FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis. (3%)
On the Existence of the Adversarial Bayes Classifier (Extended Version). (2%)
Editing a classifier by rewriting its prediction rules. (1%)
2021-12-01
Adversarial Robustness of Deep Reinforcement Learning based Dynamic Recommender Systems. (99%)
Push Stricter to Decide Better: A Class-Conditional Feature Adaptive Framework for Improving Adversarial Robustness. (99%)
$\ell_\infty$-Robustness and Beyond: Unleashing Efficient Adversarial Training. (99%)
Certified Adversarial Defenses Meet Out-of-Distribution Corruptions: Benchmarking Robustness and Simple Baselines. (96%)
Adv-4-Adv: Thwarting Changing Adversarial Perturbations via Adversarial Domain Adaptation. (95%)
Robustness in Deep Learning for Computer Vision: Mind the gap? (31%)
CYBORG: Blending Human Saliency Into the Loss Improves Deep Learning. (1%)
2021-11-30
Using a GAN to Generate Adversarial Examples to Facial Image Recognition. (99%)
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users. (86%)
Human Imperceptible Attacks and Applications to Improve Fairness. (83%)
Evaluating Gradient Inversion Attacks and Defenses in Federated Learning. (81%)
FROB: Few-shot ROBust Model for Classification and Out-of-Distribution Detection. (78%)
COREATTACK: Breaking Up the Core Structure of Graphs. (78%)
Adversarial Attacks Against Deep Generative Models on Data: A Survey. (12%)
A Face Recognition System's Worst Morph Nightmare, Theoretically. (1%)
New Datasets for Dynamic Malware Classification. (1%)
Reliability Assessment and Safety Arguments for Machine Learning Components in Assuring Learning-Enabled Autonomous Systems. (1%)
2021-11-29
MedRDF: A Robust and Retrain-Less Diagnostic Framework for Medical Pretrained Models Against Adversarial Attack. (99%)
Adversarial Attacks in Cooperative AI. (82%)
Living-Off-The-Land Command Detection Using Active Learning. (10%)
Exploring Representational Alignment with Human Perception Using Identically Represented Inputs. (4%)
A Simple Long-Tailed Recognition Baseline via Vision-Language Model. (1%)
ROBIN : A Benchmark for Robustness to Individual Nuisances in Real-World Out-of-Distribution Shifts. (1%)
Pyramid Adversarial Training Improves ViT Performance. (1%)
2021-11-28
Detecting Adversaries, yet Faltering to Noise? Leveraging Conditional Variational AutoEncoders for Adversary Detection in the Presence of Noisy Images. (96%)
MALIGN: Adversarially Robust Malware Family Detection using Sequence Alignment. (54%)
Automated Runtime-Aware Scheduling for Multi-Tenant DNN Inference on GPU. (1%)
ExCon: Explanation-driven Supervised Contrastive Learning for Image Classification. (1%)
2021-11-27
Adaptive Image Transformations for Transfer-based Adversarial Attack. (99%)
Adaptive Perturbation for Adversarial Attack. (99%)
Statically Detecting Adversarial Malware through Randomised Chaining. (98%)
Dissecting Malware in the Wild. (1%)
2021-11-26
ArchRepair: Block-Level Architecture-Oriented Repairing for Deep Neural Networks. (50%)
2021-11-25
AdvBokeh: Learning to Adversarially Defocus Blur. (99%)
Clustering Effect of (Linearized) Adversarial Robust Models. (97%)
Simple Contrastive Representation Adversarial Learning for NLP Tasks. (93%)
Going Grayscale: The Road to Understanding and Improving Unlearnable Examples. (92%)
Towards Practical Deployment-Stage Backdoor Attack on Deep Neural Networks. (92%)
Gradient Inversion Attack: Leaking Private Labels in Two-Party Split Learning. (3%)
Joint inference and input optimization in equilibrium networks. (1%)
2021-11-24
Thundernna: a white box adversarial attack. (99%)
Unity is strength: Improving the Detection of Adversarial Examples with Ensemble Approaches. (99%)
Robustness against Adversarial Attacks in Neural Networks using Incremental Dissipativity. (92%)
WFDefProxy: Modularly Implementing and Empirically Evaluating Website Fingerprinting Defenses. (15%)
Sharpness-aware Quantization for Deep Neural Networks. (9%)
SLA$^2$P: Self-supervised Anomaly Detection with Adversarial Perturbation. (5%)
An Attack on Facial Soft-biometric Privacy Enhancement. (2%)
Accelerating Deep Learning with Dynamic Data Pruning. (1%)
2021-11-23
Adversarial machine learning for protecting against online manipulation. (92%)
Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS. (84%)
Subspace Adversarial Training. (69%)
HERO: Hessian-Enhanced Robust Optimization for Unifying and Improving Generalization and Quantization Performance. (1%)
2021-11-22
Adversarial Examples on Segmentation Models Can be Easy to Transfer. (99%)
Evaluating Adversarial Attacks on ImageNet: A Reality Check on Misclassification Classes. (99%)
Imperceptible Transfer Attack and Defense on 3D Point Cloud Classification. (99%)
Backdoor Attack through Frequency Domain. (92%)
NTD: Non-Transferability Enabled Backdoor Detection. (69%)
A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries. (33%)
Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data. (13%)
Automatic Mapping of the Best-Suited DNN Pruning Schemes for Real-Time Mobile Acceleration. (1%)
Electric Vehicle Attack Impact on Power Grid Operation. (1%)
2021-11-21
Stochastic Variance Reduced Ensemble Adversarial Attack for Boosting the Adversarial Transferability. (99%)
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model. (99%)
Medical Aegis: Robust adversarial protectors for medical images. (99%)
Local Linearity and Double Descent in Catastrophic Overfitting. (73%)
Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks. (62%)
2021-11-20
Are Vision Transformers Robust to Patch Perturbations? (98%)
2021-11-19
Zero-Shot Certified Defense against Adversarial Patches with Vision Transformers. (99%)
Towards Efficiently Evaluating the Robustness of Deep Neural Networks in IoT Systems: A GAN-based Method. (99%)
Meta Adversarial Perturbations. (99%)
Resilience from Diversity: Population-based approach to harden models against adversarial attacks. (99%)
Enhanced countering adversarial attacks via input denoising and feature restoring. (99%)
Fooling Adversarial Training with Inducing Noise. (98%)
Exposing Weaknesses of Malware Detectors with Explainability-Guided Evasion Attacks. (86%)
2021-11-18
TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems. (99%)
A Review of Adversarial Attack and Defense for Classification Methods. (99%)
Robust Person Re-identification with Multi-Modal Joint Defence. (98%)
Enhancing the Insertion of NOP Instructions to Obfuscate Malware via Deep Reinforcement Learning. (96%)
How to Build Robust FAQ Chatbot with Controllable Question Generator? (80%)
Adversarial attacks on voter model dynamics in complex networks. (76%)
Enhanced Membership Inference Attacks against Machine Learning Models. (12%)
Wiggling Weights to Improve the Robustness of Classifiers. (2%)
Improving Transferability of Representations via Augmentation-Aware Self-Supervision. (1%)
2021-11-17
TraSw: Tracklet-Switch Adversarial Attacks against Multi-Object Tracking. (99%)
Generating Unrestricted 3D Adversarial Point Clouds. (99%)
SmoothMix: Training Confidence-calibrated Smoothed Classifiers for Certified Robustness. (93%)
Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation. (92%)
Do Not Trust Prediction Scores for Membership Inference Attacks. (33%)
2021-11-16
Robustness of Bayesian Neural Networks to White-Box Adversarial Attacks. (99%)
Improving the robustness and accuracy of biomedical language models through adversarial training. (99%)
Detecting AutoAttack Perturbations in the Frequency Domain. (99%)
Adversarial Tradeoffs in Linear Inverse Problems and Robust StateEstimation. (92%)
Consistent Semantic Attacks on Optical Flow. (81%)
An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences. (54%)
Enabling equivariance for arbitrary Lie groups. (1%)
2021-11-15
A Survey on Adversarial Attacks for Malware Analysis. (98%)
Triggerless Backdoor Attack for NLP Tasks with Clean Labels. (68%)
Property Inference Attacks Against GANs. (67%)
2021-11-14
Generating Band-Limited Adversarial Surfaces Using Neural Networks. (99%)
Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks. (76%)
Towards Interpretability of Speech Pause in Dementia Detection using Adversarial Learning. (75%)
Improving Compound Activity Classification via Deep Transfer and Representation Learning. (1%)
2021-11-13
Robust and Accurate Object Detection via Self-Knowledge Distillation. (62%)
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction. (2%)
2021-11-12
Neural Population Geometry Reveals the Role of Stochasticity in Robust Perception. (99%)
Measuring the Contribution of Multiple Model Representations in Detecting Adversarial Instances. (98%)
Adversarially Robust Learning for Security-Constrained Optimal Power Flow. (10%)
On Transferability of Prompt Tuning for Natural Language Understanding. (8%)
A Bayesian Nash equilibrium-based moving target defense against stealthy sensor attacks. (1%)
Resilient Consensus-based Multi-agent Reinforcement Learning. (1%)
2021-11-11
On the Equivalence between Neural Network and Support Vector Machine. (1%)
2021-11-10
Trustworthy Medical Segmentation with Uncertainty Estimation. (13%)
Robust Learning via Ensemble Density Propagation in Deep Neural Networks. (2%)
2021-11-09
Tightening the Approximation Error of Adversarial Risk with Auto Loss Function Search. (99%)
MixACM: Mixup-Based Robustness Transfer via Distillation of Activated Channel Maps. (99%)
Sparse Adversarial Video Attacks with Spatial Transformations. (98%)
A Statistical Difference Reduction Method for Escaping Backdoor Detection. (97%)
Data Augmentation Can Improve Robustness. (73%)
Are Transformers More Robust Than CNNs? (67%)
2021-11-08
Geometrically Adaptive Dictionary Attack on Face Recognition. (99%)
Defense Against Explanation Manipulation. (98%)
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. (98%)
On Assessing The Safety of Reinforcement Learning algorithms Using Formal Methods. (75%)
Get a Model! Model Hijacking Attack Against Machine Learning Models. (69%)
Robust and Information-theoretically Safe Bias Classifier against Adversarial Attacks. (69%)
Characterizing the adversarial vulnerability of speech self-supervised learning. (68%)
HAPSSA: Holistic Approach to PDF Malware Detection Using Signal and Statistical Analysis. (67%)
Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning. (67%)
BARFED: Byzantine Attack-Resistant Federated Averaging Based on Outlier Elimination. (1%)
2021-11-07
Generative Dynamic Patch Attack. (99%)
Natural Adversarial Objects. (81%)
2021-11-06
"How Does It Detect A Malicious App?" Explaining the Predictions of AI-based Android Malware Detector. (11%)
2021-11-05
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Sequential Randomized Smoothing for Adversarially Robust Speech Recognition. (96%)
Federated Learning Attacks Revisited: A Critical Discussion of Gaps, Assumptions, and Evaluation Setups. (2%)
2021-11-04
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models. (99%)
Adversarial Attacks on Graph Classification via Bayesian Optimisation. (87%)
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods. (47%)
Attacking Deep Reinforcement Learning-Based Traffic Signal Control Systems with Colluding Vehicles. (3%)
2021-11-03
LTD: Low Temperature Distillation for Robust Adversarial Training. (54%)
Multi-Glimpse Network: A Robust and Efficient Classification Architecture based on Recurrent Downsampled Attention. (41%)
2021-11-02
HydraText: Multi-objective Optimization for Adversarial Textual Attack. (99%)
Meta-Learning the Search Distribution of Black-Box Random Search Based Adversarial Attacks. (96%)
Training Certifiably Robust Neural Networks with Efficient Local Lipschitz Bounds. (70%)
Pareto Adversarial Robustness: Balancing Spatial Robustness and Sensitivity-based Robustness. (68%)
Knowledge Cross-Distillation for Membership Privacy. (38%)
Adversarially Perturbed Wavelet-based Morphed Face Generation. (9%)
2021-11-01
Graph Structural Attack by Spectral Distance. (93%)
Availability Attacks Create Shortcuts. (89%)
Robustness of deep learning algorithms in astronomy -- galaxy morphology studies. (83%)
When Does Contrastive Learning Preserve Adversarial Robustness from Pretraining to Finetuning? (69%)
ZeBRA: Precisely Destroying Neural Networks with Zero-Data Based Repeated Bit Flip Attack. (9%)
2021-10-31
An Actor-Critic Method for Simulation-Based Optimization. (56%)
2021-10-30
Get Fooled for the Right Reason: Improving Adversarial Robustness through a Teacher-guided Curriculum Learning Approach. (97%)
AdvCodeMix: Adversarial Attack on Code-Mixed Data. (93%)
Backdoor Pre-trained Models Can Transfer to All. (3%)
2021-10-29
Attacking Video Recognition Models with Bullet-Screen Comments. (99%)
Adversarial Robustness with Semi-Infinite Constrained Learning. (92%)
{\epsilon}-weakened Robustness of Deep Neural Networks. (62%)
You are caught stealing my winning lottery ticket! Making a lottery ticket claim its ownership. (11%)
2021-10-28
Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework. (99%)
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value Analysis. (92%)
The magnitude vector of images. (1%)
2021-10-27
Towards Evaluating the Robustness of Neural Networks Learned by Transduction. (98%)
CAP: Co-Adversarial Perturbation on Weights and Features for Improving Generalization of Graph Neural Networks. (98%)
Towards Robust Reasoning over Knowledge Graphs. (83%)
Generalized Depthwise-Separable Convolutions for Adversarially Robust and Efficient Neural Networks. (74%)
Adversarial Neuron Pruning Purifies Backdoored Deep Models. (15%)
From Intrinsic to Counterfactual: On the Explainability of Contextualized Recommender Systems. (5%)
Robust Contrastive Learning Using Negative Samples with Diminished Semantics. (1%)
RoMA: Robust Model Adaptation for Offline Model-based Optimization. (1%)
2021-10-26
Can't Fool Me: Adversarially Robust Transformer for Video Understanding. (99%)
Frequency Centric Defense Mechanisms against Adversarial Examples. (99%)
ScaleCert: Scalable Certified Defense against Adversarial Patches with Sparse Superficial Layers. (99%)
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks. (99%)
FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective. (98%)
A Frequency Perspective of Adversarial Robustness. (98%)
Disrupting Deep Uncertainty Estimation Without Harming Accuracy. (86%)
Improving Local Effectiveness for Global robust training. (83%)
Robustness of Graph Neural Networks at Scale. (76%)
Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions. (75%)
Adversarial Robustness in Multi-Task Learning: Promises and Illusions. (64%)
AugMax: Adversarial Composition of Random Augmentations for Robust Training. (56%)
Qu-ANTI-zation: Exploiting Quantization Artifacts for Achieving Adversarial Outcomes. (50%)
Semantic Host-free Trojan Attack. (10%)
CAFE: Catastrophic Data Leakage in Vertical Federated Learning. (3%)
MEST: Accurate and Fast Memory-Economic Sparse Training Framework on the Edge. (1%)
Reliable and Trustworthy Machine Learning for Health Using Dataset Shift Detection. (1%)
Defensive Tensorization. (1%)
Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware. (1%)
2021-10-25
Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks. (99%)
Generating Watermarked Adversarial Texts. (99%)
Beyond $L_p$ clipping: Equalization-based Psychoacoustic Attacks against ASRs. (92%)
Fast Gradient Non-sign Methods. (92%)
Ensemble Federated Adversarial Training with Non-IID data. (87%)
GANash -- A GAN approach to steganography. (81%)
A Dynamical System Perspective for Lipschitz Neural Networks. (81%)
An Adaptive Structural Learning of Deep Belief Network for Image-based Crack Detection in Concrete Structures Using SDNET2018. (13%)
2021-10-24
Towards A Conceptually Simple Defensive Approach for Few-shot classifiers Against Adversarial Support Samples. (80%)
2021-10-23
ADC: Adversarial attacks against object Detection that evade Context consistency checks. (99%)
A Layer-wise Adversarial-aware Quantization Optimization for Improving Robustness. (81%)
2021-10-22
Improving Robustness of Malware Classifiers using Adversarial Strings Generated from Perturbed Latent Representations. (99%)
How and When Adversarial Robustness Transfers in Knowledge Distillation? (91%)
Fairness Degrading Adversarial Attacks Against Clustering Algorithms. (86%)
Adversarial robustness for latent models: Revisiting the robust-standard accuracies tradeoff. (80%)
PRECAD: Privacy-Preserving and Robust Federated Learning via Crypto-Aided Differential Privacy. (15%)
ProtoShotXAI: Using Prototypical Few-Shot Architecture for Explainable AI. (15%)
Spoofing Detection on Hand Images Using Quality Assessment. (1%)
Text Counterfactuals via Latent Optimization and Shapley-Guided Search. (1%)
MANDERA: Malicious Node Detection in Federated Learning via Ranking. (1%)
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. (1%)
2021-10-21
CAPTIVE: Constrained Adversarial Perturbations to Thwart IC Reverse Engineering. (98%)
PROVES: Establishing Image Provenance using Semantic Signatures. (93%)
RoMA: a Method for Neural Network Robustness Measurement and Assessment. (92%)
Anti-Backdoor Learning: Training Clean Models on Poisoned Data. (83%)
PipAttack: Poisoning Federated Recommender Systems forManipulating Item Promotion. (68%)
Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness. (61%)
Watermarking Graph Neural Networks based on Backdoor Attacks. (31%)
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey. (8%)
2021-10-20
Adversarial Socialbot Learning via Multi-Agent Deep Hierarchical Reinforcement Learning. (83%)
Surrogate Representation Learning with Isometric Mapping for Gray-box Graph Adversarial Attacks. (62%)
Moir\'e Attack (MA): A New Potential Risk of Screen Photos. (56%)
Adversarial attacks against Bayesian forecasting dynamic models. (13%)
No One Representation to Rule Them All: Overlapping Features of Training Methods. (1%)
2021-10-19
Multi-concept adversarial attacks. (99%)
A Regularization Method to Improve Adversarial Robustness of Neural Networks for ECG Signal Classification. (96%)
TESSERACT: Gradient Flip Score to Secure Federated Learning Against Model Poisoning Attacks. (69%)
Understanding Convolutional Neural Networks from Theoretical Perspective via Volterra Convolution. (61%)
Detecting Backdoor Attacks Against Point Cloud Classifiers. (26%)
Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition. (13%)
A Deeper Look into RowHammer`s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses. (5%)
2021-10-18
Boosting the Transferability of Video Adversarial Examples via Temporal Translation. (99%)
Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal Information. (99%)
Improving Robustness using Generated Data. (97%)
MEMO: Test Time Robustness via Adaptation and Augmentation. (13%)
Minimal Multi-Layer Modifications of Deep Neural Networks. (4%)
2021-10-17
Unrestricted Adversarial Attacks on ImageNet Competition. (99%)
Improving Robustness of Reinforcement Learning for Power System Control with Adversarial Training. (99%)
ECG-ATK-GAN: Robustness against Adversarial Attacks on ECGs using Conditional Generative Adversarial Networks. (99%)
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications. (22%)
Poisoning Attacks on Fair Machine Learning. (12%)
2021-10-16
Black-box Adversarial Attacks on Network-wide Multi-step Traffic State Prediction Models. (99%)
Analyzing Dynamic Adversarial Training Data in the Limit. (82%)
Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services. (5%)
Tackling the Imbalance for GNNs. (4%)
2021-10-15
Adversarial Attacks on Gaussian Process Bandits. (99%)
Generating Natural Language Adversarial Examples through An Improved Beam Search Algorithm. (99%)
Adversarial Attacks on ML Defense Models Competition. (99%)
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. (76%)
Robustness of different loss functions and their impact on networks learning capability. (76%)
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures. (22%)
Textual Backdoor Attacks Can Be More Harmful via Two Simple Tricks. (10%)
Understanding and Improving Robustness of Vision Transformers through Patch-based Negative Augmentation. (8%)
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand. (1%)
2021-10-14
Adversarial examples by perturbing high-level features in intermediate decoder layers. (99%)
DI-AA: An Interpretable White-box Attack for Fooling Deep Neural Networks. (99%)
Adversarial Purification through Representation Disentanglement. (99%)
RAP: Robustness-Aware Perturbations for Defending against Backdoor Attacks on NLP Models. (93%)
An Optimization Perspective on Realizing Backdoor Injection Attacks on Deep Neural Networks in Hardware. (87%)
Interactive Analysis of CNN Robustness. (80%)
On Adversarial Vulnerability of PHM algorithms: An Initial Study. (69%)
Identifying and Mitigating Spurious Correlations for Improving Robustness in NLP Models. (61%)
Toward Degradation-Robust Voice Conversion. (9%)
Interpreting the Robustness of Neural NLP Models to Textual Perturbations. (9%)
Retrieval-guided Counterfactual Generation for QA. (2%)
Effective Certification of Monotone Deep Equilibrium Models. (1%)
2021-10-13
A Framework for Verification of Wasserstein Adversarial Robustness. (99%)
Identification of Attack-Specific Signatures in Adversarial Examples. (99%)
Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness. (99%)
Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer. (98%)
Brittle interpretations: The Vulnerability of TCAV and Other Concept-based Explainability Tools to Adversarial Attack. (93%)
Poison Forensics: Traceback of Data Poisoning Attacks in Neural Networks. (92%)
Boosting the Certified Robustness of L-infinity Distance Nets. (1%)
Benchmarking the Robustness of Spatial-Temporal Models Against Corruptions. (1%)
2021-10-12
Adversarial Attack across Datasets. (99%)
Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning. (99%)
SEPP: Similarity Estimation of Predicted Probabilities for Defending and Detecting Adversarial Text. (92%)
On the Security Risks of AutoML. (45%)
Zero-bias Deep Neural Network for Quickest RF Signal Surveillance. (1%)
2021-10-11
Boosting Fast Adversarial Training with Learnable Adversarial Initialization. (99%)
Parameterizing Activation Functions for Adversarial Robustness. (98%)
Amicable examples for informed source separation. (86%)
Doubly-Trained Adversarial Data Augmentation for Neural Machine Translation. (12%)
Intriguing Properties of Input-dependent Randomized Smoothing. (1%)
Hiding Images into Images with Real-world Robustness. (1%)
Source Mixing and Separation Robust Audio Steganography. (1%)
Homogeneous Learning: Self-Attention Decentralized Deep Learning. (1%)
Large Language Models Can Be Strong Differentially Private Learners. (1%)
A Closer Look at Prototype Classifier for Few-shot Image Classification. (1%)
Certified Patch Robustness via Smoothed Vision Transformers. (1%)
2021-10-10
Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability. (98%)
Universal Adversarial Attacks on Neural Networks for Power Allocation in a Massive MIMO System. (92%)
2021-10-09
Demystifying the Transferability of Adversarial Attacks in Computer Networks. (99%)
Provably Efficient Black-Box Action Poisoning Attacks Against Reinforcement Learning. (93%)
Widen The Backdoor To Let More Attackers In. (13%)
2021-10-08
Explainability-Aware One Point Attack for Point Cloud Neural Networks. (99%)
Game Theory for Adversarial Attacks and Defenses. (98%)
Graphs as Tools to Improve Deep Learning Methods. (10%)
IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization. (3%)
A Wireless Intrusion Detection System for 802.11 WPA3 Networks. (1%)
Salient ImageNet: How to discover spurious features in Deep Learning? (1%)
2021-10-07
Robust Feature-Level Adversaries are Interpretability Tools. (99%)
EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection. (99%)
Adversarial Attack by Limited Point Cloud Surface Modifications. (98%)
Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks. (98%)
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction. (80%)
Fingerprinting Multi-exit Deep Neural Network Models via Inference Time. (62%)
Adversarial Unlearning of Backdoors via Implicit Hypergradient. (56%)
MPSN: Motion-aware Pseudo Siamese Network for Indoor Video Head Detection in Buildings. (1%)
2021-10-06
HIRE-SNN: Harnessing the Inherent Robustness of Energy-Efficient Deep Spiking Neural Networks by Training with Crafted Input Noise. (99%)
Reversible adversarial examples against local visual perturbation. (99%)
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack. (99%)
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs. (99%)
Adversarial Attacks on Machinery Fault Diagnosis. (99%)
Adversarial Attacks on Spiking Convolutional Networks for Event-based Vision. (98%)
A Uniform Framework for Anomaly Detection in Deep Neural Networks. (97%)
Double Descent in Adversarial Training: An Implicit Label Noise Perspective. (88%)
Improving Adversarial Robustness for Free with Snapshot Ensemble. (83%)
DoubleStar: Long-Range Attack Towards Depth Estimation based Obstacle Avoidance in Autonomous Systems. (45%)
Inference Attacks Against Graph Neural Networks. (2%)
Data-driven behavioural biometrics for continuous and adaptive user verification using Smartphone and Smartwatch. (1%)
On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks. (1%)
Efficient Sharpness-aware Minimization for Improved Training of Neural Networks. (1%)
Stegomalware: A Systematic Survey of MalwareHiding and Detection in Images, Machine LearningModels and Research Challenges. (1%)
Exploring the Common Principal Subspace of Deep Features in Neural Networks. (1%)
Generalizing Neural Networks by Reflecting Deviating Data in Production. (1%)
2021-10-05
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems. (99%)
Adversarial Attacks on Black Box Video Classifiers: Leveraging the Power of Geometric Transformations. (99%)
Adversarial defenses via a mixture of generators. (99%)
Neural Network Adversarial Attack Method Based on Improved Genetic Algorithm. (92%)
BadPre: Task-agnostic Backdoor Attacks to Pre-trained NLP Foundation Models. (33%)
Spectral Bias in Practice: The Role of Function Frequency in Generalization. (1%)
CADA: Multi-scale Collaborative Adversarial Domain Adaptation for Unsupervised Optic Disc and Cup Segmentation. (1%)
Noisy Feature Mixup. (1%)
2021-10-04
Benchmarking Safety Monitors for Image Classifiers with Machine Learning. (1%)
2021-10-03
Adversarial Examples Generation for Reducing Implicit Gender Bias in Pre-trained Models. (82%)
2021-10-02
Evaluating Deep Learning Models and Adversarial Attacks on Accelerometer-Based Gesture Authentication. (98%)
Anti-aliasing Deep Image Classifiers using Novel Depth Adaptive Blurring and Activation Function. (13%)
2021-10-01
Calibrated Adversarial Training. (98%)
Universal Adversarial Spoofing Attacks against Face Recognition. (87%)
Score-Based Generative Classifiers. (84%)
One Timestep is All You Need: Training Spiking Neural Networks with Ultra Low Latency. (1%)
2021-09-30
Mitigating Black-Box Adversarial Attacks via Output Noise Perturbation. (98%)
You Cannot Easily Catch Me: A Low-Detectable Adversarial Patch for Object Detectors. (95%)
Adversarial Semantic Contour for Object Detection. (92%)
From Zero-Shot Machine Learning to Zero-Day Attack Detection. (10%)
2021-09-29
On Brightness Agnostic Adversarial Examples Against Face Recognition Systems. (99%)
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks. (70%)
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining. (41%)
Mitigation of Adversarial Policy Imitation via Constrained Randomization of Policy (CRoP). (10%)
2021-09-28
slimTrain -- A Stochastic Approximation Method for Training Separable Deep Neural Networks. (1%)
2021-09-27
MUTEN: Boosting Gradient-Based Adversarial Attacks via Mutant-Based Ensembles. (99%)
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors. (99%)
Classification and Adversarial examples in an Overparameterized Linear Model: A Signal Processing Perspective. (98%)
GANG-MAM: GAN based enGine for Modifying Android Malware. (64%)
Distributionally Robust Multi-Output Regression Ranking. (3%)
Improving Uncertainty of Deep Learning-based Object Classification on Radar Spectra using Label Smoothing. (1%)
Federated Deep Learning with Bayesian Privacy. (1%)
2021-09-26
Distributionally Robust Multiclass Classification and Applications in Deep CNN Image Classifiers. (11%)
2021-09-25
Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency. (99%)
Contributions to Large Scale Bayesian Inference and Adversarial Machine Learning. (98%)
MINIMAL: Mining Models for Data Free Universal Adversarial Triggers. (93%)
2021-09-24
Local Intrinsic Dimensionality Signals Adversarial Perturbations. (98%)
2021-09-23
Breaking BERT: Understanding its Vulnerabilities for Biomedical Named Entity Recognition through Adversarial Attack. (98%)
FooBaR: Fault Fooling Backdoor Attack on Neural Network Training. (88%)
AES Systems Are Both Overstable And Oversensitive: Explaining Why And Proposing Defenses. (68%)
DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications. (1%)
2021-09-22
Exploring Adversarial Examples for Efficient Active Learning in Machine Learning Classifiers. (99%)
CC-Cert: A Probabilistic Approach to Certify General Robustness of Neural Networks. (81%)
Security Analysis of Capsule Network Inference using Horizontal Collaboration. (69%)
Adversarial Transfer Attacks With Unknown Data and Class Overlap. (62%)
Pushing the Right Buttons: Adversarial Evaluation of Quality Estimation. (1%)
Backdoor Attacks on Federated Learning with Lottery Ticket Hypothesis. (1%)
2021-09-21
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability. (99%)
3D Point Cloud Completion with Geometric-Aware Adversarial Augmentation. (93%)
DeSMP: Differential Privacy-exploited Stealthy Model Poisoning Attacks in Federated Learning. (76%)
Privacy, Security, and Utility Analysis of Differentially Private CPES Data. (13%)
2021-09-20
Robust Physical-World Attacks on Face Recognition. (99%)
Modeling Adversarial Noise for Adversarial Defense. (99%)
Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection? (99%)
Robustness Analysis of Deep Learning Frameworks on Mobile Platforms. (10%)
"Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real World. (2%)
Towards Energy-Efficient and Secure Edge AI: A Cross-Layer Framework. (1%)
2021-09-19
On the Noise Stability and Robustness of Adversarially Trained Networks on NVM Crossbars. (99%)
Adversarial Training with Contrastive Learning in NLP. (16%)
2021-09-18
Clean-label Backdoor Attack against Deep Hashing based Retrieval. (98%)
2021-09-17
Messing Up 3D Virtual Environments: Transferable Adversarial 3D Objects. (98%)
Exploring the Training Robustness of Distributional Reinforcement Learning against Noisy State Observations. (8%)
2021-09-16
Harnessing Perceptual Adversarial Patches for Crowd Counting. (99%)
KATANA: Simple Post-Training Robustness Using Test Time Augmentations. (98%)
Targeted Attack on Deep RL-based Autonomous Driving with Learned Visual Patterns. (96%)
Adversarial Attacks against Deep Learning Based Power Control in Wireless Communications. (95%)
Don't Search for a Search Method -- Simple Heuristics Suffice for Adversarial Text Attacks. (68%)
Membership Inference Attacks Against Recommender Systems. (3%)
2021-09-15
Universal Adversarial Attack on Deep Learning Based Prognostics. (99%)
Balancing detectability and performance of attacks on the control channel of Markov Decision Processes. (98%)
FCA: Learning a 3D Full-coverage Vehicle Camouflage for Multi-view Physical Adversarial Attack. (95%)
BERT is Robust! A Case Against Synonym-Based Adversarial Examples in Text Classification. (92%)
Adversarial Mixing Policy for Relaxing Locally Linear Constraints in Mixup. (13%)
Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side Channel. (10%)
2021-09-14
A Novel Data Encryption Method Inspired by Adversarial Attacks. (99%)
Improving Gradient-based Adversarial Training for Text Classification by Contrastive Learning and Auto-Encoder. (99%)
PETGEN: Personalized Text Generation Attack on Deep Sequence Embedding-based Classification Models. (99%)
EVAGAN: Evasion Generative Adversarial Network for Low Data Regimes. (76%)
Dodging Attack Using Carefully Crafted Natural Makeup. (47%)
Avengers Ensemble! Improving Transferability of Authorship Obfuscation. (12%)
ARCH: Efficient Adversarial Regularized Training with Caching. (8%)
2021-09-13
Adversarial Bone Length Attack on Action Recognition. (99%)
Randomized Substitution and Vote for Textual Adversarial Example Detection. (99%)
Improving the Robustness of Adversarial Attacks Using an Affine-Invariant Gradient Estimator. (99%)
Evolving Architectures with Gradient Misalignment toward Low Adversarial Transferability. (98%)
A Practical Adversarial Attack on Contingency Detection of Smart Energy Systems. (98%)
Adversarial Examples for Evaluating Math Word Problem Solvers. (96%)
PAT: Pseudo-Adversarial Training For Detecting Adversarial Videos. (86%)
SignGuard: Byzantine-robust Federated Learning through Collaborative Malicious Gradient Filtering. (81%)
Formalizing and Estimating Distribution Inference Risks. (62%)
Virtual Data Augmentation: A Robust and General Framework for Fine-tuning Pre-trained Models. (50%)
Sensor Adversarial Traits: Analyzing Robustness of 3D Object Detection Sensor Fusion Models. (16%)
Adversarially Trained Object Detector for Unsupervised Domain Adaptation. (3%)
Perturbation CheckLists for Evaluating NLG Evaluation Metrics. (1%)
How to Select One Among All? An Extensive Empirical Study Towards the Robustness of Knowledge Distillation in Natural Language Understanding. (1%)
Detecting Safety Problems of Multi-Sensor Fusion in Autonomous Driving. (1%)
2021-09-12
TREATED:Towards Universal Defense against Textual Adversarial Attacks. (99%)
CoG: a Two-View Co-training Framework for Defending Adversarial Attacks on Graph. (98%)
Check Your Other Door! Creating Backdoor Attacks in the Frequency Domain. (93%)
RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models. (84%)
Shape-Biased Domain Generalization via Shock Graph Embeddings. (2%)
Source Inference Attacks in Federated Learning. (1%)
2021-09-11
RobustART: Benchmarking Robustness on Architecture Design and Training Techniques. (98%)
2-in-1 Accelerator: Enabling Random Precision Switch for Winning Both Adversarial Robustness and Efficiency. (81%)
2021-09-10
A Strong Baseline for Query Efficient Attacks in a Black Box Setting. (99%)
2021-09-09
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification. (99%)
Energy Attack: On Transferring Adversarial Examples. (99%)
Protein Folding Neural Networks Are Not Robust. (99%)
Towards Transferable Adversarial Attacks on Vision Transformers. (99%)
Multi-granularity Textual Adversarial Attack with Behavior Cloning. (98%)
Spatially Focused Attack against Spatiotemporal Graph Neural Networks. (81%)
Differential Privacy in Personalized Pricing with Nonparametric Demand Models. (26%)
EvilModel 2.0: Bringing Neural Network Models into Malware Attacks. (5%)
2021-09-08
Membership Inference Attacks Against Temporally Correlated Data in Deep Reinforcement Learning. (89%)
Robust Optimal Classification Trees Against Adversarial Examples. (80%)
2021-09-07
Adversarial Parameter Defense by Multi-Step Risk Minimization. (98%)
POW-HOW: An enduring timing side-channel to evade online malware sandboxes. (12%)
Unpaired Adversarial Learning for Single Image Deraining with Rain-Space Contrastive Constraints. (1%)
2021-09-06
Robustness and Generalization via Generative Adversarial Training. (82%)
Trojan Signatures in DNN Weights. (33%)
Automated Robustness with Adversarial Training as a Post-Processing Step. (4%)
Exposing Length Divergence Bias of Textual Matching Models. (2%)
2021-09-05
Efficient Combinatorial Optimization for Word-level Adversarial Textual Attack. (98%)
Tolerating Adversarial Attacks and Byzantine Faults in Distributed Machine Learning. (2%)
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode. (1%)
2021-09-04
Real-World Adversarial Examples involving Makeup Application. (99%)
Utilizing Adversarial Targeted Attacks to Boost Adversarial Robustness. (99%)
Training Meta-Surrogate Model for Transferable Adversarial Attack. (99%)
2021-09-03
SEC4SR: A Security Analysis Platform for Speaker Recognition. (99%)
Risk Assessment for Connected Vehicles under Stealthy Attacks on Vehicle-to-Vehicle Networks. (1%)
2021-09-02
A Synergetic Attack against Neural Network Classifiers combining Backdoor and Adversarial Examples. (99%)
Impact of Attention on Adversarial Robustness of Image Classification Models. (99%)
Adversarial Robustness for Unsupervised Domain Adaptation. (98%)
Real World Robustness from Systematic Noise. (91%)
Building Compact and Robust Deep Neural Networks with Toeplitz Matrices. (61%)
2021-09-01
Towards Improving Adversarial Training of NLP Models. (98%)
Excess Capacity and Backdoor Poisoning. (97%)
Regional Adversarial Training for Better Robust Generalization. (96%)
R-SNN: An Analysis and Design Methodology for Robustifying Spiking Neural Networks against Adversarial Attacks through Noise Filters for Dynamic Vision Sensors. (86%)
Proof Transfer for Neural Network Verification. (9%)
Guarding Machine Learning Hardware Against Physical Side-Channel Attacks. (2%)
2021-08-31
EG-Booster: Explanation-Guided Booster of ML Evasion Attacks. (99%)
Morphence: Moving Target Defense Against Adversarial Examples. (99%)
DPA: Learning Robust Physical Adversarial Camouflages for Object Detectors. (93%)
Black-Box Attacks on Sequential Recommenders via Data-Free Model Extraction. (83%)
Segmentation Fault: A Cheap Defense Against Adversarial Machine Learning. (75%)
Backdoor Attacks on Pre-trained Models by Layerwise Weight Poisoning. (4%)
2021-08-30
Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings. (99%)
Investigating Vulnerabilities of Deep Neural Policies. (99%)
Adversarial Example Devastation and Detection on Speech Recognition System by Adding Random Noise. (99%)
Single Node Injection Attack against Graph Neural Networks. (68%)
Benchmarking the Accuracy and Robustness of Feedback Alignment Algorithms. (41%)
Adaptive perturbation adversarial training: based on reinforcement learning. (41%)
How Does Adversarial Fine-Tuning Benefit BERT? (33%)
ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation. (26%)
DuTrust: A Sentiment Analysis Dataset for Trustworthiness Evaluation. (1%)
2021-08-29
Searching for an Effective Defender: Benchmarking Defense against Adversarial Word Substitution. (99%)
Reinforcement Learning Based Sparse Black-box Adversarial Attack on Video Recognition Models. (98%)
DropAttack: A Masked Weight Adversarial Training Method to Improve Generalization of Neural Networks. (82%)
HAT4RD: Hierarchical Adversarial Training for Rumor Detection on Social Media. (81%)
2021-08-27
Mal2GCN: A Robust Malware Detection Approach Using Deep Graph Convolutional Networks With Non-Negative Weights. (99%)
Disrupting Adversarial Transferability in Deep Neural Networks. (98%)
Evaluating the Robustness of Neural Language Models to Input Perturbations. (16%)
Deep learning models are not robust against noise in clinical text. (1%)
2021-08-26
Understanding the Logit Distributions of Adversarially-Trained Deep Neural Networks. (99%)
A Hierarchical Assessment of Adversarial Severity. (98%)
Physical Adversarial Attacks on an Aerial Imagery Object Detector. (96%)
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference. (80%)
Detection and Continual Learning of Novel Face Presentation Attacks. (2%)
2021-08-25
Uncertify: Attacks Against Neural Network Certification. (99%)
Adversarially Robust One-class Novelty Detection. (99%)
Bridged Adversarial Training. (93%)
Generalized Real-World Super-Resolution through Adversarial Robustness. (93%)
2021-08-24
Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE. (99%)
Are socially-aware trajectory prediction models really socially-aware? (92%)
OOWL500: Overcoming Dataset Collection Bias in the Wild. (76%)
StyleAugment: Learning Texture De-biased Representations by Style Augmentation without Pre-defined Textures. (1%)
2021-08-23
Adversarial Robustness of Deep Learning: Theory, Algorithms, and Applications. (99%)
Semantic-Preserving Adversarial Text Attacks. (99%)
Deep Bayesian Image Set Classification: A Defence Approach against Adversarial Attacks. (99%)
Kryptonite: An Adversarial Attack Using Regional Focus. (99%)
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning. (73%)
SegMix: Co-occurrence Driven Mixup for Semantic Segmentation and Adversarial Robustness. (4%)
2021-08-22
Robustness-via-Synthesis: Robust Training with Generative Adversarial Perturbations. (99%)
Multi-Expert Adversarial Attack Detection in Person Re-identification Using Context Inconsistency. (98%)
Relating CNNs with brain: Challenges and findings. (10%)
2021-08-21
A Hard Label Black-box Adversarial Attack Against Graph Neural Networks. (99%)
"Adversarial Examples" for Proof-of-Learning. (98%)
Regularizing Instabilities in Image Reconstruction Arising from Learned Denoisers. (2%)
2021-08-20
AdvDrop: Adversarial Attack to DNNs by Dropping Information. (99%)
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier. (99%)
Integer-arithmetic-only Certified Robustness for Quantized Neural Networks. (98%)
Towards Understanding the Generative Capability of Adversarially Robust Classifiers. (98%)
Detecting and Segmenting Adversarial Graphics Patterns from Images. (93%)
UnSplit: Data-Oblivious Model Inversion, Model Stealing, and Label Inference Attacks Against Split Learning. (1%)
Early-exit deep neural networks for distorted images: providing an efficient edge offloading. (1%)
2021-08-19
Application of Adversarial Examples to Physical ECG Signals. (99%)
Pruning in the Face of Adversaries. (99%)
ASAT: Adaptively Scaled Adversarial Training in Time Series. (98%)
Amplitude-Phase Recombination: Rethinking Robustness of Convolutional Neural Networks in Frequency Domain. (80%)
2021-08-18
Revisiting Adversarial Robustness Distillation: Robust Soft Labels Make Student Better. (99%)
Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes. (98%)
MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression. (45%)
Proceedings of the 1st International Workshop on Adaptive Cyber Defense. (1%)
2021-08-17
When Should You Defend Your Classifier -- A Game-theoretical Analysis of Countermeasures against Adversarial Examples. (98%)
Adversarial Relighting Against Face Recognition. (98%)
Semantic Perturbations with Normalizing Flows for Improved Generalization. (13%)
Coalesced Multi-Output Tsetlin Machines with Clause Sharing. (1%)
Appearance Based Deep Domain Adaptation for the Classification of Aerial Images. (1%)
2021-08-16
Exploring Transferable and Robust Adversarial Perturbation Generation from the Perspective of Network Hierarchy. (99%)
Interpreting Attributions and Interactions of Adversarial Attacks. (83%)
Patch Attack Invariance: How Sensitive are Patch Attacks to 3D Pose? (62%)
NeuraCrypt is not private. (10%)
Identifying and Exploiting Structures for Reliable Deep Learning. (2%)
On the Opportunities and Risks of Foundation Models. (2%)
2021-08-15
Neural Architecture Dilation for Adversarial Robustness. (81%)
Deep Adversarially-Enhanced k-Nearest Neighbors. (74%)
IADA: Iterative Adversarial Data Augmentation Using Formal Verification and Expert Guidance. (1%)
2021-08-14
LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis. (1%)
2021-08-13
Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks. (99%)
Optical Adversarial Attack. (98%)
Understanding Structural Vulnerability in Graph Convolutional Networks. (96%)
The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs. (1%)
2021-08-12
AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-directional Metric Learning. (99%)
Deep adversarial attack on target detection systems. (99%)
Hatemoji: A Test Suite and Adversarially-Generated Dataset for Benchmarking and Detecting Emoji-based Hate. (69%)
2021-08-11
Turning Your Strength against You: Detecting and Mitigating Robust and Universal Adversarial Patch Attacks. (98%)
Attacks against Ranking Algorithms with Text Embeddings: a Case Study on Recruitment Algorithms. (78%)
Are Neural Ranking Models Robust? (4%)
Logic Explained Networks. (1%)
2021-08-10
Simple black-box universal adversarial attacks on medical image classification based on deep neural networks. (99%)
On the Effect of Pruning on Adversarial Robustness. (81%)
SoK: How Robust is Image Classification Deep Neural Network Watermarking? (Extended Version). (68%)
Perturbing Inputs for Fragile Interpretations in Deep Natural Language Processing. (64%)
UniNet: A Unified Scene Understanding Network and Exploring Multi-Task Relationships through the Lens of Adversarial Attacks. (2%)
Instance-wise Hard Negative Example Generation for Contrastive Learning in Unpaired Image-to-Image Translation. (1%)
2021-08-09
Meta Gradient Adversarial Attack. (99%)
On Procedural Adversarial Noise Attack And Defense. (99%)
Enhancing Knowledge Tracing via Adversarial Training. (98%)
Neural Network Repair with Reachability Analysis. (96%)
Classification Auto-Encoder based Detector against Diverse Data Poisoning Attacks. (92%)
Mis-spoke or mis-lead: Achieving Robustness in Multi-Agent Communicative Reinforcement Learning. (82%)
Privacy-Preserving Machine Learning: Methods, Challenges and Directions. (16%)
Explainable AI and susceptibility to adversarial attacks: a case study in classification of breast ultrasound images. (15%)
2021-08-07
Jointly Attacking Graph Neural Network and its Explanations. (96%)
Membership Inference Attacks on Lottery Ticket Networks. (33%)
Information Bottleneck Approach to Spatial Attention Learning. (1%)
2021-08-06
Evaluating Adversarial Attacks on Driving Safety in Vision-Based Autonomous Vehicles. (80%)
Ensemble Augmentation for Deep Neural Networks Using 1-D Time Series Vibration Data. (2%)
2021-08-05
BOSS: Bidirectional One-Shot Synthesis of Adversarial Examples. (99%)
Poison Ink: Robust and Invisible Backdoor Attack. (99%)
Imperceptible Adversarial Examples by Spatial Chroma-Shift. (99%)
Householder Activations for Provable Robustness against Adversarial Attacks. (83%)
Fairness Properties of Face Recognition and Obfuscation Systems. (68%)
Exploring Structure Consistency for Deep Model Watermarking. (10%)
Locally Interpretable One-Class Anomaly Detection for Credit Card Fraud Detection. (1%)
2021-08-04
Robust Transfer Learning with Pretrained Language Models through Adapters. (82%)
Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective. (31%)
2021-08-03
On the Robustness of Domain Adaption to Adversarial Attacks. (99%)
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples. (99%)
AdvRush: Searching for Adversarially Robust Neural Architectures. (99%)
The Devil is in the GAN: Defending Deep Generative Models Against Backdoor Attacks. (88%)
DeepFreeze: Cold Boot Attacks and High Fidelity Model Recovery on Commercial EdgeML Device. (69%)
Tutorials on Testing Neural Networks. (1%)
2021-08-02
Hybrid Classical-Quantum Deep Learning Models for Autonomous Vehicle Traffic Image Classification Under Adversarial Attack. (98%)
Adversarial Attacks Against Deep Reinforcement Learning Framework in Internet of Vehicles. (10%)
Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. (9%)
Efficacy of Statistical and Artificial Intelligence-based False Information Cyberattack Detection Models for Connected Vehicles. (1%)
2021-08-01
Advances in adversarial attacks and defenses in computer vision: A survey. (92%)
Certified Defense via Latent Space Randomized Smoothing with Orthogonal Encoders. (80%)
An Effective and Robust Detector for Logo Detection. (70%)
Style Curriculum Learning for Robust Medical Image Segmentation. (2%)
2021-07-31
Delving into Deep Image Prior for Adversarial Defense: A Novel Reconstruction-based Defense Framework. (99%)
Adversarial Robustness of Deep Code Comment Generation. (99%)
Towards Adversarially Robust and Domain Generalizable Stereo Matching by Rethinking DNN Feature Backbones. (93%)
T$_k$ML-AP: Adversarial Attacks to Top-$k$ Multi-Label Learning. (81%)
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning. (67%)
Fair Representation Learning using Interpolation Enabled Disentanglement. (1%)
2021-07-30
Who's Afraid of Thomas Bayes? (92%)
Practical Attacks on Voice Spoofing Countermeasures. (86%)
Can You Hear It? Backdoor Attacks via Ultrasonic Triggers. (50%)
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection. (13%)
2021-07-29
Feature Importance-aware Transferable Adversarial Attacks. (99%)
Enhancing Adversarial Robustness via Test-time Transformation Ensembling. (98%)
The Robustness of Graph k-shell Structure under Adversarial Attacks. (93%)
Understanding the Effects of Adversarial Personalized Ranking Optimization Method on Recommendation Quality. (31%)
Towards robust vision by multi-task learning on monkey visual cortex. (3%)
2021-07-28
Imbalanced Adversarial Training with Reweighting. (86%)
Towards Robustness Against Natural Language Word Substitutions. (73%)
Models of Computational Profiles to Study the Likelihood of DNN Metamorphic Test Cases. (67%)
WaveCNet: Wavelet Integrated CNNs to Suppress Aliasing Effect for Noise-Robust Image Classification. (15%)
TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data Releasing. (2%)
2021-07-27
Towards Black-box Attacks on Deep Learning Apps. (89%)
Poisoning Online Learning Filters: DDoS Attacks and Countermeasures. (50%)
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks. (8%)
2021-07-26
Benign Adversarial Attack: Tricking Models for Goodness. (99%)
Learning to Adversarially Blur Visual Object Tracking. (98%)
Adversarial Attacks with Time-Scale Representations. (96%)
2021-07-24
Adversarial training may be a double-edged sword. (99%)
Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them. (98%)
Stress Test Evaluation of Biomedical Word Embeddings. (73%)
X-GGM: Graph Generative Modeling for Out-of-Distribution Generalization in Visual Question Answering. (1%)
2021-07-23
A Differentiable Language Model Adversarial Attack on Text Classifiers. (99%)
Structack: Structure-based Adversarial Attacks on Graph Neural Networks. (86%)
Adversarial Reinforced Instruction Attacker for Robust Vision-Language Navigation. (45%)
Clipped Hyperbolic Classifiers Are Super-Hyperbolic Classifiers. (8%)
2021-07-22
On the Certified Robustness for Ensemble Models and Beyond. (99%)
Unsupervised Detection of Adversarial Examples with Model Explanations. (99%)
Membership Inference Attack and Defense for Wireless Signal Classifiers with Deep Learning. (83%)
Towards Explaining Adversarial Examples Phenomenon in Artificial Neural Networks. (75%)
Estimating Predictive Uncertainty Under Program Data Distribution Shift. (1%)
Ready for Emerging Threats to Recommender Systems? A Graph Convolution-based Generative Shilling Attack. (1%)
2021-07-21
Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients. (98%)
Improved Text Classification via Contrastive Adversarial Training. (84%)
Black-box Probe for Unsupervised Domain Adaptation without Model Transferring. (81%)
Defending against Reconstruction Attack in Vertical Federated Learning. (10%)
Generative Models for Security: Attacks, Defenses, and Opportunities. (10%)
A Tandem Framework Balancing Privacy and Security for Voice User Interfaces. (5%)
Spinning Sequence-to-Sequence Models with Meta-Backdoors. (4%)
On the Convergence of Prior-Guided Zeroth-Order Optimization Algorithms. (2%)
2021-07-20
Using Undervolting as an On-Device Defense Against Adversarial Machine Learning Attacks. (99%)
A Markov Game Model for AI-based Cyber Security Attack Mitigation. (10%)
Leaking Secrets through Modern Branch Predictor in the Speculative World. (1%)
2021-07-19
Discriminator-Free Generative Adversarial Attack. (99%)
Feature-Filter: Detecting Adversarial Examples through Filtering off Recessive Features. (99%)
Examining the Human Perceptibility of Black-Box Adversarial Attacks on Face Recognition. (98%)
On the Veracity of Local, Model-agnostic Explanations in Audio Classification: Targeted Investigations with Adversarial Examples. (80%)
MEGEX: Data-Free Model Extraction Attack against Gradient-Based Explainable AI. (33%)
Structural Watermarking to Deep Neural Networks via Network Channel Pruning. (11%)
Generative Adversarial Neural Cellular Automata. (1%)
Improving Interpretability of Deep Neural Networks in Medical Diagnosis by Investigating the Individual Units. (1%)
Just Train Twice: Improving Group Robustness without Training Group Information. (1%)
2021-07-18
RobustFed: A Truth Inference Approach for Robust Federated Learning. (1%)
2021-07-17
BEDS-Bench: Behavior of EHR-models under Distributional Shift--A Benchmark. (9%)
2021-07-16
EGC2: Enhanced Graph Classification with Easy Graph Compression. (84%)
Proceedings of ICML 2021 Workshop on Theoretic Foundation, Criticism, and Application Trend of Explainable AI. (1%)
2021-07-15
Self-Supervised Contrastive Learning with Adversarial Perturbations for Defending Word Substitution-based Attacks. (99%)
Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving. (98%)
ECG-Adv-GAN: Detecting ECG Adversarial Examples with Conditional Generative Adversarial Networks. (92%)
Adversarial Attack for Uncertainty Estimation: Identifying Critical Regions in Neural Networks. (80%)
Subnet Replacement: Deployment-stage backdoor attack against deep neural networks in gray-box setting. (16%)
Tailor: Generating and Perturbing Text with Semantic Controls. (3%)
Shifts: A Dataset of Real Distributional Shift Across Multiple Large-Scale Tasks. (1%)
2021-07-14
AdvFilter: Predictive Perturbation-aware Filtering against Adversarial Attack via Multi-domain Learning. (99%)
Conservative Objective Models for Effective Offline Model-Based Optimization. (67%)
2021-07-13
AID-Purifier: A Light Auxiliary Network for Boosting Adversarial Defense. (88%)
Using BERT Encoding to Tackle the Mad-lib Attack in SMS Spam Detection. (69%)
Correlation Analysis between the Robustness of Sparse Neural Networks and their Random Hidden Structural Priors. (41%)
What classifiers know what they don't? (1%)
2021-07-12
EvoBA: An Evolution Strategy as a Strong Baseline forBlack-Box Adversarial Attacks. (99%)
Detect and Defense Against Adversarial Examples in Deep Learning using Natural Scene Statistics and Adaptive Denoising. (99%)
Perceptual-based deep-learning denoiser as a defense against adversarial attacks on ASR systems. (96%)
Putting words into the system's mouth: A targeted attack on neural machine translation using monolingual data poisoning. (81%)
A Closer Look at the Adversarial Robustness of Information Bottleneck Models. (70%)
SoftHebb: Bayesian inference in unsupervised Hebbian soft winner-take-all networks. (56%)
2021-07-11
Adversarial for Good? How the Adversarial ML Community's Values Impede Socially Beneficial Uses of Attacks. (76%)
Stateful Detection of Model Extraction Attacks. (2%)
Attack Rules: An Adversarial Approach to Generate Attacks for Industrial Control Systems using Machine Learning. (1%)
2021-07-10
Hack The Box: Fooling Deep Learning Abstraction-Based Monitors. (91%)
HOMRS: High Order Metamorphic Relations Selector for Deep Neural Networks. (88%)
Identifying Layers Susceptible to Adversarial Attacks. (83%)
Out of Distribution Detection and Adversarial Attacks on Deep Neural Networks for Robust Medical Image Analysis. (22%)
Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. (1%)
2021-07-09
Learning to Detect Adversarial Examples Based on Class Scores. (99%)
Resilience of Autonomous Vehicle Object Category Detection to Universal Adversarial Perturbations. (99%)
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems. (99%)
GGT: Graph-Guided Testing for Adversarial Sample Detection of Deep Neural Network. (98%)
Towards Robust General Medical Image Segmentation. (83%)
ARC: Adversarially Robust Control Policies for Autonomous Vehicles. (38%)
2021-07-08
Output Randomization: A Novel Defense for both White-box and Black-box Adversarial Models. (99%)
Improving Model Robustness with Latent Distribution Locally and Globally. (99%)
Analytically Tractable Hidden-States Inference in Bayesian Neural Networks. (50%)
Understanding the Limits of Unsupervised Domain Adaptation via Data Poisoning. (33%)
2021-07-07
Controlled Caption Generation for Images Through Adversarial Attacks. (99%)
Incorporating Label Uncertainty in Understanding Adversarial Robustness. (38%)
RoFL: Attestable Robustness for Secure Federated Learning. (2%)
2021-07-06
GradDiv: Adversarial Robustness of Randomized Neural Networks via Gradient Diversity Regularization. (99%)
Self-Adversarial Training incorporating Forgery Attention for Image Forgery Localization. (95%)
ROPUST: Improving Robustness through Fine-tuning with Photonic Processors and Synthetic Gradients. (76%)
On Generalization of Graph Autoencoders with Adversarial Training. (12%)
On Robustness of Lane Detection Models to Physical-World Adversarial Attacks in Autonomous Driving. (1%)
2021-07-05
When and How to Fool Explainable Models (and Humans) with Adversarial Examples. (99%)
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks. (99%)
Adversarial Robustness of Probabilistic Network Embedding for Link Prediction. (87%)
Dealing with Adversarial Player Strategies in the Neural Network Game iNNk through Ensemble Learning. (69%)
Understanding the Security of Deepfake Detection. (33%)
Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems. (15%)
Poisoning Attack against Estimating from Pairwise Comparisons. (15%)
Confidence Conditioned Knowledge Distillation. (10%)
2021-07-04
Certifiably Robust Interpretation via Renyi Differential Privacy. (67%)
Mirror Mirror on the Wall: Next-Generation Wireless Jamming Attacks Based on Software-Controlled Surfaces. (1%)
2021-07-03
Demiguise Attack: Crafting Invisible Semantic Adversarial Perturbations with Perceptual Similarity. (99%)
2021-07-01
Using Anomaly Feature Vectors for Detecting, Classifying and Warning of Outlier Adversarial Examples. (99%)
DVS-Attacks: Adversarial Attacks on Dynamic Vision Sensors for Spiking Neural Networks. (99%)
CLINE: Contrastive Learning with Semantic Negative Examples for Natural Language Understanding. (68%)
Adversarial Sample Detection for Speaker Verification by Neural Vocoders. (41%)
The Interplay between Distribution Parameters and the Accuracy-Robustness Tradeoff in Classification. (16%)
Reinforcement Learning for Feedback-Enabled Cyber Resilience. (10%)
2021-06-30
Single-Step Adversarial Training for Semantic Segmentation. (96%)
Understanding Adversarial Attacks on Observations in Deep Reinforcement Learning. (84%)
Explanation-Guided Diagnosis of Machine Learning Evasion Attacks. (82%)
Bi-Level Poisoning Attack Model and Countermeasure for Appliance Consumption Data of Smart Homes. (8%)
Exploring Robustness of Neural Networks through Graph Measures. (8%)
A Context-Aware Information-Based Clone Node Attack Detection Scheme in Internet of Things. (1%)
Understanding and Improving Early Stopping for Learning with Noisy Labels. (1%)
2021-06-29
Adversarial Machine Learning for Cybersecurity and Computer Vision: Current Developments and Challenges. (99%)
Understanding Adversarial Examples Through Deep Neural Network's Response Surface and Uncertainty Regions. (99%)
Attack Transferability Characterization for Adversarially Robust Multi-label Classification. (99%)
Inconspicuous Adversarial Patches for Fooling Image Recognition Systems on Mobile Devices. (99%)
Bio-Inspired Adversarial Attack Against Deep Neural Networks. (98%)
Do Not Deceive Your Employer with a Virtual Background: A Video Conferencing Manipulation-Detection System. (62%)
The Threat of Offensive AI to Organizations. (54%)
Local Reweighting for Adversarial Training. (22%)
On the Interaction of Belief Bias and Explanations. (15%)
2021-06-28
Feature Importance Guided Attack: A Model Agnostic Adversarial Attack. (99%)
Evading Adversarial Example Detection Defenses with Orthogonal Projected Gradient Descent. (99%)
Improving Transferability of Adversarial Patches on Face Recognition with Generative Models. (99%)
Data Poisoning Won't Save You From Facial Recognition. (97%)
Adversarial Robustness of Streaming Algorithms through Importance Sampling. (61%)
Test-Time Adaptation to Distribution Shift by Confidence Maximization and Input Transformation. (2%)
Certified Robustness via Randomized Smoothing over Multiplicative Parameters. (1%)
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis. (1%)
2021-06-27
RAILS: A Robust Adversarial Immune-inspired Learning System. (98%)
Who is Responsible for Adversarial Defense? (93%)
ASK: Adversarial Soft k-Nearest Neighbor Attack and Defense. (82%)
Immuno-mimetic Deep Neural Networks (Immuno-Net). (64%)
Stabilizing Equilibrium Models by Jacobian Regularization. (1%)
2021-06-26
Multi-stage Optimization based Adversarial Training. (99%)
The Feasibility and Inevitability of Stealth Attacks. (68%)
2021-06-24
On the (Un-)Avoidability of Adversarial Examples. (99%)
Countering Adversarial Examples: Combining Input Transformation and Noisy Training. (99%)
Break it, Fix it: Attack and Defense for "Add-on'' Access Control Solutions in Distributed Data Analytics Platforms. (8%)
2021-06-23
Adversarial Examples in Multi-Layer Random ReLU Networks. (81%)
Teacher Model Fingerprinting Attacks Against Transfer Learning. (2%)
Meaningfully Explaining Model Mistakes Using Conceptual Counterfactuals. (1%)
Feature Attributions and Counterfactual Explanations Can Be Manipulated. (1%)
2021-06-22
DetectX -- Adversarial Input Detection using Current Signatures in Memristive XBar Arrays. (99%)
Self-Supervised Iterative Contextual Smoothing for Efficient Adversarial Defense against Gray- and Black-Box Attack. (99%)
Long-term Cross Adversarial Training: A Robust Meta-learning Method for Few-shot Classification Tasks. (83%)
On Adversarial Robustness of Synthetic Code Generation. (81%)
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data. (67%)
2021-06-21
Policy Smoothing for Provably Robust Reinforcement Learning. (99%)
Delving into the pixels of adversarial samples. (98%)
HODA: Hardness-Oriented Detection of Model Extraction Attacks. (98%)
Friendly Training: Neural Networks Can Adapt Data To Make Learning Easier. (91%)
Membership Inference on Word Embedding and Beyond. (38%)
An Alternative Auxiliary Task for Enhancing Image Classification. (11%)
Zero-shot learning approach to adaptive Cybersecurity using Explainable AI. (1%)
2021-06-20
Adversarial Examples Make Strong Poisons. (98%)
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem. (95%)
Generative Model Adversarial Training for Deep Compressed Sensing. (8%)
2021-06-19
Attack to Fool and Explain Deep Networks. (99%)
A Stealthy and Robust Fingerprinting Scheme for Generative Models. (47%)
2021-06-18
Residual Error: a New Performance Measure for Adversarial Robustness. (99%)
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. (99%)
The Dimpled Manifold Model of Adversarial Examples in Machine Learning. (99%)
Exploring Counterfactual Explanations Through the Lens of Adversarial Examples: A Theoretical and Empirical Analysis. (99%)
Light Lies: Optical Adversarial Attack. (92%)
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection. (82%)
Less is More: Feature Selection for Adversarial Robustness with Compressive Counter-Adversarial Attacks. (80%)
Group-Structured Adversarial Training. (68%)
Accumulative Poisoning Attacks on Real-time Data. (45%)
Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks. (45%)
Federated Robustness Propagation: Sharing Adversarial Robustness in Federated Learning. (5%)
2021-06-17
Analyzing Adversarial Robustness of Deep Neural Networks in Pixel Space: a Semantic Perspective. (99%)
Bad Characters: Imperceptible NLP Attacks. (99%)
DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs. (99%)
Adversarial Visual Robustness by Causal Intervention. (99%)
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. (92%)
Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks. (91%)
Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems. (82%)
Poisoning and Backdooring Contrastive Learning. (70%)
CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing. (69%)
CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing. (64%)
On Deep Neural Network Calibration by Regularization and its Impact on Refinement. (3%)
Effective Model Sparsification by Scheduled Grow-and-Prune Methods. (1%)
2021-06-16
Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses. (99%)
Localized Uncertainty Attacks. (99%)
Evaluating the Robustness of Bayesian Neural Networks Against Different Types of Attacks. (67%)
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch. (38%)
Explainable AI for Natural Adversarial Images. (13%)
A Winning Hand: Compressing Deep Networks Can Improve Out-Of-Distribution Robustness. (2%)
Scaling-up Diverse Orthogonal Convolutional Networks with a Paraunitary Framework. (1%)
Loki: Hardening Code Obfuscation Against Automated Attacks. (1%)
2021-06-15
Adversarial Attacks on Deep Models for Financial Transaction Records. (99%)
Model Extraction and Adversarial Attacks on Neural Networks using Switching Power Information. (99%)
Towards Adversarial Robustness via Transductive Learning. (80%)
Voting for the right answer: Adversarial defense for speaker verification. (78%)
Detect and remove watermark in deep neural networks via generative adversarial networks. (68%)
CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. (13%)
Securing Face Liveness Detection Using Unforgeable Lip Motion Patterns. (12%)
Probabilistic Margins for Instance Reweighting in Adversarial Training. (8%)
CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals. (1%)
2021-06-14
PopSkipJump: Decision-Based Attack for Probabilistic Classifiers. (99%)
Now You See It, Now You Dont: Adversarial Vulnerabilities in Computational Pathology. (99%)
Audio Attacks and Defenses against AED Systems -- A Practical Study. (99%)
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions. (92%)
Evading Malware Classifiers via Monte Carlo Mutant Feature Discovery. (81%)
On the Relationship between Heterophily and Robustness of Graph Neural Networks. (81%)
Partial success in closing the gap between human and machine vision. (15%)
Text Generation with Efficient (Soft) Q-Learning. (2%)
Resilient Control of Platooning Networked Robitic Systems via Dynamic Watermarking. (1%)
Self-training Guided Adversarial Domain Adaptation For Thermal Imagery. (1%)
Code Integrity Attestation for PLCs using Black Box Neural Network Predictions. (1%)
2021-06-13
Target Model Agnostic Adversarial Attacks with Query Budgets on Language Understanding Models. (99%)
Selection of Source Images Heavily Influences the Effectiveness of Adversarial Attacks. (99%)
ATRAS: Adversarially Trained Robust Architecture Search. (96%)
Security Analysis of Camera-LiDAR Semantic-Level Fusion Against Black-Box Attacks on Autonomous Vehicles. (64%)
Weakly-supervised High-resolution Segmentation of Mammography Images for Breast Cancer Diagnosis. (1%)
HistoTransfer: Understanding Transfer Learning for Histopathology. (1%)
2021-06-12
Adversarial Robustness via Fisher-Rao Regularization. (67%)
What can linearized neural networks actually say about generalization? (31%)
FeSHI: Feature Map Based Stealthy Hardware Intrinsic Attack. (2%)
2021-06-11
CausalAdv: Adversarial Robustness through the Lens of Causality. (99%)
Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks. (99%)
Adversarial purification with Score-based generative models. (89%)
Relaxing Local Robustness. (80%)
TDGIA:Effective Injection Attacks on Graph Neural Networks. (76%)
Turn the Combination Lock: Learnable Textual Backdoor Attacks via Word Substitution. (56%)
CARTL: Cooperative Adversarially-Robust Transfer Learning. (8%)
A Shuffling Framework for Local Differential Privacy. (1%)
2021-06-10
Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm. (99%)
Deep neural network loses attention to adversarial images. (99%)
Verifying Quantized Neural Networks using SMT-Based Model Checking. (92%)
Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation. (80%)
An Ensemble Approach Towards Adversarial Robustness. (41%)
Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning. (1%)
Fair Classification with Adversarial Perturbations. (1%)
2021-06-09
HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks. (99%)
Towards Defending against Adversarial Examples via Attack-Invariant Features. (99%)
Improving White-box Robustness of Pre-processing Defenses via Joint Adversarial Training. (99%)
Attacking Adversarial Attacks as A Defense. (99%)
We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature. (98%)
Who Is the Strongest Enemy? Towards Optimal and Efficient Evasion Attacks in Deep RL. (93%)
URLTran: Improving Phishing URL Detection Using Transformers. (10%)
ZoPE: A Fast Optimizer for ReLU Networks with Low-Dimensional Inputs. (5%)
Practical Machine Learning Safety: A Survey and Primer. (4%)
Network insensitivity to parameter noise via adversarial regularization. (2%)
2021-06-08
On Improving Adversarial Transferability of Vision Transformers. (99%)
Simulated Adversarial Testing of Face Recognition Models. (99%)
Towards the Memorization Effect of Neural Networks in Adversarial Training. (93%)
Handcrafted Backdoors in Deep Neural Networks. (92%)
Enhancing Robustness of Neural Networks through Fourier Stabilization. (73%)
Provably Robust Detection of Out-of-distribution Data (almost) for free. (26%)
2021-06-07
Adversarial Attack and Defense in Deep Ranking. (99%)
Reveal of Vision Transformers Robustness against Adversarial Attacks. (99%)
Position Bias Mitigation: A Knowledge-Aware Graph Model for EmotionCause Extraction. (89%)
3DB: A Framework for Debugging Computer Vision Models. (45%)
RoSearch: Search for Robust Student Architectures When Distilling Pre-trained Language Models. (11%)
2021-06-06
A Primer on Multi-Neuron Relaxation-based Adversarial Robustness Certification. (98%)
Zero-Shot Knowledge Distillation from a Decision-Based Black-Box Model. (4%)
2021-06-05
Ensemble Defense with Data Diversity: Weak Correlation Implies Strong Robustness. (92%)
Robust Stochastic Linear Contextual Bandits Under Adversarial Attacks. (69%)
RDA: Robust Domain Adaptation via Fourier Adversarial Attacking. (2%)
2021-06-04
Revisiting Hilbert-Schmidt Information Bottleneck for Adversarial Robustness. (99%)
BO-DBA: Query-Efficient Decision-Based Adversarial Attacks via Bayesian Optimization. (99%)
Human-Adversarial Visual Question Answering. (31%)
Predify: Augmenting deep neural networks with brain-inspired predictive coding dynamics. (15%)
DOCTOR: A Simple Method for Detecting Misclassification Errors. (1%)
Teaching keyword spotters to spot new keywords with limited examples. (1%)
2021-06-03
Improving the Transferability of Adversarial Examples with New Iteration Framework and Input Dropout. (99%)
Imperceptible Adversarial Examples for Fake Image Detection. (99%)
A Little Robustness Goes a Long Way: Leveraging Universal Features for Targeted Transfer Attacks. (99%)
Transferable Adversarial Examples for Anchor Free Object Detection. (99%)
Exploring Memorization in Adversarial Training. (98%)
Improving Neural Network Robustness via Persistency of Excitation. (68%)
Defending against Backdoor Attacks in Natural Language Generation. (38%)
Sneak Attack against Mobile Robotic Networks under Formation Control. (1%)
2021-06-02
PDPGD: Primal-Dual Proximal Gradient Descent Adversarial Attack. (99%)
Towards Robustness of Text-to-SQL Models against Synonym Substitution. (75%)
BERT-Defense: A Probabilistic Model Based on BERT to Combat Cognitively Inspired Orthographic Adversarial Attacks. (62%)
2021-06-01
Adversarial Defense for Automatic Speaker Verification by Self-Supervised Learning. (99%)
Improving Compositionality of Neural Networks by Decoding Representations to Inputs. (68%)
Markpainting: Adversarial Machine Learning meets Inpainting. (12%)
On the Efficacy of Adversarial Data Collection for Question Answering: Results from a Large-Scale Randomized Study. (9%)
Adversarial VQA: A New Benchmark for Evaluating the Robustness of VQA Models. (5%)
Memory Wrap: a Data-Efficient and Interpretable Extension to Image Classification Models. (1%)
Concurrent Adversarial Learning for Large-Batch Training. (1%)
2021-05-31
Adaptive Feature Alignment for Adversarial Training. (99%)
QueryNet: An Efficient Attack Framework with Surrogates Carrying Multiple Identities. (99%)
Transferable Sparse Adversarial Attack. (99%)
Adversarial Training with Rectified Rejection. (99%)
Robustifying $\ell_\infty$ Adversarial Training to the Union of Perturbation Models. (82%)
Dominant Patterns: Critical Features Hidden in Deep Neural Networks. (80%)
Exploration and Exploitation: Two Ways to Improve Chinese Spelling Correction Models. (75%)
Gradient-based Data Subversion Attack Against Binary Classifiers. (73%)
DISSECT: Disentangled Simultaneous Explanations via Concept Traversals. (1%)
The effectiveness of feature attribution methods and its correlation with automatic evaluation scores. (1%)
2021-05-30
Generating Adversarial Examples with Graph Neural Networks. (99%)
Defending Pre-trained Language Models from Adversarial Word Substitutions Without Performance Sacrifice. (98%)
NoiLIn: Do Noisy Labels Always Hurt Adversarial Training? (62%)
Evaluating Resilience of Encrypted Traffic Classification Against Adversarial Evasion Attacks. (62%)
DAAIN: Detection of Anomalous and Adversarial Input using Normalizing Flows. (12%)
EEG-based Cross-Subject Driver Drowsiness Recognition with an Interpretable Convolutional Neural Network. (1%)
2021-05-29
Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations. (99%)
Analysis and Applications of Class-wise Robustness in Adversarial Training. (99%)
A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices. (2%)
2021-05-28
Demotivate adversarial defense in remote sensing. (99%)
AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption. (92%)
Robust Regularization with Adversarial Labelling of Perturbed Samples. (83%)
SafeAMC: Adversarial training for robust modulation recognition models. (83%)
Towards optimally abstaining from prediction. (81%)
Rethinking Noisy Label Models: Labeler-Dependent Noise with Adversarial Awareness. (76%)
Visualizing Representations of Adversarially Perturbed Inputs. (68%)
Chromatic and spatial analysis of one-pixel attacks against an image classifier. (15%)
FoveaTer: Foveated Transformer for Image Classification. (10%)
DeepMoM: Robust Deep Learning With Median-of-Means. (1%)
2021-05-27
A BIC-based Mixture Model Defense against Data Poisoning Attacks on Classifiers. (84%)
2021-05-26
Deep Repulsive Prototypes for Adversarial Robustness. (99%)
Adversarial Attack Framework on Graph Embedding Models with Limited Knowledge. (98%)
Adversarial robustness against multiple $l_p$-threat models at the price of one and how to quickly fine-tune robust models to another threat model. (93%)
Can Linear Programs Have Adversarial Examples? A Causal Perspective. (81%)
Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger. (61%)
Fooling Partial Dependence via Data Poisoning. (13%)
2021-05-25
Practical Convex Formulation of Robust One-hidden-layer Neural Network Training. (98%)
Adversarial Attack Driven Data Augmentation for Accurate And Robust Medical Image Segmentation. (98%)
Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' Outputs. (67%)
Robust Value Iteration for Continuous Control Tasks. (9%)
2021-05-24
OFEI: A Semi-black-box Android Adversarial Sample Attack Framework Against DLaaS. (99%)
Learning Security Classifiers with Verified Global Robustness Properties. (92%)
Feature Space Targeted Attacks by Statistic Alignment. (82%)
Improved OOD Generalization via Adversarial Training and Pre-training. (12%)
Out-of-Distribution Detection in Dermatology using Input Perturbation and Subset Scanning. (5%)
AirNet: Neural Network Transmission over the Air. (1%)
Every Byte Matters: Traffic Analysis of Bluetooth Wearable Devices. (1%)
Using Adversarial Attacks to Reveal the Statistical Bias in Machine Reading Comprehension Models. (1%)
Dissecting Click Fraud Autonomy in the Wild. (1%)
2021-05-23
Killing Two Birds with One Stone: Stealing Model and Inferring Attribute from BERT-based APIs. (99%)
CMUA-Watermark: A Cross-Model Universal Adversarial Watermark for Combating Deepfakes. (92%)
Regularization Can Help Mitigate Poisoning Attacks... with the Right Hyperparameters. (12%)
2021-05-22
Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems. (99%)
Exploring Robustness of Unsupervised Domain Adaptation in Semantic Segmentation. (98%)
Securing Optical Networks using Quantum-secured Blockchain: An Overview. (1%)
2021-05-21
ReLUSyn: Synthesizing Stealthy Attacks for Deep Neural Network Based Cyber-Physical Systems. (81%)
Exploring Misclassifications of Robust Neural Networks to Enhance Adversarial Attacks. (76%)
Backdoor Attacks on Self-Supervised Learning. (68%)
Intriguing Properties of Vision Transformers. (8%)
Explainable Enterprise Credit Rating via Deep Feature Crossing Network. (1%)
2021-05-20
Simple Transparent Adversarial Examples. (99%)
Anomaly Detection of Adversarial Examples using Class-conditional Generative Adversarial Networks. (99%)
Preventing Machine Learning Poisoning Attacks Using Authentication and Provenance. (11%)
TestRank: Bringing Order into Unlabeled Test Instances for Deep Learning Tasks. (1%)
2021-05-19
Attack on practical speaker verification system using universal adversarial perturbations. (99%)
Local Aggressive Adversarial Attacks on 3D Point Cloud. (99%)
An Orthogonal Classifier for Improving the Adversarial Robustness of Neural Networks. (76%)
Balancing Robustness and Sensitivity using Feature Contrastive Learning. (15%)
DeepStrike: Remotely-Guided Fault Injection Attacks on DNN Accelerator in Cloud-FPGA. (1%)
User Label Leakage from Gradients in Federated Learning. (1%)
Hunter in the Dark: Deep Ensemble Networks for Discovering Anomalous Activity from Smart Networks. (1%)
2021-05-18
Sparta: Spatially Attentive and Adversarially Robust Activation. (99%)
Detecting Adversarial Examples with Bayesian Neural Network. (99%)
Fighting Gradients with Gradients: Dynamic Defenses against Adversarial Attacks. (98%)
On the Robustness of Domain Constraints. (98%)
Learning and Certification under Instance-targeted Poisoning. (82%)
2021-05-17
Towards Robust Vision Transformer. (95%)
Gradient Masking and the Underestimated Robustness Threats of Differential Privacy in Deep Learning. (93%)
An SDE Framework for Adversarial Training, with Convergence and Robustness Analysis. (69%)
A Fusion-Denoising Attack on InstaHide with Data Augmentation. (1%)
2021-05-16
Vision Transformers are Robust Learners. (99%)
Prototype-supervised Adversarial Network for Targeted Attack of Deep Hashing. (99%)
SoundFence: Securing Ultrasonic Sensors in Vehicles Using Physical-Layer Defense. (2%)
2021-05-15
Real-time Detection of Practical Universal Adversarial Perturbations. (99%)
2021-05-14
Salient Feature Extractor for Adversarial Defense on Deep Neural Networks. (99%)
High-Robustness, Low-Transferability Fingerprinting of Neural Networks. (9%)
Information-theoretic Evolution of Model Agnostic Global Explanations. (1%)
Iterative Algorithms for Assessing Network Resilience Against Structured Perturbations. (1%)
2021-05-13
Stochastic-Shield: A Probabilistic Approach Towards Training-Free Adversarial Defense in Quantized CNNs. (98%)
When Human Pose Estimation Meets Robustness: Adversarial Algorithms and Benchmarks. (5%)
DeepObliviate: A Powerful Charm for Erasing Data Residual Memory in Deep Neural Networks. (1%)
Biometrics: Trust, but Verify. (1%)
2021-05-12
AVA: Adversarial Vignetting Attack against Visual Recognition. (99%)
OutFlip: Generating Out-of-Domain Samples for Unknown Intent Detection with Natural Language Attack. (70%)
Adversarial Reinforcement Learning in Dynamic Channel Access and Power Control. (2%)
A Statistical Threshold for Adversarial Classification in Laplace Mechanisms. (1%)
2021-05-11
Poisoning MorphNet for Clean-Label Backdoor Attack to Point Clouds. (99%)
Improving Adversarial Transferability with Gradient Refining. (99%)
Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective. (5%)
2021-05-10
Adversarial examples attack based on random warm restart mechanism and improved Nesterov momentum. (99%)
Examining and Mitigating Kernel Saturation in Convolutional Neural Networks using Negative Images. (1%)
2021-05-09
Automated Decision-based Adversarial Attacks. (99%)
Efficiency-driven Hardware Optimization for Adversarially Robust Neural Networks. (88%)
Security Concerns on Machine Learning Solutions for 6G Networks in mmWave Beam Prediction. (81%)
Robust Training Using Natural Transformation. (13%)
Learning Image Attacks toward Vision Guided Autonomous Vehicles. (4%)
Combining Time-Dependent Force Perturbations in Robot-Assisted Surgery Training. (1%)
2021-05-08
Self-Supervised Adversarial Example Detection by Disentangled Representation. (99%)
De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks. (96%)
Certified Robustness to Text Adversarial Attacks by Randomized [MASK]. (93%)
Provable Guarantees against Data Poisoning Using Self-Expansion and Compatibility. (38%)
Mental Models of Adversarial Machine Learning. (16%)
2021-05-07
Adv-Makeup: A New Imperceptible and Transferable Attack on Face Recognition. (99%)
Uniform Convergence, Adversarial Spheres and a Simple Remedy. (15%)
2021-05-06
Dynamic Defense Approach for Adversarial Robustness in Deep Neural Networks via Stochastic Ensemble Smoothed Model. (99%)
A Simple and Strong Baseline for Universal Targeted Attacks on Siamese Visual Tracking. (99%)
Understanding Catastrophic Overfitting in Adversarial Training. (92%)
Attestation Waves: Platform Trust via Remote Power Analysis. (1%)
2021-05-05
Attack-agnostic Adversarial Detection on Medical Data Using Explainable Machine Learning. (99%)
Exploiting Vulnerabilities in Deep Neural Networks: Adversarial and Fault-Injection Attacks. (97%)
Contrastive Learning and Self-Training for Unsupervised Domain Adaptation in Semantic Segmentation. (1%)
A Theoretical-Empirical Approach to Estimating Sample Complexity of DNNs. (1%)
2021-05-04
Poisoning the Unlabeled Dataset of Semi-Supervised Learning. (92%)
Broadly Applicable Targeted Data Sample Omission Attacks. (68%)
An Overview of Laser Injection against Embedded Neural Network Models. (2%)
2021-05-03
Physical world assistive signals for deep neural network classifiers -- neither defense nor attack. (83%)
Black-Box Dissector: Towards Erasing-based Hard-Label Model Stealing Attack. (73%)
2021-05-02
Intriguing Usage of Applicability Domain: Lessons from Cheminformatics Applied to Adversarial Learning. (99%)
Who's Afraid of Adversarial Transferability? (99%)
Multi-Robot Coordination and Planning in Uncertain and Adversarial Environments. (10%)
GRNN: Generative Regression Neural Network -- A Data Leakage Attack for Federated Learning. (2%)
Spinner: Automated Dynamic Command Subsystem Perturbation. (1%)
2021-05-01
Adversarial Example Detection for DNN Models: A Review and Experimental Comparison. (99%)
A Perceptual Distortion Reduction Framework: Towards Generating Adversarial Examples with High Perceptual Quality and Attack Success Rate. (98%)
On the Adversarial Robustness of Quantized Neural Networks. (75%)
Hidden Backdoors in Human-Centric Language Models. (73%)
One Detector to Rule Them All: Towards a General Deepfake Attack Detection Framework. (62%)
A Master Key Backdoor for Universal Impersonation Attack against DNN-based Face Verification. (62%)
Load Oscillating Attacks of Smart Grids: Demand Strategies and Vulnerability Analysis. (2%)
RATT: Leveraging Unlabeled Data to Guarantee Generalization. (1%)
2021-04-30
Deep Image Destruction: A Comprehensive Study on Vulnerability of Deep Image-to-Image Models against Adversarial Attacks. (99%)
Black-box Gradient Attack on Graph Neural Networks: Deeper Insights in Graph-based Attack and Defense. (99%)
Black-box adversarial attacks using Evolution Strategies. (98%)
IPatch: A Remote Adversarial Patch. (97%)
DeFiRanger: Detecting Price Manipulation Attacks on DeFi Applications. (10%)
FIPAC: Thwarting Fault- and Software-Induced Control-Flow Attacks with ARM Pointer Authentication. (2%)
2021-04-29
GasHis-Transformer: A Multi-scale Visual Transformer Approach for Gastric Histopathology Image Classification. (67%)
A neural anisotropic view of underspecification in deep learning. (26%)
Analytical bounds on the local Lipschitz constants of ReLU networks. (12%)
Learning Robust Variational Information Bottleneck with Reference. (5%)
2021-04-28
AdvHaze: Adversarial Haze Attack. (99%)
2021-04-27
Improved and Efficient Text Adversarial Attacks using Target Information. (97%)
Metamorphic Detection of Repackaged Malware. (91%)
Structure-Aware Hierarchical Graph Pooling using Information Bottleneck. (2%)
Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model's Complexity. (1%)
2021-04-26
Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT. (99%)
Delving into Data: Effectively Substitute Training for Black-box Attack. (99%)
secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python. (99%)
Impact of Spatial Frequency Based Constraints on Adversarial Robustness. (98%)
PatchGuard++: Efficient Provable Attack Detection against Adversarial Patches. (87%)
Good Artists Copy, Great Artists Steal: Model Extraction Attacks Against Image Translation Generative Adversarial Networks. (22%)
2021-04-25
3D Adversarial Attacks Beyond Point Cloud. (99%)
Making Generated Images Hard To Spot: A Transferable Attack On Synthetic Image Detectors. (81%)
2021-04-24
Influence Based Defense Against Data Poisoning Attacks in Online Learning. (99%)
2021-04-23
Theoretical Study of Random Noise Defense against Query-Based Black-Box Attacks. (98%)
Evaluating Deception Detection Model Robustness To Linguistic Variation. (82%)
Lightweight Detection of Out-of-Distribution and Adversarial Samples via Channel Mean Discrepancy. (3%)
Improving Neural Silent Speech Interface Models by Adversarial Training. (1%)
2021-04-22
Towards Adversarial Patch Analysis and Certified Defense against Crowd Counting. (99%)
Learning Transferable 3D Adversarial Cloaks for Deep Trained Detectors. (98%)
Performance Evaluation of Adversarial Attacks: Discrepancies and Solutions. (86%)
Operator Shifting for General Noisy Matrix Systems. (56%)
SPECTRE: Defending Against Backdoor Attacks Using Robust Statistics. (22%)
2021-04-21
Dual Head Adversarial Training. (99%)
Mixture of Robust Experts (MoRE): A Flexible Defense Against Multiple Perturbations. (99%)
Robust Certification for Laplace Learning on Geometric Graphs. (96%)
Jacobian Regularization for Mitigating Universal Adversarial Perturbations. (95%)
Dataset Inference: Ownership Resolution in Machine Learning. (83%)
2021-04-20
Adversarial Training for Deep Learning-based Intrusion Detection Systems. (99%)
MixDefense: A Defense-in-Depth Framework for Adversarial Example Detection Based on Statistical and Semantic Analysis. (99%)
MagicPai at SemEval-2021 Task 7: Method for Detecting and Rating Humor Based on Multi-Task Adversarial Training. (64%)
Does enhanced shape bias improve neural network robustness to common corruptions? (26%)
Robust Sensor Fusion Algorithms Against Voice Command Attacks in Autonomous Vehicles. (9%)
Network Defense is Not a Game. (1%)
2021-04-19
Staircase Sign Method for Boosting Adversarial Attacks. (99%)
Improving Adversarial Robustness Using Proxy Distributions. (99%)
Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models. (99%)
LAFEAT: Piercing Through Adversarial Defenses with Latent Features. (99%)
Removing Adversarial Noise in Class Activation Feature Space. (99%)
Direction-Aggregated Attack for Transferable Adversarial Examples. (99%)
Manipulating SGD with Data Ordering Attacks. (95%)
Provable Robustness of Adversarial Training for Learning Halfspaces with Noise. (22%)
Protecting the Intellectual Properties of Deep Neural Networks with an Additional Class and Steganographic Images. (11%)
Semi-Supervised Domain Adaptation with Prototypical Alignment and Consistency Learning. (1%)
2021-04-18
Best Practices for Noise-Based Augmentation to Improve the Performance of Emotion Recognition "In the Wild". (83%)
Making Attention Mechanisms More Robust and Interpretable with Virtual Adversarial Training. (22%)
On the Sensitivity and Stability of Model Interpretations in NLP. (1%)
2021-04-17
Attacking Text Classifiers via Sentence Rewriting Sampler. (99%)
Rethinking Image-Scaling Attacks: The Interplay Between Vulnerabilities in Machine Learning Systems. (99%)
Improving Question Answering Model Robustness with Synthetic Adversarial Data Generation. (98%)
Improving Zero-Shot Cross-Lingual Transfer Learning via Robust Training. (87%)
AM2iCo: Evaluating Word Meaning in Context across Low-ResourceLanguages with Adversarial Examples. (15%)
2021-04-16
Fashion-Guided Adversarial Attack on Person Segmentation. (99%)
Towards Variable-Length Textual Adversarial Attacks. (99%)
An Adversarially-Learned Turing Test for Dialog Generation Models. (96%)
Random and Adversarial Bit Error Robustness: Energy-Efficient and Secure DNN Accelerators. (83%)
Lower Bounds on Cross-Entropy Loss in the Presence of Test-time Adversaries. (2%)
2021-04-15
Gradient-based Adversarial Attacks against Text Transformers. (99%)
Robust Backdoor Attacks against Deep Neural Networks in Real Physical World. (86%)
Are Multilingual BERT models robust? A Case Study on Adversarial Attacks for Multilingual Question Answering. (12%)
Federated Learning for Malware Detection in IoT Devices. (10%)
2021-04-14
Meaningful Adversarial Stickers for Face Recognition in Physical World. (98%)
Orthogonalizing Convolutional Layers with the Cayley Transform. (80%)
Defending Against Adversarial Denial-of-Service Data Poisoning Attacks. (38%)
Improved Branch and Bound for Neural Network Verification via Lagrangian Decomposition. (1%)
2021-04-13
Mitigating Adversarial Attack for Compute-in-Memory Accelerator Utilizing On-chip Finetune. (99%)
Detecting Operational Adversarial Examples for Reliable Deep Learning. (82%)
Fall of Giants: How popular text-based MLaaS fall against a simple evasion attack. (75%)
2021-04-12
Sparse Coding Frontend for Robust Neural Networks. (99%)
A Backdoor Attack against 3D Point Cloud Classifiers. (96%)
Plot-guided Adversarial Example Construction for Evaluating Open-domain Story Generation. (56%)
Double Perturbation: On the Robustness of Robustness and Counterfactual Bias Evaluation. (50%)
Thief, Beware of What Get You There: Towards Understanding Model Extraction Attack. (1%)
2021-04-11
Achieving Model Robustness through Discrete Adversarial Training. (99%)
Pay attention to your loss: understanding misconceptions about 1-Lipschitz neural networks. (1%)
2021-04-10
Fool Me Twice: Entailment from Wikipedia Gamification. (61%)
Adversarial Regularization as Stackelberg Game: An Unrolled Optimization Approach. (15%)
Disentangled Contrastive Learning for Learning Robust Textual Representations. (11%)
2021-04-09
Relating Adversarially Robust Generalization to Flat Minima. (99%)
SPoTKD: A Protocol for Symmetric Key Distribution over Public Channels Using Self-Powered Timekeeping Devices. (1%)
Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication. (1%)
Learning Sampling Policy for Faster Derivative Free Optimization. (1%)
2021-04-08
FACESEC: A Fine-grained Robustness Evaluation Framework for Face Recognition Systems. (98%)
Explainability-based Backdoor Attacks Against Graph Neural Networks. (15%)
A single gradient step finds adversarial examples on random two-layers neural networks. (10%)
Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses. (8%)
2021-04-07
Universal Adversarial Training with Class-Wise Perturbations. (99%)
The art of defense: letting networks fool the attacker. (98%)
Universal Spectral Adversarial Attacks for Deformable Shapes. (81%)
Adversarial Robustness Guarantees for Gaussian Processes. (68%)
Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective. (61%)
Improving Robustness of Deep Reinforcement Learning Agents: Environment Attacks based on Critic Networks. (10%)
Sparse Oblique Decision Trees: A Tool to Understand and Manipulate Neural Net Features. (3%)
An Object Detection based Solver for Google's Image reCAPTCHA v2. (1%)
2021-04-06
Exploring Targeted Universal Adversarial Perturbations to End-to-end ASR Models. (93%)
Adversarial Robustness under Long-Tailed Distribution. (89%)
Robust Adversarial Classification via Abstaining. (75%)
Backdoor Attack in the Physical World. (2%)
2021-04-05
Robust Classification Under $\ell_0$ Attack for the Gaussian Mixture Model. (99%)
Adaptive Clustering of Robust Semantic Representations for Adversarial Image Purification. (98%)
BBAEG: Towards BERT-based Biomedical Adversarial Example Generation for Text Classification. (96%)
Deep Learning-Based Autonomous Driving Systems: A Survey of Attacks and Defenses. (74%)
Can audio-visual integration strengthen robustness under multimodal attacks? (68%)
Jekyll: Attacking Medical Image Diagnostics using Deep Generative Models. (33%)
Unified Detection of Digital and Physical Face Attacks. (8%)
Beyond Categorical Label Representations for Image Classification. (2%)
Rethinking Perturbations in Encoder-Decoders for Fast Training. (1%)
2021-04-04
Semantically Stealthy Adversarial Attacks against Segmentation Models. (99%)
Reliably fast adversarial training via latent adversarial perturbation. (93%)
2021-04-03
Mitigating Gradient-based Adversarial Attacks via Denoising and Compression. (99%)
Gradient-based Adversarial Deep Modulation Classification with Data-driven Subsampling. (93%)
Property-driven Training: All You (N)Ever Wanted to Know About. (38%)
2021-04-02
Defending Against Image Corruptions Through Adversarial Augmentations. (92%)
RABA: A Robust Avatar Backdoor Attack on Deep Neural Network. (83%)
Diverse Gaussian Noise Consistency Regularization for Robustness and Uncertainty Calibration under Noise Domain Shifts. (2%)
Fast-adapting and Privacy-preserving Federated Recommender System. (1%)
2021-04-01
TRS: Transferability Reduced Ensemble via Encouraging Gradient Diversity and Model Smoothness. (99%)
Domain Invariant Adversarial Learning. (98%)
Normal vs. Adversarial: Salience-based Analysis of Adversarial Samples for Relation Extraction. (93%)
Towards Evaluating and Training Verifiably Robust Neural Networks. (45%)
Augmenting Zero Trust Architecture to Endpoints Using Blockchain: A Systematic Review. (3%)
Learning from Noisy Labels via Dynamic Loss Thresholding. (1%)
2021-03-31
Adversarial Heart Attack: Neural Networks Fooled to Segment Heart Symbols in Chest X-Ray Images. (99%)
Adversarial Attacks and Defenses for Speech Recognition Systems. (99%)
Fast Certified Robust Training with Short Warmup. (86%)
Fast Jacobian-Vector Product for Deep Networks. (22%)
Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid. (2%)
Digital Forensics vs. Anti-Digital Forensics: Techniques, Limitations and Recommendations. (1%)
2021-03-30
On the Robustness of Vision Transformers to Adversarial Examples. (99%)
Class-Aware Robust Adversarial Training for Object Detection. (96%)
PointBA: Towards Backdoor Attacks in 3D Point Cloud. (92%)
What Causes Optical Flow Networks to be Vulnerable to Physical Adversarial Attacks. (91%)
Statistical inference for individual fairness. (67%)
Learning Lipschitz Feedback Policies from Expert Demonstrations: Closed-Loop Guarantees, Generalization and Robustness. (47%)
Improving robustness against common corruptions with frequency biased models. (1%)
2021-03-29
Lagrangian Objective Function Leads to Improved Unforeseen Attack Generalization in Adversarial Training. (99%)
Enhancing the Transferability of Adversarial Attacks through Variance Tuning. (99%)
On the Adversarial Robustness of Vision Transformers. (99%)
ZeroGrad : Mitigating and Explaining Catastrophic Overfitting in FGSM Adversarial Training. (95%)
Certifiably-Robust Federated Adversarial Learning via Randomized Smoothing. (93%)
Fooling LiDAR Perception via Adversarial Trajectory Perturbation. (83%)
Robust Reinforcement Learning under model misspecification. (31%)
Automating Defense Against Adversarial Attacks: Discovery of Vulnerabilities and Application of Multi-INT Imagery to Protect Deployed Models. (16%)
MISA: Online Defense of Trojaned Models using Misattributions. (10%)
Be Careful about Poisoned Word Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models. (9%)
Selective Output Smoothing Regularization: Regularize Neural Networks by Softening Output Distributions. (1%)
2021-03-28
Improved Autoregressive Modeling with Distribution Smoothing. (86%)
2021-03-27
On the benefits of robust models in modulation recognition. (99%)
IoU Attack: Towards Temporally Coherent Black-Box Adversarial Attack for Visual Object Tracking. (99%)
LiBRe: A Practical Bayesian Approach to Adversarial Detection. (99%)
2021-03-26
Cyclic Defense GAN Against Speech Adversarial Attacks. (99%)
Combating Adversaries with Anti-Adversaries. (93%)
On Generating Transferable Targeted Perturbations. (93%)
Building Reliable Explanations of Unreliable Neural Networks: Locally Smoothing Perspective of Model Interpretation. (86%)
Ensemble-in-One: Learning Ensemble within Random Gated Networks for Enhanced Adversarial Robustness. (83%)
Visual Explanations from Spiking Neural Networks using Interspike Intervals. (62%)
Unsupervised Robust Domain Adaptation without Source Data. (13%)
2021-03-25
Adversarial Attacks are Reversible with Natural Supervision. (99%)
Adversarial Attacks on Deep Learning Based mmWave Beam Prediction in 5G and Beyond. (98%)
MagDR: Mask-guided Detection and Reconstruction for Defending Deepfakes. (81%)
Deep-RBF Networks for Anomaly Detection in Automotive Cyber-Physical Systems. (70%)
Orthogonal Projection Loss. (45%)
THAT: Two Head Adversarial Training for Improving Robustness at Scale. (26%)
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography. (11%)
HufuNet: Embedding the Left Piece as Watermark and Keeping the Right Piece for Ownership Verification in Deep Neural Networks. (10%)
The Geometry of Over-parameterized Regression and Adversarial Perturbations. (2%)
Synthesize-It-Classifier: Learning a Generative Classifier through RecurrentSelf-analysis. (1%)
Spirit Distillation: Precise Real-time Prediction with Insufficient Data. (1%)
Recent Advances in Large Margin Learning. (1%)
2021-03-24
Towards Both Accurate and Robust Neural Networks without Extra Data. (99%)
Vulnerability of Appearance-based Gaze Estimation. (97%)
Black-box Detection of Backdoor Attacks with Limited Information and Data. (96%)
Deepfake Forensics via An Adversarial Game. (10%)
2021-03-23
Robust and Accurate Object Detection via Adversarial Learning. (98%)
CLIP: Cheap Lipschitz Training of Neural Networks. (96%)
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers? (92%)
Characterizing and Improving the Robustness of Self-Supervised Learning through Background Augmentations. (87%)
RPATTACK: Refined Patch Attack on General Object Detectors. (76%)
NNrepair: Constraint-based Repair of Neural Network Classifiers. (50%)
Are all outliers alike? On Understanding the Diversity of Outliers for Detecting OODs. (31%)
Improved Estimation of Concentration Under $\ell_p$-Norm Distance Metrics Using Half Spaces. (22%)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. (1%)
2021-03-22
Grey-box Adversarial Attack And Defence For Sentiment Classification. (99%)
Fast Approximate Spectral Normalization for Robust Deep Neural Networks. (98%)
Spatio-Temporal Sparsification for General Robust Graph Convolution Networks. (87%)
RA-BNN: Constructing Robust & Accurate Binary Neural Network to Simultaneously Defend Adversarial Bit-Flip Attack and Improve Accuracy. (75%)
Adversarial Feature Augmentation and Normalization for Visual Recognition. (13%)
Adversarially Optimized Mixup for Robust Classification. (13%)
2021-03-21
ExAD: An Ensemble Approach for Explanation-based Adversarial Detection. (99%)
TextFlint: Unified Multilingual Robustness Evaluation Toolkit for Natural Language Processing. (75%)
Natural Perturbed Training for General Robustness of Neural Network Classifiers. (38%)
Self adversarial attack as an augmentation method for immunohistochemical stainings. (33%)
2021-03-20
Robust Models Are More Interpretable Because Attributions Look Normal. (15%)
2021-03-19
LSDAT: Low-Rank and Sparse Decomposition for Decision-based Adversarial Attack. (99%)
SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems. (93%)
Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions. (86%)
Interpretable Deep Learning: Interpretation, Interpretability, Trustworthiness, and Beyond. (2%)
2021-03-18
Generating Adversarial Computer Programs using Optimized Obfuscations. (99%)
Boosting Adversarial Transferability through Enhanced Momentum. (99%)
Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles. (98%)
Enhancing Transformer for Video Understanding Using Gated Multi-Level Attention and Temporal Adversarial Training. (76%)
Model Extraction and Adversarial Transferability, Your BERT is Vulnerable! (69%)
TOP: Backdoor Detection in Neural Networks via Transferability of Perturbation. (61%)
Noise Modulation: Let Your Model Interpret Itself. (54%)
KoDF: A Large-scale Korean DeepFake Detection Dataset. (16%)
Reading Isn't Believing: Adversarial Attacks On Multi-Modal Neurons. (9%)
2021-03-17
Can Targeted Adversarial Examples Transfer When the Source and Target Models Have No Label Space Overlap? (99%)
Adversarial Attacks on Camera-LiDAR Models for 3D Car Detection. (98%)
Improved, Deterministic Smoothing for L1 Certified Robustness. (82%)
Understanding Generalization in Adversarial Training via the Bias-Variance Decomposition. (41%)
Code-Mixing on Sesame Street: Dawn of the Adversarial Polyglots. (38%)
Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss. (13%)
2021-03-16
Adversarial YOLO: Defense Human Detection Patch Attacks via Detecting Adversarial Patches. (92%)
Adversarial Driving: Attacking End-to-End Autonomous Driving Systems. (80%)
Anti-Adversarially Manipulated Attributions for Weakly and Semi-Supervised Semantic Segmentation. (75%)
Bio-inspired Robustness: A Review. (70%)
2021-03-15
Constant Random Perturbations Provide Adversarial Robustness with Minimal Effect on Accuracy. (83%)
Adversarial Training is Not Ready for Robot Learning. (67%)
HDTest: Differential Fuzz Testing of Brain-Inspired Hyperdimensional Computing. (64%)
Understanding invariance via feedforward inversion of discriminatively trained classifiers. (10%)
Meta-Solver for Neural Ordinary Differential Equations. (2%)
2021-03-14
Towards Robust Speech-to-Text Adversarial Attack. (99%)
BreakingBED -- Breaking Binary and Efficient Deep Neural Networks by Adversarial Attacks. (98%)
Multi-Discriminator Sobolev Defense-GAN Against Adversarial Attacks for End-to-End Speech Systems. (82%)
Membership Inference Attacks on Machine Learning: A Survey. (68%)
2021-03-13
Attack as Defense: Characterizing Adversarial Examples using Robustness. (99%)
Generating Unrestricted Adversarial Examples via Three Parameters. (99%)
Simeon -- Secure Federated Machine Learning Through Iterative Filtering. (12%)
2021-03-12
Learning Defense Transformers for Counterattacking Adversarial Examples. (99%)
Internal Wasserstein Distance for Adversarial Attack and Defense. (99%)
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Adversarial Machine Learning Security Problems for 6G: mmWave Beam Prediction Use-Case. (82%)
Network Environment Design for Autonomous Cyberdefense. (1%)
2021-03-11
Stochastic-HMDs: Adversarial Resilient Hardware Malware Detectors through Voltage Over-scaling. (99%)
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Verification. (99%)
Adversarial Laser Beam: Effective Physical-World Attack to DNNs in a Blink. (99%)
DAFAR: Detecting Adversaries by Feedback-Autoencoder Reconstruction. (99%)
ReinforceBug: A Framework to Generate Adversarial Textual Examples. (97%)
Multi-Task Federated Reinforcement Learning with Adversaries. (15%)
BODAME: Bilevel Optimization for Defense Against Model Extraction. (8%)
2021-03-10
Improving Adversarial Robustness via Channel-wise Activation Suppressing. (99%)
TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack. (92%)
VideoMoCo: Contrastive Video Representation Learning with Temporally Adversarial Examples. (67%)
Fine-tuning of Pre-trained End-to-end Speech Recognition with Generative Adversarial Networks. (1%)
2021-03-09
Stabilized Medical Image Attacks. (99%)
Revisiting Model's Uncertainty and Confidences for Adversarial Example Detection. (99%)
Practical Relative Order Attack in Deep Ranking. (99%)
BASAR:Black-box Attack on Skeletal Action Recognition. (99%)
Understanding the Robustness of Skeleton-based Action Recognition under Adversarial Attack. (98%)
Deep Learning for Android Malware Defenses: a Systematic Literature Review. (11%)
Robust Black-box Watermarking for Deep NeuralNetwork using Inverse Document Frequency. (10%)
Towards Strengthening Deep Learning-based Side Channel Attacks with Mixup. (2%)
2021-03-08
Packet-Level Adversarial Network Traffic Crafting using Sequence Generative Adversarial Networks. (99%)
Enhancing Transformation-based Defenses against Adversarial Examples with First-Order Perturbations. (99%)
Contemplating real-world object classification. (81%)
Consistency Regularization for Adversarial Robustness. (50%)
Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses. (2%)
Deeply Unsupervised Patch Re-Identification for Pre-training Object Detectors. (1%)
Deep Model Intellectual Property Protection via Deep Watermarking. (1%)
2021-03-07
Universal Adversarial Perturbations and Image Spam Classifiers. (99%)
Detecting Adversarial Examples from Sensitivity Inconsistency of Spatial-Transform Domain. (99%)
Improving Global Adversarial Robustness Generalization With Adversarially Trained GAN. (99%)
Insta-RS: Instance-wise Randomized Smoothing for Improved Robustness and Accuracy. (76%)
2021-03-06
T-Miner: A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification. (98%)
Hidden Backdoor Attack against Semantic Segmentation Models. (93%)
2021-03-05
Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence. (13%)
Don't Forget to Sign the Gradients! (10%)
Tor circuit fingerprinting defenses using adaptive padding. (1%)
2021-03-04
Hard-label Manifolds: Unexpected Advantages of Query Efficiency for Finding On-manifold Adversarial Examples. (99%)
WaveGuard: Understanding and Mitigating Audio Adversarial Examples. (99%)
Towards Evaluating the Robustness of Deep Diagnostic Models by Adversarial Attack. (99%)
QAIR: Practical Query-efficient Black-Box Attacks for Image Retrieval. (99%)
SpectralDefense: Detecting Adversarial Attacks on CNNs in the Fourier Domain. (99%)
Gradient-Guided Dynamic Efficient Adversarial Training. (96%)
PointGuard: Provably Robust 3D Point Cloud Classification. (92%)
Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods. (12%)
A Novel Framework for Threat Analysis of Machine Learning-based Smart Healthcare Systems. (1%)
On the privacy-utility trade-off in differentially private hierarchical text classification. (1%)
2021-03-03
Structure-Preserving Progressive Low-rank Image Completion for Defending Adversarial Attacks. (99%)
A Modified Drake Equation for Assessing Adversarial Risk to Machine Learning Models. (89%)
Shift Invariance Can Reduce Adversarial Robustness. (87%)
A Robust Adversarial Network-Based End-to-End Communications System With Strong Generalization Ability Against Adversarial Attacks. (81%)
On the effectiveness of adversarial training against common corruptions. (67%)
Formalizing Generalization and Robustness of Neural Networks to Weight Perturbations. (64%)
2021-03-02
Evaluating the Robustness of Geometry-Aware Instance-Reweighted Adversarial Training. (99%)
A Survey On Universal Adversarial Attack. (99%)
Online Adversarial Attacks. (99%)
Adversarial Examples for Unsupervised Machine Learning Models. (98%)
DeepCert: Verification of Contextually Relevant Robustness for Neural Network Image Classifiers. (97%)
ActiveGuard: An Active DNN IP Protection Technique via Adversarial Examples. (97%)
Fixing Data Augmentation to Improve Adversarial Robustness. (69%)
A Brief Survey on Deep Learning Based Data Hiding. (54%)
Group-wise Inhibition based Feature Regularization for Robust Classification. (16%)
DP-InstaHide: Provably Defusing Poisoning and Backdoor Attacks with Differentially Private Data Augmentations. (1%)
2021-03-01
Dual Attention Suppression Attack: Generate Adversarial Camouflage in Physical World. (99%)
Brain Programming is Immune to Adversarial Attacks: Towards Accurate and Robust Image Classification using Symbolic Learning. (99%)
Smoothness Analysis of Adversarial Training. (98%)
Explaining Adversarial Vulnerability with a Data Sparsity Hypothesis. (96%)
Mind the box: $l_1$-APGD for sparse adversarial attacks on image classifiers. (93%)
Adversarial training in communication constrained federated learning. (87%)
Counterfactual Explanations for Oblique Decision Trees: Exact, Efficient Algorithms. (82%)
Am I a Real or Fake Celebrity? Measuring Commercial Face Recognition Web APIs under Deepfake Impersonation Attack. (70%)
A Multiclass Boosting Framework for Achieving Fast and Provable Adversarial Robustness. (64%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (62%)
2021-02-28
Model-Agnostic Defense for Lane Detection against Adversarial Attack. (98%)
Robust learning under clean-label attack. (22%)
2021-02-27
Effective Universal Unrestricted Adversarial Attacks using a MOE Approach. (98%)
Tiny Adversarial Mulit-Objective Oneshot Neural Architecture Search. (93%)
End-to-end Uncertainty-based Mitigation of Adversarial Attacks to Automated Lane Centering. (73%)
Adversarial Information Bottleneck. (33%)
Neuron Coverage-Guided Domain Generalization. (2%)
2021-02-26
What Doesn't Kill You Makes You Robust(er): Adversarial Training against Poisons and Backdoors.
NEUROSPF: A tool for the Symbolic Analysis of Neural Networks. (68%)
2021-02-25
On Instabilities of Conventional Multi-Coil MRI Reconstruction to Small Adverserial Perturbations.
Do Input Gradients Highlight Discriminative Features?
Nonlinear Projection Based Gradient Estimation for Query Efficient Blackbox Attacks.
Understanding Robustness in Teacher-Student Setting: A New Perspective.
Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints.
Cybersecurity Threats in Connected and Automated Vehicles based Federated Learning Systems.
A statistical framework for efficient out of distribution detection in deep neural networks. (1%)
2021-02-24
Confidence Calibration with Bounded Error Using Transformations.
Sketching Curvature for Efficient Out-of-Distribution Detection for Deep Neural Networks.
Robust SleepNets.
Multiplicative Reweighting for Robust Neural Network Optimization.
Identifying Untrustworthy Predictions in Neural Networks by Geometric Gradient Analysis.
Graphfool: Targeted Label Adversarial Attack on Graph Embedding.
2021-02-23
The Sensitivity of Word Embeddings-based Author Detection Models to Semantic-preserving Adversarial Perturbations.
Rethinking Natural Adversarial Examples for Classification Models.
Automated Discovery of Adaptive Attacks on Adversarial Defenses.
Adversarial Robustness with Non-uniform Perturbations.
Non-Singular Adversarial Robustness of Neural Networks.
Enhancing Model Robustness By Incorporating Adversarial Knowledge Into Semantic Representation.
Adversarial Examples Detection beyond Image Space.
Oriole: Thwarting Privacy against Trustworthy Deep Learning Models.
2021-02-22
On the robustness of randomized classifiers to adversarial examples.
Resilience of Bayesian Layer-Wise Explanations under Adversarial Attacks.
Man-in-The-Middle Attacks and Defense in a Power System Cyber-Physical Testbed.
Sandwich Batch Normalization: A Drop-In Replacement for Feature Distribution Heterogeneity.
2021-02-21
The Effects of Image Distribution and Task on Adversarial Robustness.
A Zeroth-Order Block Coordinate Descent Algorithm for Huge-Scale Black-Box Optimization.
Constrained Optimization to Train Neural Networks on Critical and Under-Represented Classes. (1%)
2021-02-20
On Fast Adversarial Robustness Adaptation in Model-Agnostic Meta-Learning.
Measuring $\ell_\infty$ Attacks by the $\ell_2$ Norm.
2021-02-19
A PAC-Bayes Analysis of Adversarial Robustness.
Effective and Efficient Vote Attack on Capsule Networks.
2021-02-18
Random Projections for Improved Adversarial Robustness.
Fortify Machine Learning Production Systems: Detect and Classify Adversarial Attacks.
Make Sure You're Unsure: A Framework for Verifying Probabilistic Specifications.
Center Smoothing: Provable Robustness for Functions with Metric-Space Outputs.
2021-02-17
Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids.
Improving Hierarchical Adversarial Robustness of Deep Neural Networks.
Consistent Non-Parametric Methods for Maximizing Robustness.
Bridging the Gap Between Adversarial Robustness and Optimization Bias.
2021-02-16
Globally-Robust Neural Networks.
A Law of Robustness for Weight-bounded Neural Networks.
Just Noticeable Difference for Machine Perception and Generation of Regularized Adversarial Images with Minimal Perturbation.
2021-02-15
Data Profiling for Adversarial Training: On the Ruin of Problematic Data.
Certified Robustness to Programmable Transformations in LSTMs.
Generating Structured Adversarial Attacks Using Frank-Wolfe Method.
Universal Adversarial Examples and Perturbations for Quantum Classifiers.
Low Curvature Activations Reduce Overfitting in Adversarial Training.
And/or trade-off in artificial neurons: impact on adversarial robustness.
Certifiably Robust Variational Autoencoders.
2021-02-14
Guided Interpolation for Adversarial Training.
Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS.
Exploring Adversarial Robustness of Deep Metric Learning.
Adversarial Attack on Network Embeddings via Supervised Network Poisoning.
Perceptually Constrained Adversarial Attacks.
CAP-GAN: Towards Adversarial Robustness with Cycle-consistent Attentional Purification.
Cross-modal Adversarial Reprogramming.
2021-02-13
Mixed Nash Equilibria in the Adversarial Examples Game.
Adversarial defense for automatic speaker verification by cascaded self-supervised learning models.
2021-02-12
UAVs Path Deviation Attacks: Survey and Research Challenges.
Universal Adversarial Perturbations Through the Lens of Deep Steganography: Towards A Fourier Perspective.
Universal Adversarial Perturbations for Malware.
On the Paradox of Certified Training. (13%)
2021-02-11
Adversarially robust deepfake media detection using fused convolutional neural network predictions.
Defuse: Harnessing Unrestricted Adversarial Examples for Debugging Models Beyond Test Accuracy.
RobOT: Robustness-Oriented Testing for Deep Learning Systems.
2021-02-10
Meta Federated Learning.
Adversarial Robustness: What fools you makes you stronger.
CIFS: Improving Adversarial Robustness of CNNs via Channel-wise Importance-based Feature Selection.
Dompteur: Taming Audio Adversarial Examples.
Enhancing Real-World Adversarial Patches through 3D Modeling of Complex Target Scenes.
Towards Certifying L-infinity Robustness using Neural Networks with L-inf-dist Neurons.
RoBIC: A benchmark suite for assessing classifiers robustness.
Bayesian Inference with Certifiable Adversarial Robustness.
2021-02-09
Target Training Does Adversarial Training Without Adversarial Samples.
Security and Privacy for Artificial Intelligence: Opportunities and Challenges.
"What's in the box?!": Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models.
Adversarial Perturbations Are Not So Weird: Entanglement of Robust and Non-Robust Features in Neural Network Classifiers.
Detecting Localized Adversarial Examples: A Generic Approach using Critical Region Analysis.
Making Paper Reviewing Robust to Bid Manipulation Attacks.
Towards Bridging the gap between Empirical and Certified Robustness against Adversarial Examples.
2021-02-08
Efficient Certified Defenses Against Patch Attacks on Image Classifiers.
A Real-time Defense against Website Fingerprinting Attacks.
Benford's law: what does it say on adversarial images?
Exploiting epistemic uncertainty of the deep learning models to generate adversarial samples.
2021-02-07
Adversarial example generation with AdaBelief Optimizer and Crop Invariance.
Adversarial Imaging Pipelines.
2021-02-06
SPADE: A Spectral Method for Black-Box Adversarial Robustness Evaluation.
2021-02-05
Corner Case Generation and Analysis for Safety Assessment of Autonomous Vehicles.
Model Agnostic Answer Reranking System for Adversarial Question Answering.
Robust Single-step Adversarial Training with Regularizer.
Understanding the Interaction of Adversarial Training with Noisy Labels.
Optimal Transport as a Defense Against Adversarial Attacks.
2021-02-04
DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks.
Adversarial Training Makes Weight Loss Landscape Sharper in Logistic Regression.
Adversarial Robustness Study of Convolutional Neural Network for Lumbar Disk Shape Reconstruction from MR images.
PredCoin: Defense against Query-based Hard-label Attack.
Adversarial Attacks and Defenses in Physiological Computing: A Systematic Review.
Audio Adversarial Examples: Attacks Using Vocal Masks.
ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models.
2021-02-03
Adversarially Robust Learning with Unknown Perturbation Sets.
IWA: Integrated Gradient based White-box Attacks for Fooling Deep Neural Networks.
2021-02-02
On Robustness of Neural Semantic Parsers.
Towards Robust Neural Networks via Close-loop Control.
Recent Advances in Adversarial Training for Adversarial Robustness.
Probabilistic Trust Intervals for Out of Distribution Detection. (2%)
2021-02-01
Fast Training of Provably Robust Neural Networks by SingleProp.
Towards Speeding up Adversarial Training in Latent Spaces.
Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems.
2021-01-31
Deep Deterministic Information Bottleneck with Matrix-based Entropy Functional.
Towards Imperceptible Query-limited Adversarial Attacks with Perceptual Feature Fidelity Loss.
Admix: Enhancing the Transferability of Adversarial Attacks.
2021-01-30
Cortical Features for Defense Against Adversarial Audio Attacks.
2021-01-29
You Only Query Once: Effective Black Box Adversarial Attacks with Minimal Repeated Queries.
2021-01-28
Adversarial Machine Learning Attacks on Condition-Based Maintenance Capabilities.
Adversarial Attacks on Deep Learning Based Power Allocation in a Massive MIMO Network.
Increasing the Confidence of Deep Neural Networks by Coverage Analysis.
Adversarial Learning with Cost-Sensitive Classes.
2021-01-27
Robust Android Malware Detection System against Adversarial Attacks using Q-Learning.
Adversaries in Online Learning Revisited: with applications in Robust Optimization and Adversarial training.
Adversarial Stylometry in the Wild: Transferable Lexical Substitution Attacks on Author Profiling.
Meta Adversarial Training against Universal Patches.
Detecting Adversarial Examples by Input Transformations, Defense Perturbations, and Voting.
Improving Neural Network Robustness through Neighborhood Preserving Layers.
2021-01-26
Blind Image Denoising and Inpainting Using Robust Hadamard Autoencoders.
Property Inference From Poisoning.
Adversarial Vulnerability of Active Transfer Learning.
SkeletonVis: Interactive Visualization for Understanding Adversarial Attacks on Human Action Recognition Models.
The Effect of Class Definitions on the Transferability of Adversarial Attacks Against Forensic CNNs.
Defenses Against Multi-Sticker Physical Domain Attacks on Classifiers.
Investigating the significance of adversarial attacks and their relation to interpretability for radar-based human activity recognition systems.
Visual explanation of black-box model: Similarity Difference and Uniqueness (SIDU) method.
Towards Universal Physical Attacks On Cascaded Camera-Lidar 3D Object Detection Models.
2021-01-25
Diverse Adversar