A Complete List of All (arXiv) Adversarial Example Papers
by Nicholas Carlini 2019-06-15
It can be hard to stay up-to-date on the published papers in the field of adversarial examples, where we have seen massive growth in the number of papers written each year. I have been somewhat religiously keeping track of these papers for the last few years, and realized it may be helpful for others to release this list.
The only requirement I used for selecting papers for this list is that it is primarily a paper about adversarial examples, or extensively uses adversarial examples. Due to the sheer quantity of papers, I can't guarantee that I actually have found all of them.
But I did try.
I also may have included papers that don't match these criteria (and are about something different instead), or made inconsistent judgement calls as to whether or not any given paper is mainly an adversarial example paper. Send me an email if something is wrong and I'll correct it.
As a result, this list is completely un-filtered. Everything that mainly presents itself as an adversarial example paper is listed here; I pass no judgement of quality. For a curated list of papers that I think are excellent and worth reading, see the Adversarial Machine Learning Reading List.
One final note about the data. This list automatically updates with new papers, even before I get a chance to manually filter through them. I do this filtering roughly twice a week, and it's then that I'll remove the ones that aren't related to adversarial examples. As a result, there may be some false positives on the most recent few entries. The new un-verified entries will have a probability indicated that my simplistic (but reasonably well calibrated) bag-of-words classifier believes the given paper is actually about adversarial examples.
The full paper list appears below. I've also released a TXT file (and a TXT file with abstracts) and a JSON file with the same data. If you do anything interesting with this data I'd be happy to hear from you what it was.
Paper List
2023-11-28
Efficient Key-Based Adversarial Defense for ImageNet by Using Pre-trained Model. (98%)
1-Lipschitz Layers Compared: Memory, Speed, and Certifiable Robustness. (13%)
Scalable Extraction of Training Data from (Production) Language Models. (10%)
Cooperative Abnormal Node Detection with Adversary Resistance: A Probabilistic Approach. (10%)
On robust overfitting: adversarial training induced distribution matters. (1%)
Understanding the (Extra-)Ordinary: Validating Deep Model Decisions with Prototypical Concept-based Explanations. (1%)
2023-11-27
RetouchUAA: Unconstrained Adversarial Attack via Image Retouching. (99%)
Adversaral Doodles: Interpretable and Human-drawable Attacks Provide Describable Insights. (99%)
Instruct2Attack: Language-Guided Semantic Adversarial Attacks. (98%)
CLAP: Contrastive Learning with Augmented Prompts for Robustness on Pretrained Vision-Language Models. (95%)
A Survey on Vulnerability of Federated Learning: A Learning Algorithm Perspective. (50%)
Threshold Breaker: Can Counter-Based RowHammer Prevention Mechanisms Truly Safeguard DRAM? (31%)
Distributed Attacks over Federated Reinforcement Learning-enabled Cell Sleep Control. (22%)
"Do Users fall for Real Adversarial Phishing?" Investigating the Human response to Evasive Webpages. (15%)
How Many Unicorns Are in This Image? A Safety Evaluation Benchmark for Vision LLMs. (12%)
Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms. (1%)
2023-11-26
Adversarial Purification of Information Masking. (99%)
Having Second Thoughts? Let's hear it. (56%)
BadCLIP: Trigger-Aware Prompt Learning for Backdoor Attacks on CLIP. (13%)
Confidence Is All You Need for MI Attacks. (2%)
2023-11-25
Mixing Classifiers to Alleviate the Accuracy-Robustness Trade-Off. (26%)
Robust Graph Neural Networks via Unbiased Aggregation. (10%)
Effective Backdoor Mitigation Depends on the Pre-training Objective. (10%)
2023-11-24
Trainwreck: A damaging adversarial attack on image classifiers. (99%)
Segment (Almost) Nothing: Prompt-Agnostic Adversarial Attacks on Segmentation Models. (96%)
Universal Jailbreak Backdoors from Poisoned Human Feedback. (1%)
2023-11-23
When Side-Channel Attacks Break the Black-Box Property of Embedded Artificial Intelligence. (99%)
Adversarial defense based on distribution transfer. (99%)
Robust and Interpretable COVID-19 Diagnosis on Chest X-ray Images using Adversarial Training. (68%)
2023-11-22
A Survey of Adversarial CAPTCHAs on its History, Classification and Generation. (99%)
Transfer Attacks and Defenses for Large Language Models on Coding Tasks. (99%)
Panda or not Panda? Understanding Adversarial Attacks with Interactive Visualization. (98%)
Hard Label Black Box Node Injection Attack on Graph Neural Networks. (93%)
Security and Privacy Challenges in Deep Learning Models. (74%)
A Somewhat Robust Image Watermark against Diffusion-based Editing Models. (50%)
OASIS: Offsetting Active Reconstruction Attacks in Federated Learning. (2%)
2023-11-21
SD-NAE: Generating Natural Adversarial Examples with Stable Diffusion. (96%)
Stable Unlearnable Example: Enhancing the Robustness of Unlearnable Examples via Stable Error-Minimizing Noise. (96%)
Attacking Motion Planners Using Adversarial Perception Errors. (69%)
Toward Robust Imperceptible Perturbation against Unauthorized Text-to-image Diffusion-based Synthesis. (62%)
Attention Deficit is Ordered! Fooling Deformable Vision Transformers with Collaborative Adversarial Patches. (47%)
Iris Presentation Attack: Assessing the Impact of Combining Vanadium Dioxide Films with Artificial Eyes. (1%)
2023-11-20
ODDR: Outlier Detection & Dimension Reduction Based Defense Against Adversarial Patches. (99%)
DefensiveDR: Defending against Adversarial Patches using Dimensionality Reduction. (99%)
Generating Valid and Natural Adversarial Examples with Large Language Models. (99%)
AdvGen: Physical Adversarial Attack on Face Presentation Attack Detection Systems. (99%)
Beyond Boundaries: A Comprehensive Survey of Transferable Attacks on AI Systems. (50%)
Understanding Variation in Subpopulation Susceptibility to Poisoning Attacks. (15%)
Training robust and generalizable quantum models. (10%)
BrainWash: A Poisoning Attack to Forget in Continual Learning. (4%)
2023-11-19
Adversarial Prompt Tuning for Vision-Language Models. (97%)
BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning. (69%)
EditShield: Protecting Unauthorized Image Editing by Instruction-guided Diffusion Models. (10%)
2023-11-18
Boost Adversarial Transferability by Uniform Scale and Mix Mask Method. (99%)
Improving Adversarial Transferability by Stable Diffusion. (99%)
Attention-Based Real-Time Defenses for Physical Adversarial Attacks in Vision Applications. (92%)
TextGuard: Provable Defense against Backdoor Attacks on Text Classification. (82%)
Robust Network Slicing: Multi-Agent Policies, Adversarial Attacks, and Defensive Strategies. (1%)
2023-11-17
Breaking Temporal Consistency: Generating Video Universal Adversarial Perturbations Using Image Models. (97%)
PACOL: Poisoning Attacks Against Continual Learners. (93%)
Two-Factor Authentication Approach Based on Behavior Patterns for Defeating Puppet Attacks. (1%)
2023-11-16
Breaking Boundaries: Balancing Performance and Robustness in Deep Wireless Traffic Forecasting. (99%)
Hijacking Large Language Models via Adversarial In-Context Learning. (75%)
Cognitive Overload: Jailbreaking Large Language Models with Overloaded Logical Thinking. (54%)
Test-time Backdoor Mitigation for Black-Box Large Language Models with Defensive Demonstrations. (38%)
On the Exploitability of Reinforcement Learning with Human Feedback for Large Language Models. (13%)
Towards Improving Robustness Against Common Corruptions using Mixture of Class Specific Experts. (2%)
Understanding the Effectiveness of Large Language Models in Detecting Security Vulnerabilities. (2%)
Towards more Practical Threat Models in Artificial Intelligence Security. (2%)
You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks. (1%)
2023-11-15
Jailbreaking GPT-4V via Self-Adversarial Attacks with System Prompts. (99%)
Backdoor Activation Attack: Attack Large Language Models using Activation Steering for Safety-Alignment. (74%)
Fast Certification of Vision-Language Models Using Incremental Randomized Smoothing. (64%)
Adversarially Robust Spiking Neural Networks Through Conversion. (26%)
Defending Large Language Models Against Jailbreaking Attacks Through Goal Prioritization. (15%)
Privacy Threats in Stable Diffusion Models. (13%)
How Trustworthy are Open-Source LLMs? An Assessment under Malicious Demonstrations Shows their Vulnerabilities. (9%)
MirrorNet: A TEE-Friendly Framework for Secure On-device DNN Inference. (2%)
Beyond Detection: Unveiling Fairness Vulnerabilities in Abusive Language Models. (1%)
JAB: Joint Adversarial Prompting and Belief Augmentation. (1%)
2023-11-14
Towards Improving Robustness Against Common Corruptions in Object Detectors Using Adversarial Contrastive Learning. (99%)
Physical Adversarial Examples for Multi-Camera Systems. (99%)
DALA: A Distribution-Aware LoRA-Based Adversarial Attack against Pre-trained Language Models. (99%)
On The Relationship Between Universal Adversarial Attacks And Sparse Representations. (98%)
A Wolf in Sheep's Clothing: Generalized Nested Jailbreak Prompts can Fool Large Language Models Easily. (56%)
Multi-Set Inoculation: Assessing Model Robustness Across Multiple Challenge Sets. (13%)
The Perception-Robustness Tradeoff in Deterministic Image Restoration. (1%)
2023-11-13
Adversarial Purification for Data-Driven Power System Event Classifiers with Diffusion Models. (99%)
Parrot-Trained Adversarial Examples: Pushing the Practicality of Black-Box Audio Attacks against Speaker Recognition Models. (99%)
An Extensive Study on Adversarial Attack against Pre-trained Models of Code. (99%)
Untargeted Black-box Attacks for Social Recommendations. (96%)
On the Robustness of Neural Collapse and the Neural Collapse of Robustness. (80%)
Tabdoor: Backdoor Vulnerabilities in Transformer-based Neural Networks for Tabular Data. (41%)
2023-11-12
Learning Globally Optimized Language Structure via Adversarial Training. (83%)
Contractive Systems Improve Graph Neural Networks Against Adversarial Attacks. (70%)
Analytical Verification of Deep Neural Network Performance for Time-Synchronized Distribution System State Estimation. (5%)
DialMAT: Dialogue-Enabled Transformer with Moment-Based Adversarial Training. (1%)
2023-11-10
Flatness-aware Adversarial Attack. (99%)
Robust Adversarial Attacks Detection for Deep Learning based Relative Pose Estimation for Space Rendezvous. (99%)
Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive Patches. (98%)
Resilient and constrained consensus against adversarial attacks: A distributed MPC framework. (84%)
CALLOC: Curriculum Adversarial Learning for Secure and Robust Indoor Localization. (1%)
Practical Membership Inference Attacks against Fine-tuned Large Language Models via Self-prompt Calibration. (1%)
2023-11-09
ABIGX: A Unified Framework for eXplainable Fault Detection and Classification. (68%)
Honest Score Client Selection Scheme: Preventing Federated Learning Label Flipping Attacks in Non-IID Scenarios. (50%)
Scale-MIA: A Scalable Model Inversion Attack against Secure Federated Learning via Latent Space Reconstruction. (15%)
FigStep: Jailbreaking Large Vision-language Models via Typographic Visual Prompts. (1%)
FireMatch: A Semi-Supervised Video Fire Detection Network Based on Consistency and Distribution Alignment. (1%)
2023-11-08
Constrained Adaptive Attacks: Realistic Evaluation of Adversarial Examples and Robust Training of Deep Neural Networks for Tabular Data. (99%)
Army of Thieves: Enhancing Black-Box Model Extraction via Ensemble based sample selection. (70%)
Frontier Language Models are not Robust to Adversarial Arithmetic, or "What do I need to say so you agree 2+2=5? (61%)
SCAAT: Improving Neural Network Interpretability via Saliency Constrained Adaptive Adversarial Training. (10%)
Counter-Empirical Attacking based on Adversarial Reinforcement Learning for Time-Relevant Scoring System. (1%)
Domain Adaptive Object Detection via Balancing Between Self-Training and Adversarial Learning. (1%)
2023-11-07
Unveiling Safety Vulnerabilities of Large Language Models. (61%)
FD-MIA: Efficient Attacks on Fairness-enhanced Models. (10%)
Identifying and Mitigating Vulnerabilities in LLM-Integrated Applications. (2%)
SoK: Security Below the OS -- A Security Analysis of UEFI. (1%)
2023-11-06
Measuring Adversarial Datasets. (92%)
Can LLMs Follow Simple Rules? (68%)
Preserving Privacy in GANs Against Membership Inference Attack. (33%)
Cal-DETR: Calibrated Detection Transformer. (4%)
2023-11-05
ELEGANT: Certified Defense on the Fairness of Graph Neural Networks. (10%)
2023-11-04
From Trojan Horses to Castle Walls: Unveiling Bilateral Backdoor Effects in Diffusion Models. (22%)
2023-11-03
Efficient Black-Box Adversarial Attacks on Neural Text Detectors. (22%)
The Alignment Problem in Context. (2%)
2023-11-02
Adversary ML Resilience in Autonomous Driving Through Human Centered Perception Mechanisms. (99%)
Towards Evaluating Transfer-based Attacks Systematically, Practically, and Fairly. (99%)
Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game. (93%)
On the Lipschitz constant of random neural networks. (92%)
Universal Perturbation-based Secret Key-Controlled Data Hiding. (80%)
Distilling Out-of-Distribution Robustness from Vision-Language Foundation Models. (76%)
Assist Is Just as Important as the Goal: Image Resurfacing to Aid Model's Robust Prediction. (13%)
Robust Adversarial Reinforcement Learning via Bounded Rationality Curricula. (12%)
Sequential Subset Matching for Dataset Distillation. (1%)
E(2) Equivariant Neural Networks for Robust Galaxy Morphology Classification. (1%)
2023-11-01
NEO-KD: Knowledge-Distillation-Based Adversarial Training for Robust Multi-Exit Neural Networks. (99%)
Adversarial Examples in the Physical World: A Survey. (98%)
Optimal Cost Constrained Adversarial Attacks For Multiple Agent Systems. (80%)
Improving Robustness for Vision Transformer with a Simple Dynamic Scanning Augmentation. (76%)
MIST: Defending Against Membership Inference Attacks Through Membership-Invariant Subspace Training. (75%)
Robustness Tests for Automatic Machine Translation Metrics with Adversarial Attacks. (1%)
Open-Set Face Recognition with Maximal Entropy and Objectosphere Loss. (1%)
2023-10-31
Amoeba: Circumventing ML-supported Network Censorship via Adversarial Reinforcement Learning. (99%)
Robust Safety Classifier for Large Language Models: Adversarial Prompt Shield. (99%)
LFAA: Crafting Transferable Targeted Adversarial Examples with Low-Frequency Perturbations. (99%)
Magmaw: Modality-Agnostic Adversarial Attacks on Machine Learning-Based Wireless Communication Systems. (98%)
Is Robustness Transferable across Languages in Multilingual Neural Machine Translation? (26%)
Dynamic Batch Norm Statistics Update for Natural Robustness. (22%)
2023-10-30
Label-Only Model Inversion Attacks via Knowledge Transfer. (83%)
Exploring Geometry of Blind Spots in Vision Models. (83%)
Adversarial Attacks and Defenses in Large Language Models: Old and New Threats. (74%)
Generated Distributions Are All You Need for Membership Inference Attacks Against Generative Models. (61%)
Differentially Private Reward Estimation with Preference Feedback. (16%)
Asymmetric Diffusion Based Channel-Adaptive Secure Wireless Semantic Communications. (10%)
Privacy-Preserving Federated Learning over Vertically and Horizontally Partitioned Data for Financial Anomaly Detection. (1%)
2023-10-29
Blacksmith: Fast Adversarial Training of Vision Transformers via a Mixture of Single-step and Multi-step Methods. (99%)
Boosting Decision-Based Black-Box Adversarial Attack with Gradient Priors. (98%)
BERT Lost Patience Won't Be Robust to Adversarial Slowdown. (98%)
Adversarial Examples Are Not Real Features. (98%)
IMPRESS: Evaluating the Resilience of Imperceptible Perturbations Against Unauthorized Data Usage in Diffusion-Based Generative AI. (82%)
Poisoning Retrieval Corpora by Injecting Adversarial Passages. (68%)
Label Poisoning is All You Need. (54%)
Robustifying Language Models with Test-Time Adaptation. (47%)
Path Analysis for Effective Fault Localization in Deep Neural Networks. (1%)
2023-10-28
Assessing and Improving Syntactic Adversarial Robustness of Pre-trained Models for Code Translation. (92%)
Benchmark Generation Framework with Customizable Distortions for Image Classifier Robustness. (86%)
Purify++: Improving Diffusion-Purification with Advanced Diffusion Models and Control of Randomness. (61%)
Large Language Models Are Better Adversaries: Exploring Generative Clean-Label Backdoor Attacks Against Text Classifiers. (47%)
Where have you been? A Study of Privacy Risk for Point-of-Interest Recommendation. (8%)
2023-10-27
DiffAttack: Evasion Attacks Against Diffusion-Based Adversarial Purification. (99%)
Understanding and Improving Ensemble Adversarial Defense. (99%)
LipSim: A Provably Robust Perceptual Similarity Metric. (45%)
Elevating Code-mixed Text Handling through Auditory Information of Words. (5%)
Understanding Parameter Saliency via Extreme Value Theory. (1%)
2023-10-26
Unscrambling the Rectification of Adversarial Attacks Transferability across Computer Networks. (99%)
A Survey on Transferability of Adversarial Examples across Deep Neural Networks. (99%)
Defending Against Transfer Attacks From Public Models. (99%)
Uncertainty-weighted Loss Functions for Improved Adversarial Attacks on Semantic Segmentation. (93%)
Detection Defenses: An Empty Promise against Adversarial Patch Attacks on Optical Flow. (93%)
SoK: Pitfalls in Evaluating Black-Box Attacks. (76%)
CBD: A Certified Backdoor Detector Based on Local Dominant Probability. (76%)
Instability of computer vision models is a necessary result of the task itself. (26%)
PAC-tuning:Fine-tuning Pretrained Language Models with PAC-driven Perturbed Gradient Descent. (1%)
A minimax optimal control approach for robust neural ODEs. (1%)
2023-10-25
Break it, Imitate it, Fix it: Robustness by Generating Human-Like Attacks. (93%)
Trust, but Verify: Robust Image Segmentation using Deep Learning. (54%)
Dual Defense: Adversarial, Traceable, and Invisible Robust Watermarking against Face Swapping. (26%)
On the Proactive Generation of Unsafe Images From Text-To-Image Models Using Benign Prompts. (22%)
Wide Flat Minimum Watermarking for Robust Ownership Verification of GANs. (12%)
Multi-scale Diffusion Denoised Smoothing. (1%)
SparseDFF: Sparse-View Feature Distillation for One-Shot Dexterous Manipulation. (1%)
2023-10-24
Adversarial sample generation and training using geometric masks for accurate and resilient license plate character recognition. (99%)
RAEDiff: Denoising Diffusion Probabilistic Models Based Reversible Adversarial Examples Self-Generation and Self-Recovery. (92%)
Defense Against Model Extraction Attacks on Recommender Systems. (92%)
Segue: Side-information Guided Generative Unlearnable Examples for Facial Privacy Protection in Real World. (89%)
Hierarchical Randomized Smoothing. (75%)
Momentum Gradient-based Untargeted Attack on Hypergraph Neural Networks. (73%)
Corrupting Neuron Explanations of Deep Visual Features. (41%)
Guiding LLM to Fool Itself: Automatically Manipulating Machine Reading Comprehension Shortcut Triggers. (10%)
A Survey on Detection of LLMs-Generated Content. (1%)
White-box Compiler Fuzzing Empowered by Large Language Models. (1%)
Enhancing Large Language Models for Secure Code Generation: A Dataset-driven Study on Vulnerability Mitigation. (1%)
2023-10-23
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval. (99%)
F$^2$AT: Feature-Focusing Adversarial Training via Disentanglement of Natural and Perturbed Patterns. (99%)
Fast Propagation is Better: Accelerating Single-Step Adversarial Training via Sampling Subnetworks. (98%)
AutoDAN: Automatic and Interpretable Adversarial Attacks on Large Language Models. (92%)
On the Detection of Image-Scaling Attacks in Machine Learning. (15%)
RoboDepth: Robust Out-of-Distribution Depth Estimation under Corruptions. (1%)
2023-10-22
Diffusion-Based Adversarial Purification for Speaker Verification. (99%)
CT-GAT: Cross-Task Generative Adversarial Attack based on Transferability. (99%)
Imperceptible CMOS camera dazzle for adversarial attacks on deep neural networks. (92%)
ADoPT: LiDAR Spoofing Attack Detection Based on Point-Level Temporal Consistency. (26%)
Attention-Enhancing Backdoor Attacks Against BERT-based Models. (13%)
MoPe: Model Perturbation-based Privacy Attacks on Language Models. (9%)
2023-10-21
Adversarial Image Generation by Spatial Transformation in Perceptual Colorspaces. (99%)
Training Image Derivatives: Increased Accuracy and Universal Robustness. (5%)
2023-10-20
Beyond Hard Samples: Robust and Effective Grammatical Error Correction with Cycle Self-Augmenting. (99%)
An LLM can Fool Itself: A Prompt-Based Adversarial Attack. (99%)
Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models. (56%)
The Hidden Adversarial Vulnerabilities of Medical Federated Learning. (45%)
Adversarial Attacks on Fairness of Graph Neural Networks. (26%)
FLTracer: Accurate Poisoning Attack Provenance in Federated Learning. (26%)
Can We Trust the Similarity Measurement in Federated Learning? (15%)
Data-Free Knowledge Distillation Using Adversarially Perturbed OpenGL Shader Images. (4%)
VOICE-ZEUS: Impersonating Zoom's E2EE-Protected Static Media and Textual Communications via Simple Voice Manipulations. (4%)
2023-10-19
Generating Robust Adversarial Examples against Online Social Networks (OSNs). (98%)
Recoverable Privacy-Preserving Image Classification through Noise-like Adversarial Examples. (98%)
Learn from the Past: A Proxy based Adversarial Defense Framework to Boost Robustness. (98%)
OODRobustBench: benchmarking and analyzing adversarial robustness under distribution shift. (97%)
Automatic Hallucination Assessment for Aligned Large Language Models via Transferable Adversarial Attacks. (97%)
PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses. (97%)
Prompt Injection Attacks and Defenses in LLM-Integrated Applications. (47%)
Attack Prompt Generation for Red Teaming and Defending Large Language Models. (15%)
SecurityNet: Assessing Machine Learning Vulnerabilities on Public Models. (5%)
To grok or not to grok: Disentangling generalization and memorization on corrupted algorithmic datasets. (1%)
Detecting Shared Data Manipulation in Distributed Optimization Algorithms. (1%)
Towards Robust Pruning: An Adaptive Knowledge-Retention Pruning Strategy for Language Models. (1%)
2023-10-18
Exploring Decision-based Black-box Attacks on Face Forgery Detection. (99%)
Segment Anything Meets Universal Adversarial Perturbation. (99%)
IRAD: Implicit Representation-driven Image Resampling against Adversarial Attacks. (99%)
Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights. (99%)
Tailoring Adversarial Attacks on Deep Neural Networks for Targeted Class Manipulation Using DeepFool Algorithm. (99%)
Malicious Agent Detection for Robust Multi-Agent Collaborative Perception. (87%)
Black-Box Training Data Identification in GANs via Detector Networks. (82%)
Adversarial Training for Physics-Informed Neural Networks. (81%)
REVAMP: Automated Simulations of Adversarial Attacks on Arbitrary Objects in Realistic Scenes. (80%)
Quantifying Privacy Risks of Prompts in Visual Prompt Learning. (76%)
To Generate or Not? Safety-Driven Unlearned Diffusion Models Are Still Easy To Generate Unsafe Images ... For Now. (47%)
CAT: Closed-loop Adversarial Training for Safe End-to-End Driving. (2%)
PrivInfer: Privacy-Preserving Inference for Black-box Large Language Model. (1%)
2023-10-17
The Efficacy of Transformer-based Adversarial Attacks in Security Domains. (99%)
Adversarial Robustness Unhardening via Backdoor Attacks in Federated Learning. (93%)
WaveAttack: Asymmetric Frequency Obfuscation-based Backdoor Attacks Against Deep Neural Networks. (15%)
Generalizability of CNN Architectures for Face Morph Presentation Attack. (1%)
2023-10-16
Survey of Vulnerabilities in Large Language Models Revealed by Adversarial Attacks. (98%)
Regularization properties of adversarially-trained linear regression. (92%)
Fast Adversarial Label-Flipping Attack on Tabular Data. (84%)
A Non-monotonic Smooth Activation Function. (83%)
Quantifying Assistive Robustness Via the Natural-Adversarial Frontier. (68%)
A Comprehensive Study of Privacy Risks in Curriculum Learning. (67%)
DANAA: Towards transferable attacks with double adversarial neuron attribution. (26%)
Demystifying Poisoning Backdoor Attacks from a Statistical Perspective. (9%)
Prompt Packer: Deceiving LLMs through Compositional Instruction with Hidden Attacks. (4%)
Passive Inference Attacks on Split Learning via Adversarial Regularization. (3%)
Robust Multi-Agent Reinforcement Learning via Adversarial Regularization: Theoretical Foundation and Stable Algorithms. (3%)
On the Transferability of Learning Models for Semantic Segmentation for Remote Sensing Data. (2%)
Orthogonal Uncertainty Representation of Data Manifold for Robust Long-Tailed Learning. (1%)
Will the Prince Get True Love's Kiss? On the Model Sensitivity to Gender Perturbation over Fairytale Texts. (1%)
2023-10-15
Towards Deep Learning Models Resistant to Transfer-based Adversarial Attacks via Data-centric Robust Learning. (99%)
SCME: A Self-Contrastive Method for Data-free and Query-Limited Model Extraction Attack. (99%)
AFLOW: Developing Adversarial Examples under Extremely Noise-limited Settings. (99%)
Black-box Targeted Adversarial Attack on Segment Anything (SAM). (99%)
Evading Detection Actively: Toward Anti-Forensics against Forgery Localization. (97%)
Explore the Effect of Data Selection on Poison Efficiency in Backdoor Attacks. (61%)
Ring-A-Bell! How Reliable are Concept Removal Methods for Diffusion Models? (5%)
VFLAIR: A Research Library and Benchmark for Vertical Federated Learning. (3%)
2023-10-14
BufferSearch: Generating Black-Box Adversarial Texts With Lower Queries. (98%)
2023-10-13
Is Certifying $\ell_p$ Robustness Still Worthwhile? (99%)
User Inference Attacks on Large Language Models. (16%)
On the Over-Memorization During Natural, Robust and Catastrophic Overfitting. (1%)
2023-10-12
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks. (99%)
Concealed Electronic Countermeasures of Radar Signal with Adversarial Examples. (93%)
Attacks Meet Interpretability (AmI) Evaluation and Findings. (92%)
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization. (68%)
Fed-Safe: Securing Federated Learning in Healthcare Against Adversarial Attacks. (64%)
Provably Robust Cost-Sensitive Learning via Randomized Smoothing. (45%)
Bucks for Buckets (B4B): Active Defenses Against Stealing Encoders. (31%)
Sentinel: An Aggregation Function to Secure Decentralized Federated Learning. (11%)
Investigating the Robustness and Properties of Detection Transformers (DETR) Toward Difficult Images. (9%)
Polynomial Time Cryptanalytic Extraction of Neural Network Models. (3%)
Defending Our Privacy With Backdoors. (3%)
SEE-OoD: Supervised Exploration For Enhanced Out-of-Distribution Detection. (1%)
XAI Benchmark for Visual Explanation. (1%)
Jailbreaking Black Box Large Language Models in Twenty Queries. (1%)
2023-10-11
Boosting Black-box Attack to Deep Neural Networks with Conditional Diffusion Models. (99%)
Promoting Robustness of Randomized Smoothing: Two Cost-Effective Approaches. (89%)
An Adversarial Example for Direct Logit Attribution: Memory Management in gelu-4l. (13%)
Prompt Backdoors in Visual Prompt Learning. (11%)
Why Train More? Effective and Efficient Membership Inference via Memorization. (10%)
Towards Causal Deep Learning for Vulnerability Detection. (4%)
Deep Reinforcement Learning for Autonomous Cyber Operations: A Survey. (3%)
2023-10-10
A Geometrical Approach to Evaluate the Adversarial Robustness of Deep Neural Networks. (99%)
My Brother Helps Me: Node Injection Based Adversarial Attack on Social Bot Detection. (98%)
Adversarial Robustness in Graph Neural Networks: A Hamiltonian Approach. (83%)
Adversarial optimization leads to over-optimistic security-constrained dispatch, but sampling can help. (76%)
No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML. (62%)
Comparing the robustness of modern no-reference image- and video-quality metrics to adversarial attacks. (45%)
GraphCloak: Safeguarding Task-specific Knowledge within Graph-structured Data from Unauthorized Exploitation. (22%)
Latent Diffusion Counterfactual Explanations. (5%)
FTFT: efficient and robust Fine-Tuning by transFerring Training dynamics. (2%)
Investigating the Adversarial Robustness of Density Estimation Using the Probability Flow ODE. (2%)
Jailbreak and Guard Aligned Language Models with Only Few In-Context Demonstrations. (1%)
2023-10-09
PAC-Bayesian Spectrally-Normalized Bounds for Adversarially Robust Generalization. (92%)
Domain Watermark: Effective and Harmless Dataset Copyright Protection is Closed at Hand. (22%)
Theoretical Analysis of Robust Overfitting for Wide DNNs: An NTK Approach. (5%)
Exploring adversarial attacks in federated learning for medical imaging. (2%)
2023-10-08
An Initial Investigation of Neural Replay Simulator for Over-the-Air Adversarial Perturbations to Automatic Speaker Verification. (99%)
BRAINTEASER: Lateral Thinking Puzzles for Large Language Models. (26%)
2023-10-07
IPMix: Label-Preserving Data Augmentation Method for Training Robust Classifiers. (76%)
2023-10-06
VLAttack: Multimodal Adversarial Attacks on Vision-Language Tasks via Pre-trained Models. (98%)
2023-10-05
OMG-ATTACK: Self-Supervised On-Manifold Generation of Transferable Evasion Attacks. (99%)
Untargeted White-box Adversarial Attack with Heuristic Defence Methods in Real-time Deep Learning based Network Intrusion Detection System. (99%)
Enhancing Robust Representation in Adversarial Training: Alignment and Exclusion Criteria. (99%)
An Integrated Algorithm for Robust and Imperceptible Audio Adversarial Examples. (98%)
Adversarial Machine Learning for Social Good: Reframing the Adversary as an Ally. (98%)
SmoothLLM: Defending Large Language Models Against Jailbreaking Attacks. (87%)
Targeted Adversarial Attacks on Generalizable Neural Radiance Fields. (56%)
Certification of Deep Learning Models for Medical Image Segmentation. (15%)
Certifiably Robust Graph Contrastive Learning. (5%)
Towards Robust and Generalizable Training: An Empirical Study of Noisy Slot Filling for Input Perturbations. (2%)
2023-10-04
Optimizing Key-Selection for Face-based One-Time Biometrics via Morphing. (98%)
Misusing Tools in Large Language Models With Visual Adversarial Examples. (97%)
Burning the Adversarial Bridges: Robust Windows Malware Detection Against Binary-level Mutations. (82%)
Raze to the Ground: Query-Efficient Adversarial HTML Attacks on Machine-Learning Phishing Webpage Detectors. (81%)
Shielding the Unseen: Privacy Protection through Poisoning NeRF with Spatial Deformation. (10%)
2023-10-03
Splitting the Difference on Adversarial Training. (99%)
DeepZero: Scaling up Zeroth-Order Optimization for Deep Model Training. (96%)
SlowFormer: Universal Adversarial Patch for Attack on Compute and Energy Efficiency of Inference Efficient Vision Transformers. (86%)
Towards Stable Backdoor Purification through Feature Shift Tuning. (83%)
Jailbreaker in Jail: Moving Target Defense for Large Language Models. (73%)
Beyond Labeling Oracles: What does it mean to steal ML models? (47%)
Exploring Model Learning Heterogeneity for Boosting Ensemble Robustness. (13%)
FLEDGE: Ledger-based Federated Learning Resilient to Inference and Backdoor Attacks. (11%)
AutoLoRa: A Parameter-Free Automated Robust Fine-Tuning Framework. (3%)
2023-10-02
Fooling the Textual Fooler via Randomizing Latent Representations. (99%)
Adversarial Client Detection via Non-parametric Subspace Monitoring in the Internet of Federated Things. (92%)
LoFT: Local Proxy Fine-tuning For Improving Transferability Of Adversarial Attacks Against Large Language Model. (87%)
LLM Lies: Hallucinations are not Bugs, but Features as Adversarial Examples. (87%)
Gotcha! This Model Uses My Code! Evaluating Membership Leakage Risks in Code Models. (13%)
Toward effective protection against diffusion based mimicry through score distillation. (3%)
Fool Your (Vision and) Language Model With Embarrassingly Simple Permutations. (1%)
2023-10-01
A Survey of Robustness and Safety of 2D and 3D Deep Learning Models Against Adversarial Attacks. (99%)
Counterfactual Image Generation for adversarially robust and interpretable Classifiers. (96%)
On the Onset of Robust Overfitting in Adversarial Training. (64%)
Understanding Adversarial Transferability in Federated Learning. (64%)
GhostEncoder: Stealthy Backdoor Attacks with Dynamic Triggers to Pre-trained Encoders in Self-supervised Learning. (61%)
Fewer is More: Trojan Attacks on Parameter-Efficient Fine-Tuning. (9%)
Can Pre-trained Networks Detect Familiar Out-of-Distribution Data? (1%)
How well does LLM generate security tests? (1%)
2023-09-30
Understanding the Robustness of Randomized Feature Defense Against Query-Based Adversarial Attacks. (99%)
Human-Producible Adversarial Examples. (98%)
Black-box Attacks on Image Activity Prediction and its Natural Language Explanations. (98%)
Horizontal Class Backdoor to Deep Learning. (56%)
Refutation of Shapley Values for XAI -- Additional Evidence. (8%)
2023-09-29
Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks. (99%)
Efficient Biologically Plausible Adversarial Training. (98%)
Can Sensitive Information Be Deleted From LLMs? Objectives for Defending Against Extraction Attacks. (96%)
On Continuity of Robust and Accurate Classifiers. (93%)
Adversarial Machine Learning in Latent Representations of Neural Networks. (93%)
Certified Robustness via Dynamic Margin Maximization and Improved Lipschitz Regularization. (92%)
Toward Robust Recommendation via Real-time Vicinal Defense. (82%)
Adversarial Explainability: Utilizing Explainable Machine Learning in Bypassing IoT Botnet Detection Systems. (31%)
Practical Membership Inference Attacks Against Large-Scale Multi-Modal Models: A Pilot Study. (13%)
Distributed Resilient Control of DC Microgrids Under Generally Unbounded FDI Attacks. (1%)
Source Inference Attacks: Beyond Membership Inference Attacks in Federated Learning. (1%)
2023-09-28
Investigating Human-Identifiable Features Hidden in Adversarial Perturbations. (98%)
Parameter-Saving Adversarial Training: Reinforcing Multi-Perturbation Robustness via Hypernetworks. (98%)
Towards Poisoning Fair Representations. (70%)
On the Trade-offs between Adversarial Robustness and Actionable Explanations. (68%)
Post-Training Overfitting Mitigation in DNN Classifiers. (41%)
The Lipschitz-Variance-Margin Tradeoff for Enhanced Randomized Smoothing. (26%)
Leveraging Optimization for Adaptive Attacks on Image Watermarks. (10%)
Random and Safe Cache Architecture to Defeat Cache Timing Attacks. (9%)
Robust Offline Reinforcement Learning -- Certify the Confidence Interval. (4%)
A Primer on Bayesian Neural Networks: Review and Debates. (2%)
2023-09-27
Adversarial Examples Might be Avoidable: The Role of Data Concentration in Adversarial Robustness. (95%)
Defending Against Physical Adversarial Patch Attacks on Infrared Human Detection. (92%)
On Computational Entanglement and Its Interpretation in Adversarial Machine Learning. (92%)
Automatic Feature Fairness in Recommendation via Adversaries. (33%)
Generating Transferable Adversarial Simulation Scenarios for Self-Driving via Neural Rendering. (11%)
Breaking NoC Anonymity using Flow Correlation Attack. (2%)
Genetic Algorithm-Based Dynamic Backdoor Attack on Federated Learning-Based Network Traffic Classification. (1%)
Towards the Vulnerability of Watermarking Artificial Intelligence Generated Content. (1%)
2023-09-26
Structure Invariant Transformation for better Adversarial Transferability. (99%)
Privacy-preserving and Privacy-attacking Approaches for Speech and Audio -- A Survey. (16%)
Neural Stochastic Differential Equations for Robust and Explainable Analysis of Electromagnetic Unintended Radiated Emissions. (2%)
Collaborative Watermarking for Adversarial Speech Synthesis. (1%)
2023-09-25
DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space. (99%)
Gray-box Adversarial Attack of Deep Reinforcement Learning-based Trading Agents. (98%)
SurrogatePrompt: Bypassing the Safety Filter of Text-To-Image Models via Substitution. (1%)
2023-09-24
Adversarial Attacks on Video Object Segmentation with Hard Region Discovery. (99%)
Vulnerabilities in Video Quality Assessment Models: The Challenge of Adversarial Attacks. (98%)
On the Effectiveness of Adversarial Samples against Ensemble Learning-based Windows PE Malware Detectors. (86%)
Benchmarking Local Robustness of High-Accuracy Binary Neural Networks for Enhanced Traffic Sign Recognition. (80%)
Projected Randomized Smoothing for Certified Adversarial Robustness. (76%)
Combining Two Adversarial Attacks Against Person Re-Identification Systems. (73%)
Seeing Is Not Always Believing: Invisible Collision Attack and Defence on Pre-Trained Models. (2%)
2023-09-23
Defending Pre-trained Language Models as Few-shot Learners against Backdoor Attacks. (61%)
Detecting and Mitigating System-Level Anomalies of Vision-Based Controllers. (1%)
Moving Target Defense based Secured Network Slicing System in the O-RAN Architecture. (1%)
2023-09-22
RBFormer: Improve Adversarial Robustness of Transformer by Robust Bias. (99%)
Spatial-frequency channels, shape bias, and adversarial robustness. (69%)
VIC-KD: Variance-Invariance-Covariance Knowledge Distillation to Make Keyword Spotting More Robust Against Adversarial Attacks. (69%)
Understanding Deep Gradient Leakage via Inversion Influence Functions. (11%)
Pixel-wise Smoothing for Certified Robustness against Camera Motion Perturbations. (10%)
Privacy Assessment on Reconstructed Images: Are Existing Evaluation Metrics Faithful to Human Perception? (5%)
Expressive variational quantum circuits provide inherent privacy in federated learning. (1%)
On Data Fabrication in Collaborative Vehicular Perception: Attacks and Countermeasures. (1%)
2023-09-21
Improving Machine Learning Robustness via Adversarial Training. (99%)
A Chinese Prompt Attack Dataset for LLMs with Evil Content. (62%)
HANS, are you clever? Clever Hans Effect Analysis of Neural Systems. (45%)
On the Relationship between Skill Neurons and Robustness in Prompt Tuning. (10%)
DeepTheft: Stealing DNN Model Architectures through Power Side Channel. (1%)
2023-09-20
How Robust is Google's Bard to Adversarial Image Attacks? (99%)
PRAT: PRofiling Adversarial aTtacks. (99%)
When to Trust AI: Advances and Challenges for Certification of Neural Networks. (64%)
AudioFool: Fast, Universal and synchronization-free Cross-Domain Attack on Speech Recognition. (54%)
Understanding Pose and Appearance Disentanglement in 3D Human Pose Estimation. (54%)
Fed-LSAE: Thwarting Poisoning Attacks against Federated Cyber Threat Detection System via Autoencoder-based Latent Space Inspection. (5%)
Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization. (2%)
2023-09-19
Language Guided Adversarial Purification. (99%)
What Learned Representations and Influence Functions Can Tell Us About Adversarial Examples. (99%)
Adversarial Attacks Against Uncertainty Quantification. (99%)
Model Leeching: An Extraction Attack Targeting LLMs. (76%)
Information Leakage from Data Updates in Machine Learning Models. (16%)
Robin: A Novel Method to Produce Robust Interpreters for Deep Learning-Based Code Classifiers. (16%)
SPFL: A Self-purified Federated Learning Method Against Poisoning Attacks. (12%)
It's Simplex! Disaggregating Measures to Improve Certified Robustness. (11%)
Nebula: Self-Attention for Dynamic Malware Analysis. (5%)
Extreme Image Transformations Facilitate Robust Latent Object Representations. (1%)
2023-09-18
Stealthy Physical Masked Face Recognition Attack via Adversarial Style Optimization. (99%)
Transferable Adversarial Attack on Image Tampering Localization. (99%)
Efficient Low-Rank GNN Defense Against Structural Attacks. (96%)
Evaluating Adversarial Robustness with Expected Viable Performance. (45%)
Dual Student Networks for Data-Free Model Stealing. (26%)
Securing Fixed Neural Network Steganography. (5%)
GPTFUZZER: Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts. (4%)
Spoofing attack augmentation: can differently-trained attack models improve generalisation? (3%)
Frame-to-Utterance Convergence: A Spectra-Temporal Approach for Unified Spoofing Detection. (1%)
2023-09-17
Reducing Adversarial Training Cost with Gradient Approximation. (99%)
Defending Against Alignment-Breaking Attacks via Robustly Aligned LLM. (61%)
2023-09-16
Context-aware Adversarial Attack on Named Entity Recognition. (99%)
Inverse classification with logistic and softmax classifiers: efficient optimization. (56%)
Robust Backdoor Attacks on Object Detection in Real World. (11%)
Conditional Mutual Information Constrained Deep Learning for Classification. (5%)
2023-09-15
Adversarial Attacks on Tables with Entity Swap. (92%)
HINT: Healthy Influential-Noise based Training to Defend against Data Poisoning Attacks. (87%)
A Duty to Forget, a Right to be Assured? Exposing Vulnerabilities in Machine Unlearning Services. (1%)
Distributionally Robust Post-hoc Classifiers under Prior Shifts. (1%)
2023-09-14
Unleashing the Adversarial Facet of Software Debloating. (98%)
SLMIA-SR: Speaker-Level Membership Inference Attacks against Speaker Recognition Systems. (76%)
BAGEL: Backdoor Attacks against Federated Contrastive Learning. (16%)
What Matters to Enhance Traffic Rule Compliance of Imitation Learning for Automated Driving. (13%)
Physical Invisible Backdoor Based on Camera Imaging. (2%)
M3Dsynth: A dataset of medical 3D images with AI-generated local manipulations. (1%)
2023-09-13
Semantic Adversarial Attacks via Diffusion Models. (99%)
Hardening RGB-D Object Recognition Systems against Adversarial Patch Attacks. (99%)
Mitigating Adversarial Attacks in Federated Learning with Trusted Execution Environments. (99%)
PhantomSound: Black-Box, Query-Efficient Audio Adversarial Attack via Split-Second Phoneme Injection. (99%)
APICom: Automatic API Completion via Prompt Learning and Adversarial Training-based Data Augmentation. (92%)
RAIN: Your Language Models Can Align Themselves without Finetuning. (83%)
Differentiable JPEG: The Devil is in the Details. (70%)
Deep Nonparametric Convexified Filtering for Computational Photography, Image Synthesis and Adversarial Defense. (41%)
MASTERKEY: Practical Backdoor Attack Against Speaker Verification Systems. (38%)
Client-side Gradient Inversion Against Federated Learning from Poisoning. (22%)
Safe Reinforcement Learning with Dual Robustness. (1%)
2023-09-12
Using Reed-Muller Codes for Classification with Rejection and Recovery. (99%)
Certified Robust Models with Slack Control and Large Lipschitz Constants. (98%)
Exploring Non-additive Randomness on ViT against Query-Based Black-Box Attacks. (98%)
Backdoor Attacks and Countermeasures in Natural Language Processing Models: A Comprehensive Security Review. (61%)
CToMP: A Cycle-task-oriented Memory Protection Scheme for Unmanned Systems. (8%)
Language Models as Black-Box Optimizers for Vision-Language Models. (4%)
Unveiling Signle-Bit-Flip Attacks on DNN Executables. (1%)
2023-09-11
Generalized Attacks on Face Verification Systems. (88%)
Adversarial Attacks Assessment of Salient Object Detection via Symbolic Learning. (76%)
Backdoor Attack through Machine Unlearning. (67%)
Privacy Side Channels in Machine Learning Systems. (10%)
Divergences in Color Perception between Deep Neural Networks and Humans. (4%)
Catch You Everything Everywhere: Guarding Textual Inversion via Concept Watermarking. (1%)
Optimize Weight Rounding via Signed Gradient Descent for the Quantization of LLMs. (1%)
2023-09-10
Outlier Robust Adversarial Training. (98%)
DAD++: Improved Data-free Test Time Adversarial Defense. (98%)
Machine Translation Models Stand Strong in the Face of Adversarial Attacks. (86%)
Secure Set-Based State Estimation for Linear Systems under Adversarial Attacks on Sensors. (3%)
2023-09-09
Towards Robust Model Watermark via Reducing Parametric Vulnerability. (8%)
RecAD: Towards A Unified Library for Recommender Attack and Defense. (1%)
2023-09-08
Exploring Robust Features for Improving Adversarial Robustness. (99%)
ARRTOC: Adversarially Robust Real-Time Optimization and Control. (2%)
Adversarial attacks on hybrid classical-quantum Deep Learning models for Histopathological Cancer Detection. (1%)
Counterfactual Explanations via Locally-guided Sequential Algorithmic Recourse. (1%)
2023-09-07
How adversarial attacks can disrupt seemingly stable accurate classifiers. (99%)
Experimental Study of Adversarial Attacks on ML-based xApps in O-RAN. (99%)
Adversarially Robust Deep Learning with Optimal-Transport-Regularized Divergences. (95%)
DiffDefense: Defending against Adversarial Attacks via Diffusion Models. (80%)
One-to-Multiple Clean-Label Image Camouflage (OmClic) based Backdoor Attack on Deep Learning. (73%)
Promoting Fairness in GNNs: A Characterization of Stability. (1%)
2023-09-06
Certifying LLM Safety against Adversarial Prompting. (86%)
SWAP: Exploiting Second-Ranked Logits for Adversarial Attacks on Time Series. (84%)
Byzantine-Robust Federated Learning with Variance Reduction and Differential Privacy. (68%)
J-Guard: Journalism Guided Adversarially Robust Detection of AI-generated News. (38%)
MIRA: Cracking Black-box Watermarking on Deep Neural Networks via Model Inversion-based Removal Attacks. (22%)
My Art My Choice: Adversarial Protection Against Unruly AI. (2%)
VeriDIP: Verifying Ownership of Deep Neural Networks through Privacy Leakage Fingerprints. (1%)
A Theoretical Explanation of Activation Sparsity through Flat Minima and Adversarial Robustness. (1%)
2023-09-05
The Adversarial Implications of Variable-Time Inference. (99%)
Adaptive Adversarial Training Does Not Increase Recourse Costs. (92%)
Black-Box Attacks against Signed Graph Analysis via Balance Poisoning. (87%)
RobustEdge: Low Power Adversarial Detection for Cloud-Edge Systems. (83%)
Building a Winning Team: Selecting Source Model Ensembles using a Submodular Transferability Estimation Approach. (4%)
Robust Recommender System: A Survey and Future Directions. (2%)
Dual Adversarial Alignment for Realistic Support-Query Shift Few-shot Learning. (1%)
2023-09-04
Hindering Adversarial Attacks with Multiple Encrypted Patch Embeddings. (99%)
Improving Visual Quality and Transferability of Adversarial Attacks on Face Recognition Simultaneously with Adversarial Restoration. (99%)
Adv3D: Generating 3D Adversarial Examples in Driving Scenarios with NeRF. (99%)
Toward Defensive Letter Design. (98%)
MathAttack: Attacking Large Language Models Towards Math Solving Ability. (97%)
Efficient Defense Against Model Stealing Attacks on Convolutional Neural Networks. (93%)
Efficient Query-Based Attack against ML-Based Android Malware Detection under Zero Knowledge Setting. (92%)
Safe and Robust Watermark Injection with a Single OoD Image. (8%)
Dropout Attacks. (2%)
Uncertainty in AI: Evaluating Deep Neural Networks on Out-of-Distribution Images. (2%)
2023-09-03
Robust and Efficient Interference Neural Networks for Defending Against Adversarial Attacks in ImageNet. (99%)
Turn Fake into Real: Adversarial Head Turn Attacks Against Deepfake Detection. (98%)
AdvMono3D: Advanced Monocular 3D Object Detection with Depth-Aware Robust Adversarial Training. (98%)
Robust Adversarial Defense by Tensor Factorization. (89%)
Dual Adversarial Resilience for Collaborating Robust Underwater Image Enhancement and Perception. (13%)
2023-09-02
Towards Certified Probabilistic Robustness with High Accuracy. (98%)
Timbre-reserved Adversarial Attack in Speaker Identification. (98%)
Regularly Truncated M-estimators for Learning with Noisy Labels. (1%)
2023-09-01
Baseline Defenses for Adversarial Attacks Against Aligned Language Models. (99%)
Curating Naturally Adversarial Datasets for Trustworthy AI in Healthcare. (99%)
Non-Asymptotic Bounds for Adversarial Excess Risk under Misspecified Models. (89%)
Why do universal adversarial attacks work on large language models?: Geometry might be the answer. (83%)
RenAIssance: A Survey into AI Text-to-Image Generation in the Era of Large Model. (1%)
Learned Visual Features to Textual Explanations. (1%)
2023-08-31
Adversarial Finetuning with Latent Representation Constraint to Mitigate Accuracy-Robustness Tradeoff. (98%)
Image Hijacking: Adversarial Images can Control Generative Models at Runtime. (98%)
The Power of MEME: Adversarial Malware Creation with Model-Based Reinforcement Learning. (93%)
Fault Injection and Safe-Error Attack for Extraction of Embedded Neural Network Models. (75%)
Everyone Can Attack: Repurpose Lossy Compression as a Natural Backdoor Attack. (75%)
FTA: Stealthy and Robust Backdoor Attack with Flexible Trigger on Federated Learning. (45%)
2023-08-30
Explainable and Trustworthy Traffic Sign Detection for Safe Autonomous Driving: An Inductive Logic Programming Approach. (98%)
Robust Principles: Architectural Design Principles for Adversarially Robust CNNs. (11%)
2023-08-29
Adaptive Attack Detection in Text Classification: Leveraging Space Exploration Features for Text Sentiment Classification. (99%)
Advancing Adversarial Robustness Through Adversarial Logit Update. (99%)
Imperceptible Adversarial Attack on Deep Neural Networks from Image Boundary. (99%)
A Classification-Guided Approach for Adversarial Attacks against Neural Machine Translation. (99%)
MDTD: A Multi Domain Trojan Detector for Deep Neural Networks. (97%)
3D Adversarial Augmentations for Robust Out-of-Domain Predictions. (87%)
Everything Perturbed All at Once: Enabling Differentiable Graph Attacks. (84%)
Adaversarial Issue of Machine Learning Approaches Applied in Smart Grid: A Survey. (70%)
Intriguing Properties of Diffusion Models: A Large-Scale Dataset for Evaluating Natural Attack Capability in Text-to-Image Generative Models. (67%)
Can We Rely on AI? (50%)
Uncertainty Aware Training to Improve Deep Learning Model Calibration for Classification of Cardiac MR Images. (1%)
2023-08-28
Adversarial Attacks on Foundational Vision Models. (80%)
DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing. (45%)
Identifying and Mitigating the Security Risks of Generative AI. (45%)
ReMAV: Reward Modeling of Autonomous Vehicles for Finding Likely Failure Events. (2%)
Rep2wav: Noise Robust text-to-speech Using self-supervised representations. (1%)
Are Existing Out-Of-Distribution Techniques Suitable for Network Intrusion Detection? (1%)
2023-08-27
Detecting Language Model Attacks with Perplexity. (1%)
2023-08-24
Exploring Transferability of Multimodal Adversarial Samples for Vision-Language Pre-training Models with Contrastive Learning. (99%)
Don't Look into the Sun: Adversarial Solarization Attacks on Image Classifiers. (92%)
Evaluating the Vulnerabilities in ML systems in terms of adversarial attacks. (82%)
Fast Adversarial Training with Smooth Convergence. (3%)
WavMark: Watermarking for Audio Generation. (2%)
2023-08-23
On-Manifold Projected Gradient Descent. (99%)
Sample Complexity of Robust Learning against Evasion Attacks. (98%)
LCANets++: Robust Audio Classification using Multi-layer Neural Networks with Lateral Competition. (92%)
BaDExpert: Extracting Backdoor Functionality for Accurate Backdoor Input Detection. (74%)
RemovalNet: DNN Fingerprint Removal Attacks. (69%)
Graph Unlearning: A Review. (2%)
Ensembling Uncertainty Measures to Improve Safety of Black-Box Classifiers. (1%)
Aparecium: Revealing Secrets from Physical Photographs. (1%)
2023-08-22
SEA: Shareable and Explainable Attribution for Query-based Black-box Attacks. (99%)
Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection. (99%)
Does Physical Adversarial Example Really Matter to Autonomous Driving? Towards System-Level Effect of Adversarial Object Evasion Attack. (98%)
Protect Federated Learning Against Backdoor Attacks via Data-Free Trigger Generation. (86%)
Revisiting and Exploring Efficient Fast Adversarial Training via LAW: Lipschitz Regularization and Auto Weight Averaging. (76%)
Designing an attack-defense game: how to increase robustness of financial transaction models via a competition. (75%)
Adversarial Training Using Feedback Loops. (74%)
LEAP: Efficient and Automated Test Method for NLP Software. (31%)
PatchBackdoor: Backdoor Attack against Deep Neural Networks without Model Modification. (16%)
2023-08-21
Spear and Shield: Adversarial Attacks and Defense Methods for Model-Based Link Prediction on Continuous-Time Dynamic Graphs. (99%)
Improving the Transferability of Adversarial Examples with Arbitrary Style Transfer. (99%)
Enhancing Adversarial Attacks: The Similar Target Method. (99%)
Adversarial Attacks on Code Models with Discriminative Graph Patterns. (96%)
Temporal-Distributed Backdoor Attack Against Video Based Action Recognition. (88%)
Measuring the Effect of Causal Disentanglement on the Adversarial Robustness of Neural Network Models. (76%)
Single-User Injection for Invisible Shilling Attack against Recommender Systems. (62%)
On the Adversarial Robustness of Multi-Modal Foundation Models. (4%)
Unlocking Accuracy and Fairness in Differentially Private Image Classification. (2%)
2023-08-20
Boosting Adversarial Transferability by Block Shuffle and Rotation. (99%)
Improving Adversarial Robustness of Masked Autoencoders via Test-time Frequency-domain Prompting. (96%)
HoSNN: Adversarially-Robust Homeostatic Spiking Neural Networks with Adaptive Firing Thresholds. (96%)
Hiding Backdoors within Event Sequence Data via Poisoning Attacks. (95%)
Adversarial Collaborative Filtering for Free. (61%)
Efficient Joint Optimization of Layer-Adaptive Weight Pruning in Deep Neural Networks. (1%)
A Study on Robustness and Reliability of Large Language Model Code Generation. (1%)
2023-08-19
A Comparison of Adversarial Learning Techniques for Malware Detection. (99%)
Robust Mixture-of-Expert Training for Convolutional Neural Networks. (83%)
2023-08-18
Black-box Adversarial Attacks against Dense Retrieval Models: A Multi-view Contrastive Learning Method. (99%)
Attacking logo-based phishing website detectors with adversarial perturbations. (99%)
Compensating Removed Frequency Components: Thwarting Voice Spectrum Reduction Attacks. (92%)
Poison Dart Frog: A Clean-Label Attack with Low Poisoning Rate and High Attack Success Rate in the Absence of Training Data. (54%)
Backdoor Mitigation by Correcting the Distribution of Neural Activations. (11%)
On Gradient-like Explanation under a Black-box Setting: When Black-box Explanations Become as Good as White-box. (9%)
Towards Attack-tolerant Federated Learning via Critical Parameter Analysis. (9%)
Defending Label Inference Attacks in Split Learning under Regression Setting. (4%)
An Image is Worth a Thousand Toxic Words: A Metamorphic Testing Framework for Content Moderation Software. (1%)
Proceedings of the 2nd International Workshop on Adaptive Cyber Defense. (1%)
2023-08-17
Towards a Practical Defense against Adversarial Attacks on Deep Learning-based Malware Detectors via Randomized Smoothing. (99%)
AIR: Threats of Adversarial Attacks on Deep Learning-Based Information Recovery. (99%)
A White-Box False Positive Adversarial Attack Method on Contrastive Loss-Based Offline Handwritten Signature Verification Models. (98%)
Causal Adversarial Perturbations for Individual Fairness and Robustness in Heterogeneous Data Spaces. (16%)
That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications. (10%)
Evaluating the Instruction-Following Robustness of Large Language Models to Prompt Injection. (10%)
General Lipschitz: Certified Robustness Against Resolvable Semantic Transformations via Transformation-Dependent Randomized Smoothing. (3%)
2023-08-16
Benchmarking Adversarial Robustness of Compressed Deep Learning Models. (81%)
Test-Time Poisoning Attacks Against Test-Time Adaptation Models. (73%)
Self-Deception: Reverse Penetrating the Semantic Firewall of Large Language Models. (67%)
Dynamic Neural Network is All You Need: Understanding the Robustness of Dynamic Mechanisms in Neural Networks. (61%)
Expressivity of Graph Neural Networks Through the Lens of Adversarial Robustness. (33%)
2023-08-15
SEDA: Self-Ensembling ViT with Defensive Distillation and Adversarial Training for robust Chest X-rays Classification. (99%)
Backpropagation Path Search On Adversarial Transferability. (99%)
A Review of Adversarial Attacks in Computer Vision. (99%)
Robustness Over Time: Understanding Adversarial Examples' Effectiveness on Longitudinal Versions of Large Language Models. (95%)
Simple and Efficient Partial Graph Adversarial Attack: A New Perspective. (93%)
2023-08-14
3DHacker: Spectrum-based Decision Boundary Generation for Hard-label 3D Point Cloud Attack. (99%)
White-Box Adversarial Attacks on Deep Learning-Based Radio Frequency Fingerprint Identification. (99%)
AdvCLIP: Downstream-agnostic Adversarial Examples in Multimodal Contrastive Learning. (99%)
Enhancing the Antidote: Improved Pointwise Certifications against Poisoning Attacks. (68%)
LLM Self Defense: By Self Examination, LLMs Know They Are Being Tricked. (54%)
DISBELIEVE: Distance Between Client Models is Very Essential for Effective Local Model Poisoning Attacks. (13%)
ACTIVE: Towards Highly Transferable 3D Physical Camouflage for Universal and Robust Vehicle Evasion. (10%)
SAM Meets Robotic Surgery: An Empirical Study on Generalization, Robustness and Adaptation. (1%)
2023-08-13
SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection. (99%)
Understanding the robustness difference between stochastic gradient descent and adaptive gradient methods. (45%)
A Survey on Deep Neural Network Pruning-Taxonomy, Comparison, Analysis, and Recommendations. (1%)
Robustified ANNs Reveal Wormholes Between Human Category Percepts. (1%)
Faithful to Whom? Questioning Interpretability Measures in NLP. (1%)
2023-08-12
Not So Robust After All: Evaluating the Robustness of Deep Neural Networks to Unseen Adversarial Attacks. (99%)
One-bit Flip is All You Need: When Bit-flip Attack Meets Model Training. (13%)
2023-08-11
Enhancing Generalization of Universal Adversarial Perturbation through Gradient Aggregation. (98%)
Physical Adversarial Attacks For Camera-based Smart Systems: Current Trends, Categorization, Applications, Research Challenges, and Future Outlook. (98%)
Face Encryption via Frequency-Restricted Identity-Agnostic Attacks. (96%)
White-box Membership Inference Attacks against Diffusion Models. (68%)
Test-Time Adaptation for Backdoor Defense. (10%)
Continual Face Forgery Detection via Historical Distribution Preserving. (2%)
Fast and Accurate Transferability Measurement by Evaluating Intra-class Feature Variance. (1%)
2023-08-10
Hard No-Box Adversarial Attack on Skeleton-Based Human Action Recognition with Skeleton-Motion-Informed Gradient. (99%)
Symmetry Defense Against XGBoost Adversarial Perturbation Attacks. (96%)
Complex Network Effects on the Robustness of Graph Convolutional Networks. (92%)
State Machine Frameworks for Website Fingerprinting Defenses: Maybe Not. (61%)
FLShield: A Validation Based Federated Learning Framework to Defend Against Poisoning Attacks. (45%)
Critical Points ++: An Agile Point Cloud Importance Measure for Robust Classification, Adversarial Defense and Explainable AI. (5%)
Comprehensive Analysis of Network Robustness Evaluation Based on Convolutional Neural Networks with Spatial Pyramid Pooling. (1%)
2023-08-09
Adv-Inpainting: Generating Natural and Transferable Adversarial Patch via Attention-guided Feature Fusion. (98%)
Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning. (93%)
Adversarial Deep Reinforcement Learning for Cyber Security in Software Defined Networks. (81%)
Data-Free Model Extraction Attacks in the Context of Object Detection. (41%)
2023-08-08
Pelta: Shielding Transformers to Mitigate Evasion Attacks in Federated Learning. (99%)
Federated Zeroth-Order Optimization using Trajectory-Informed Surrogate Gradients. (81%)
The Model Inversion Eavesdropping Attack in Semantic Communication Systems. (67%)
Comprehensive Assessment of the Performance of Deep Learning Classifiers Reveals a Surprising Lack of Robustness. (64%)
XGBD: Explanation-Guided Graph Backdoor Detection. (54%)
Improved Activation Clipping for Universal Backdoor Mitigation and Test-Time Detection. (50%)
Backdoor Federated Learning by Poisoning Backdoor-Critical Layers. (15%)
Evil Operation: Breaking Speaker Recognition with PaddingBack. (13%)
2023-08-07
Fixed Inter-Neuron Covariability Induces Adversarial Robustness. (98%)
Exploring the Physical World Adversarial Robustness of Vehicle Detection. (98%)
PAIF: Perception-Aware Infrared-Visible Image Fusion for Attack-Tolerant Semantic Segmentation. (86%)
A reading survey on adversarial machine learning: Adversarial attacks and their understanding. (81%)
A Four-Pronged Defense Against Byzantine Attacks in Federated Learning. (54%)
Improving Performance of Semi-Supervised Learning by Adversarial Attacks. (11%)
Mondrian: Prompt Abstraction Attack Against Large Language Models for Cheaper API Pricing. (10%)
2023-08-06
SAAM: Stealthy Adversarial Attack on Monoculor Depth Estimation. (99%)
CGBA: Curvature-aware Geometric Black-box Attack. (99%)
APBench: A Unified Benchmark for Availability Poisoning Attacks and Defenses. (98%)
Unsupervised Adversarial Detection without Extra Model: Training Loss Should Change. (82%)
Using Overlapping Methods to Counter Adversaries in Community Detection. (50%)
2023-08-05
An Adaptive Model Ensemble Adversarial Attack for Boosting Adversarial Transferability. (99%)
An AI-Enabled Framework to Defend Ingenious MDT-based Attacks on the Emerging Zero Touch Cellular Networks. (92%)
A Security and Usability Analysis of Local Attacks Against FIDO2. (1%)
Approximating Positive Homogeneous Functions with Scale Invariant Neural Networks. (1%)
2023-08-04
Multi-attacks: Many images $+$ the same adversarial attack $\to$ many target labels. (99%)
RobustMQ: Benchmarking Robustness of Quantized Models. (75%)
Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks. (67%)
Universal Defensive Underpainting Patch: Making Your Text Invisible to Optical Character Recognition. (31%)
BlindSage: Label Inference Attacks against Node-level Vertical Federated Graph Neural Networks. (9%)
2023-08-03
Hard Adversarial Example Mining for Improving Robust Fairness. (99%)
URET: Universal Robustness Evaluation Toolkit (for Evasion). (99%)
AdvFAS: A robust face anti-spoofing framework against adversarial examples. (98%)
FROD: Robust Object Detection for Free. (67%)
ParaFuzz: An Interpretability-Driven Technique for Detecting Poisoned Samples in NLP. (33%)
From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application? (4%)
2023-08-02
Inaudible Adversarial Perturbation: Manipulating the Recognition of User Speech in Real Time. (99%)
Isolation and Induction: Training Robust Deep Neural Networks against Model Stealing Attacks. (98%)
Mercury: An Automated Remote Side-channel Attack to Nvidia Deep Learning Accelerator. (16%)
TEASMA: A Practical Approach for the Test Assessment of Deep Neural Networks using Mutation Analysis. (2%)
LSF-IDM: Automotive Intrusion Detection Model with Lightweight Attribution and Semantic Fusion. (1%)
2023-08-01
Dynamic ensemble selection based on Deep Neural Network Uncertainty Estimation for Adversarial Robustness. (99%)
LimeAttack: Local Explainable Method for Textual Hard-Label Adversarial Attack. (99%)
Improving Generalization of Adversarial Training via Robust Critical Fine-Tuning. (99%)
Doubly Robust Instance-Reweighted Adversarial Training. (82%)
Training on Foveated Images Improves Robustness to Adversarial Attacks. (82%)
Kidnapping Deep Learning-based Multirotors using Optimized Flying Adversarial Patches. (47%)
Robust Linear Regression: Phase-Transitions and Precise Tradeoffs for General Norms. (22%)
Zero-Shot Learning by Harnessing Adversarial Samples. (1%)
A Novel Cross-Perturbation for Single Domain Generalization. (1%)
Learning to Generate Training Datasets for Robust Semantic Segmentation. (1%)
2023-07-31
A Novel Deep Learning based Model to Defend Network Intrusion Detection System against Adversarial Attacks. (99%)
Transferable Attack for Semantic Segmentation. (99%)
Universal Adversarial Defense in Remote Sensing Based on Pre-trained Denoising Diffusion Models. (99%)
Defense of Adversarial Ranking Attack in Text Retrieval: Benchmark and Baseline via Detection. (97%)
Text-CRS: A Generalized Certified Robustness Framework against Textual Adversarial Attacks. (86%)
BAGM: A Backdoor Attack for Manipulating Text-to-Image Generative Models. (26%)
Adversarially Robust Neural Legal Judgement Systems. (11%)
Virtual Prompt Injection for Instruction-Tuned Large Language Models. (10%)
Noisy Self-Training with Data Augmentations for Offensive and Hate Speech Detection Tasks. (1%)
2023-07-30
Theoretically Principled Trade-off for Stateful Defenses against Query-Based Black-Box Attacks. (99%)
Benchmarking and Analyzing Robust Point Cloud Recognition: Bag of Tricks for Defending Adversarial Examples. (99%)
Probabilistically robust conformal prediction. (91%)
On Updating Static Output Feedback Controllers Under State-Space Perturbation. (1%)
2023-07-29
You Can Backdoor Personalized Federated Learning. (92%)
On Neural Network approximation of ideal adversarial attack and convergence of adversarial training. (92%)
Exposing Hidden Attackers in Industrial Control Systems using Micro-distortions. (41%)
2023-07-28
Beating Backdoor Attack at Its Own Game. (97%)
Adversarial training for tabular data with attack propagation. (67%)
Improving Realistic Worst-Case Performance of NVCiM DNN Accelerators through Training with Right-Censored Gaussian Noise. (10%)
What can Discriminator do? Towards Box-free Ownership Verification of Generative Adversarial Network. (4%)
2023-07-27
Universal and Transferable Adversarial Attacks on Aligned Language Models. (99%)
R-LPIPS: An Adversarially Robust Perceptual Similarity Metric. (99%)
When Measures are Unreliable: Imperceptible Adversarial Perturbations toward Top-$k$ Multi-Label Learning. (99%)
Backdoor Attacks for In-Context Learning with Language Models. (97%)
FLARE: Fingerprinting Deep Reinforcement Learning Agents using Universal Adversarial Masks. (93%)
Unified Adversarial Patch for Visible-Infrared Cross-modal Attacks in the Physical World. (92%)
NSA: Naturalistic Support Artifact to Boost Network Confidence. (62%)
SEV-Step: A Single-Stepping Framework for AMD-SEV. (3%)
Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance. (1%)
AC-Norm: Effective Tuning for Medical Image Analysis via Affine Collaborative Normalization. (1%)
2023-07-26
Enhanced Security against Adversarial Examples Using a Random Ensemble of Encrypted Vision Transformer Models. (99%)
Set-level Guidance Attack: Boosting Adversarial Transferability of Vision-Language Pre-training Models. (99%)
Defending Adversarial Patches via Joint Region Localizing and Inpainting. (99%)
Lateral-Direction Localization Attack in High-Level Autonomous Driving: Domain-Specific Defense Opportunity via Lane Detection. (67%)
Plug and Pray: Exploiting off-the-shelf components of Multi-Modal Models. (33%)
Coupled-Space Attacks against Random-Walk-based Anomaly Detection. (11%)
FakeTracer: Proactively Defending Against Face-swap DeepFakes via Implanting Traces in Training. (5%)
Open Image Content Disarm And Reconstruction. (1%)
2023-07-25
On the unreasonable vulnerability of transformers for image restoration -- and an easy fix. (99%)
Imperceptible Physical Attack against Face Recognition Systems via LED Illumination Modulation. (99%)
Foundational Models Defining a New Era in Vision: A Survey and Outlook. (10%)
Efficient Estimation of Average-Case Robustness for Multi-Class Classification. (10%)
2023-07-24
Why Don't You Clean Your Glasses? Perception Attacks with Dynamic Optical Perturbations. (99%)
Lost In Translation: Generating Adversarial Examples Robust to Round-Trip Translation. (99%)
Data-free Black-box Attack based on Diffusion Model. (62%)
Adaptive Certified Training: Towards Better Accuracy-Robustness Tradeoffs. (56%)
An Estimator for the Sensitivity to Perturbations of Deep Neural Networks. (31%)
Cyber Deception against Zero-day Attacks: A Game Theoretic Approach. (12%)
Malware Resistant Data Protection in Hyper-connected Networks: A survey. (10%)
Digital Twins for Moving Target Defense Validation in AC Microgrids. (1%)
Towards Bridging the FL Performance-Explainability Trade-Off: A Trustworthy 6G RAN Slicing Use-Case. (1%)
Learning Provably Robust Estimators for Inverse Problems via Jittering. (1%)
2023-07-23
AdvDiff: Generating Unrestricted Adversarial Examples using Diffusion Models. (99%)
Towards Generic and Controllable Attacks Against Object Detection. (99%)
Downstream-agnostic Adversarial Examples. (99%)
Gradient-Based Word Substitution for Obstinate Adversarial Examples Generation in Language Models. (98%)
A First Look at On-device Models in iOS Apps. (84%)
Robust Automatic Speech Recognition via WavAugment Guided Phoneme Adversarial Training. (83%)
Cross Contrastive Feature Perturbation for Domain Generalization. (1%)
2023-07-22
Backdoor Attacks against Voice Recognition Systems: A Survey. (13%)
2023-07-21
Unveiling Vulnerabilities in Interpretable Deep Learning Systems with Query-Efficient Black-box Attacks. (99%)
Fast Adaptive Test-Time Defense with Robust Features. (98%)
Improving Viewpoint Robustness for Visual Recognition via Adversarial Training. (80%)
FMT: Removing Backdoor Feature Maps via Feature Map Testing in Deep Neural Networks. (76%)
OUTFOX: LLM-generated Essay Detection through In-context Learning with Adversarially Generated Examples. (62%)
HybridAugment++: Unified Frequency Spectra Perturbations for Model Robustness. (26%)
2023-07-20
A LLM Assisted Exploitation of AI-Guardian. (98%)
Improving Transferability of Adversarial Examples via Bayesian Attacks. (98%)
Adversarial attacks for mixtures of classifiers. (54%)
PATROL: Privacy-Oriented Pruning for Collaborative Inference Against Model Inversion Attacks. (33%)
A Holistic Assessment of the Reliability of Machine Learning Systems. (4%)
Making Pre-trained Language Models both Task-solvers and Self-calibrators. (2%)
Boundary State Generation for Testing and Improvement of Autonomous Driving Systems. (1%)
2023-07-19
Backdoor Attack against Object Detection with Clean Annotation. (93%)
Shared Adversarial Unlearning: Backdoor Mitigation by Unlearning Shared Adversarial Examples. (92%)
Rethinking Backdoor Attacks. (83%)
Towards Building More Robust Models with Frequency Bias. (81%)
Reinforcing POD based model reduction techniques in reaction-diffusion complex networks using stochastic filtering and pattern recognition. (26%)
2023-07-18
CertPri: Certifiable Prioritization for Deep Neural Networks via Movement Cost in Feature Space. (67%)
FedDefender: Client-Side Attack-Tolerant Federated Learning. (50%)
Can Neural Network Memorization Be Localized? (4%)
2023-07-17
Analyzing the Impact of Adversarial Examples on Explainable Machine Learning. (99%)
Adversarial Attacks on Traffic Sign Recognition: A Survey. (98%)
Discretization-based ensemble model for robust learning in IoT. (87%)
Unstoppable Attack: Label-Only Model Inversion via Conditional Diffusion Model. (83%)
Experimental Security Analysis of DNN-based Adaptive Cruise Control under Context-Aware Perception Attacks. (11%)
On the Fly Neural Style Smoothing for Risk-Averse Domain Generalization. (2%)
A Machine Learning based Empirical Evaluation of Cyber Threat Actors High Level Attack Patterns over Low level Attack Patterns in Attributing Attacks. (1%)
2023-07-16
Towards Viewpoint-Invariant Visual Recognition via Adversarial Training. (83%)
Towards Stealthy Backdoor Attacks against Speech Recognition via Elements of Sound. (73%)
Diffusion to Confusion: Naturalistic Adversarial Patch Generation Based on Diffusion Model for Object Detector. (10%)
Lipschitz Continuous Algorithms for Covering Problems. (1%)
2023-07-15
On the Robustness of Split Learning against Adversarial Attacks. (99%)
Why Does Little Robustness Help? Understanding and Improving Adversarial Transferability from Surrogate Training. (99%)
Unified Adversarial Patch for Cross-modal Attacks in the Physical World. (92%)
MasterKey: Automated Jailbreak Across Multiple Large Language Model Chatbots. (2%)
2023-07-14
Vulnerability-Aware Instance Reweighting For Adversarial Training. (99%)
Mitigating Adversarial Vulnerability through Causal Parameter Estimation by Adversarial Double Machine Learning. (99%)
On the Sensitivity of Deep Load Disaggregation to Adversarial Attacks. (99%)
RFLA: A Stealthy Reflected Light Adversarial Attack in the Physical World. (98%)
Frequency Domain Adversarial Training for Robust Volumetric Medical Segmentation. (98%)
Adversarial Training Over Long-Tailed Distribution. (84%)
Structured Pruning of Neural Networks for Constraints Learning. (76%)
Boosting Backdoor Attack with A Learnable Poisoning Sample Selection Strategy. (68%)
Erasing, Transforming, and Noising Defense Network for Occluded Person Re-Identification. (31%)
Certified Robustness for Large Language Models with Self-Denoising. (5%)
2023-07-13
Multi-objective Evolutionary Search of Variable-length Composite Semantic Perturbations. (99%)
Introducing Foundation Models as Surrogate Models: Advancing Towards More Practical Adversarial Attacks. (99%)
Defeating Proactive Jammers Using Deep Reinforcement Learning for Resource-Constrained IoT Networks. (1%)
Towards Traitor Tracing in Black-and-White-Box DNN Watermarking with Tardos-based Codes. (1%)
2023-07-12
Single-Class Target-Specific Attack against Interpretable Deep Learning Systems. (99%)
Microbial Genetic Algorithm-based Black-box Attack against Interpretable Deep Learning Systems. (99%)
Rational Neural Network Controllers. (2%)
A Bayesian approach to quantifying uncertainties and improving generalizability in traffic prediction models. (1%)
Misclassification in Automated Content Analysis Causes Bias in Regression. Can We Fix It? Yes We Can! (1%)
2023-07-11
ATWM: Defense against adversarial malware based on adversarial training. (99%)
Membership Inference Attacks on DNNs using Adversarial Perturbations. (89%)
On the Vulnerability of DeepFake Detectors to Attacks Generated by Denoising Diffusion Models. (10%)
Random-Set Convolutional Neural Network (RS-CNN) for Epistemic Deep Learning. (4%)
Differential Analysis of Triggers and Benign Features for Black-Box DNN Backdoor Detection. (2%)
The Butterfly Effect in Artificial Intelligence Systems: Implications for AI Bias and Fairness. (1%)
Memorization Through the Lens of Curvature of Loss Function Around Samples. (1%)
2023-07-10
Practical Trustworthiness Model for DNN in Dedicated 6G Application. (33%)
Distill-SODA: Distilling Self-Supervised Vision Transformer for Source-Free Open-Set Domain Adaptation in Computational Pathology. (1%)
2023-07-09
GNP Attack: Transferable Adversarial Examples via Gradient Norm Penalty. (98%)
Enhancing Adversarial Robustness via Score-Based Optimization. (98%)
2023-07-08
Adversarial Self-Attack Defense and Spatial-Temporal Relation Mining for Visible-Infrared Video Person Re-Identification. (99%)
Random Position Adversarial Patch for Vision Transformers. (83%)
Robust Ranking Explanations. (38%)
2023-07-07
A Theoretical Perspective on Subnetwork Contributions to Adversarial Robustness. (81%)
Scalable Membership Inference Attacks via Quantile Regression. (33%)
RADAR: Robust AI-Text Detection via Adversarial Learning. (5%)
Generation of Time-Varying Impedance Attacks Against Haptic Shared Control Steering Systems. (1%)
2023-07-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
NatLogAttack: A Framework for Attacking Natural Language Inference Models with Natural Logic. (92%)
Quantification of Uncertainty with Adversarial Models. (68%)
A Vulnerability of Attribution Methods Using Pre-Softmax Scores. (41%)
Probabilistic and Semantic Descriptions of Image Manifolds and Their Applications. (8%)
T-MARS: Improving Visual Representations by Circumventing Text Feature Learning. (1%)
2023-07-05
Adversarial Attacks on Image Classification Models: FGSM and Patch Attacks and their Impact. (98%)
DARE: Towards Robust Text Explanations in Biomedical and Healthcare Applications. (69%)
Detecting Images Generated by Deep Diffusion Models using their Local Intrinsic Dimensionality. (67%)
GIT: Detecting Uncertainty, Out-Of-Distribution and Adversarial Samples using Gradients and Invariance Transformations. (62%)
Securing Cloud FPGAs Against Power Side-Channel Attacks: A Case Study on Iterative AES. (5%)
On the Adversarial Robustness of Generative Autoencoders in the Latent Space. (3%)
2023-07-04
SCAT: Robust Self-supervised Contrastive Learning via Adversarial Training for Text Classification. (99%)
LEAT: Towards Robust Deepfake Disruption in Real-World Scenarios via Latent Ensemble Attack. (83%)
Interpretable Computer Vision Models through Adversarial Training: Unveiling the Robustness-Interpretability Connection. (68%)
Overconfidence is a Dangerous Thing: Mitigating Membership Inference Attacks by Enforcing Less Confident Prediction. (45%)
Physically Realizable Natural-Looking Clothing Textures Evade Person Detectors via 3D Modeling. (26%)
An Analysis of Untargeted Poisoning Attack and Defense Methods for Federated Online Learning to Rank Systems. (13%)
Machine Learning-Based Intrusion Detection: Feature Selection versus Feature Extraction. (1%)
Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data. (1%)
2023-07-03
Pareto-Secure Machine Learning (PSML): Fingerprinting and Securing Inference Serving Systems. (99%)
A Dual Stealthy Backdoor: From Both Spatial and Frequency Perspectives. (83%)
Analyzing the vulnerabilities in SplitFed Learning: Assessing the robustness against Data Poisoning Attacks. (62%)
What Distributions are Robust to Indiscriminate Poisoning Attacks for Linear Learners? (62%)
Adversarial Learning in Real-World Fraud Detection: Challenges and Perspectives. (45%)
Analysis of Task Transferability in Large Pre-trained Classifiers. (13%)
Enhancing the Robustness of QMIX against State-adversarial Attacks. (4%)
Towards Building Self-Aware Object Detectors via Reliable Uncertainty Quantification and Calibration. (1%)
2023-07-02
Query-Efficient Decision-based Black-Box Patch Attack. (99%)
Interpretability and Transparency-Driven Detection and Transformation of Textual Adversarial Examples (IT-DT). (99%)
From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy. (10%)
CLIMAX: An exploration of Classifier-Based Contrastive Explanations. (2%)
2023-07-01
Common Knowledge Learning for Generating Transferable Adversarial Examples. (99%)
Adversarial Attacks and Defenses on 3D Point Cloud Classification: A Survey. (99%)
Brightness-Restricted Adversarial Attack Patch. (75%)
Fedward: Flexible Federated Backdoor Defense Framework with Non-IID Data. (54%)
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training. (26%)
SysNoise: Exploring and Benchmarking Training-Deployment System Inconsistency. (13%)
Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD. (10%)
CasTGAN: Cascaded Generative Adversarial Network for Realistic Tabular Data Synthesis. (2%)
FedDefender: Backdoor Attack Defense in Federated Learning. (2%)
Hiding in Plain Sight: Differential Privacy Noise Exploitation for Evasion-resilient Localized Poisoning Attacks in Multiagent Reinforcement Learning. (1%)
2023-06-30
Defense against Adversarial Cloud Attack on Remote Sensing Salient Object Detection. (99%)
Efficient Backdoor Removal Through Natural Gradient Fine-tuning. (8%)
Minimum-norm Sparse Perturbations for Opacity in Linear Systems. (1%)
2023-06-29
Defending Black-box Classifiers by Bayesian Boundary Correction. (99%)
Towards Optimal Randomized Strategies in Adversarial Example Game. (96%)
Neural Polarizer: A Lightweight and Effective Backdoor Defense via Purifying Poisoned Features. (13%)
NeuralFuse: Learning to Improve the Accuracy of Access-Limited Neural Network Inference in Low-Voltage Regimes. (1%)
2023-06-28
Mitigating the Accuracy-Robustness Trade-off via Multi-Teacher Adversarial Distillation. (99%)
Boosting Adversarial Transferability with Learnable Patch-wise Masks. (99%)
Evaluating Similitude and Robustness of Deep Image Denoising Models via Adversarial Attack. (99%)
Group-based Robustness: A General Framework for Customized Robustness in the Real World. (98%)
Distributional Modeling for Location-Aware Adversarial Patches. (98%)
Enrollment-stage Backdoor Attacks on Speaker Recognition Systems via Adversarial Ultrasound. (96%)
Does Saliency-Based Training bring Robustness for Deep Neural Networks in Image Classification? (93%)
On Practical Aspects of Aggregation Defenses against Data Poisoning Attacks. (50%)
On the Exploitability of Instruction Tuning. (13%)
2023-06-27
Advancing Adversarial Training by Injecting Booster Signal. (98%)
IMPOSITION: Implicit Backdoor Attack through Scenario Injection. (96%)
Adversarial Training for Graph Neural Networks. (92%)
Robust Proxy: Improving Adversarial Robustness by Robust Proxy Learning. (89%)
Your Attack Is Too DUMB: Formalizing Attacker Scenarios for Adversarial Transferability. (87%)
[Re] Double Sampling Randomized Smoothing. (69%)
Cooperation or Competition: Avoiding Player Domination for Multi-Target Robustness via Adaptive Budgets. (68%)
Catch Me If You Can: A New Low-Rate DDoS Attack Strategy Disguised by Feint. (26%)
Shilling Black-box Review-based Recommender Systems through Fake Review Generation. (1%)
2023-06-26
On the Universal Adversarial Perturbations for Efficient Data-free Adversarial Detection. (99%)
Are aligned neural networks adversarially aligned? (99%)
The race to robustness: exploiting fragile models for urban camouflage and the imperative for machine learning security. (92%)
3D-Aware Adversarial Makeup Generation for Facial Privacy Protection. (92%)
Towards Sybil Resilience in Decentralized Learning. (80%)
On the Resilience of Machine Learning-Based IDS for Automotive Networks. (78%)
DSRM: Boost Textual Adversarial Training with Distribution Shift Risk Minimization. (75%)
PWSHAP: A Path-Wise Explanation Model for Targeted Variables. (8%)
2023-06-25
A Spectral Perspective towards Understanding and Improving Adversarial Robustness. (99%)
On Evaluating the Adversarial Robustness of Semantic Segmentation Models. (99%)
Robust Spatiotemporal Traffic Forecasting with Reinforced Dynamic Adversarial Training. (98%)
Enhancing Adversarial Training via Reweighting Optimization Trajectory. (97%)
RobuT: A Systematic Study of Table QA Robustness Against Human-Annotated Adversarial Perturbations. (87%)
Computational Asymmetries in Robust Classification. (80%)
2023-06-24
Machine Learning needs its own Randomness Standard: Randomised Smoothing and PRNG-based attacks. (98%)
Boosting Model Inversion Attacks with Adversarial Examples. (98%)
Similarity Preserving Adversarial Graph Contrastive Learning. (96%)
Weighted Automata Extraction and Explanation of Recurrent Neural Networks for Natural Language Tasks. (70%)
2023-06-23
Creating Valid Adversarial Examples of Malware. (99%)
Adversarial Robustness Certification for Bayesian Neural Networks. (92%)
A First Order Meta Stackelberg Method for Robust Federated Learning. (10%)
2023-06-22
Visual Adversarial Examples Jailbreak Large Language Models. (99%)
Towards quantum enhanced adversarial robustness in machine learning. (99%)
Rethinking the Backward Propagation for Adversarial Transferability. (99%)
Evading Forensic Classifiers with Attribute-Conditioned Adversarial Faces. (96%)
Adversarial Resilience in Sequential Prediction via Abstention. (93%)
Document Image Cleaning using Budget-Aware Black-Box Approximation. (92%)
Anticipatory Thinking Challenges in Open Worlds: Risk Management. (81%)
Robust Semantic Segmentation: Strong Adversarial Attacks and Fast Training of Robust Models. (75%)
A First Order Meta Stackelberg Method for Robust Federated Learning (Technical Report). (33%)
Impacts and Risk of Generative AI Technology on Cyber Defense. (4%)
2023-06-21
Adversarial Attacks Neutralization via Data Set Randomization. (99%)
A Comprehensive Study on the Robustness of Image Classification and Object Detection in Remote Sensing: Surveying and Benchmarking. (92%)
Sample Attackability in Natural Language Adversarial Attacks. (92%)
Revisiting Image Classifier Training for Improved Certified Robust Defense against Adversarial Patches. (76%)
DP-BREM: Differentially-Private and Byzantine-Robust Federated Learning with Client Momentum. (47%)
FFCV: Accelerating Training by Removing Data Bottlenecks. (3%)
2023-06-20
Evaluating Adversarial Robustness of Convolution-based Human Motion Prediction. (99%)
Reversible Adversarial Examples with Beam Search Attack and Grayscale Invariance. (99%)
Universal adversarial perturbations for multiple classification tasks with quantum classifiers. (99%)
FDInet: Protecting against DNN Model Extraction via Feature Distortion Index. (50%)
DecodingTrust: A Comprehensive Assessment of Trustworthiness in GPT Models. (26%)
Towards a robust and reliable deep learning approach for detection of compact binary mergers in gravitational wave data. (3%)
Mitigating Speculation-based Attacks through Configurable Hardware/Software Co-design. (1%)
LVM-Med: Learning Large-Scale Self-Supervised Vision Models for Medical Imaging via Second-order Graph Matching. (1%)
2023-06-19
Comparative Evaluation of Recent Universal Adversarial Perturbations in Image Classification. (99%)
Adversarial Robustness of Prompt-based Few-Shot Learning for Natural Language Understanding. (75%)
Adversarial Training Should Be Cast as a Non-Zero-Sum Game. (73%)
Eigenpatches -- Adversarial Patches from Principal Components. (38%)
Practical and General Backdoor Attacks against Vertical Federated Learning. (13%)
BNN-DP: Robustness Certification of Bayesian Neural Networks via Dynamic Programming. (5%)
2023-06-17
Edge Learning for 6G-enabled Internet of Things: A Comprehensive Survey of Vulnerabilities, Datasets, and Defenses. (98%)
Understanding Certified Training with Interval Bound Propagation. (38%)
GlyphNet: Homoglyph domains dataset and detection using attention-based Convolutional Neural Networks. (9%)
Bkd-FedGNN: A Benchmark for Classification Backdoor Attacks on Federated Graph Neural Network. (1%)
2023-06-16
Wasserstein distributional robustness of neural networks. (99%)
Query-Free Evasion Attacks Against Machine Learning-Based Malware Detectors with Generative Adversarial Networks. (99%)
You Don't Need Robust Machine Learning to Manage Adversarial Attack Risks. (98%)
Towards Better Certified Segmentation via Diffusion Models. (73%)
Adversarially robust clustering with optimality guarantees. (4%)
CLIP2Protect: Protecting Facial Privacy using Text-Guided Makeup via Adversarial Latent Search. (1%)
2023-06-15
DIFFender: Diffusion-Based Adversarial Defense against Patch Attacks in the Physical World. (99%)
OVLA: Neural Network Ownership Verification using Latent Watermarks. (64%)
Evaluating the Robustness of Text-to-image Diffusion Models against Real-world Attacks. (62%)
On Strengthening and Defending Graph Reconstruction Attack with Markov Chain Approximation. (33%)
Robustness Analysis on Foundational Segmentation Models. (9%)
Explore, Establish, Exploit: Red Teaming Language Models from Scratch. (1%)
Community Detection Attack against Collaborative Learning-based Recommender Systems. (1%)
Concealing CAN Message Sequences to Prevent Schedule-based Bus-off Attacks. (1%)
2023-06-14
Reliable Evaluation of Adversarial Transferability. (99%)
A Relaxed Optimization Approach for Adversarial Attacks against Neural Machine Translation Models. (99%)
X-Detect: Explainable Adversarial Patch Detection for Object Detectors in Retail. (98%)
Augment then Smooth: Reconciling Differential Privacy with Certified Robustness. (98%)
Efficient Backdoor Attacks for Deep Neural Networks in Real-world Scenarios. (83%)
A Unified Framework of Graph Information Bottleneck for Robustness and Membership Privacy. (75%)
On the Robustness of Latent Diffusion Models. (73%)
Improving Selective Visual Question Answering by Learning from Your Peers. (1%)
2023-06-13
Theoretical Foundations of Adversarially Robust Learning. (99%)
Finite Gaussian Neurons: Defending against adversarial attacks by making neural networks say "I don't know". (99%)
I See Dead People: Gray-Box Adversarial Attack on Image-To-Text Models. (99%)
Robustness of SAM: Segment Anything Under Corruptions and Beyond. (98%)
Area is all you need: repeatable elements make stronger adversarial attacks. (98%)
Malafide: a novel adversarial convolutive noise attack against deepfake and spoofing detection systems. (96%)
Revisiting and Advancing Adversarial Training Through A Simple Baseline. (87%)
Generative Watermarking Against Unauthorized Subject-Driven Image Synthesis. (78%)
Privacy Inference-Empowered Stealthy Backdoor Attack on Federated Learning under Non-IID Scenarios. (22%)
DHBE: Data-free Holistic Backdoor Erasing in Deep Neural Networks via Restricted Adversarial Distillation. (22%)
Temporal Gradient Inversion Attacks with Robust Optimization. (8%)
Few-shot Multi-domain Knowledge Rearming for Context-aware Defence against Advanced Persistent Threats. (2%)
2023-06-12
When Vision Fails: Text Attacks Against ViT and OCR. (99%)
AROID: Improving Adversarial Robustness through Online Instance-wise Data Augmentation. (99%)
How robust accuracy suffers from certified training with convex relaxations. (73%)
Graph Agent Network: Empowering Nodes with Decentralized Communications Capabilities for Adversarial Resilience. (54%)
Frequency-Based Vulnerability Analysis of Deep Learning Models against Image Corruptions. (13%)
On the Robustness of Removal-Based Feature Attributions. (11%)
VillanDiffusion: A Unified Backdoor Attack Framework for Diffusion Models. (1%)
2023-06-11
Securing Visually-Aware Recommender Systems: An Adversarial Image Reconstruction and Detection Framework. (99%)
Neural Architecture Design and Robustness: A Dataset. (76%)
TrojLLM: A Black-box Trojan Prompt Attack on Large Language Models. (68%)
2023-06-10
Boosting Adversarial Robustness using Feature Level Stochastic Smoothing. (92%)
NeRFool: Uncovering the Vulnerability of Generalizable Neural Radiance Fields against Adversarial Perturbations. (83%)
The Defense of Networked Targets in General Lotto games. (13%)
2023-06-09
Detecting Adversarial Directions in Deep Reinforcement Learning to Make Robust Decisions. (84%)
GAN-CAN: A Novel Attack to Behavior-Based Driver Authentication Systems. (70%)
Overcoming Adversarial Attacks for Human-in-the-Loop Applications. (45%)
2023-06-08
Adversarial Evasion Attacks Practicality in Networks: Testing the Impact of Dynamic Learning. (99%)
Boosting Adversarial Transferability by Achieving Flat Local Maxima. (99%)
COVER: A Heuristic Greedy Adversarial Attack on Prompt-based Learning in Language Models. (93%)
Generalizable Lightweight Proxy for Robust NAS against Diverse Perturbations. (83%)
A Melting Pot of Evolution and Learning. (41%)
PriSampler: Mitigating Property Inference of Diffusion Models. (12%)
Robustness Testing for Multi-Agent Reinforcement Learning: State Perturbations on Critical Agents. (10%)
G$^2$uardFL: Safeguarding Federated Learning Against Backdoor Attacks through Attributed Client Graph Clustering. (10%)
Re-aligning Shadow Models can Improve White-box Membership Inference Attacks. (10%)
Conservative Prediction via Data-Driven Confidence Minimization. (8%)
Robust Framework for Explanation Evaluation in Time Series Classification. (2%)
Enhancing Robustness of AI Offensive Code Generators via Data Augmentation. (2%)
FedMLSecurity: A Benchmark for Attacks and Defenses in Federated Learning and LLMs. (1%)
Open Set Relation Extraction via Unknown-Aware Training. (1%)
2023-06-07
Extracting Cloud-based Model with Prior Knowledge. (99%)
Expanding Scope: Adapting English Adversarial Attacks to Chinese. (99%)
PromptAttack: Probing Dialogue State Trackers with Adversarial Prompts. (92%)
Optimal Transport Model Distributional Robustness. (83%)
PromptBench: Towards Evaluating the Robustness of Large Language Models on Adversarial Prompts. (76%)
A Linearly Convergent GAN Inversion-based Algorithm for Reverse Engineering of Deceptions. (45%)
Faithful Knowledge Distillation. (41%)
Divide and Repair: Using Options to Improve Performance of Imitation Learning Against Adversarial Demonstrations. (16%)
Can current NLI systems handle German word order? Investigating language model performance on a new German challenge set of minimal pairs. (15%)
Adversarial Sample Detection Through Neural Network Transport Dynamics. (10%)
2023-06-06
Revisiting the Trade-off between Accuracy and Robustness via Weight Distribution of Filters. (99%)
Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations. (97%)
Transferable Adversarial Robustness for Categorical Data via Universal Robust Embeddings. (93%)
Adversarial Attacks and Defenses in Explainable Artificial Intelligence: A Survey. (64%)
Exploring Model Dynamics for Accumulative Poisoning Discovery. (62%)
Membership inference attack with relative decision boundary distance. (33%)
Performance-optimized deep neural networks are evolving into worse models of inferotemporal visual cortex. (8%)
Adversarial Attacks and Defenses for Semantic Communication in Vehicular Metaverses. (1%)
2023-06-05
Evading Black-box Classifiers Without Breaking Eggs. (99%)
Adversarial alignment: Breaking the trade-off between the strength of an attack and its relevance to human perception. (99%)
Evaluating robustness of support vector machines with the Lagrangian dual approach. (97%)
A Robust Likelihood Model for Novelty Detection. (93%)
Adversarial Ink: Componentwise Backward Error Attacks on Deep Learning. (86%)
Enhance Diffusion to Improve Robust Generalization. (76%)
KNOW How to Make Up Your Mind! Adversarially Detecting and Alleviating Inconsistencies in Natural Language Explanations. (68%)
Stable Diffusion is Unstable. (45%)
Neuron Activation Coverage: Rethinking Out-of-distribution Detection and Generalization. (1%)
Security Knowledge-Guided Fuzzing of Deep Learning Libraries. (1%)
2023-06-04
Adversary for Social Good: Leveraging Adversarial Attacks to Protect Personal Attribute Privacy. (98%)
Aerial Swarm Defense using Interception and Herding Strategies. (1%)
2023-06-03
Towards Black-box Adversarial Example Detection: A Data Reconstruction-based Method. (99%)
Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning in Cybersecurity Games. (67%)
Can Directed Graph Neural Networks be Adversarially Robust? (56%)
Flew Over Learning Trap: Learn Unlearnable Samples by Progressive Staged Training. (13%)
Benchmarking Robustness of Adaptation Methods on Pre-trained Vision-Language Models. (1%)
2023-06-02
Why Clean Generalization and Robust Overfitting Both Happen in Adversarial Training. (99%)
A Closer Look at the Adversarial Robustness of Deep Equilibrium Models. (92%)
Adaptive Attractors: A Defense Strategy against ML Adversarial Collusion Attacks. (83%)
Poisoning Network Flow Classifiers. (61%)
Hyperparameter Learning under Data Poisoning: Analysis of the Influence of Regularization via Multiobjective Bilevel Optimization. (54%)
Robust low-rank training via approximate orthonormal constraints. (22%)
Supervised Adversarial Contrastive Learning for Emotion Recognition in Conversations. (13%)
Improving Adversarial Robustness of DEQs with Explicit Regulations Along the Neural Dynamics. (11%)
Covert Communication Based on the Poisoning Attack in Federated Learning. (10%)
Invisible Image Watermarks Are Provably Removable Using Generative AI. (10%)
VoteTRANS: Detecting Adversarial Text without Training by Voting on Hard Labels of Transformations. (3%)
Unlearnable Examples for Diffusion Models: Protect Data from Unauthorized Exploitation. (2%)
Towards Robust GAN-generated Image Detection: a Multi-view Completion Representation. (1%)
Improving the generalizability and robustness of large-scale traffic signal control. (1%)
2023-06-01
Adversarial Attack Based on Prediction-Correction. (99%)
Reconstruction Distortion of Learned Image Compression with Imperceptible Perturbations. (96%)
Intriguing Properties of Text-guided Diffusion Models. (92%)
Constructing Semantics-Aware Adversarial Examples with Probabilistic Perspective. (87%)
Robust Backdoor Attack with Visible, Semantic, Sample-Specific, and Compatible Triggers. (82%)
Improving the Robustness of Summarization Systems with Dual Augmentation. (76%)
Adversarial Robustness in Unsupervised Machine Learning: A Systematic Review. (38%)
Does Black-box Attribute Inference Attacks on Graph Neural Networks Constitute Privacy Risk? (13%)
CALICO: Self-Supervised Camera-LiDAR Contrastive Pre-training for BEV Perception. (13%)
ModelObfuscator: Obfuscating Model Information to Protect Deployed ML-based Systems. (4%)
2023-05-31
Exploring the Vulnerabilities of Machine Learning and Quantum Machine Learning to Adversarial Attacks using a Malware Dataset: A Comparative Analysis. (98%)
Graph-based methods coupled with specific distributional distances for adversarial attack detection. (98%)
Adversarial-Aware Deep Learning System based on a Secondary Classical Machine Learning Verification Approach. (98%)
Adversarial Clean Label Backdoor Attacks and Defenses on Text Classification Systems. (54%)
Deception by Omission: Using Adversarial Missingness to Poison Causal Structure Learning. (26%)
Red Teaming Language Model Detectors with Language Models. (15%)
Ambiguity in solving imaging inverse problems with deep learning based operators. (1%)
2023-05-30
Pseudo-Siamese Network based Timbre-reserved Black-box Adversarial Attack in Speaker Identification. (99%)
Breeding Machine Translations: Evolutionary approach to survive and thrive in the world of automated evaluation. (64%)
Incremental Randomized Smoothing Certification. (33%)
Defense Against Shortest Path Attacks. (16%)
A Multilingual Evaluation of NER Robustness to Adversarial Inputs. (15%)
Which Models have Perceptually-Aligned Gradients? An Explanation via Off-Manifold Robustness. (10%)
It begins with a boundary: A geometric view on probabilistically robust learning. (8%)
Adversarial Attacks on Online Learning to Rank with Stochastic Click Models. (2%)
Learning Perturbations to Explain Time Series Predictions. (1%)
2023-05-29
From Adversarial Arms Race to Model-centric Evaluation: Motivating a Unified Automatic Robustness Evaluation Framework. (99%)
Fourier Analysis on Robustness of Graph Convolutional Neural Networks for Skeleton-based Action Recognition. (92%)
Exploiting Explainability to Design Adversarial Attacks and Evaluate Attack Resilience in Hate-Speech Detection Models. (92%)
UMD: Unsupervised Model Detection for X2X Backdoor Attacks. (81%)
Membership Inference Attacks against Language Models via Neighbourhood Comparison. (73%)
Trustworthy Sensor Fusion against Inaudible Command Attacks in Advanced Driver-Assistance System. (41%)
Explainability in Simplicial Map Neural Networks. (38%)
Robust Lipschitz Bandits to Adversarial Corruptions. (11%)
Towards minimizing efforts for Morphing Attacks -- Deep embeddings for morphing pair selection and improved Morphing Attack Detection. (8%)
2023-05-28
Amplification trojan network: Attack deep neural networks by amplifying their inherent weakness. (99%)
NaturalFinger: Generating Natural Fingerprint with Generative Adversarial Networks. (92%)
Backdoor Attacks Against Incremental Learners: An Empirical Evaluation Study. (41%)
NOTABLE: Transferable Backdoor Attacks Against Prompt-based NLP Models. (38%)
Choose your Data Wisely: A Framework for Semantic Counterfactuals. (13%)
BadLabel: A Robust Perspective on Evaluating and Enhancing Label-noise Learning. (5%)
Black-Box Anomaly Attribution. (1%)
2023-05-27
Adversarial Attack On Yolov5 For Traffic And Road Sign Detection. (99%)
Pre-trained transformer for adversarial purification. (99%)
Two Heads are Better than One: Towards Better Adversarial Robustness by Combining Transduction and Rejection. (98%)
Modeling Adversarial Attack on Pre-trained Language Models as Sequential Decision Making. (92%)
On the Importance of Backbone to the Adversarial Robustness of Object Detectors. (83%)
No-Regret Online Reinforcement Learning with Adversarial Losses and Transitions. (2%)
2023-05-26
On Evaluating Adversarial Robustness of Large Vision-Language Models. (99%)
Leveraging characteristics of the output probability distribution for identifying adversarial audio examples. (98%)
Rethinking Adversarial Policies: A Generalized Attack Formulation and Provable Defense in Multi-Agent RL. (96%)
A Tale of Two Approximations: Tightening Over-Approximation for DNN Robustness Verification via Under-Approximation. (45%)
Adversarial Attacks on Online Learning to Rank with Click Feedback. (38%)
DeepSeaNet: Improving Underwater Object Detection using EfficientDet. (2%)
Trust-Aware Resilient Control and Coordination of Connected and Automated Vehicles. (1%)
Efficient Detection of LLM-generated Texts with a Bayesian Surrogate Model. (1%)
2023-05-25
IDEA: Invariant Causal Defense for Graph Adversarial Robustness. (99%)
Don't Retrain, Just Rewrite: Countering Adversarial Perturbations by Rewriting Text. (98%)
Diffusion-Based Adversarial Sample Generation for Improved Stealthiness and Controllability. (98%)
PEARL: Preprocessing Enhanced Adversarial Robust Learning of Image Deraining for Semantic Segmentation. (96%)
Adversarial Attacks on Leakage Detectors in Water Distribution Networks. (86%)
CARSO: Counter-Adversarial Recall of Synthetic Observations. (86%)
On the Robustness of Segment Anything. (73%)
Detecting Adversarial Data by Probing Multiple Perturbations Using Expected Perturbation Score. (67%)
Rethink Diversity in Deep Learning Testing. (50%)
IMBERT: Making BERT Immune to Insertion-based Backdoor Attacks. (13%)
Securing Deep Generative Models with Universal Adversarial Signature. (2%)
Concept-Centric Transformers: Enhancing Model Interpretability through Object-Centric Concept Learning within a Shared Global Workspace. (1%)
2023-05-24
How do humans perceive adversarial text? A reality check on the validity and naturalness of word-based adversarial attacks. (99%)
Robust Classification via a Single Diffusion Model. (99%)
Introducing Competition to Boost the Transferability of Targeted Adversarial Examples through Clean Feature Mixup. (99%)
Fantastic DNN Classifiers and How to Identify them without Data. (91%)
Adversarial Demonstration Attacks on Large Language Models. (88%)
Relating Implicit Bias and Adversarial Attacks through Intrinsic Dimension. (86%)
AdvFunMatch: When Consistent Teaching Meets Adversarial Robustness. (76%)
Reconstructive Neuron Pruning for Backdoor Defense. (75%)
Another Dead End for Morphological Tags? Perturbed Inputs and Parsing. (74%)
From Shortcuts to Triggers: Backdoor Defense with Denoised PoE. (47%)
Instructions as Backdoors: Backdoor Vulnerabilities of Instruction Tuning for Large Language Models. (31%)
Clever Hans or Neural Theory of Mind? Stress Testing Social Reasoning in Large Language Models. (22%)
Adversarial robustness of amortized Bayesian inference. (11%)
Sharpness-Aware Data Poisoning Attack. (10%)
How to fix a broken confidence estimator: Evaluating post-hoc methods for selective classification with deep neural networks. (3%)
Ghostbuster: Detecting Text Ghostwritten by Large Language Models. (1%)
2023-05-23
The Best Defense is a Good Offense: Adversarial Augmentation against Adversarial Attacks. (99%)
Enhancing Accuracy and Robustness through Adversarial Training in Class Incremental Continual Learning. (99%)
QFA2SR: Query-Free Adversarial Transfer Attacks to Speaker Recognition Systems. (98%)
Expressive Losses for Verified Robustness via Convex Combinations. (95%)
Impact of Light and Shadow on Robustness of Deep Neural Networks. (87%)
A Causal View of Entity Bias in (Large) Language Models. (10%)
2023-05-22
Uncertainty-based Detection of Adversarial Attacks in Semantic Segmentation. (99%)
Latent Magic: An Investigation into Adversarial Examples Crafted in the Semantic Latent Space. (99%)
FGAM:Fast Adversarial Malware Generation Method Based on Gradient Sign. (98%)
Attribute-Guided Encryption with Facial Texture Masking. (98%)
DiffProtect: Generate Adversarial Examples with Diffusion Models for Facial Privacy Protection. (98%)
Byzantine Robust Cooperative Multi-Agent Reinforcement Learning as a Bayesian Game. (93%)
Towards Benchmarking and Assessing Visual Naturalness of Physical World Adversarial Attacks. (88%)
Flying Adversarial Patches: Manipulating the Behavior of Deep Learning-based Autonomous Multirotors. (54%)
DeepBern-Nets: Taming the Complexity of Certifying Neural Networks using Bernstein Polynomial Activations and Precise Bound Propagation. (50%)
The defender's perspective on automatic speaker verification: An overview. (22%)
Model Stealing Attack against Multi-Exit Networks. (10%)
Adversarial Defenses via Vector Quantization. (8%)
Adversarial Nibbler: A Data-Centric Challenge for Improving the Safety of Text-to-Image Models. (2%)
Watermarking Classification Dataset for Copyright Protection. (1%)
Improving Classifier Robustness through Active Generation of Pairwise Counterfactuals. (1%)
Tied-Augment: Controlling Representation Similarity Improves Data Augmentation. (1%)
Adaptive Face Recognition Using Adversarial Information Network. (1%)
2023-05-21
Mist: Towards Improved Adversarial Examples for Diffusion Models. (99%)
Are Your Explanations Reliable? Investigating the Stability of LIME in Explaining Text Classifiers by Marrying XAI and Adversarial Attack. (81%)
FAQ: Mitigating the Impact of Faults in the Weight Memory of DNN Accelerators through Fault-Aware Quantization. (1%)
2023-05-20
Dynamic Transformers Provide a False Sense of Efficiency. (92%)
Annealing Self-Distillation Rectification Improves Adversarial Training. (76%)
Stability, Generalization and Privacy: Precise Analysis for Random and NTK Features. (8%)
2023-05-19
Dynamic Gradient Balancing for Enhanced Adversarial Attacks on Multi-Task Models. (98%)
DAP: A Dynamic Adversarial Patch for Evading Person Detectors. (92%)
Mitigating Backdoor Poisoning Attacks through the Lens of Spurious Correlation. (8%)
Long-tailed Visual Recognition via Gaussian Clouded Logit Adjustment. (5%)
SneakyPrompt: Evaluating Robustness of Text-to-image Generative Models' Safety Filters. (4%)
Latent Imitator: Generating Natural Individual Discriminatory Instances for Black-Box Fairness Testing. (2%)
Controlling the Extraction of Memorized Data from Large Language Models via Prompt-Tuning. (1%)
2023-05-18
Deep PackGen: A Deep Reinforcement Learning Framework for Adversarial Network Packet Generation. (99%)
Adversarial Amendment is the Only Force Capable of Transforming an Enemy into a Friend. (99%)
Architecture-agnostic Iterative Black-box Certified Defense against Adversarial Patches. (99%)
Towards an Accurate and Secure Detector against Adversarial Perturbations. (99%)
Quantifying the robustness of deep multispectral segmentation models against natural perturbations and data poisoning. (99%)
How Deep Learning Sees the World: A Survey on Adversarial Attacks & Defenses. (98%)
RobustFair: Adversarial Evaluation through Fairness Confusion Directed Gradient Search. (93%)
Attacks on Online Learners: a Teacher-Student Analysis. (54%)
Explaining V1 Properties with a Biologically Constrained Deep Learning Architecture. (47%)
Zero-Day Backdoor Attack against Text-to-Image Diffusion Models via Personalization. (2%)
Large Language Models can be Guided to Evade AI-Generated Text Detection. (1%)
Re-thinking Data Availablity Attacks Against Deep Neural Networks. (1%)
TrustSER: On the Trustworthiness of Fine-tuning Pre-trained Speech Embeddings For Speech Emotion Recognition. (1%)
2023-05-17
Content-based Unrestricted Adversarial Attack. (99%)
Raising the Bar for Certified Adversarial Robustness with Diffusion Models. (95%)
The Adversarial Consistency of Surrogate Risks for Binary Classification. (10%)
Variational Classification. (1%)
Compress, Then Prompt: Improving Accuracy-Efficiency Trade-off of LLM Inference with Transferable Prompt. (1%)
PaLM 2 Technical Report. (1%)
2023-05-16
Iterative Adversarial Attack on Image-guided Story Ending Generation. (99%)
Releasing Inequality Phenomena in $L_{\infty}$-Adversarial Training via Input Gradient Distillation. (98%)
Ortho-ODE: Enhancing Robustness and of Neural ODEs against Adversarial Attacks. (54%)
Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples. (50%)
2023-05-15
Attacking Perceptual Similarity Metrics. (99%)
Exploiting Frequency Spectrum of Adversarial Images for General Robustness. (96%)
Training Neural Networks without Backpropagation: A Deeper Dive into the Likelihood Ratio Method. (4%)
Assessing Hidden Risks of LLMs: An Empirical Study on Robustness, Consistency, and Credibility. (1%)
2023-05-14
Diffusion Models for Imperceptible and Transferable Adversarial Attack. (99%)
Improving Defensive Distillation using Teacher Assistant. (96%)
Manipulating Visually-aware Federated Recommender Systems and Its Countermeasures. (82%)
Watermarking Text Generated by Black-Box Language Models. (9%)
2023-05-13
DNN-Defender: An in-DRAM Deep Neural Network Defense Mechanism for Adversarial Weight Attack. (86%)
On enhancing the robustness of Vision Transformers: Defensive Diffusion. (76%)
Decision-based iterative fragile watermarking for model integrity verification. (50%)
2023-05-12
Efficient Search of Comprehensively Robust Neural Architectures via Multi-fidelity Evaluation. (73%)
Adversarial Security and Differential Privacy in mmWave Beam Prediction in 6G networks. (68%)
Mastering Percolation-like Games with Deep Learning. (1%)
2023-05-11
Distracting Downpour: Adversarial Weather Attacks for Motion Estimation. (74%)
Backdoor Attack with Sparse and Invisible Trigger. (67%)
Watch This Space: Securing Satellite Communication through Resilient Transmitter Fingerprinting. (1%)
2023-05-10
A Black-Box Attack on Code Models via Representation Nearest Neighbor Search. (99%)
Inter-frame Accelerate Attack against Video Interpolation Models. (99%)
Randomized Smoothing with Masked Inference for Adversarially Robust Text Classifications. (98%)
Stealthy Low-frequency Backdoor Attack against Deep Neural Networks. (80%)
Towards Invisible Backdoor Attacks in the Frequency Domain against Deep Neural Networks. (75%)
The Robustness of Computer Vision Models against Common Corruptions: a Survey. (50%)
An Empirical Study on the Robustness of the Segment Anything Model (SAM). (22%)
Robust multi-agent coordination via evolutionary generation of auxiliary adversarial attackers. (12%)
2023-05-09
Quantization Aware Attack: Enhancing the Transferability of Adversarial Attacks across Target Models with Different Quantization Bitwidths. (99%)
Attack Named Entity Recognition by Entity Boundary Interference. (98%)
VSMask: Defending Against Voice Synthesis Attack via Real-Time Predictive Perturbation. (96%)
Investigating the Corruption Robustness of Image Classifiers with Random Lp-norm Corruptions. (75%)
On the Relation between Sharpness-Aware Minimization and Adversarial Robustness. (56%)
Turning Privacy-preserving Mechanisms against Federated Learning. (9%)
BadCS: A Backdoor Attack Framework for Code search. (8%)
Quantum Machine Learning for Malware Classification. (1%)
2023-05-08
Toward Adversarial Training on Contextualized Language Representation. (93%)
Understanding Noise-Augmented Training for Randomized Smoothing. (64%)
TAPS: Connecting Certified and Adversarial Training. (41%)
Privacy-preserving Adversarial Facial Features. (22%)
Communication-Robust Multi-Agent Learning by Adaptable Auxiliary Multi-Agent Adversary Generation. (1%)
2023-05-07
Adversarial Examples Detection with Enhanced Image Difference Features based on Local Histogram Equalization. (99%)
Pick your Poison: Undetectability versus Robustness in Data Poisoning Attacks against Deep Image Classification. (93%)
2023-05-06
Reactive Perturbation Defocusing for Textual Adversarial Defense. (99%)
Beyond the Model: Data Pre-processing Attack to Deep Learning Models in Android Apps. (92%)
Towards Prompt-robust Face Privacy Protection via Adversarial Decoupling Augmentation Framework. (38%)
Text-to-Image Diffusion Models can be Easily Backdoored through Multimodal Data Poisoning. (2%)
2023-05-05
White-Box Multi-Objective Adversarial Attack on Dialogue Generation. (99%)
Evading Watermark based Detection of AI-Generated Content. (87%)
Verifiable Learning for Robust Tree Ensembles. (15%)
Repairing Deep Neural Networks Based on Behavior Imitation. (4%)
2023-05-04
Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection. (99%)
IMAP: Intrinsically Motivated Adversarial Policy. (99%)
Single Node Injection Label Specificity Attack on Graph Neural Networks via Reinforcement Learning. (78%)
Faulting original McEliece's implementations is possible: How to mitigate this risk? (2%)
2023-05-03
New Adversarial Image Detection Based on Sentiment Analysis. (99%)
LearnDefend: Learning to Defend against Targeted Model-Poisoning Attacks on Federated Learning. (84%)
Defending against Insertion-based Textual Backdoor Attacks via Attribution. (61%)
On the Security Risks of Knowledge Graph Reasoning. (26%)
Backdoor Learning on Sequence to Sequence Models. (5%)
Rethinking Graph Lottery Tickets: Graph Sparsity Matters. (2%)
PTP: Boosting Stability and Performance of Prompt Tuning with Perturbation-Based Regularizer. (1%)
2023-05-02
Boosting Adversarial Transferability via Fusing Logits of Top-1 Decomposed Feature. (99%)
DABS: Data-Agnostic Backdoor attack at the Server in Federated Learning. (73%)
Towards Imperceptible Document Manipulations against Neural Ranking Models. (67%)
Sentiment Perception Adversarial Attacks on Neural Machine Translation Systems. (50%)
Prompt as Triggers for Backdoor Attack: Examining the Vulnerability in Language Models. (8%)
2023-05-01
Attack-SAM: Towards Evaluating Adversarial Robustness of Segment Anything Model. (99%)
Physical Adversarial Attacks for Surveillance: A Survey. (98%)
Revisiting Robustness in Graph Machine Learning. (98%)
Stratified Adversarial Robustness with Rejection. (96%)
Poisoning Language Models During Instruction Tuning. (2%)
2023-04-30
Assessing Vulnerabilities of Adversarial Learning Algorithm through Poisoning Attacks. (98%)
2023-04-29
FedGrad: Mitigating Backdoor Attacks in Federated Learning Through Local Ultimate Gradients Inspection. (81%)
Enhancing Adversarial Contrastive Learning via Adversarial Invariant Regularization. (33%)
Adversarial Representation Learning for Robust Privacy Preservation in Audio. (1%)
2023-04-28
Topic-oriented Adversarial Attacks against Black-box Neural Ranking Models. (99%)
On the existence of solutions to adversarial training in multiclass classification. (75%)
The Power of Typed Affine Decision Structures: A Case Study. (3%)
faulTPM: Exposing AMD fTPMs' Deepest Secrets. (3%)
SAM Meets Robotic Surgery: An Empirical Study in Robustness Perspective. (1%)
2023-04-27
Adversary Aware Continual Learning. (80%)
Fusion is Not Enough: Single-Modal Attacks to Compromise Fusion Models in Autonomous Driving. (75%)
Boosting Big Brother: Attacking Search Engines with Encodings. (68%)
ChatGPT as an Attack Tool: Stealthy Textual Backdoor Attack via Blackbox Generative Model Trigger. (62%)
Improve Video Representation with Temporal Adversarial Augmentation. (26%)
Origin Tracing and Detecting of LLMs. (1%)
Deep Intellectual Property Protection: A Survey. (1%)
Interactive Greybox Penetration Testing for Cloud Access Control using IAM Modeling and Deep Reinforcement Learning. (1%)
2023-04-26
Improving Adversarial Transferability via Intermediate-level Perturbation Decay. (98%)
Detection of Adversarial Physical Attacks in Time-Series Image Data. (92%)
Blockchain-based Federated Learning with SMPC Model Verification Against Poisoning Attack for Healthcare Systems. (13%)
2023-04-25
Improving Robustness Against Adversarial Attacks with Deeply Quantized Neural Networks. (99%)
Generating Adversarial Examples with Task Oriented Multi-Objective Optimization. (99%)
SHIELD: Thwarting Code Authorship Attribution. (98%)
Learning Robust Deep Equilibrium Models. (82%)
LSTM-based Load Forecasting Robustness Against Noise Injection Attack in Microgrid. (1%)
2023-04-24
Evaluating Adversarial Robustness on Document Image Classification. (99%)
Combining Adversaries with Anti-adversaries in Training. (64%)
Enhancing Fine-Tuning Based Backdoor Defense with Sharpness-Aware Minimization. (41%)
Opinion Control under Adversarial Network Perturbation: A Stackelberg Game Approach. (10%)
Robust Tickets Can Transfer Better: Drawing More Transferable Subnetworks in Transfer Learning. (1%)
2023-04-23
StyLess: Boosting the Transferability of Adversarial Examples. (99%)
Evading DeepFake Detectors via Adversarial Statistical Consistency. (98%)
2023-04-22
Detecting Adversarial Faces Using Only Real Face Self-Perturbations. (98%)
Universal Adversarial Backdoor Attacks to Fool Vertical Federated Learning in Cloud-Edge Collaboration. (70%)
2023-04-21
Launching a Robust Backdoor Attack under Capability Constrained Scenarios. (88%)
Individual Fairness in Bayesian Neural Networks. (69%)
Denial-of-Service or Fine-Grained Control: Towards Flexible Model Poisoning Attacks on Federated Learning. (64%)
Interpretable and Robust AI in EEG Systems: A Survey. (12%)
MAWSEO: Adversarial Wiki Search Poisoning for Illicit Online Promotion. (2%)
2023-04-20
Towards the Universal Defense for Query-Based Audio Adversarial Attacks. (99%)
Diversifying the High-level Features for better Adversarial Transferability. (99%)
Using Z3 for Formal Modeling and Verification of FNN Global Robustness. (98%)
Certified Adversarial Robustness Within Multiple Perturbation Bounds. (96%)
Can Perturbations Help Reduce Investment Risks? Risk-Aware Stock Recommendation via Split Variational Adversarial Training. (93%)
Adversarial Infrared Blocks: A Black-box Attack to Thermal Infrared Detectors at Multiple Angles in Physical World. (89%)
An Analysis of the Completion Time of the BB84 Protocol. (22%)
A Plug-and-Play Defensive Perturbation for Copyright Protection of DNN-based Applications. (13%)
Enhancing object detection robustness: A synthetic and natural perturbation approach. (12%)
RoCOCO: Robustness Benchmark of MS-COCO to Stress-test Image-Text Matching Models. (8%)
Get Rid Of Your Trail: Remotely Erasing Backdoors in Federated Learning. (2%)
Learning Sample Difficulty from Pre-trained Models for Reliable Prediction. (1%)
2023-04-19
Jedi: Entropy-based Localization and Removal of Adversarial Patches. (84%)
GREAT Score: Global Robustness Evaluation of Adversarial Perturbation using Generative Models. (81%)
Secure Split Learning against Property Inference, Data Reconstruction, and Feature Space Hijacking Attacks. (5%)
Density-Insensitive Unsupervised Domain Adaption on 3D Object Detection. (1%)
On the Robustness of Aspect-based Sentiment Analysis: Rethinking Model, Data, and Training. (1%)
Fundamental Limitations of Alignment in Large Language Models. (1%)
2023-04-18
Wavelets Beat Monkeys at Adversarial Robustness. (99%)
Towards the Transferable Audio Adversarial Attack via Ensemble Methods. (99%)
Masked Language Model Based Textual Adversarial Example Detection. (99%)
In ChatGPT We Trust? Measuring and Characterizing the Reliability of ChatGPT. (80%)
Generative models improve fairness of medical classifiers under distribution shifts. (13%)
2023-04-17
Evil from Within: Machine Learning Backdoors through Hardware Trojans. (15%)
GrOVe: Ownership Verification of Graph Neural Networks using Embeddings. (13%)
OOD-CV-v2: An extended Benchmark for Robustness to Out-of-Distribution Shifts of Individual Nuisances in Natural Images. (1%)
2023-04-16
A Random-patch based Defense Strategy Against Physical Attacks for Face Recognition Systems. (98%)
RNN-Guard: Certified Robustness Against Multi-frame Attacks for Recurrent Neural Networks. (96%)
JoB-VS: Joint Brain-Vessel Segmentation in TOF-MRA Images. (15%)
2023-04-14
Interpretability is a Kind of Safety: An Interpreter-based Ensemble for Adversary Defense. (99%)
Combining Generators of Adversarial Malware Examples to Increase Evasion Rate. (99%)
Cross-Entropy Loss Functions: Theoretical Analysis and Applications. (3%)
Pool Inference Attacks on Local Differential Privacy: Quantifying the Privacy Guarantees of Apple's Count Mean Sketch in Practice. (2%)
2023-04-13
Generating Adversarial Examples with Better Transferability via Masking Unimportant Parameters of Surrogate Model. (99%)
Certified Zeroth-order Black-Box Defense with Robust UNet Denoiser. (96%)
False Claims against Model Ownership Resolution. (93%)
Adversarial Examples from Dimensional Invariance. (45%)
Understanding Overfitting in Adversarial Training in Kernel Regression. (1%)
LSFSL: Leveraging Shape Information in Few-shot Learning. (1%)
2023-04-12
Generative Adversarial Networks-Driven Cyber Threat Intelligence Detection Framework for Securing Internet of Things. (92%)
Exploiting Logic Locking for a Neural Trojan Attack on Machine Learning Accelerators. (1%)
2023-04-11
RecUP-FL: Reconciling Utility and Privacy in Federated Learning via User-configurable Privacy Defense. (99%)
Simultaneous Adversarial Attacks On Multiple Face Recognition System Components. (98%)
Boosting Cross-task Transferability of Adversarial Patches with Visual Relations. (98%)
Benchmarking the Physical-world Adversarial Robustness of Vehicle Detection. (92%)
On the Adversarial Inversion of Deep Biometric Representations. (67%)
Overload: Latency Attacks on Object Detection for Edge Devices. (33%)
Towards More Robust and Accurate Sequential Recommendation with Cascade-guided Adversarial Training. (9%)
2023-04-10
Generating Adversarial Attacks in the Latent Space. (98%)
Reinforcement Learning-Based Black-Box Model Inversion Attacks. (67%)
Defense-Prefix for Preventing Typographic Attacks on CLIP. (16%)
Helix++: A platform for efficiently securing software. (1%)
2023-04-09
Certifiable Black-Box Attack: Ensuring Provably Successful Attack for Adversarial Examples. (99%)
Adversarially Robust Neural Architecture Search for Graph Neural Networks. (80%)
Unsupervised Multi-Criteria Adversarial Detection in Deep Image Retrieval. (68%)
2023-04-08
Robust Deep Learning Models Against Semantic-Preserving Adversarial Attack. (99%)
RobCaps: Evaluating the Robustness of Capsule Networks against Affine Transformations and Adversarial Attacks. (98%)
Exploring the Connection between Robust and Generative Models. (67%)
Benchmarking the Robustness of Quantized Models. (47%)
Attack is Good Augmentation: Towards Skeleton-Contrastive Representation Learning. (13%)
Deep Prototypical-Parts Ease Morphological Kidney Stone Identification and are Competitively Robust to Photometric Perturbations. (4%)
EMP-SSL: Towards Self-Supervised Learning in One Training Epoch. (1%)
2023-04-07
Architecture-Preserving Provable Repair of Deep Neural Networks. (1%)
ASPEST: Bridging the Gap Between Active Learning and Selective Prediction. (1%)
2023-04-06
Quantifying and Defending against Privacy Threats on Federated Knowledge Graph Embedding. (45%)
Manipulating Federated Recommender Systems: Poisoning with Synthetic Users and Its Countermeasures. (45%)
Improving Visual Question Answering Models through Robustness Analysis and In-Context Learning with a Chain of Basic Questions. (10%)
EZClone: Improving DNN Model Extraction Attack via Shape Distillation from GPU Execution Profiles. (4%)
Evaluating the Robustness of Machine Reading Comprehension Models to Low Resource Entity Renaming. (2%)
Rethinking Evaluation Protocols of Visual Representations Learned via Self-supervised Learning. (1%)
Reliable Learning for Test-time Attacks and Distribution Shift. (1%)
Benchmarking Robustness to Text-Guided Corruptions. (1%)
2023-04-05
A Certified Radius-Guided Attack Framework to Image Segmentation Models. (99%)
Going Further: Flatness at the Rescue of Early Stopping for Adversarial Example Transferability. (99%)
How to choose your best allies for a transferable attack? (99%)
Robust Neural Architecture Search. (92%)
Hyper-parameter Tuning for Adversarially Robust Models. (62%)
JPEG Compressed Images Can Bypass Protections Against AI Editing. (15%)
FACE-AUDITOR: Data Auditing in Facial Recognition Systems. (1%)
2023-04-04
CGDTest: A Constrained Gradient Descent Algorithm for Testing Neural Networks. (31%)
Selective Knowledge Sharing for Privacy-Preserving Federated Distillation without A Good Teacher. (1%)
EGC: Image Generation and Classification via a Single Energy-Based Model. (1%)
2023-04-03
Defending Against Patch-based Backdoor Attacks on Self-Supervised Learning. (76%)
Model-Agnostic Reachability Analysis on Deep Neural Networks. (75%)
NetFlick: Adversarial Flickering Attacks on Deep Learning Based Video Compression. (69%)
Learning About Simulated Adversaries from Human Defenders using Interactive Cyber-Defense Games. (1%)
2023-04-01
GradMDM: Adversarial Attack on Dynamic Networks. (84%)
Instance-level Trojan Attacks on Visual Question Answering via Adversarial Learning in Neuron Activation Space. (61%)
2023-03-31
Improving Fast Adversarial Training with Prior-Guided Knowledge. (99%)
To be Robust and to be Fair: Aligning Fairness with Robustness. (93%)
Fooling Polarization-based Vision using Locally Controllable Polarizing Projection. (91%)
Per-Example Gradient Regularization Improves Learning Signals from Noisy Data. (3%)
Secure Federated Learning against Model Poisoning Attacks via Client Filtering. (2%)
DIME-FM: DIstilling Multimodal and Efficient Foundation Models. (1%)
A Generative Framework for Low-Cost Result Validation of Outsourced Machine Learning Tasks. (1%)
2023-03-30
Adversarial Attack and Defense for Dehazing Networks. (97%)
Generating Adversarial Samples in Mini-Batches May Be Detrimental To Adversarial Robustness. (96%)
Towards Adversarially Robust Continual Learning. (95%)
Understanding the Robustness of 3D Object Detection with Bird's-Eye-View Representations in Autonomous Driving. (81%)
Robo3D: Towards Robust and Reliable 3D Perception against Corruptions. (2%)
Establishing baselines and introducing TernaryMixOE for fine-grained out-of-distribution detection. (1%)
Explainable Intrusion Detection Systems Using Competitive Learning Techniques. (1%)
Differential Area Analysis for Ransomware: Attacks, Countermeasures, and Limitations. (1%)
2023-03-29
Latent Feature Relation Consistency for Adversarial Robustness. (99%)
Beyond Empirical Risk Minimization: Local Structure Preserving Regularization for Improving Adversarial Robustness. (99%)
Targeted Adversarial Attacks on Wind Power Forecasts. (88%)
Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias. (67%)
ImageNet-E: Benchmarking Neural Network Robustness via Attribute Editing. (56%)
Graph Neural Networks for Hardware Vulnerability Analysis -- Can you Trust your GNN? (16%)
Mole Recruitment: Poisoning of Image Classifiers via Selective Batch Sampling. (10%)
A Tensor-based Convolutional Neural Network for Small Dataset Classification. (2%)
ALUM: Adversarial Data Uncertainty Modeling from Latent Model Uncertainty Compensation. (1%)
2023-03-28
A Pilot Study of Query-Free Adversarial Attack against Stable Diffusion. (99%)
Improving the Transferability of Adversarial Samples by Path-Augmented Method. (99%)
Towards Effective Adversarial Textured 3D Meshes on Physical Face Recognition. (99%)
Transferable Adversarial Attacks on Vision Transformers with Token Gradient Regularization. (98%)
Denoising Autoencoder-based Defensive Distillation as an Adversarial Robustness Algorithm. (98%)
TransAudio: Towards the Transferable Adversarial Audio Attack via Learning Contextualized Perturbations. (98%)
A Survey on Malware Detection with Graph Representation Learning. (41%)
Provable Robustness for Streaming Models with a Sliding Window. (15%)
Machine-learned Adversarial Attacks against Fault Prediction Systems in Smart Electrical Grids. (9%)
On the Use of Reinforcement Learning for Attacking and Defending Load Frequency Control. (3%)
A Universal Identity Backdoor Attack against Speaker Verification based on Siamese Network. (1%)
2023-03-27
Classifier Robustness Enhancement Via Test-Time Transformation. (99%)
Improving the Transferability of Adversarial Examples via Direction Tuning. (99%)
EMShepherd: Detecting Adversarial Samples via Side-channel Leakage. (99%)
Learning the Unlearnable: Adversarial Augmentations Suppress Unlearnable Example Attacks. (97%)
Detecting Backdoors During the Inference Stage Based on Corruption Robustness Consistency. (76%)
CAT:Collaborative Adversarial Training. (69%)
Diffusion Denoised Smoothing for Certified and Adversarial Robust Out-Of-Distribution Detection. (67%)
Personalized Federated Learning on Long-Tailed Data via Adversarial Feature Augmentation. (41%)
Mask and Restore: Blind Backdoor Defense at Test Time with Masked Autoencoder. (41%)
Sequential training of GANs against GAN-classifiers reveals correlated "knowledge gaps" present among independently trained GAN instances. (41%)
Anti-DreamBooth: Protecting users from personalized text-to-image synthesis. (5%)
2023-03-26
MGTBench: Benchmarking Machine-Generated Text Detection. (26%)
2023-03-25
AdvCheck: Characterizing Adversarial Examples via Local Gradient Checking. (99%)
CFA: Class-wise Calibrated Fair Adversarial Training. (98%)
PORE: Provably Robust Recommender Systems against Data Poisoning Attacks. (68%)
Improving robustness of jet tagging algorithms with adversarial training: exploring the loss surface. (12%)
2023-03-24
PIAT: Parameter Interpolation based Adversarial Training for Image Classification. (99%)
How many dimensions are required to find an adversarial example? (99%)
Effective black box adversarial attack with handcrafted kernels. (99%)
Adversarial Attack and Defense for Medical Image Analysis: Methods and Applications. (99%)
Improved Adversarial Training Through Adaptive Instance-wise Loss Smoothing. (99%)
Feature Separation and Recalibration for Adversarial Robustness. (98%)
Physically Adversarial Infrared Patches with Learnable Shapes and Locations. (97%)
Generalist: Decoupling Natural and Robust Generalization. (96%)
Ensemble-based Blackbox Attacks on Dense Prediction. (86%)
Backdoor Attacks with Input-unique Triggers in NLP. (54%)
PoisonedGNN: Backdoor Attack on Graph Neural Networks-based Hardware Security Systems. (22%)
Enhancing Multiple Reliability Measures via Nuisance-extended Information Bottleneck. (5%)
Optimal Smoothing Distribution Exploration for Backdoor Neutralization in Deep Learning-based Traffic Systems. (2%)
TRAK: Attributing Model Behavior at Scale. (1%)
2023-03-23
Watch Out for the Confusing Faces: Detecting Face Swapping with the Probability Distribution of Face Identification Models. (68%)
Quadratic Graph Attention Network (Q-GAT) for Robust Construction of Gene Regulatory Networks. (50%)
Optimization and Optimizers for Adversarial Robustness. (41%)
Adversarial Robustness and Feature Impact Analysis for Driver Drowsiness Detection. (41%)
Paraphrasing evades detectors of AI-generated text, but retrieval is an effective defense. (15%)
Decentralized Adversarial Training over Graphs. (13%)
Don't FREAK Out: A Frequency-Inspired Approach to Detecting Backdoor Poisoned Samples in DNNs. (8%)
Low-frequency Image Deep Steganography: Manipulate the Frequency Distribution to Hide Secrets with Tenacious Robustness. (1%)
Efficient Symbolic Reasoning for Neural-Network Verification. (1%)
2023-03-22
Reliable and Efficient Evaluation of Adversarial Robustness for Deep Hashing-Based Retrieval. (99%)
Semantic Image Attack for Visual Model Diagnosis. (99%)
Revisiting DeepFool: generalization and improvement. (99%)
Wasserstein Adversarial Examples on Univariant Time Series Data. (99%)
Test-time Defense against Adversarial Attacks: Detection and Reconstruction of Adversarial Examples via Masked Autoencoder. (99%)
Sibling-Attack: Rethinking Transferable Adversarial Attacks against Face Recognition. (78%)
An Extended Study of Human-like Behavior under Adversarial Training. (76%)
Distribution-restrained Softmax Loss for the Model Robustness. (38%)
Backdoor Defense via Adaptively Splitting Poisoned Dataset. (16%)
Edge Deep Learning Model Protection via Neuron Authorization. (11%)
2023-03-21
State-of-the-art optical-based physical adversarial attacks for deep learning computer vision systems. (99%)
Information-containing Adversarial Perturbation for Combating Facial Manipulation Systems. (99%)
OTJR: Optimal Transport Meets Optimal Jacobian Regularization for Adversarial Robustness. (99%)
Efficient Decision-based Black-box Patch Attacks on Video Recognition. (98%)
Black-box Backdoor Defense via Zero-shot Image Purification. (86%)
Model Robustness Meets Data Privacy: Adversarial Robustness Distillation without Original Data. (10%)
LOKI: Large-scale Data Reconstruction Attack against Federated Learning through Model Manipulation. (9%)
Influencer Backdoor Attack on Semantic Segmentation. (8%)
Poisoning Attacks in Federated Edge Learning for Digital Twin 6G-enabled IoTs: An Anticipatory Study. (1%)
2023-03-20
TWINS: A Fine-Tuning Framework for Improved Transferability of Adversarial Robustness and Generalization. (99%)
Adversarial Attacks against Binary Similarity Systems. (99%)
DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness. (99%)
Translate your gibberish: black-box adversarial attack on machine translation systems. (83%)
GNN-Ensemble: Towards Random Decision Graph Neural Networks. (56%)
Benchmarking Robustness of 3D Object Detection to Common Corruptions in Autonomous Driving. (41%)
Did You Train on My Dataset? Towards Public Dataset Protection with Clean-Label Backdoor Watermarking. (9%)
Boosting Semi-Supervised Learning by Exploiting All Unlabeled Data. (2%)
Make Landscape Flatter in Differentially Private Federated Learning. (1%)
Robustifying Token Attention for Vision Transformers. (1%)
2023-03-19
Randomized Adversarial Training via Taylor Expansion. (99%)
AdaptGuard: Defending Against Universal Attacks for Model Adaptation. (82%)
2023-03-18
NoisyHate: Benchmarking Content Moderation Machine Learning Models with Human-Written Perturbations Online. (98%)
FedRight: An Effective Model Copyright Protection for Federated Learning. (96%)
2023-03-17
Fuzziness-tuned: Improving the Transferability of Adversarial Examples. (99%)
It Is All About Data: A Survey on the Effects of Data on Adversarial Robustness. (99%)
Robust Mode Connectivity-Oriented Adversarial Defense: Enhancing Neural Network Robustness Against Diversified $\ell_p$ Attacks. (99%)
Detection of Uncertainty in Exceedance of Threshold (DUET): An Adversarial Patch Localizer. (83%)
Can AI-Generated Text be Reliably Detected? (33%)
Adversarial Counterfactual Visual Explanations. (31%)
MedLocker: A Transferable Adversarial Watermarking for Preventing Unauthorized Analysis of Medical Image Dataset. (16%)
Mobile Edge Adversarial Detection for Digital Twinning to the Metaverse with Deep Reinforcement Learning. (9%)
Moving Target Defense for Service-oriented Mission-critical Networks. (1%)
2023-03-16
Rethinking Model Ensemble in Transfer-based Adversarial Attacks. (99%)
Class Attribute Inference Attacks: Inferring Sensitive Class Information by Diffusion-Based Attribute Manipulations. (68%)
Among Us: Adversarially Robust Collaborative Perception by Consensus. (67%)
Exorcising ''Wraith'': Protecting LiDAR-based Object Detector in Automated Driving System from Appearing Attacks. (50%)
Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation. (11%)
2023-03-15
Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information. (99%)
Robust Evaluation of Diffusion-Based Adversarial Purification. (83%)
DeeBBAA: A benchmark Deep Black Box Adversarial Attack against Cyber-Physical Power Systems. (81%)
The Devil's Advocate: Shattering the Illusion of Unexploitable Data using Diffusion Models. (62%)
EvalAttAI: A Holistic Approach to Evaluating Attribution Maps in Robust and Non-Robust Models. (45%)
Certifiable (Multi)Robustness Against Patch Attacks Using ERM. (10%)
Reinforce Data, Multiply Impact: Improved Model Accuracy and Robustness with Dataset Reinforcement. (1%)
2023-03-14
Verifying the Robustness of Automatic Credibility Assessment. (99%)
Resilient Dynamic Average Consensus based on Trusted agents. (69%)
Improving Adversarial Robustness with Hypersphere Embedding and Angular-based Regularizations. (31%)
2023-03-13
Constrained Adversarial Learning and its applicability to Automated Software Testing: a systematic review. (99%)
Can Adversarial Examples Be Parsed to Reveal Victim Model Information? (99%)
Review on the Feasibility of Adversarial Evasion Attacks and Defenses for Network Intrusion Detection Systems. (99%)
SMUG: Towards robust MRI reconstruction by smoothed unrolling. (98%)
Model-tuning Via Prompts Makes NLP Models Adversarially Robust. (93%)
Robust Contrastive Language-Image Pretraining against Adversarial Attacks. (76%)
Model Extraction Attacks on Split Federated Learning. (47%)
WDiscOOD: Out-of-Distribution Detection via Whitened Linear Discriminative Analysis. (1%)
2023-03-12
Adv-Bot: Realistic Adversarial Botnet Attacks against Network Intrusion Detection Systems. (99%)
Adaptive Local Adversarial Attacks on 3D Point Clouds for Augmented Reality. (99%)
DNN-Alias: Deep Neural Network Protection Against Side-Channel Attacks via Layer Balancing. (96%)
Multi-metrics adaptively identifies backdoors in Federated learning. (92%)
Adversarial Attacks to Direct Data-driven Control for Destabilization. (91%)
Backdoor Defense via Deconfounded Representation Learning. (83%)
Interpreting Hidden Semantics in the Intermediate Layers of 3D Point Cloud Classification Neural Network. (76%)
Boosting Source Code Learning with Data Augmentation: An Empirical Study. (11%)
2023-03-11
Improving the Robustness of Deep Convolutional Neural Networks Through Feature Learning. (99%)
SHIELD: An Adaptive and Lightweight Defense against the Remote Power Side-Channel Attacks on Multi-tenant FPGAs. (8%)
2023-03-10
Turning Strengths into Weaknesses: A Certified Robustness Inspired Attack Framework against Graph Neural Networks. (99%)
Boosting Adversarial Attacks by Leveraging Decision Boundary Information. (99%)
Adversarial Attacks and Defenses in Machine Learning-Powered Networks: A Contemporary Survey. (99%)
Investigating Stateful Defenses Against Black-Box Adversarial Examples. (99%)
MIXPGD: Hybrid Adversarial Training for Speech Recognition Systems. (99%)
Do we need entire training data for adversarial training? (99%)
TrojDiff: Trojan Attacks on Diffusion Models with Diverse Targets. (61%)
Adapting Contrastive Language-Image Pretrained (CLIP) Models for Out-of-Distribution Detection. (13%)
2023-03-09
NoiseCAM: Explainable AI for the Boundary Between Noise and Adversarial Attacks. (99%)
Evaluating the Robustness of Conversational Recommender Systems by Adversarial Examples. (92%)
Identification of Systematic Errors of Image Classifiers on Rare Subgroups. (83%)
Learning the Legibility of Visual Text Perturbations. (78%)
Efficient Certified Training and Robustness Verification of Neural ODEs. (75%)
Feature Unlearning for Pre-trained GANs and VAEs. (62%)
2023-03-08
Immune Defense: A Novel Adversarial Defense Mechanism for Preventing the Generation of Adversarial Examples. (99%)
Decision-BADGE: Decision-based Adversarial Batch Attack with Directional Gradient Estimation. (99%)
Exploring Adversarial Attacks on Neural Networks: An Explainable Approach. (99%)
BeamAttack: Generating High-quality Textual Adversarial Examples through Beam Search and Mixed Semantic Spaces. (99%)
DeepGD: A Multi-Objective Black-Box Test Selection Approach for Deep Neural Networks. (3%)
2023-03-07
Logit Margin Matters: Improving Transferable Targeted Adversarial Attack by Logit Calibration. (99%)
Patch of Invisibility: Naturalistic Black-Box Adversarial Attacks on Object Detectors. (98%)
Robustness-preserving Lifelong Learning via Dataset Condensation. (96%)
CUDA: Convolution-based Unlearnable Datasets. (82%)
EavesDroid: Eavesdropping User Behaviors via OS Side-Channels on Smartphones. (11%)
Stabilized training of joint energy-based models and their practical applications. (2%)
2023-03-06
CleanCLIP: Mitigating Data Poisoning Attacks in Multimodal Contrastive Learning. (41%)
Students Parrot Their Teachers: Membership Inference on Model Distillation. (31%)
On the Feasibility of Specialized Ability Extracting for Large Language Code Models. (22%)
A Unified Algebraic Perspective on Lipschitz Neural Networks. (15%)
Learning to Backdoor Federated Learning. (15%)
Partial-Information, Longitudinal Cyber Attacks on LiDAR in Autonomous Vehicles. (10%)
ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning. (1%)
Rethinking Confidence Calibration for Failure Prediction. (1%)
2023-03-05
Consistent Valid Physically-Realizable Adversarial Attack against Crowd-flow Prediction Models. (99%)
Visual Analytics of Neuron Vulnerability to Adversarial Attacks on Convolutional Neural Networks. (99%)
Adversarial Sampling for Fairness Testing in Deep Neural Network. (98%)
Local Environment Poisoning Attacks on Federated Reinforcement Learning. (12%)
Robustness, Evaluation and Adaptation of Machine Learning Models in the Wild. (10%)
Knowledge-Based Counterfactual Queries for Visual Question Answering. (3%)
2023-03-04
Improved Robustness Against Adaptive Attacks With Ensembles and Error-Correcting Output Codes. (68%)
2023-03-03
PointCert: Point Cloud Classification with Deterministic Certified Robustness Guarantees. (91%)
Certified Robust Neural Networks: Generalization and Corruption Resistance. (82%)
Backdoor Attacks and Defenses in Federated Learning: Survey, Challenges and Future Research Directions. (47%)
Adversarial Attacks on Machine Learning in Embedded and IoT Platforms. (38%)
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat Models. (33%)
Stealthy Perception-based Attacks on Unmanned Aerial Vehicles. (16%)
AdvART: Adversarial Art for Camouflaged Object Detection Attacks. (15%)
TrojText: Test-time Invisible Textual Trojan Insertion. (2%)
2023-03-02
Defending against Adversarial Audio via Diffusion Model. (99%)
Demystifying Causal Features on Adversarial Examples and Causal Inoculation for Robust Network by Adversarial Instrumental Variable Regression. (99%)
AdvRain: Adversarial Raindrops to Attack Camera-based Smart Vision Systems. (99%)
APARATE: Adaptive Adversarial Patch for CNN-based Monocular Depth Estimation for Autonomous Navigation. (99%)
Targeted Adversarial Attacks against Neural Machine Translation. (98%)
The Double-Edged Sword of Implicit Bias: Generalization vs. Robustness in ReLU Networks. (93%)
Feature Perturbation Augmentation for Reliable Evaluation of Importance Estimators in Neural Networks. (10%)
D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks. (3%)
Interpretable System Identification and Long-term Prediction on Time-Series Data. (1%)
Consistency Models. (1%)
CADeSH: Collaborative Anomaly Detection for Smart Homes. (1%)
Conflict-Based Cross-View Consistency for Semi-Supervised Semantic Segmentation. (1%)
2023-03-01
To Make Yourself Invisible with Adversarial Semantic Contours. (99%)
Adversarial Examples Exist in Two-Layer ReLU Networks for Low Dimensional Data Manifolds. (98%)
Frauds Bargain Attack: Generating Adversarial Text Samples via Word Manipulation Process. (95%)
A Practical Upper Bound for the Worst-Case Attribution Deviations. (70%)
Combating Exacerbated Heterogeneity for Robust Models in Federated Learning. (54%)
Poster: Sponge ML Model Attacks of Mobile Apps. (8%)
DOLOS: A Novel Architecture for Moving Target Defense. (8%)
Mitigating Backdoors in Federated Learning with FLD. (2%)
Competence-Based Analysis of Language Models. (1%)
2023-02-28
A semantic backdoor attack against Graph Convolutional Networks. (98%)
Feature Extraction Matters More: Universal Deepfake Disruption through Attacking Ensemble Feature Extractors. (67%)
Single Image Backdoor Inversion via Robust Smoothed Classifiers. (22%)
Backdoor Attacks Against Deep Image Compression via Adaptive Frequency Trigger. (11%)
FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases. (1%)
2023-02-27
A Comprehensive Study on Robustness of Image Classification Models: Benchmarking and Rethinking. (99%)
Adversarial Attack with Raindrops. (99%)
Physical Adversarial Attacks on Deep Neural Networks for Traffic Sign Recognition: A Feasibility Study. (99%)
Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks. (98%)
CBA: Contextual Background Attack against Optical Aerial Detection in the Physical World. (98%)
Improving Model Generalization by On-manifold Adversarial Augmentation in the Frequency Domain. (96%)
Efficient and Low Overhead Website Fingerprinting Attacks and Defenses based on TCP/IP Traffic. (83%)
GLOW: Global Layout Aware Attacks on Object Detection. (81%)
Online Black-Box Confidence Estimation of Deep Neural Networks. (16%)
Implicit Poisoning Attacks in Two-Agent Reinforcement Learning: Adversarial Policies for Training-Time Attacks. (15%)
Differentially Private Diffusion Models Generate Useful Synthetic Images. (10%)
Learning to Retain while Acquiring: Combating Distribution-Shift in Adversarial Data-Free Knowledge Distillation. (5%)
2023-02-26
Contextual adversarial attack against aerial detection in the physical world. (99%)
Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators. (96%)
2023-02-25
Deep Learning-based Multi-Organ CT Segmentation with Adversarial Data Augmentation. (99%)
Scalable Attribution of Adversarial Attacks via Multi-Task Learning. (99%)
SATBA: An Invisible Backdoor Attack Based On Spatial Attention. (67%)
2023-02-24
Defending Against Backdoor Attacks by Layer-wise Feature Analysis. (68%)
Chaotic Variational Auto encoder-based Adversarial Machine Learning. (54%)
Robust Weight Signatures: Gaining Robustness as Easy as Patching Weights? (12%)
2023-02-23
Less is More: Data Pruning for Faster Adversarial Training. (99%)
A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots. (99%)
Boosting Adversarial Transferability using Dynamic Cues. (99%)
HyperAttack: Multi-Gradient-Guided White-box Adversarial Structure Attack of Hypergraph Neural Networks. (98%)
Investigating Catastrophic Overfitting in Fast Adversarial Training: A Self-fitting Perspective. (84%)
More than you've asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models. (70%)
On the Hardness of Robustness Transfer: A Perspective from Rademacher Complexity over Symmetric Difference Hypothesis Space. (68%)
Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity. (2%)
2023-02-22
Mitigating Adversarial Attacks in Deepfake Detection: An Exploration of Perturbation and AI Techniques. (99%)
PAD: Towards Principled Adversarial Malware Detection Against Evasion Attacks. (98%)
Feature Partition Aggregation: A Fast Certified Defense Against a Union of Sparse Adversarial Attacks. (97%)
ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning Paradigms. (33%)
On the Robustness of ChatGPT: An Adversarial and Out-of-distribution Perspective. (12%)
2023-02-21
MultiRobustBench: Benchmarking Robustness Against Multiple Attacks. (99%)
MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-based Malware Detection. (99%)
Interpretable Spectrum Transformation Attacks to Speaker Recognition. (98%)
Characterizing the Optimal 0-1 Loss for Multi-class Classification with a Test-time Attacker. (97%)
Generalization Bounds for Adversarial Contrastive Learning. (31%)
2023-02-20
An Incremental Gray-box Physical Adversarial Attack on Neural Network Training. (98%)
Variation Enhanced Attacks Against RRAM-based Neuromorphic Computing System. (97%)
Seasoning Model Soups for Robustness to Adversarial and Natural Distribution Shifts. (88%)
Poisoning Web-Scale Training Datasets is Practical. (83%)
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network. (47%)
Model-based feature selection for neural networks: A mixed-integer programming approach. (22%)
Take Me Home: Reversing Distribution Shifts using Reinforcement Learning. (8%)
2023-02-19
X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection. (99%)
Stationary Point Losses for Robust Model. (93%)
On Feasibility of Server-side Backdoor Attacks on Split Learning. (76%)
2023-02-18
Adversarial Machine Learning: A Systematic Survey of Backdoor Attack, Weight Attack and Adversarial Example. (99%)
Delving into the Adversarial Robustness of Federated Learning. (98%)
Meta Style Adversarial Training for Cross-Domain Few-Shot Learning. (83%)
MedViT: A Robust Vision Transformer for Generalized Medical Image Classification. (12%)
RobustNLP: A Technique to Defend NLP Models Against Backdoor Attacks. (11%)
Beyond Distribution Shift: Spurious Features Through the Lens of Training Dynamics. (2%)
2023-02-17
Measuring Equality in Machine Learning Security Defenses. (96%)
Function Composition in Trustworthy Machine Learning: Implementation Choices, Insights, and Questions. (5%)
RetVec: Resilient and Efficient Text Vectorizer. (1%)
2023-02-16
On the Effect of Adversarial Training Against Invariance-based Adversarial Examples. (99%)
High-frequency Matters: An Overwriting Attack and defense for Image-processing Neural Network Watermarking. (67%)
Marich: A Query-efficient Distributionally Equivalent Model Extraction Attack using Public Data. (3%)
A Novel Noise Injection-based Training Scheme for Better Model Robustness. (2%)
2023-02-15
Masking and Mixing Adversarial Training. (99%)
Robust Mid-Pass Filtering Graph Convolutional Networks. (98%)
Graph Adversarial Immunization for Certifiable Robustness. (98%)
XploreNAS: Explore Adversarially Robust & Hardware-efficient Neural Architectures for Non-ideal Xbars. (87%)
Tight Auditing of Differentially Private Machine Learning. (41%)
Field-sensitive Data Flow Integrity. (1%)
Uncertainty-Estimation with Normalized Logits for Out-of-Distribution Detection. (1%)
2023-02-14
Regret-Based Optimization for Robust Reinforcement Learning. (99%)
On the Role of Randomization in Adversarially Robust Classification. (99%)
Attacking Fake News Detectors via Manipulating News Social Engagement. (83%)
An Experimental Study of Byzantine-Robust Aggregation Schemes in Federated Learning. (31%)
A Modern Look at the Relationship between Sharpness and Generalization. (10%)
Bounding Training Data Reconstruction in DP-SGD. (8%)
Security Defense For Smart Contracts: A Comprehensive Survey. (1%)
READIN: A Chinese Multi-Task Benchmark with Realistic and Diverse Input Noises. (1%)
2023-02-13
Sneaky Spikes: Uncovering Stealthy Backdoor Attacks in Spiking Neural Networks with Neuromorphic Data. (98%)
Raising the Cost of Malicious AI-Powered Image Editing. (82%)
Targeted Attack on GPT-Neo for the SATML Language Model Data Extraction Challenge. (8%)
Backdoor Learning for NLP: Recent Advances, Challenges, and Future Research Directions. (1%)
2023-02-12
TextDefense: Adversarial Text Detection based on Word Importance Entropy. (99%)
2023-02-11
Mutation-Based Adversarial Attacks on Neural Text Detectors. (69%)
HateProof: Are Hateful Meme Detection Systems really Robust? (13%)
MTTM: Metamorphic Testing for Textual Content Moderation Software. (2%)
Pushing the Accuracy-Group Robustness Frontier with Introspective Self-play. (1%)
High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption. (1%)
2023-02-10
Making Substitute Models More Bayesian Can Enhance Transferability of Adversarial Examples. (98%)
Unnoticeable Backdoor Attacks on Graph Neural Networks. (80%)
Step by Step Loss Goes Very Far: Multi-Step Quantization for Adversarial Text Attacks. (73%)
2023-02-09
IB-RAR: Information Bottleneck as Regularizer for Adversarial Robustness. (98%)
Adversarial Example Does Good: Preventing Painting Imitation from Diffusion Models via Adversarial Examples. (98%)
Hyperparameter Search Is All You Need For Training-Agnostic Backdoor Robustness. (75%)
Imperceptible Sample-Specific Backdoor to DNN with Denoising Autoencoder. (62%)
Better Diffusion Models Further Improve Adversarial Training. (22%)
Augmenting NLP data to counter Annotation Artifacts for NLI Tasks. (16%)
Incremental Satisfiability Modulo Theory for Verification of Deep Neural Networks. (1%)
2023-02-08
WAT: Improve the Worst-class Robustness in Adversarial Training. (99%)
Exploiting Certified Defences to Attack Randomised Smoothing. (99%)
Shortcut Detection with Variational Autoencoders. (13%)
Continuous Learning for Android Malware Detection. (13%)
Training-free Lexical Backdoor Attacks on Language Models. (8%)
On Function-Coupled Watermarks for Deep Neural Networks. (2%)
Unsupervised Learning of Initialization in Deep Neural Networks via Maximum Mean Discrepancy. (1%)
2023-02-07
Toward Face Biometric De-identification using Adversarial Examples. (98%)
Attacking Cooperative Multi-Agent Reinforcement Learning by Adversarial Minority Influence. (83%)
Membership Inference Attacks against Diffusion Models. (64%)
Temporal Robustness against Data Poisoning. (12%)
Robustness Implies Fairness in Casual Algorithmic Recourse. (2%)
Low-Latency Communication using Delay-Aware Relays Against Reactive Adversaries. (1%)
2023-02-06
Less is More: Understanding Word-level Textual Adversarial Attack via n-gram Frequency Descend. (99%)
SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction Consistency. (92%)
Exploring and Exploiting Decision Boundary Dynamics for Adversarial Robustness. (87%)
Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks. (75%)
GAT: Guided Adversarial Training with Pareto-optimal Auxiliary Tasks. (67%)
Target-based Surrogates for Stochastic Optimization. (1%)
Dropout Injection at Test Time for Post Hoc Uncertainty Quantification in Neural Networks. (1%)
One-shot Empirical Privacy Estimation for Federated Learning. (1%)
2023-02-05
On the Role of Contrastive Representation Learning in Adversarial Robustness: An Empirical Study. (54%)
Leaving Reality to Imagination: Robust Classification via Generated Datasets. (2%)
2023-02-04
CosPGD: a unified white-box adversarial attack for pixel-wise prediction tasks. (99%)
A Minimax Approach Against Multi-Armed Adversarial Attacks Detection. (86%)
Run-Off Election: Improved Provable Defense against Data Poisoning Attacks. (83%)
AUTOLYCUS: Exploiting Explainable AI (XAI) for Model Extraction Attacks against Decision Tree Models. (80%)
Certified Robust Control under Adversarial Perturbations. (78%)
2023-02-03
TextShield: Beyond Successfully Detecting Adversarial Sentences in Text Classification. (96%)
DeTorrent: An Adversarial Padding-only Traffic Analysis Defense. (73%)
SoK: A Systematic Evaluation of Backdoor Trigger Characteristics in Image Classification. (61%)
Beyond the Universal Law of Robustness: Sharper Laws for Random Features and Neural Tangent Kernels. (15%)
Asymmetric Certified Robustness via Feature-Convex Neural Networks. (8%)
Revisiting Personalized Federated Learning: Robustness Against Backdoor Attacks. (2%)
BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers. (2%)
From Robustness to Privacy and Back. (2%)
DCA: Delayed Charging Attack on the Electric Shared Mobility System. (1%)
Augmenting Rule-based DNS Censorship Detection at Scale with Machine Learning. (1%)
2023-02-02
TransFool: An Adversarial Attack against Neural Machine Translation Models. (99%)
Beyond Pretrained Features: Noisy Image Modeling Provides Adversarial Defense. (99%)
On the Robustness of Randomized Ensembles to Adversarial Perturbations. (75%)
A sliced-Wasserstein distance-based approach for out-of-class-distribution detection. (62%)
Effective Robustness against Natural Distribution Shifts for Models with Different Training Data. (13%)
SPECWANDS: An Efficient Priority-based Scheduler Against Speculation Contention Attacks. (10%)
Provably Bounding Neural Network Preimages. (8%)
Defensive ML: Defending Architectural Side-channels with Adversarial Obfuscation. (2%)
Generalized Uncertainty of Deep Neural Networks: Taxonomy and Applications. (1%)
Dataset Distillation Fixes Dataset Reconstruction Attacks. (1%)
2023-02-01
Universal Soldier: Using Universal Adversarial Perturbations for Detecting Backdoor Attacks. (99%)
Effectiveness of Moving Target Defenses for Adversarial Attacks in ML-based Malware Detection. (92%)
Exploring Semantic Perturbations on Grover. (56%)
BackdoorBox: A Python Toolbox for Backdoor Learning. (10%)
2023-01-31
Reverse engineering adversarial attacks with fingerprints from adversarial examples. (99%)
The Impacts of Unanswerable Questions on the Robustness of Machine Reading Comprehension Models. (97%)
Are Defenses for Graph Neural Networks Robust? (80%)
Adversarial Training of Self-supervised Monocular Depth Estimation against Physical-World Attacks. (75%)
Robust Linear Regression: Gradient-descent, Early-stopping, and Beyond. (47%)
Fairness-aware Vision Transformer via Debiased Self-Attention. (47%)
Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression. (12%)
DRAINCLoG: Detecting Rogue Accounts with Illegally-obtained NFTs using Classifiers Learned on Graphs. (1%)
Identifying the Hazard Boundary of ML-enabled Autonomous Systems Using Cooperative Co-Evolutionary Search. (1%)
2023-01-30
Feature-Space Bayesian Adversarial Learning Improved Malware Detector Robustness. (99%)
Improving Adversarial Transferability with Scheduled Step Size and Dual Example. (99%)
Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification. (99%)
RS-Del: Edit Distance Robustness Certificates for Sequence Classifiers via Randomized Deletion. (99%)
Identifying Adversarially Attackable and Robust Samples. (99%)
On Robustness of Prompt-based Semantic Parsing with Large Pre-trained Language Model: An Empirical Study on Codex. (98%)
Anchor-Based Adversarially Robust Zero-Shot Learning Driven by Language. (96%)
Inference Time Evidences of Adversarial Attacks for Forensic on Transformers. (87%)
On the Efficacy of Metrics to Describe Adversarial Attacks. (82%)
Benchmarking Robustness to Adversarial Image Obfuscations. (74%)
Extracting Training Data from Diffusion Models. (5%)
M3FAS: An Accurate and Robust MultiModal Mobile Face Anti-Spoofing System. (1%)
2023-01-29
Unlocking Deterministic Robustness Certification on ImageNet. (98%)
Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid. (93%)
Improving the Accuracy-Robustness Trade-off of Classifiers via Adaptive Smoothing. (83%)
Uncovering Adversarial Risks of Test-Time Adaptation. (82%)
Adversarial Attacks on Adversarial Bandits. (69%)
Towards Verifying the Geometric Robustness of Large-scale Neural Networks. (54%)
Lateralized Learning for Multi-Class Visual Classification Tasks. (13%)
Diverse, Difficult, and Odd Instances (D2O): A New Test Set for Object Classification. (3%)
Adversarial Style Augmentation for Domain Generalization. (2%)
Confidence-Aware Calibration and Scoring Functions for Curriculum Learning. (1%)
2023-01-28
Node Injection for Class-specific Network Poisoning. (82%)
Out-of-distribution Detection with Energy-based Models. (82%)
Gradient Shaping: Enhancing Backdoor Attack Against Reverse Engineering. (13%)
Selecting Models based on the Risk of Damage Caused by Adversarial Attacks. (1%)
2023-01-27
Semantic Adversarial Attacks on Face Recognition through Significant Attributes. (99%)
Targeted Attacks on Timeseries Forecasting. (99%)
Adapting Step-size: A Unified Perspective to Analyze and Improve Gradient-based Methods for Adversarial Attacks. (98%)
PECAN: A Deterministic Certified Defense Against Backdoor Attacks. (97%)
Vertex-based reachability analysis for verifying ReLU deep neural networks. (93%)
OccRob: Efficient SMT-Based Occlusion Robustness Verification of Deep Neural Networks. (92%)
PCV: A Point Cloud-Based Network Verifier. (88%)
Robust Transformer with Locality Inductive Bias and Feature Normalization. (88%)
Analyzing Robustness of the Deep Reinforcement Learning Algorithm in Ramp Metering Applications Considering False Data Injection Attack and Defense. (87%)
Learning to Unlearn: Instance-wise Unlearning for Pre-trained Classifiers. (80%)
Certified Invertibility in Neural Networks via Mixed-Integer Programming. (76%)
2023-01-26
Attacking Important Pixels for Anchor-free Detectors. (99%)
Certified Interpretability Robustness for Class Activation Mapping. (92%)
Interaction-level Membership Inference Attack Against Federated Recommender Systems. (31%)
Minerva: A File-Based Ransomware Detector. (13%)
2023-01-25
RobustPdM: Designing Robust Predictive Maintenance against Adversarial Attacks. (99%)
BDMMT: Backdoor Sample Detection for Language Models through Model Mutation Testing. (98%)
A Data-Centric Approach for Improving Adversarial Training Through the Lens of Out-of-Distribution Detection. (96%)
On the Adversarial Robustness of Camera-based 3D Object Detection. (81%)
A Study on FGSM Adversarial Training for Neural Retrieval. (75%)
Distilling Cognitive Backdoor Patterns within an Image. (5%)
Connecting metrics for shape-texture knowledge in computer vision. (1%)
2023-01-24
Blockchain-aided Secure Semantic Communication for AI-Generated Content in Metaverse. (13%)
Learning Effective Strategies for Moving Target Defense with Switching Costs. (1%)
Data Augmentation Alone Can Improve Adversarial Training. (1%)
2023-01-23
DODEM: DOuble DEfense Mechanism Against Adversarial Attacks Towards Secure Industrial Internet of Things Analytics. (99%)
Practical Adversarial Attacks Against AI-Driven Power Allocation in a Distributed MIMO Network. (92%)
BayBFed: Bayesian Backdoor Defense for Federated Learning. (78%)
Backdoor Attacks in Peer-to-Peer Federated Learning. (68%)
2023-01-22
Provable Unrestricted Adversarial Training without Compromise with Generalizability. (99%)
ContraBERT: Enhancing Code Pre-trained Models via Contrastive Learning. (8%)
2023-01-20
Limitations of Piecewise Linearity for Efficient Robustness Certification. (95%)
Towards Understanding How Self-training Tolerates Data Backdoor Poisoning. (16%)
Dr.Spider: A Diagnostic Evaluation Benchmark towards Text-to-SQL Robustness. (8%)
Defending SDN against packet injection attacks using deep learning. (2%)
2023-01-19
On the Vulnerability of Backdoor Defenses for Federated Learning. (62%)
On the Relationship Between Information-Theoretic Privacy Metrics And Probabilistic Information Privacy. (31%)
RNAS-CL: Robust Neural Architecture Search by Cross-Layer Knowledge Distillation. (16%)
Enhancing Deep Learning with Scenario-Based Override Rules: a Case Study. (1%)
2023-01-17
Denoising Diffusion Probabilistic Models as a Defense against Adversarial Attacks. (98%)
Adversarial Robust Deep Reinforcement Learning Requires Redefining Robustness. (68%)
Label Inference Attack against Split Learning under Regression Setting. (8%)
2023-01-16
$\beta$-DARTS++: Bi-level Regularization for Proxy-robust Differentiable Architecture Search. (1%)
Modeling Uncertain Feature Representation for Domain Generalization. (1%)
2023-01-15
BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense. (4%)
2023-01-13
On the feasibility of attacking Thai LPR systems with adversarial examples. (99%)
2023-01-12
Security-Aware Approximate Spiking Neural Networks. (87%)
Jamming Attacks on Decentralized Federated Learning in General Multi-Hop Wireless Networks. (3%)
2023-01-11
Phase-shifted Adversarial Training. (82%)
Universal Detection of Backdoor Attacks via Density-based Clustering and Centroids Analysis. (78%)
2023-01-10
On the Robustness of AlphaFold: A COVID-19 Case Study. (73%)
CDA: Contrastive-adversarial Domain Adaptation. (38%)
User-Centered Security in Natural Language Processing. (12%)
Leveraging Diffusion For Strong and High Quality Face Morphing Attacks. (3%)
2023-01-09
Over-The-Air Adversarial Attacks on Deep Learning Wi-Fi Fingerprinting. (99%)
On the Susceptibility and Robustness of Time Series Models through Adversarial Attack and Defense. (98%)
Is Federated Learning a Practical PET Yet? (13%)
SoK: Hardware Defenses Against Speculative Execution Attacks. (1%)
2023-01-08
RobArch: Designing Robust Architectures against Adversarial Attacks. (76%)
MoreauGrad: Sparse and Robust Interpretation of Neural Networks via Moreau Envelope. (1%)
2023-01-07
REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service. (99%)
Adversarial training with informed data selection. (99%)
2023-01-06
Code Difference Guided Adversarial Example Generation for Deep Code Models. (99%)
Stealthy Backdoor Attack for Code Models. (98%)
2023-01-05
Silent Killer: A Stealthy, Clean-Label, Black-Box Backdoor Attack. (98%)
gRoMA: a Tool for Measuring Deep Neural Networks Global Robustness. (96%)
Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks. (61%)
Can Large Language Models Change User Preference Adversarially? (1%)
TrojanPuzzle: Covertly Poisoning Code-Suggestion Models. (1%)
2023-01-04
Availability Adversarial Attack and Countermeasures for Deep Learning-based Load Forecasting. (98%)
Beckman Defense. (84%)
GUAP: Graph Universal Attack Through Adversarial Patching. (81%)
Enhancement attacks in biomedical machine learning. (1%)
2023-01-03
Explainability and Robustness of Deep Visual Classification Models. (92%)
Look, Listen, and Attack: Backdoor Attacks Against Video Action Recognition. (83%)
Backdoor Attacks Against Dataset Distillation. (50%)
Analysis of Label-Flip Poisoning Attack on Machine Learning Based Malware Detector. (33%)
2023-01-02
Efficient Robustness Assessment via Adversarial Spatial-Temporal Focus on Videos. (92%)
2023-01-01
Generalizable Black-Box Adversarial Attack with Meta Learning. (99%)
ExploreADV: Towards exploratory attack for Neural Networks. (99%)
Trojaning semi-supervised learning model via poisoning wild images on the web. (47%)
2022-12-30
Tracing the Origin of Adversarial Attack for Forensic Investigation and Deterrence. (99%)
Guidance Through Surrogate: Towards a Generic Diagnostic Attack. (99%)
Defense Against Adversarial Attacks on Audio DeepFake Detection. (91%)
Adversarial attacks and defenses on ML- and hardware-based IoT device fingerprinting and identification. (82%)
Unlearnable Clusters: Towards Label-agnostic Unlearnable Examples. (22%)
Targeted k-node Collapse Problem: Towards Understanding the Robustness of Local k-core Structure. (1%)
2022-12-29
"Real Attackers Don't Compute Gradients": Bridging the Gap Between Adversarial ML Research and Practice. (68%)
Detection of out-of-distribution samples using binary neuron activation patterns. (11%)
2022-12-28
Thermal Heating in ReRAM Crossbar Arrays: Challenges and Solutions. (99%)
Certifying Safety in Reinforcement Learning under Adversarial Perturbation Attacks. (98%)
Publishing Efficient On-device Models Increases Adversarial Vulnerability. (95%)
Differentiable Search of Accurate and Robust Architectures. (92%)
Robust Ranking Explanations. (76%)
Evaluating Generalizability of Deep Learning Models Using Indian-COVID-19 CT Dataset. (1%)
2022-12-27
EDoG: Adversarial Edge Detection For Graph Neural Networks. (98%)
Learning When to Use Adaptive Adversarial Image Perturbations against Autonomous Vehicles. (86%)
Sparse Mixture Once-for-all Adversarial Training for Efficient In-Situ Trade-Off Between Accuracy and Robustness of DNNs. (62%)
XMAM:X-raying Models with A Matrix to Reveal Backdoor Attacks for Federated Learning. (56%)
2022-12-25
Simultaneously Optimizing Perturbations and Positions for Black-box Adversarial Patch Attacks. (99%)
2022-12-24
Frequency Regularization for Improving Adversarial Robustness. (99%)
2022-12-23
Out-of-Distribution Detection with Reconstruction Error and Typicality-based Penalty. (61%)
Towards Scalable Physically Consistent Neural Networks: an Application to Data-driven Multi-zone Thermal Building Models. (1%)
2022-12-22
Adversarial Machine Learning and Defense Game for NextG Signal Classification with Deep Learning. (98%)
Aliasing is a Driver of Adversarial Attacks. (80%)
GAN-based Domain Inference Attack. (2%)
Hybrid Quantum-Classical Generative Adversarial Network for High Resolution Image Generation. (1%)
2022-12-21
Revisiting Residual Networks for Adversarial Robustness: An Architectural Perspective. (80%)
Vulnerabilities of Deep Learning-Driven Semantic Communications to Backdoor (Trojan) Attacks. (67%)
A Theoretical Study of The Effects of Adversarial Attacks on Sparse Regression. (13%)
2022-12-20
A Comprehensive Study and Comparison of the Robustness of 3D Object Detectors Against Adversarial Attacks. (98%)
Multi-head Uncertainty Inference for Adversarial Attack Detection. (98%)
In and Out-of-Domain Text Adversarial Robustness via Label Smoothing. (98%)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks. (96%)
Unleashing the Power of Visual Prompting At the Pixel Level. (92%)
Learned Systems Security. (78%)
Hidden Poison: Machine Unlearning Enables Camouflaged Poisoning Attacks. (22%)
ReCode: Robustness Evaluation of Code Generation Models. (10%)
Defending Against Poisoning Attacks in Open-Domain Question Answering. (8%)
SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations. (5%)
DISCO: Distilling Phrasal Counterfactuals with Large Language Models. (1%)
2022-12-19
TextGrad: Advancing Robustness Evaluation in NLP by Gradient-Driven Optimization. (99%)
Towards Robustness of Text-to-SQL Models Against Natural and Realistic Adversarial Table Perturbation. (75%)
AI Security for Geoscience and Remote Sensing: Challenges and Future Trends. (50%)
Task-Oriented Communications for NextG: End-to-End Deep Learning and AI Security Aspects. (26%)
Flareon: Stealthy any2any Backdoor Injection via Poisoned Augmentation. (2%)
Exploring Optimal Substructure for Out-of-distribution Generalization via Feature-targeted Model Pruning. (1%)
2022-12-18
Estimating the Adversarial Robustness of Attributions in Text with Transformers. (99%)
Minimizing Maximum Model Discrepancy for Transferable Black-box Targeted Attacks. (99%)
Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition. (99%)
Fine-Tuning Is All You Need to Mitigate Backdoor Attacks. (4%)
2022-12-17
Confidence-aware Training of Smoothed Classifiers for Certified Robustness. (86%)
A Review of Speech-centric Trustworthy Machine Learning: Privacy, Safety, and Fairness. (2%)
HyPe: Better Pre-trained Language Model Fine-tuning with Hidden Representation Perturbation. (1%)
2022-12-16
Adversarial Example Defense via Perturbation Grading Strategy. (99%)
WebAssembly Diversification for Malware Evasion. (5%)
Biomedical image analysis competitions: The state of current participation practice. (4%)
Better May Not Be Fairer: Can Data Augmentation Mitigate Subgroup Degradation? (1%)
On Human Visual Contrast Sensitivity and Machine Vision Robustness: A Comparative Study. (1%)
2022-12-15
Alternating Objectives Generates Stronger PGD-Based Adversarial Attacks. (98%)
On Evaluating Adversarial Robustness of Chest X-ray Classification: Pitfalls and Best Practices. (84%)
Are Multimodal Models Robust to Image and Text Perturbations? (5%)
Holistic risk assessment of inference attacks in machine learning. (4%)
Defending against cybersecurity threats to the payments and banking system. (2%)
White-box Inference Attacks against Centralized Machine Learning and Federated Learning. (1%)
2022-12-14
SAIF: Sparse Adversarial and Interpretable Attack Framework. (98%)
Dissecting Distribution Inference. (88%)
Generative Robust Classification. (11%)
Synthesis of Adversarial DDOS Attacks Using Tabular Generative Adversarial Networks. (8%)
DOC-NAD: A Hybrid Deep One-class Classifier for Network Anomaly Detection. (1%)
2022-12-13
Object-fabrication Targeted Attack for Object Detection. (99%)
Unfolding Local Growth Rate Estimates for (Almost) Perfect Adversarial Detection. (99%)
Adversarial Attacks and Defences for Skin Cancer Classification. (99%)
Towards Efficient and Domain-Agnostic Evasion Attack with High-dimensional Categorical Inputs. (80%)
Understanding Zero-Shot Adversarial Robustness for Large-Scale Models. (73%)
Pixel is All You Need: Adversarial Trajectory-Ensemble Active Learning for Salient Object Detection. (56%)
AdvCat: Domain-Agnostic Robustness Assessment for Cybersecurity-Critical Applications with Categorical Inputs. (56%)
Privacy-preserving Security Inference Towards Cloud-Edge Collaborative Using Differential Privacy. (1%)
Boosting Semi-Supervised Learning with Contrastive Complementary Labeling. (1%)
2022-12-12
SRoUDA: Meta Self-training for Robust Unsupervised Domain Adaptation. (98%)
Adversarially Robust Video Perception by Seeing Motion. (98%)
A Survey on Reinforcement Learning Security with Application to Autonomous Driving. (96%)
HOTCOLD Block: Fooling Thermal Infrared Detectors with a Novel Wearable Design. (96%)
Robust Perception through Equivariance. (96%)
Despite "super-human" performance, current LLMs are unsuited for decisions about ethics and safety. (75%)
AFLGuard: Byzantine-robust Asynchronous Federated Learning. (15%)
Carpet-bombing patch: attacking a deep network without usual requirements. (2%)
Numerical Stability of DeepGOPlus Inference. (1%)
2022-12-11
DISCO: Adversarial Defense with Local Implicit Functions. (99%)
REAP: A Large-Scale Realistic Adversarial Patch Benchmark. (98%)
2022-12-10
General Adversarial Defense Against Black-box Attacks via Pixel Level and Feature Level Distribution Alignments. (99%)
Untargeted Attack against Federated Recommendation Systems via Poisonous Item Embeddings and the Defense. (93%)
Targeted Adversarial Attacks on Deep Reinforcement Learning Policies via Model Checking. (93%)
Mitigating Adversarial Gray-Box Attacks Against Phishing Detectors. (54%)
How to Backdoor Diffusion Models? (12%)
Identifying the Source of Vulnerability in Explanation Discrepancy: A Case Study in Neural Text Classification. (1%)
2022-12-09
Understanding and Combating Robust Overfitting via Input Loss Landscape Analysis and Regularization. (98%)
Expeditious Saliency-guided Mix-up through Random Gradient Thresholding. (2%)
Spurious Features Everywhere -- Large-Scale Detection of Harmful Spurious Features in ImageNet. (1%)
Robustness Implies Privacy in Statistical Estimation. (1%)
Selective Amnesia: On Efficient, High-Fidelity and Blind Suppression of Backdoor Effects in Trojaned Machine Learning Models. (1%)
QVIP: An ILP-based Formal Verification Approach for Quantized Neural Networks. (1%)
2022-12-08
Targeted Adversarial Attacks against Neural Network Trajectory Predictors. (99%)
XRand: Differentially Private Defense against Explanation-Guided Attacks. (68%)
Robust Graph Representation Learning via Predictive Coding. (22%)
2022-12-07
Use of Cryptography in Malware Obfuscation. (1%)
2022-12-06
Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning. (96%)
2022-12-05
Enhancing Quantum Adversarial Robustness by Randomized Encodings. (99%)
Multiple Perturbation Attack: Attack Pixelwise Under Different $\ell_p$-norms For Better Adversarial Performance. (99%)
FaceQAN: Face Image Quality Assessment Through Adversarial Noise Exploration. (92%)
Refiner: Data Refining against Gradient Leakage Attacks in Federated Learning. (76%)
Blessings and Curses of Covariate Shifts: Adversarial Learning Dynamics, Directional Convergence, and Equilibria. (8%)
What is the Solution for State-Adversarial Multi-Agent Reinforcement Learning? (3%)
Spuriosity Rankings: Sorting Data for Spurious Correlation Robustness. (1%)
Efficient Malware Analysis Using Metric Embeddings. (1%)
2022-12-04
Bayesian Learning with Information Gain Provably Bounds Risk for a Robust Adversarial Defense. (98%)
Recognizing Object by Components with Human Prior Knowledge Enhances Adversarial Robustness of Deep Neural Networks. (88%)
CSTAR: Towards Compact and STructured Deep Neural Networks with Adversarial Robustness. (82%)
FedCC: Robust Federated Learning against Model Poisoning Attacks. (45%)
ConfounderGAN: Protecting Image Data Privacy with Causal Confounder. (8%)
2022-12-03
LDL: A Defense for Label-Based Membership Inference Attacks. (83%)
Security Analysis of SplitFed Learning. (8%)
2022-12-02
Membership Inference Attacks Against Semantic Segmentation Models. (45%)
Guaranteed Conformance of Neurosymbolic Models to Natural Constraints. (1%)
2022-12-01
Purifier: Defending Data Inference Attacks via Transforming Confidence Scores. (89%)
Pareto Regret Analyses in Multi-objective Multi-armed Bandit. (41%)
All You Need Is Hashing: Defending Against Data Reconstruction Attack in Vertical Federated Learning. (2%)
Generalizing and Improving Jacobian and Hessian Regularization. (1%)
On the Limit of Explaining Black-box Temporal Graph Neural Networks. (1%)
SimpleMind adds thinking to deep neural networks. (1%)
2022-11-30
Towards Interpreting Vulnerability of Multi-Instance Learning via Customized and Universal Adversarial Perturbations. (97%)
Interpretation of Neural Networks is Susceptible to Universal Adversarial Perturbations. (84%)
Efficient Adversarial Input Generation via Neural Net Patching. (75%)
Toward Robust Diagnosis: A Contour Attention Preserving Adversarial Defense for COVID-19 Detection. (69%)
Tight Certification of Adversarially Trained Neural Networks via Nonconvex Low-Rank Semidefinite Relaxations. (38%)
Improved Smoothed Analysis of 2-Opt for the Euclidean TSP. (8%)
2022-11-29
Understanding and Enhancing Robustness of Concept-based Models. (99%)
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion. (99%)
Advancing Deep Metric Learning Through Multiple Batch Norms And Multi-Targeted Adversarial Examples. (88%)
Penalizing Confident Predictions on Largely Perturbed Inputs Does Not Improve Out-of-Distribution Generalization in Question Answering. (83%)
Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks. (73%)
AdvMask: A Sparse Adversarial Attack Based Data Augmentation Method for Image Classification. (54%)
A3T: Accuracy Aware Adversarial Training. (10%)
Building Resilience to Out-of-Distribution Visual Data via Input Optimization and Model Finetuning. (1%)
2022-11-28
Adversarial Artifact Detection in EEG-Based Brain-Computer Interfaces. (99%)
Interpretations Cannot Be Trusted: Stealthy and Effective Adversarial Perturbations against Interpretable Deep Learning. (95%)
Training Time Adversarial Attack Aiming the Vulnerability of Continual Learning. (83%)
Towards More Robust Interpretation via Local Gradient Alignment. (76%)
Understanding the Impact of Adversarial Robustness on Accuracy Disparity. (31%)
How Important are Good Method Names in Neural Code Generation? A Model Robustness Perspective. (13%)
Rethinking the Number of Shots in Robust Model-Agnostic Meta-Learning. (8%)
Attack on Unfair ToS Clause Detection: A Case Study using Universal Adversarial Triggers. (8%)
Gamma-convergence of a nonlocal perimeter arising in adversarial machine learning. (3%)
CoNAL: Anticipating Outliers with Large Language Models. (1%)
Learning Antidote Data to Individual Unfairness. (1%)
2022-11-27
Imperceptible Adversarial Attack via Invertible Neural Networks. (99%)
Foiling Explanations in Deep Neural Networks. (98%)
Navigation as the Attacker Wishes? Towards Building Byzantine-Robust Embodied Agents under Federated Learning. (84%)
Traditional Classification Neural Networks are Good Generators: They are Competitive with DDPMs and GANs. (50%)
Federated Learning Attacks and Defenses: A Survey. (47%)
Adversarial Rademacher Complexity of Deep Neural Networks. (47%)
2022-11-26
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning. (99%)
2022-11-25
Boundary Adversarial Examples Against Adversarial Overfitting. (99%)
Supervised Contrastive Prototype Learning: Augmentation Free Robust Neural Network. (98%)
Beyond Smoothing: Unsupervised Graph Representation Learning with Edge Heterophily Discriminating. (3%)
TrustGAN: Training safe and trustworthy deep learning models through generative adversarial networks. (1%)
2022-11-24
SAGA: Spectral Adversarial Geometric Attack on 3D Meshes. (98%)
Explainable and Safe Reinforcement Learning for Autonomous Air Mobility. (92%)
Tracking Dataset IP Use in Deep Neural Networks. (76%)
Neural Network Complexity of Chaos and Turbulence. (41%)
Seeds Don't Lie: An Adaptive Watermarking Framework for Computer Vision Models. (8%)
Generative Joint Source-Channel Coding for Semantic Image Transmission. (1%)
CycleGANWM: A CycleGAN watermarking method for ownership verification. (1%)
2022-11-23
Query Efficient Cross-Dataset Transferable Black-Box Attack on Action Recognition. (99%)
Adversarial Attacks are a Surprisingly Strong Baseline for Poisoning Few-Shot Meta-Learners. (99%)
Reliable Robustness Evaluation via Automatically Constructed Attack Ensembles. (76%)
Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. (62%)
Privacy-Enhancing Optical Embeddings for Lensless Classification. (11%)
Principled Data-Driven Decision Support for Cyber-Forensic Investigations. (1%)
Data Provenance Inference in Machine Learning. (1%)
2022-11-22
Benchmarking Adversarially Robust Quantum Machine Learning at Scale. (99%)
PointCA: Evaluating the Robustness of 3D Point Cloud Completion Models Against Adversarial Examples. (99%)
Attacking Image Splicing Detection and Localization Algorithms Using Synthetic Traces. (98%)
Backdoor Cleansing with Unlabeled Data. (75%)
Improving Robust Generalization by Direct PAC-Bayesian Bound Minimization. (70%)
SoK: Inference Attacks and Defenses in Human-Centered Wireless Sensing. (69%)
2022-11-21
Boosting the Transferability of Adversarial Attacks with Global Momentum Initialization. (99%)
Understanding the Vulnerability of Skeleton-based Human Activity Recognition via Black-box Attack. (99%)
Self-Ensemble Protection: Training Checkpoints Are Good Data Protectors. (99%)
Addressing Mistake Severity in Neural Networks with Semantic Knowledge. (92%)
Efficient Generalization Improvement Guided by Random Weight Perturbation. (68%)
CLAWSAT: Towards Both Robust and Accurate Code Models. (56%)
Fairness Increases Adversarial Vulnerability. (54%)
Don't Watch Me: A Spatio-Temporal Trojan Attack on Deep-Reinforcement-Learning-Augment Autonomous Driving. (10%)
SPIN: Simulated Poisoning and Inversion Network for Federated Learning-Based 6G Vehicular Networks. (8%)
A Survey on Backdoor Attack and Defense in Natural Language Processing. (2%)
Understanding and Improving Visual Prompting: A Label-Mapping Perspective. (2%)
Multi-Level Knowledge Distillation for Out-of-Distribution Detection in Text. (1%)
Privacy in Practice: Private COVID-19 Detection in X-Ray Images. (1%)
A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers. (1%)
2022-11-20
Spectral Adversarial Training for Robust Graph Neural Network. (99%)
Invisible Backdoor Attack with Dynamic Triggers against Person Re-identification. (81%)
Taming Reachability Analysis of DNN-Controlled Systems via Abstraction-Based Training. (47%)
Adversarial Cheap Talk. (8%)
Deep Composite Face Image Attacks: Generation, Vulnerability and Detection. (2%)
AI-KD: Adversarial learning and Implicit regularization for self-Knowledge Distillation. (2%)
2022-11-19
Towards Adversarial Robustness of Deep Vision Algorithms. (92%)
Phonemic Adversarial Attack against Audio Recognition in Real World. (87%)
Towards Robust Dataset Learning. (82%)
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning. (80%)
Mask Off: Analytic-based Malware Detection By Transfer Learning and Model Personalization. (9%)
Investigating the Security of EV Charging Mobile Applications As an Attack Surface. (1%)
2022-11-18
Adversarial Stimuli: Attacking Brain-Computer Interfaces via Perturbed Sensory Events. (98%)
Adversarial Detection by Approximation of Ensemble Boundary. (75%)
Leveraging Algorithmic Fairness to Mitigate Blackbox Attribute Inference Attacks. (68%)
Invariant Learning via Diffusion Dreamed Distribution Shifts. (10%)
Intrusion Detection in Internet of Things using Convolutional Neural Networks. (1%)
Improving Robustness of TCM-based Robust Steganography with Variable Robustness. (1%)
Provable Defense against Backdoor Policies in Reinforcement Learning. (1%)
Scaling Up Dataset Distillation to ImageNet-1K with Constant Memory. (1%)
2022-11-17
Diagnostics for Deep Neural Networks with Automated Copy/Paste Attacks. (99%)
Towards Good Practices in Evaluating Transfer Adversarial Attacks. (93%)
Assessing Neural Network Robustness via Adversarial Pivotal Tuning. (92%)
UPTON: Unattributable Authorship Text via Data Poisoning. (86%)
Generalizable Deepfake Detection with Phase-Based Motion Analysis. (50%)
More Effective Centrality-Based Attacks on Weighted Networks. (15%)
Potential Auto-driving Threat: Universal Rain-removal Attack. (2%)
Data-Centric Debugging: mitigating model failures via targeted data collection. (1%)
A Tale of Two Cities: Data and Configuration Variances in Robust Deep Learning. (1%)
VeriSparse: Training Verified Locally Robust Sparse Neural Networks from Scratch. (1%)
2022-11-16
T-SEA: Transfer-based Self-Ensemble Attack on Object Detection. (99%)
Efficiently Finding Adversarial Examples with DNN Preprocessing. (99%)
Improving Interpretability via Regularization of Neural Activation Sensitivity. (92%)
Attacking Object Detector Using A Universal Targeted Label-Switch Patch. (86%)
Differentially Private Optimizers Can Learn Adversarially Robust Models. (83%)
Interpretable Dimensionality Reduction by Feature Preserving Manifold Approximation and Projection. (56%)
Privacy against Real-Time Speech Emotion Detection via Acoustic Adversarial Evasion of Machine Learning. (38%)
Holistic Evaluation of Language Models. (2%)
Analysis and Detectability of Offline Data Poisoning Attacks on Linear Systems. (1%)
2022-11-15
Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation. (99%)
Universal Distributional Decision-based Black-box Adversarial Attack with Reinforcement Learning. (99%)
MORA: Improving Ensemble Robustness Evaluation with Model-Reweighing Attack. (99%)
Person Text-Image Matching via Text-Featur Interpretability Embedding and External Attack Node Implantation. (92%)
Backdoor Attacks on Time Series: A Generative Approach. (70%)
CorruptEncoder: Data Poisoning based Backdoor Attacks to Contrastive Learning. (61%)
Improved techniques for deterministic l2 robustness. (22%)
Backdoor Attacks for Remote Sensing Data with Wavelet Transform. (12%)
2022-11-14
Efficient Adversarial Training with Robust Early-Bird Tickets. (92%)
Attacking Face Recognition with T-shirts: Database, Vulnerability Assessment and Detection. (13%)
Towards Robust Numerical Question Answering: Diagnosing Numerical Capabilities of NLP Systems. (5%)
Explainer Divergence Scores (EDS): Some Post-Hoc Explanations May be Effective for Detecting Unknown Spurious Correlations. (5%)
Robustifying Deep Vision Models Through Shape Sensitization. (2%)
2022-11-13
Certifying Robustness of Convolutional Neural Networks with Tight Linear Approximation. (26%)
2022-11-12
Adversarial and Random Transformations for Robust Domain Adaptation and Generalization. (75%)
DriftRec: Adapting diffusion models to blind JPEG restoration. (1%)
2022-11-11
Generating Textual Adversaries with Minimal Perturbation. (98%)
On the robustness of non-intrusive speech quality model by adversarial examples. (98%)
An investigation of security controls and MITRE ATT\&CK techniques. (47%)
Investigating co-occurrences of MITRE ATT\&CK Techniques. (12%)
Remapped Cache Layout: Thwarting Cache-Based Side-Channel Attacks with a Hardware Defense. (9%)
2022-11-10
Test-time adversarial detection and robustness for localizing humans using ultra wide band channel impulse responses. (99%)
Impact of Adversarial Training on Robustness and Generalizability of Language Models. (99%)
Privacy-Utility Balanced Voice De-Identification Using Adversarial Examples. (98%)
Stay Home Safe with Starving Federated Data. (80%)
MSDT: Masked Language Model Scoring Defense in Text Domain. (38%)
Robust DNN Surrogate Models with Uncertainty Quantification via Adversarial Training. (3%)
Mitigating Forgetting in Online Continual Learning via Contrasting Semantically Distinct Augmentations. (1%)
2022-11-09
On the Robustness of Explanations of Deep Neural Network Models: A Survey. (50%)
Are All Edges Necessary? A Unified Framework for Graph Purification. (5%)
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. (3%)
Accountable and Explainable Methods for Complex Reasoning over Text. (2%)
Directional Privacy for Deep Learning. (1%)
2022-11-08
Preserving Semantics in Textual Adversarial Attacks. (99%)
NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries? (98%)
How Fraudster Detection Contributes to Robust Recommendation. (67%)
Lipschitz Continuous Algorithms for Graph Problems. (16%)
Learning advisor networks for noisy image classification. (1%)
2022-11-07
Are AlphaZero-like Agents Robust to Adversarial Perturbations? (99%)
Black-Box Attack against GAN-Generated Image Detector with Contrastive Perturbation. (82%)
Deviations in Representations Induced by Adversarial Attacks. (70%)
A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System. (1%)
Interpreting deep learning output for out-of-distribution detection. (1%)
Resilience of Wireless Ad Hoc Federated Learning against Model Poisoning Attacks. (1%)
2022-11-06
Contrastive Weighted Learning for Near-Infrared Gaze Estimation. (31%)
2022-11-05
Textual Manifold-based Defense Against Natural Language Adversarial Examples. (99%)
Stateful Detection of Adversarial Reprogramming. (96%)
Robust Lottery Tickets for Pre-trained Language Models. (83%)
2022-11-04
Improving Adversarial Robustness to Sensitivity and Invariance Attacks with Deep Metric Learning. (99%)
Logits are predictive of network type. (68%)
An Adversarial Robustness Perspective on the Topology of Neural Networks. (64%)
Fairness-aware Regression Robust to Adversarial Attacks. (38%)
Extension of Simple Algorithms to the Matroid Secretary Problem. (9%)
Robustness of Fusion-based Multimodal Classifiers to Cross-Modal Content Dilutions. (3%)
Data Models for Dataset Drift Controls in Machine Learning With Images. (1%)
2022-11-03
Physically Adversarial Attacks and Defenses in Computer Vision: A Survey. (99%)
Adversarial Defense via Neural Oscillation inspired Gradient Masking. (98%)
M-to-N Backdoor Paradigm: A Stealthy and Fuzzy Attack to Deep Learning Models. (98%)
Robust Few-shot Learning Without Using any Adversarial Samples. (89%)
Data-free Defense of Black Box Models Against Adversarial Attacks. (84%)
Leveraging Domain Features for Detecting Adversarial Attacks Against Deep Speech Recognition in Noise. (38%)
Try to Avoid Attacks: A Federated Data Sanitization Defense for Healthcare IoMT Systems. (33%)
Unintended Memorization and Timing Attacks in Named Entity Recognition Models. (12%)
2022-11-02
Defending with Errors: Approximate Computing for Robustness of Deep Neural Networks. (99%)
Improving transferability of 3D adversarial attacks with scale and shear transformations. (99%)
Certified Robustness of Quantum Classifiers against Adversarial Examples through Quantum Noise. (99%)
Adversarial Attack on Radar-based Environment Perception Systems. (99%)
Isometric Representations in Neural Networks Improve Robustness. (62%)
BATT: Backdoor Attack with Transformation-based Triggers. (56%)
Untargeted Backdoor Attack against Object Detection. (50%)
Generative Adversarial Training Can Improve Neural Language Models. (33%)
Backdoor Defense via Suppressing Model Shortcuts. (3%)
Human-in-the-Loop Mixup. (1%)
2022-11-01
The Enemy of My Enemy is My Friend: Exploring Inverse Adversaries for Improving Adversarial Training. (99%)
LMD: A Learnable Mask Network to Detect Adversarial Examples for Speaker Verification. (99%)
DensePure: Understanding Diffusion Models towards Adversarial Robustness. (98%)
Adversarial Training with Complementary Labels: On the Benefit of Gradually Informative Attacks. (87%)
Universal Perturbation Attack on Differentiable No-Reference Image- and Video-Quality Metrics. (82%)
The Perils of Learning From Unlabeled Data: Backdoor Attacks on Semi-supervised Learning. (80%)
Maximum Likelihood Distillation for Robust Modulation Classification. (69%)
FRSUM: Towards Faithful Abstractive Summarization via Enhancing Factual Robustness. (45%)
Amplifying Membership Exposure via Data Poisoning. (22%)
ActGraph: Prioritization of Test Cases Based on Deep Neural Network Activation Graph. (13%)
2022-10-31
Scoring Black-Box Models for Adversarial Robustness. (98%)
ARDIR: Improving Robustness using Knowledge Distillation of Internal Representation. (88%)
SoK: Modeling Explainability in Security Analytics for Interpretability, Trustworthiness, and Usability. (33%)
Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy. (16%)
2022-10-30
Poison Attack and Defense on Deep Source Code Processing Models. (99%)
Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution. (99%)
Benchmarking Adversarial Patch Against Aerial Detection. (99%)
Symmetric Saliency-based Adversarial Attack To Speaker Identification. (92%)
FI-ODE: Certified and Robust Forward Invariance in Neural ODEs. (61%)
Imitating Opponent to Win: Adversarial Policy Imitation Learning in Two-player Competitive Games. (9%)
2022-10-29
On the Need of Neuromorphic Twins to Detect Denial-of-Service Attacks on Communication Networks. (10%)
2022-10-28
Universal Adversarial Directions. (99%)
Improving the Transferability of Adversarial Attacks on Face Recognition with Beneficial Perturbation Feature Augmentation. (99%)
Improving Hyperspectral Adversarial Robustness Under Multiple Attacks. (98%)
Distributed Black-box Attack against Image Classification Cloud Services. (95%)
RoChBert: Towards Robust BERT Fine-tuning for Chinese. (75%)
Robust Boosting Forests with Richer Deep Feature Hierarchy. (56%)
Localized Randomized Smoothing for Collective Robustness Certification. (26%)
Towards Reliable Neural Specifications. (11%)
On the Vulnerability of Data Points under Multiple Membership Inference Attacks and Target Models. (1%)
2022-10-27
TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems. (99%)
Isometric 3D Adversarial Examples in the Physical World. (99%)
LeNo: Adversarial Robust Salient Object Detection Networks with Learnable Noise. (92%)
TASA: Deceiving Question Answering Models by Twin Answer Sentences Attack. (92%)
Efficient and Effective Augmentation Strategy for Adversarial Training. (56%)
Noise Injection Node Regularization for Robust Learning. (2%)
Domain Adaptive Object Detection for Autonomous Driving under Foggy Weather. (1%)
2022-10-26
Improving Adversarial Robustness with Self-Paced Hard-Class Pair Reweighting. (99%)
There is more than one kind of robustness: Fooling Whisper with adversarial examples. (98%)
Disentangled Text Representation Learning with Information-Theoretic Perspective for Adversarial Robustness. (86%)
BioNLI: Generating a Biomedical NLI Dataset Using Lexico-semantic Constraints for Adversarial Examples. (75%)
EIPSIM: Modeling Secure IP Address Allocation at Cloud Scale. (11%)
V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization. (10%)
Rethinking the Reverse-engineering of Trojan Triggers. (5%)
Cover Reproducible Steganography via Deep Generative Models. (1%)
DEMIS: A Threat Model for Selectively Encrypted Visual Surveillance Data. (1%)
Privately Fine-Tuning Large Language Models with Differential Privacy. (1%)
2022-10-25
LP-BFGS attack: An adversarial attack based on the Hessian with limited pixels. (99%)
Adversarially Robust Medical Classification via Attentive Convolutional Neural Networks. (99%)
A White-Box Adversarial Attack Against a Digital Twin. (99%)
Adaptive Test-Time Defense with the Manifold Hypothesis. (98%)
Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. (98%)
Improving Adversarial Robustness via Joint Classification and Multiple Explicit Detection Classes. (98%)
Accelerating Certified Robustness Training via Knowledge Transfer. (73%)
Causal Information Bottleneck Boosts Adversarial Robustness of Deep Neural Network. (64%)
Towards Robust Recommender Systems via Triple Cooperative Defense. (61%)
Towards Formal Approximated Minimal Explanations of Neural Networks. (13%)
FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification. (13%)
A Streamlit-based Artificial Intelligence Trust Platform for Next-Generation Wireless Networks. (3%)
Robustness of Locally Differentially Private Graph Analysis Against Poisoning. (1%)
2022-10-24
Ares: A System-Oriented Wargame Framework for Adversarial ML. (99%)
SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning. (99%)
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs. (96%)
On the Robustness of Dataset Inference. (88%)
Flexible Android Malware Detection Model based on Generative Adversarial Networks with Code Tensor. (16%)
Revisiting Sparse Convolutional Model for Visual Recognition. (11%)
2022-10-23
FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning. (68%)
Adversarial Pretraining of Self-Supervised Deep Networks: Past, Present and Future. (45%)
2022-10-22
ADDMU: Detection of Far-Boundary Adversarial Examples with Data and Model Uncertainty Estimation. (99%)
Hindering Adversarial Attacks with Implicit Neural Representations. (92%)
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections. (81%)
Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games. (26%)
Precisely the Point: Adversarial Augmentations for Faithful and Informative Text Generation. (4%)
2022-10-21
Evolution of Neural Tangent Kernels under Benign and Adversarial Training. (99%)
The Dark Side of AutoML: Towards Architectural Backdoor Search. (68%)
Diffusion Visual Counterfactual Explanations. (10%)
TCAB: A Large-Scale Text Classification Attack Benchmark. (10%)
A critical review of cyber-physical security for building automation systems. (2%)
Extracted BERT Model Leaks More Information than You Think! (1%)
2022-10-20
Identifying Human Strategies for Generating Word-Level Adversarial Examples. (98%)
Are You Stealing My Model? Sample Correlation for Fingerprinting Deep Neural Networks. (98%)
Balanced Adversarial Training: Balancing Tradeoffs between Fickleness and Obstinacy in NLP Models. (98%)
Learning Sample Reweighting for Accuracy and Adversarial Robustness. (93%)
Similarity of Neural Architectures Based on Input Gradient Transferability. (86%)
New data poison attacks on machine learning classifiers for mobile exfiltration. (80%)
Attacking Motion Estimation with Adversarial Snow. (16%)
How Does a Deep Learning Model Architecture Impact Its Privacy? A Comprehensive Study of Privacy Attacks on CNNs and Transformers. (13%)
Analyzing the Robustness of Decentralized Horizontal and Vertical Federated Learning Architectures in a Non-IID Scenario. (4%)
Apple of Sodom: Hidden Backdoors in Superior Sentence Embeddings via Contrastive Learning. (3%)
LOT: Layer-wise Orthogonal Training on Improving $\ell_2$ Certified Robustness. (3%)
2022-10-19
Learning Transferable Adversarial Robust Representations via Multi-view Consistency. (99%)
Effective Targeted Attacks for Adversarial Self-Supervised Learning. (99%)
Backdoor Attack and Defense in Federated Generative Adversarial Network-based Medical Image Synthesis. (83%)
Chaos Theory and Adversarial Robustness. (73%)
Emerging Threats in Deep Learning-Based Autonomous Driving: A Comprehensive Survey. (69%)
Why Should Adversarial Perturbations be Imperceptible? Rethink the Research Paradigm in Adversarial NLP. (64%)
Model-Free Prediction of Adversarial Drop Points in 3D Point Clouds. (54%)
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information. (41%)
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning. (16%)
Variational Model Perturbation for Source-Free Domain Adaptation. (1%)
2022-10-18
Scaling Adversarial Training to Large Perturbation Bounds. (98%)
Not All Poisons are Created Equal: Robust Training against Data Poisoning. (97%)
ROSE: Robust Selective Fine-tuning for Pre-trained Language Models. (73%)
Analysis of Master Vein Attacks on Finger Vein Recognition Systems. (56%)
Training set cleansing of backdoor poisoning by self-supervised representation learning. (56%)
On the Adversarial Robustness of Mixture of Experts. (13%)
Transferable Unlearnable Examples. (8%)
Automatic Detection of Fake Key Attacks in Secure Messaging. (8%)
Improving Adversarial Robustness by Contrastive Guided Diffusion Process. (2%)
2022-10-17
Towards Generating Adversarial Examples on Mixed-type Data. (99%)
Differential Evolution based Dual Adversarial Camouflage: Fooling Human Eyes and Object Detectors. (99%)
Probabilistic Categorical Adversarial Attack & Adversarial Training. (99%)
Marksman Backdoor: Backdoor Attacks with Arbitrary Target Class. (96%)
DE-CROP: Data-efficient Certified Robustness for Pretrained Classifiers. (87%)
Beyond Model Interpretability: On the Faithfulness and Adversarial Robustness of Contrastive Textual Explanations. (78%)
Towards Fair Classification against Poisoning Attacks. (76%)
Deepfake Text Detection: Limitations and Opportunities. (41%)
You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks. (15%)
Fine-mixing: Mitigating Backdoors in Fine-tuned Language Models. (9%)
Understanding CNN Fragility When Learning With Imbalanced Data. (1%)
2022-10-16
Object-Attentional Untargeted Adversarial Attack. (99%)
Nowhere to Hide: A Lightweight Unsupervised Detector against Adversarial Examples. (99%)
ODG-Q: Robust Quantization via Online Domain Generalization. (83%)
Interpretable Machine Learning for Detection and Classification of Ransomware Families Based on API Calls. (1%)
2022-10-15
RoS-KD: A Robust Stochastic Knowledge Distillation Approach for Noisy Medical Imaging. (2%)
2022-10-14
Dynamics-aware Adversarial Attack of Adaptive Neural Networks. (89%)
When Adversarial Training Meets Vision Transformers: Recipes from Training to Architecture. (87%)
Is Face Recognition Safe from Realizable Attacks? (84%)
Expose Backdoors on the Way: A Feature-Based Efficient Defense against Textual Backdoor Attacks. (76%)
Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. (67%)
2022-10-13
Adv-Attribute: Inconspicuous and Transferable Adversarial Attack on Face Recognition. (99%)
AccelAT: A Framework for Accelerating the Adversarial Training of Deep Neural Networks through Accuracy Gradient. (99%)
Demystifying Self-supervised Trojan Attacks. (95%)
Improving Out-of-Distribution Generalization by Adversarial Training with Structured Priors. (81%)
Efficiently Computing Local Lipschitz Constants of Neural Networks via Bound Propagation. (13%)
Large-Scale Open-Set Classification Protocols for ImageNet. (2%)
SoK: How Not to Architect Your Next-Generation TEE Malware? (1%)
Feature Reconstruction Attacks and Countermeasures of DNN training in Vertical Federated Learning. (1%)
Characterizing the Influence of Graph Elements. (1%)
2022-10-12
A Game Theoretical vulnerability analysis of Adversarial Attack. (99%)
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation. (99%)
Visual Prompting for Adversarial Robustness. (99%)
Robust Models are less Over-Confident. (96%)
Double Bubble, Toil and Trouble: Enhancing Certified Robustness through Transitivity. (86%)
Efficient Adversarial Training without Attacking: Worst-Case-Aware Robust Reinforcement Learning. (82%)
COLLIDER: A Robust Training Framework for Backdoor Data. (81%)
Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork. (76%)
Few-shot Backdoor Attacks via Neural Tangent Kernels. (62%)
How to Sift Out a Clean Data Subset in the Presence of Data Poisoning? (9%)
Understanding Impacts of Task Similarity on Backdoor Attack and Detection. (2%)
When are Local Queries Useful for Robust Learning? (1%)
2022-10-11
What Can the Neural Tangent Kernel Tell Us About Adversarial Robustness? (99%)
Stable and Efficient Adversarial Training through Local Linearization. (91%)
RoHNAS: A Neural Architecture Search Framework with Conjoint Optimization for Adversarial Robustness and Hardware Efficiency of Convolutional and Capsule Networks. (86%)
Adversarial Attack Against Image-Based Localization Neural Networks. (78%)
Detecting Backdoors in Deep Text Classifiers. (76%)
Human Body Measurement Estimation with Adversarial Augmentation. (33%)
Curved Representation Space of Vision Transformers. (10%)
Zeroth-Order Hard-Thresholding: Gradient Error vs. Expansivity. (1%)
Make Sharpness-Aware Minimization Stronger: A Sparsified Perturbation Approach. (1%)
2022-10-10
Boosting Adversarial Robustness From The Perspective of Effective Margin Regularization. (92%)
Revisiting adapters with adversarial training. (88%)
Universal Adversarial Perturbations: Efficiency on a small image dataset. (81%)
Certified Training: Small Boxes are All You Need. (22%)
Denoising Masked AutoEncoders Help Robust Classification. (1%)
2022-10-09
Pruning Adversarially Robust Neural Networks without Adversarial Examples. (99%)
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective. (99%)
Online Training Through Time for Spiking Neural Networks. (1%)
2022-10-08
FedDef: Defense Against Gradient Leakage in Federated Learning-based Network Intrusion Detection Systems. (99%)
Symmetry Defense Against CNN Adversarial Perturbation Attacks. (99%)
Robustness of Unsupervised Representation Learning without Labels. (54%)
2022-10-07
Adversarially Robust Prototypical Few-shot Segmentation with Neural-ODEs. (99%)
Pre-trained Adversarial Perturbations. (99%)
ViewFool: Evaluating the Robustness of Visual Recognition to Adversarial Viewpoints. (93%)
Game-Theoretic Understanding of Misclassification. (47%)
A2: Efficient Automated Attacker for Boosting Adversarial Training. (41%)
NMTSloth: Understanding and Testing Efficiency Degradation of Neural Machine Translation Systems. (13%)
Mind Your Data! Hiding Backdoors in Offline Reinforcement Learning Datasets. (9%)
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. (2%)
Improving Fine-Grain Segmentation via Interpretable Modifications: A Case Study in Fossil Segmentation. (1%)
2022-10-06
Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems. (99%)
Enhancing Code Classification by Mixup-Based Data Augmentation. (96%)
Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection. (92%)
On Optimal Learning Under Targeted Data Poisoning. (82%)
Towards Out-of-Distribution Adversarial Robustness. (73%)
InferES : A Natural Language Inference Corpus for Spanish Featuring Negation-Based Contrastive and Adversarial Examples. (61%)
Unsupervised Domain Adaptation for COVID-19 Information Service with Contrastive Adversarial Domain Mixup. (41%)
Synthetic Dataset Generation for Privacy-Preserving Machine Learning. (2%)
Enhancing Mixup-Based Graph Learning for Language Processing via Hybrid Pooling. (1%)
Bad Citrus: Reducing Adversarial Costs with Model Distances. (1%)
2022-10-05
Natural Color Fool: Towards Boosting Black-box Unrestricted Attacks. (99%)
Dynamic Stochastic Ensemble with Adversarial Robust Lottery Ticket Subnetworks. (98%)
On Adversarial Robustness of Deep Image Deblurring. (83%)
A Closer Look at Robustness to L-infinity and Spatial Perturbations and their Composition. (81%)
Jitter Does Matter: Adapting Gaze Estimation to New Domains. (78%)
Image Masking for Robust Self-Supervised Monocular Depth Estimation. (38%)
Over-the-Air Federated Learning with Privacy Protection via Correlated Additive Perturbations. (38%)
2022-10-04
Rethinking Lipschitz Neural Networks and Certified Robustness: A Boolean Function Perspective. (97%)
Robust Fair Clustering: A Novel Fairness Attack and Defense Framework. (93%)
A Study on the Efficiency and Generalization of Light Hybrid Retrievers. (86%)
Practical Adversarial Attacks on Spatiotemporal Traffic Forecasting Models. (81%)
Invariant Aggregator for Defending Federated Backdoor Attacks. (80%)
On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses. (75%)
Robustness Certification of Visual Perception Models via Camera Motion Smoothing. (70%)
Backdoor Attacks in the Supply Chain of Masked Image Modeling. (68%)
CADet: Fully Self-Supervised Anomaly Detection With Contrastive Learning. (67%)
2022-10-03
MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples. (99%)
Push-Pull: Characterizing the Adversarial Robustness for Audio-Visual Active Speaker Detection. (97%)
Stability Analysis and Generalization Bounds of Adversarial Training. (96%)
On Attacking Out-Domain Uncertainty Estimation in Deep Neural Networks. (92%)
Decompiling x86 Deep Neural Network Executables. (83%)
Strength-Adaptive Adversarial Training. (80%)
ASGNN: Graph Neural Networks with Adaptive Structure. (68%)
UnGANable: Defending Against GAN-based Face Manipulation. (2%)
2022-10-02
Adaptive Smoothness-weighted Adversarial Training for Multiple Perturbations with Its Stability Analysis. (99%)
Understanding Adversarial Robustness Against On-manifold Adversarial Examples. (99%)
FLCert: Provably Secure Federated Learning against Poisoning Attacks. (74%)
Optimization for Robustness Evaluation beyond $\ell_p$ Metrics. (16%)
Automated Security Analysis of Exposure Notification Systems. (1%)
2022-10-01
DeltaBound Attack: Efficient decision-based attack in low queries regime. (96%)
Adversarial Attacks on Transformers-Based Malware Detectors. (91%)
Voice Spoofing Countermeasures: Taxonomy, State-of-the-art, experimental analysis of generalizability, open challenges, and the way forward. (5%)
2022-09-30
Your Out-of-Distribution Detection Method is Not Robust! (99%)
Learning Robust Kernel Ensembles with Kernel Average Pooling. (99%)
Adversarial Robustness of Representation Learning for Knowledge Graphs. (95%)
Hiding Visual Information via Obfuscating Adversarial Perturbations. (92%)
On the tightness of linear relaxation based robustness certification methods. (78%)
Data Poisoning Attacks Against Multimodal Encoders. (73%)
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. (70%)
2022-09-29
Physical Adversarial Attack meets Computer Vision: A Decade Survey. (99%)
Towards Lightweight Black-Box Attacks against Deep Neural Networks. (99%)
Generalizability of Adversarial Robustness Under Distribution Shifts. (83%)
Digital and Physical Face Attacks: Reviewing and One Step Further. (2%)
Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks. (1%)
2022-09-28
A Survey on Physical Adversarial Attack in Computer Vision. (99%)
Exploring the Relationship between Architecture and Adversarially Robust Generalization. (99%)
A Closer Look at Evaluating the Bit-Flip Attack Against Deep Neural Networks. (67%)
Supervised Contrastive Learning as Multi-Objective Optimization for Fine-Tuning Large Pre-trained Language Models. (47%)
On the Robustness of Random Forest Against Untargeted Data Poisoning: An Ensemble-Based Approach. (31%)
CALIP: Zero-Shot Enhancement of CLIP with Parameter-free Attention. (1%)
Improving alignment of dialogue agents via targeted human judgements. (1%)
2022-09-27
Suppress with a Patch: Revisiting Universal Adversarial Patch Attacks against Object Detection. (74%)
Inducing Data Amplification Using Auxiliary Datasets in Adversarial Training. (33%)
Attacking Compressed Vision Transformers. (33%)
Mitigating Attacks on Artificial Intelligence-based Spectrum Sensing for Cellular Network Signals. (8%)
Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection. (5%)
Reconstruction-guided attention improves the robustness and shape processing of neural networks. (2%)
A Learning-based Honeypot Game for Collaborative Defense in UAV Networks. (1%)
Stability Via Adversarial Training of Neural Network Stochastic Control of Mean-Field Type. (1%)
Measuring Overfitting in Convolutional Neural Networks using Adversarial Perturbations and Label Noise. (1%)
2022-09-26
FG-UAP: Feature-Gathering Universal Adversarial Perturbation. (99%)
Activation Learning by Local Competitions. (64%)
Multi-Task Adversarial Training Algorithm for Multi-Speaker Neural Text-to-Speech. (1%)
Greybox XAI: a Neural-Symbolic learning framework to produce interpretable predictions for image classification. (1%)
2022-09-25
SPRITZ-1.5C: Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks. (81%)
2022-09-24
Approximate better, Attack stronger: Adversarial Example Generation via Asymptotically Gaussian Mixture Distribution. (99%)
2022-09-23
The "Beatrix'' Resurrections: Robust Backdoor Detection via Gram Matrices. (13%)
2022-09-22
Privacy Attacks Against Biometric Models with Fewer Samples: Incorporating the Output of Multiple Models. (50%)
2022-09-21
Fair Robust Active Learning by Joint Inconsistency. (99%)
Toy Models of Superposition. (45%)
DARTSRepair: Core-failure-set Guided DARTS for Network Robustness to Common Corruptions. (13%)
Fairness Reprogramming. (1%)
2022-09-20
Understanding Real-world Threats to Deep Learning Models in Android Apps. (99%)
Audit and Improve Robustness of Private Neural Networks on Encrypted Data. (99%)
GAMA: Generative Adversarial Multi-Object Scene Attacks. (99%)
Sparse Vicious Attacks on Graph Neural Networks. (98%)
Leveraging Local Patch Differences in Multi-Object Scenes for Generative Adversarial Attacks. (98%)
Rethinking Data Augmentation in Knowledge Distillation for Object Detection. (68%)
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. (1%)
EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware. (1%)
2022-09-19
Adversarial Catoptric Light: An Effective, Stealthy and Robust Physical-World Attack to DNNs. (99%)
Adversarial Color Projection: A Projector-Based Physical Attack to DNNs. (99%)
2022-09-18
On the Adversarial Transferability of ConvMixer Models. (99%)
AdvDO: Realistic Adversarial Attacks for Trajectory Prediction. (96%)
Distribution inference risks: Identifying and mitigating sources of leakage. (1%)
2022-09-17
Watch What You Pretrain For: Targeted, Transferable Adversarial Examples on Self-Supervised Speech Recognition models. (99%)
Characterizing Internal Evasion Attacks in Federated Learning. (98%)
A study on the deviations in performance of FNNs and CNNs in the realm of grayscale adversarial images. (4%)
2022-09-16
Robust Ensemble Morph Detection with Domain Generalization. (99%)
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection. (99%)
Enhance the Visual Representation via Discrete Adversarial Training. (97%)
Model Inversion Attacks against Graph Neural Networks. (92%)
PointCAT: Contrastive Adversarial Training for Robust Point Cloud Recognition. (62%)
Cascading Failures in Power Grids. (33%)
Dataset Inference for Self-Supervised Models. (16%)
On the Robustness of Graph Neural Diffusion to Topology Perturbations. (15%)
A Systematic Evaluation of Node Embedding Robustness. (11%)
2022-09-15
Improving Robust Fairness via Balance Adversarial Training. (99%)
A Light Recipe to Train Robust Vision Transformers. (98%)
Part-Based Models Improve Adversarial Robustness. (92%)
Explicit Tradeoffs between Adversarial and Natural Distributional Robustness. (80%)
Adversarially Robust Learning: A Generic Minimax Optimal Learner and Characterization. (80%)
Defending Root DNS Servers Against DDoS Using Layered Defenses. (15%)
BadRes: Reveal the Backdoors through Residual Connection. (2%)
Adversarial Cross-View Disentangled Graph Contrastive Learning. (1%)
Towards Improving Calibration in Object Detection Under Domain Shift. (1%)
2022-09-14
Robust Transferable Feature Extractors: Learning to Defend Pre-Trained Networks Against White Box Adversaries. (99%)
PointACL:Adversarial Contrastive Learning for Robust Point Clouds Representation under Adversarial Attack. (99%)
Certified Robustness to Word Substitution Ranking Attack for Neural Ranking Models. (99%)
Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models. (97%)
On the interplay of adversarial robustness and architecture components: patches, convolution and attention. (67%)
M^4I: Multi-modal Models Membership Inference. (54%)
Finetuning Pretrained Vision-Language Models with Correlation Information Bottleneck for Robust Visual Question Answering. (12%)
Robust Constrained Reinforcement Learning. (9%)
2022-09-13
Adversarial Coreset Selection for Efficient Robust Training. (99%)
TSFool: Crafting High-quality Adversarial Time Series through Multi-objective Optimization to Fool Recurrent Neural Network Classifiers. (99%)
PINCH: An Adversarial Extraction Attack Framework for Deep Learning Models. (92%)
Certified Defences Against Adversarial Patch Attacks on Semantic Segmentation. (78%)
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks. (68%)
ADMM based Distributed State Observer Design under Sparse Sensor Attacks. (22%)
A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation Is the Fixed Point of Adversarial Game. (15%)
Defense against Privacy Leakage in Federated Learning. (12%)
Federated Learning based on Defending Against Data Poisoning Attacks in IoT. (1%)
2022-09-12
Adaptive Perturbation Generation for Multiple Backdoors Detection. (95%)
CARE: Certifiably Robust Learning with Reasoning via Variational Inference. (75%)
Sample Complexity of an Adversarial Attack on UCB-based Best-arm Identification Policy. (69%)
Boosting Robustness Verification of Semantic Feature Neighborhoods. (54%)
Semantic-Preserving Adversarial Code Comprehension. (1%)
Holistic Segmentation. (1%)
Class-Level Logit Perturbation. (1%)
2022-09-11
Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization. (99%)
Generate novel and robust samples from data: accessible sharing without privacy concerns. (5%)
2022-09-10
Scattering Model Guided Adversarial Examples for SAR Target Recognition: Attack and Defense. (99%)
2022-09-09
The Space of Adversarial Strategies. (99%)
Defend Data Poisoning Attacks on Voice Authentication. (54%)
Robust-by-Design Classification via Unitary-Gradient Neural Networks. (41%)
Robust and Lossless Fingerprinting of Deep Neural Networks via Pooled Membership Inference. (10%)
Saliency Guided Adversarial Training for Learning Generalizable Features with Applications to Medical Imaging Classification System. (1%)
2022-09-08
Incorporating Locality of Images to Generate Targeted Transferable Adversarial Examples. (99%)
Evaluating the Security of Aircraft Systems. (92%)
Unraveling the Connections between Privacy and Certified Robustness in Federated Learning Against Poisoning Attacks. (62%)
A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms. (1%)
FADE: Enabling Large-Scale Federated Adversarial Training on Resource-Constrained Edge Devices. (1%)
2022-09-07
On the Transferability of Adversarial Examples between Encrypted Models. (99%)
Securing the Spike: On the Transferabilty and Security of Spiking Neural Networks to Adversarial Examples. (99%)
Reward Delay Attacks on Deep Reinforcement Learning. (70%)
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems. (47%)
Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. (15%)
Physics-Guided Adversarial Machine Learning for Aircraft Systems Simulation. (1%)
Hardware faults that matter: Understanding and Estimating the safety impact of hardware faults on object detection DNNs. (1%)
MalDetConv: Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques. (1%)
2022-09-06
Instance Attack:An Explanation-based Vulnerability Analysis Framework Against DNNs for Malware Detection. (99%)
Bag of Tricks for FGSM Adversarial Training. (96%)
Improving Robustness to Out-of-Distribution Data by Frequency-based Augmentation. (82%)
Defending Against Backdoor Attack on Graph Nerual Network by Explainability. (80%)
MACAB: Model-Agnostic Clean-Annotation Backdoor to Object Detection with Natural Trigger in Real-World. (56%)
Multimodal contrastive learning for remote sensing tasks. (1%)
Annealing Optimization for Progressive Learning with Stochastic Approximation. (1%)
Interpretations Steered Network Pruning via Amortized Inferred Saliency Maps. (1%)
A Survey of Machine Unlearning. (1%)
2022-09-05
Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples. (98%)
White-Box Adversarial Policies in Deep Reinforcement Learning. (98%)
"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. (69%)
Adversarial Detection: Attacking Object Detection in Real Time. (64%)
PromptAttack: Prompt-based Attack for Language Models via Gradient Search. (16%)
Federated Zero-Shot Learning for Visual Recognition. (2%)
Improving Out-of-Distribution Detection via Epistemic Uncertainty Adversarial Training. (2%)
2022-09-04
An Adaptive Black-box Defense against Trojan Attacks (TrojDef). (98%)
Hide & Seek: Seeking the (Un)-Hidden key in Provably-Secure Logic Locking Techniques. (11%)
Synergistic Redundancy: Towards Verifiable Safety for Autonomous Vehicles. (1%)
2022-09-02
Adversarial Color Film: Effective Physical-World Attack to DNNs. (98%)
Impact of Scaled Image on Robustness of Deep Neural Networks. (98%)
Property inference attack; Graph neural networks; Privacy attacks and defense; Trustworthy machine learning. (95%)
Impact of Colour Variation on Robustness of Deep Neural Networks. (92%)
Scalable Adversarial Attack Algorithms on Influence Maximization. (68%)
Are Attribute Inference Attacks Just Imputation? (31%)
Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well? (9%)
Revisiting Outer Optimization in Adversarial Training. (5%)
2022-09-01
Adversarial for Social Privacy: A Poisoning Strategy to Degrade User Identity Linkage. (98%)
Universal Fourier Attack for Time Series. (12%)
2022-08-31
Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning. (99%)
Unrestricted Adversarial Samples Based on Non-semantic Feature Clusters Substitution. (99%)
Membership Inference Attacks by Exploiting Loss Trajectory. (70%)
Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. (13%)
Feature Alignment by Uncertainty and Self-Training for Source-Free Unsupervised Domain Adaptation. (1%)
Vulnerability of Distributed Inverter VAR Control in PV Distributed Energy System. (1%)
MA-RECON: Mask-aware deep-neural-network for robust fast MRI k-space interpolation. (1%)
2022-08-30
A Black-Box Attack on Optical Character Recognition Systems. (99%)
Robustness and invariance properties of image classifiers. (99%)
Solving the Capsulation Attack against Backdoor-based Deep Neural Network Watermarks by Reversing Triggers. (1%)
Constraining Representations Yields Models That Know What They Don't Know. (1%)
2022-08-29
Towards Adversarial Purification using Denoising AutoEncoders. (99%)
Reducing Certified Regression to Certified Classification for General Poisoning Attacks. (54%)
Interpreting Black-box Machine Learning Models for High Dimensional Datasets. (1%)
2022-08-28
Cross-domain Cross-architecture Black-box Attacks on Fine-tuned Models with Transferred Evolutionary Strategies. (99%)
2022-08-27
Adversarial Robustness for Tabular Data through Cost and Utility Awareness. (99%)
SA: Sliding attack for synthetic speech detection with resistance to clipping and self-splicing. (99%)
TrojViT: Trojan Insertion in Vision Transformers. (15%)
Overparameterized (robust) models from computational constraints. (13%)
RL-DistPrivacy: Privacy-Aware Distributed Deep Inference for low latency IoT systems. (1%)
2022-08-26
What Does the Gradient Tell When Attacking the Graph Structure. (69%)
Network-Level Adversaries in Federated Learning. (54%)
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. (45%)
Lower Difficulty and Better Robustness: A Bregman Divergence Perspective for Adversarial Training. (4%)
2022-08-25
Semantic Preserving Adversarial Attack Generation with Autoencoder and Genetic Algorithm. (99%)
SNAP: Efficient Extraction of Private Properties with Poisoning. (89%)
FuncFooler: A Practical Black-box Attack Against Learning-based Binary Code Similarity Detection Methods. (78%)
Robust Prototypical Few-Shot Organ Segmentation with Regularized Neural-ODEs. (31%)
Calibrated Selective Classification. (15%)
XDRI Attacks - and - How to Enhance Resilience of Residential Routers. (4%)
FedPrompt: Communication-Efficient and Privacy Preserving Prompt Tuning in Federated Learning. (1%)
2022-08-24
Attacking Neural Binary Function Detection. (99%)
Unrestricted Black-box Adversarial Attack Using GAN with Limited Queries. (99%)
Trace and Detect Adversarial Attacks on CNNs using Feature Response Maps. (98%)
A Perturbation Resistant Transformation and Classification System for Deep Neural Networks. (98%)
Rethinking Cost-sensitive Classification in Deep Learning via Adversarial Data Augmentation. (92%)
Bidirectional Contrastive Split Learning for Visual Question Answering. (38%)
2022-08-23
Towards an Awareness of Time Series Anomaly Detection Models' Adversarial Vulnerability. (99%)
Adversarial Vulnerability of Temporal Feature Networks for Object Detection. (99%)
Transferability Ranking of Adversarial Examples. (99%)
Auditing Membership Leakages of Multi-Exit Networks. (76%)
A Comprehensive Study of Real-Time Object Detection Networks Across Multiple Domains: A Survey. (13%)
Robust DNN Watermarking via Fixed Embedding Weights with Optimized Distribution. (10%)
2022-08-22
Fight Fire With Fire: Reversing Skin Adversarial Examples by Multiscale Diffusive and Denoising Aggregation Mechanism. (99%)
Hierarchical Perceptual Noise Injection for Social Media Fingerprint Privacy Protection. (98%)
Different Spectral Representations in Optimized Artificial Neural Networks and Brains. (93%)
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models. (87%)
BARReL: Bottleneck Attention for Adversarial Robustness in Vision-Based Reinforcement Learning. (86%)
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN. (62%)
Toward Better Target Representation for Source-Free and Black-Box Domain Adaptation. (31%)
Optimal Bootstrapping of PoW Blockchains. (1%)
2022-08-21
PointDP: Diffusion-driven Purification against Adversarial Attacks on 3D Point Cloud Recognition. (99%)
Inferring Sensitive Attributes from Model Explanations. (56%)
Byzantines can also Learn from History: Fall of Centered Clipping in Federated Learning. (10%)
MockingBERT: A Method for Retroactively Adding Resilience to NLP Models. (4%)
NOSMOG: Learning Noise-robust and Structure-aware MLPs on Graphs. (1%)
A Unified Analysis of Mixed Sample Data Augmentation: A Loss Function Perspective. (1%)
2022-08-20
Analyzing Adversarial Robustness of Vision Transformers against Spatial and Spectral Attacks. (86%)
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes. (33%)
Sensor Security: Current Progress, Research Challenges, and Future Roadmap. (10%)
Evaluating Out-of-Distribution Detectors Through Adversarial Generation of Outliers. (5%)
Adversarial contamination of networks in the setting of vertex nomination: a new trimming method. (1%)
2022-08-19
Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks. (99%)
Gender Bias and Universal Substitution Adversarial Attacks on Grammatical Error Correction Systems for Automated Assessment. (92%)
Dispersed Pixel Perturbation-based Imperceptible Backdoor Trigger for Image Classifier Models. (76%)
A Novel Plug-and-Play Approach for Adversarially Robust Generalization. (54%)
SAFARI: Versatile and Efficient Evaluations for Robustness of Interpretability. (8%)
UKP-SQuARE v2 Explainability and Adversarial Attacks for Trustworthy QA. (1%)
2022-08-18
Resisting Adversarial Attacks in Deep Neural Networks using Diverse Decision Boundaries. (99%)
Enhancing Targeted Attack Transferability via Diversified Weight Pruning. (99%)
Enhancing Diffusion-Based Image Synthesis with Robust Classifier Guidance. (45%)
Reverse Engineering of Integrated Circuits: Tools and Techniques. (33%)
DAFT: Distilling Adversarially Fine-tuned Models for Better OOD Generalization. (10%)
Discovering Bugs in Vision Models using Off-the-shelf Image Generation and Captioning. (3%)
Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy. (2%)
Profiler: Profile-Based Model to Detect Phishing Emails. (1%)
2022-08-17
Two Heads are Better than One: Robust Learning Meets Multi-branch Models. (99%)
An Evolutionary, Gradient-Free, Query-Efficient, Black-Box Algorithm for Generating Adversarial Instances in Deep Networks. (99%)
Shadows Aren't So Dangerous After All: A Fast and Robust Defense Against Shadow-Based Adversarial Attacks. (98%)
Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System. (70%)
An Efficient Multi-Step Framework for Malware Packing Identification. (41%)
An Empirical Study on the Membership Inference Attack against Tabular Data Synthesis Models. (26%)
Efficient Detection and Filtering Systems for Distributed Training. (26%)
On the Privacy Effect of Data Enhancement via the Lens of Memorization. (10%)
ObfuNAS: A Neural Architecture Search-based DNN Obfuscation Approach. (2%)
DF-Captcha: A Deepfake Captcha for Preventing Fake Calls. (1%)
Analyzing Robustness of End-to-End Neural Models for Automatic Speech Recognition. (1%)
2022-08-16
A Context-Aware Approach for Textual Adversarial Attack through Probability Difference Guided Beam Search. (82%)
Imperceptible and Robust Backdoor Attack in 3D Point Cloud. (68%)
AutoCAT: Reinforcement Learning for Automated Exploration of Cache-Timing Attacks. (13%)
Investigating the Impact of Model Width and Density on Generalization in Presence of Label Noise. (1%)
2022-08-15
Man-in-the-Middle Attack against Object Detection Systems. (96%)
MENLI: Robust Evaluation Metrics from Natural Language Inference. (92%)
Training-Time Attacks against k-Nearest Neighbors. (2%)
CTI4AI: Threat Intelligence Generation and Sharing after Red Teaming AI Models. (1%)
2022-08-14
A Multi-objective Memetic Algorithm for Auto Adversarial Attack Optimization Design. (99%)
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection. (92%)
InvisibiliTee: Angle-agnostic Cloaking from Person-Tracking Systems with a Tee. (92%)
Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning. (67%)
2022-08-13
Revisiting Adversarial Attacks on Graph Neural Networks for Graph Classification. (99%)
Friendly Noise against Adversarial Noise: A Powerful Defense against Data Poisoning Attacks. (99%)
Confidence Matters: Inspecting Backdoors in Deep Neural Networks via Distribution Transfer. (62%)
2022-08-12
Scale-free and Task-agnostic Attack: Generating Photo-realistic Adversarial Patterns with Patch Quilting Generator. (99%)
MaskBlock: Transferable Adversarial Examples with Bayes Approach. (99%)
Defensive Distillation based Adversarial Attacks Mitigation Method for Channel Estimation using Deep Learning Models in Next-Generation Wireless Networks. (98%)
Unifying Gradients to Improve Real-world Robustness for Deep Networks. (96%)
A Knowledge Distillation-Based Backdoor Attack in Federated Learning. (93%)
Dropout is NOT All You Need to Prevent Gradient Leakage. (62%)
Defense against Backdoor Attacks via Identifying and Purifying Bad Neurons. (2%)
PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data. (2%)
2022-08-11
Diverse Generative Perturbations on Attention Space for Transferable Adversarial Attacks. (99%)
General Cutting Planes for Bound-Propagation-Based Neural Network Verification. (68%)
On deceiving malware classification with section injection. (5%)
A Probabilistic Framework for Mutation Testing in Deep Neural Networks. (1%)
Safety and Performance, Why not Both? Bi-Objective Optimized Model Compression toward AI Software Deployment. (1%)
Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone. (1%)
2022-08-10
Explaining Machine Learning DGA Detectors from DNS Traffic Data. (13%)
A Sublinear Adversarial Training Algorithm. (3%)
DVR: Micro-Video Recommendation Optimizing Watch-Time-Gain under Duration Bias. (1%)
2022-08-09
Adversarial Machine Learning-Based Anticipation of Threats Against Vehicle-to-Microgrid Services. (98%)
Reducing Exploitability with Population Based Training. (67%)
Robust Machine Learning for Malware Detection over Time. (9%)
2022-08-08
Robust and Imperceptible Black-box DNN Watermarking Based on Fourier Perturbation Analysis and Frequency Sensitivity Clustering. (75%)
PerD: Perturbation Sensitivity-based Neural Trojan Detection Framework on NLP Applications. (67%)
Adversarial robustness of VAEs through the lens of local geometry. (47%)
AWEncoder: Adversarial Watermarking Pre-trained Encoders in Contrastive Learning. (26%)
Abutting Grating Illusion: Cognitive Challenge to Neural Network Models. (1%)
Testing of Machine Learning Models with Limited Samples: An Industrial Vacuum Pumping Application. (1%)
2022-08-07
Federated Adversarial Learning: A Framework with Convergence Analysis. (80%)
Are Gradients on Graph Structure Reliable in Gray-box Attacks? (13%)
2022-08-06
Blackbox Attacks via Surrogate Ensemble Search. (99%)
On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning. (22%)
Preventing or Mitigating Adversarial Supply Chain Attacks; a legal analysis. (3%)
2022-08-05
Adversarial Robustness of MR Image Reconstruction under Realistic Perturbations. (73%)
Data-free Backdoor Removal based on Channel Lipschitzness. (64%)
Lethal Dose Conjecture on Data Poisoning. (2%)
LCCDE: A Decision-Based Ensemble Framework for Intrusion Detection in The Internet of Vehicles. (1%)
Almost-Orthogonal Layers for Efficient General-Purpose Lipschitz Networks. (1%)
2022-08-04
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image Classification. (99%)
2022-08-03
Spectrum Focused Frequency Adversarial Attacks for Automatic Modulation Classification. (99%)
Design of secure and robust cognitive system for malware detection. (99%)
A New Kind of Adversarial Example. (99%)
Adversarial Attacks on ASR Systems: An Overview. (98%)
Multiclass ASMA vs Targeted PGD Attack in Image Segmentation. (96%)
MOVE: Effective and Harmless Ownership Verification via Embedded External Features. (84%)
Robust Graph Neural Networks using Weighted Graph Laplacian. (13%)
2022-08-02
Adversarial Camouflage for Node Injection Attack on Graphs. (81%)
Success of Uncertainty-Aware Deep Models Depends on Data Manifold Geometry. (2%)
SCFI: State Machine Control-Flow Hardening Against Fault Attacks. (1%)
2022-08-01
GeoECG: Data Augmentation via Wasserstein Geodesic Perturbation for Robust Electrocardiogram Prediction. (98%)
Understanding Adversarial Robustness of Vision Transformers via Cauchy Problem. (81%)
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel. (75%)
Attacking Adversarial Defences by Smoothing the Loss Landscape. (26%)
2022-07-31
DNNShield: Dynamic Randomized Model Sparsification, A Defense Against Adversarial Machine Learning. (99%)
Robust Real-World Image Super-Resolution against Adversarial Attacks. (99%)
Is current research on adversarial robustness addressing the right problem? (97%)
2022-07-30
enpheeph: A Fault Injection Framework for Spiking and Compressed Deep Neural Networks. (5%)
CoNLoCNN: Exploiting Correlation and Non-Uniform Quantization for Energy-Efficient Low-precision Deep Convolutional Neural Networks. (2%)
2022-07-29
Robust Trajectory Prediction against Adversarial Attacks. (99%)
Sampling Attacks on Meta Reinforcement Learning: A Minimax Formulation and Complexity Analysis. (56%)
2022-07-28
Pro-tuning: Unified Prompt Tuning for Vision Tasks. (1%)
2022-07-27
Point Cloud Attacks in Graph Spectral Domain: When 3D Geometry Meets Graph Signal Processing. (96%)
Look Closer to Your Enemy: Learning to Attack via Teacher-student Mimicking. (91%)
Membership Inference Attacks via Adversarial Examples. (73%)
Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips. (69%)
DynaMarks: Defending Against Deep Learning Model Extraction Using Dynamic Watermarking. (47%)
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks. (22%)
Generative Steganography Network. (1%)
2022-07-26
LGV: Boosting Adversarial Example Transferability from Large Geometric Vicinity. (99%)
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. (99%)
Generative Extraction of Audio Classifiers for Speaker Identification. (73%)
Toward Transparent AI: A Survey on Interpreting the Inner Structures of Deep Neural Networks. (8%)
2022-07-25
$p$-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations. (99%)
Improving Adversarial Robustness via Mutual Information Estimation. (99%)
SegPGD: An Effective and Efficient Adversarial Attack for Evaluating and Boosting Segmentation Robustness. (99%)
Jigsaw-ViT: Learning Jigsaw Puzzles in Vision Transformer. (75%)
Technical Report: Assisting Backdoor Federated Learning with Whole Population Knowledge Alignment. (9%)
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning. (2%)
2022-07-24
Versatile Weight Attack via Flipping Limited Bits. (86%)
Can we achieve robustness from data alone? (82%)
Proving Common Mechanisms Shared by Twelve Methods of Boosting Adversarial Transferability. (69%)
Privacy Against Inference Attacks in Vertical Federated Learning. (2%)
Semantic-guided Multi-Mask Image Harmonization. (1%)
2022-07-22
Do Perceptually Aligned Gradients Imply Adversarial Robustness? (99%)
Provable Defense Against Geometric Transformations. (47%)
Aries: Efficient Testing of Deep Neural Networks via Labeling-Free Accuracy Estimation. (41%)
Learning from Multiple Annotator Noisy Labels via Sample-wise Label Fusion. (1%)
2022-07-21
Synthetic Dataset Generation for Adversarial Machine Learning Research. (99%)
Careful What You Wish For: on the Extraction of Adversarially Trained Models. (99%)
Rethinking Textual Adversarial Defense for Pre-trained Language Models. (99%)
AugRmixAT: A Data Processing and Training Method for Improving Multiple Robustness and Generalization Performance. (98%)
Knowledge-enhanced Black-box Attacks for Recommendations. (92%)
Towards Efficient Adversarial Training on Vision Transformers. (92%)
Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation. (87%)
Contrastive Self-Supervised Learning Leads to Higher Adversarial Susceptibility. (83%)
Generating and Detecting True Ambiguity: A Forgotten Danger in DNN Supervision Testing. (22%)
2022-07-20
Switching One-Versus-the-Rest Loss to Increase the Margin of Logits for Adversarial Robustness. (99%)
Illusory Attacks: Detectability Matters in Adversarial Attacks on Sequential Decision-Makers. (98%)
Test-Time Adaptation via Conjugate Pseudo-labels. (10%)
Malware Triage Approach using a Task Memory based on Meta-Transfer Learning Framework. (9%)
A temporally and spatially local spike-based backpropagation algorithm to enable training in hardware. (1%)
2022-07-19
Robust Multivariate Time-Series Forecasting: Adversarial Attacks and Defense Mechanisms. (99%)
FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients. (41%)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond. (26%)
Assaying Out-Of-Distribution Generalization in Transfer Learning. (1%)
2022-07-18
Defending Substitution-Based Profile Pollution Attacks on Sequential Recommenders. (99%)
Prior-Guided Adversarial Initialization for Fast Adversarial Training. (99%)
Decorrelative Network Architecture for Robust Electrocardiogram Classification. (99%)
Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence. (96%)
Adversarial Pixel Restoration as a Pretext Task for Transferable Perturbations. (91%)
Easy Batch Normalization. (69%)
Adversarial Contrastive Learning via Asymmetric InfoNCE. (61%)
Using Anomaly Detection to Detect Poisoning Attacks in Federated Learning Applications. (22%)
A Certifiable Security Patch for Object Tracking in Self-Driving Systems via Historical Deviation Modeling. (10%)
Benchmarking Machine Learning Robustness in Covid-19 Genome Sequence Classification. (2%)
2022-07-17
Watermark Vaccine: Adversarial Attacks to Prevent Watermark Removal. (99%)
Threat Model-Agnostic Adversarial Defense using Diffusion Models. (99%)
Achieve Optimal Adversarial Accuracy for Adversarial Deep Learning using Stackelberg Game. (96%)
Automated Repair of Neural Networks. (16%)
2022-07-16
DIMBA: Discretely Masked Black-Box Attack in Single Object Tracking. (99%)
Certified Neural Network Watermarks with Randomized Smoothing. (1%)
Progress and limitations of deep networks to recognize objects in unusual poses. (1%)
Exploring The Resilience of Control Execution Skips against False Data Injection Attacks. (1%)
MixTailor: Mixed Gradient Aggregation for Robust Learning Against Tailored Attacks. (1%)
2022-07-15
Towards the Desirable Decision Boundary by Moderate-Margin Adversarial Training. (99%)
CARBEN: Composite Adversarial Robustness Benchmark. (98%)
Masked Spatial-Spectral Autoencoders Are Excellent Hyperspectral Defenders. (68%)
Feasibility of Inconspicuous GAN-generated Adversarial Patches against Object Detection. (10%)
PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. (5%)
3DVerifier: Efficient Robustness Verification for 3D Point Cloud Models. (1%)
2022-07-14
Adversarial Examples for Model-Based Control: A Sensitivity Analysis. (98%)
Adversarial Attacks on Monocular Pose Estimation. (98%)
Provably Adversarially Robust Nearest Prototype Classifiers. (83%)
Improving Task-free Continual Learning by Distributionally Robust Memory Evolution. (70%)
RSD-GAN: Regularized Sobolev Defense GAN Against Speech-to-Text Adversarial Attacks. (67%)
Sound Randomized Smoothing in Floating-Point Arithmetics. (50%)
Audio-guided Album Cover Art Generation with Genetic Algorithms. (38%)
Distance Learner: Incorporating Manifold Prior to Model Training. (16%)
Active Data Pattern Extraction Attacks on Generative Language Models. (11%)
Contrastive Adapters for Foundation Model Group Robustness. (1%)
Lipschitz Bound Analysis of Neural Networks. (1%)
2022-07-13
Perturbation Inactivation Based Adversarial Defense for Face Recognition. (99%)
On the Robustness of Bayesian Neural Networks to Adversarial Attacks. (93%)
Adversarially-Aware Robust Object Detector. (91%)
PIAT: Physics Informed Adversarial Training for Solving Partial Differential Equations. (15%)
Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities. (10%)
Interactive Machine Learning: A State of the Art Review. (4%)
Sample-dependent Adaptive Temperature Scaling for Improved Calibration. (2%)
DiverGet: A Search-Based Software Testing Approach for Deep Neural Network Quantization Assessment. (1%)
2022-07-12
Exploring Adversarial Examples and Adversarial Robustness of Convolutional Neural Networks by Mutual Information. (99%)
Adversarial Robustness Assessment of NeuroEvolution Approaches. (99%)
Frequency Domain Model Augmentation for Adversarial Attack. (99%)
Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware. (92%)
Game of Trojans: A Submodular Byzantine Approach. (87%)
Bi-fidelity Evolutionary Multiobjective Search for Adversarially Robust Deep Neural Architectures. (84%)
Certified Adversarial Robustness via Anisotropic Randomized Smoothing. (76%)
RelaxLoss: Defending Membership Inference Attacks without Losing Utility. (26%)
Verifying Attention Robustness of Deep Neural Networks against Semantic Perturbations. (5%)
Markov Decision Process For Automatic Cyber Defense. (4%)
Estimating Test Performance for AI Medical Devices under Distribution Shift with Conformal Prediction. (1%)
Backdoor Attacks on Crowd Counting. (1%)
2022-07-11
Statistical Detection of Adversarial examples in Blockchain-based Federated Forest In-vehicle Network Intrusion Detection Systems. (99%)
RUSH: Robust Contrastive Learning via Randomized Smoothing. (98%)
Physical Passive Patch Adversarial Attacks on Visual Odometry Systems. (98%)
Towards Effective Multi-Label Recognition Attacks via Knowledge Graph Consistency. (83%)
Susceptibility of Continual Learning Against Adversarial Attacks. (75%)
"Why do so?" -- A Practical Perspective on Machine Learning Security. (64%)
Physical Attack on Monocular Depth Estimation with Optimal Adversarial Patches. (22%)
Adversarial Style Augmentation for Domain Generalized Urban-Scene Segmentation. (1%)
2022-07-10
One-shot Neural Backdoor Erasing via Adversarial Weight Masking. (33%)
Hiding Your Signals: A Security Analysis of PPG-based Biometric Authentication. (4%)
2022-07-09
Adversarial Framework with Certified Robustness for Time-Series Domain via Statistical Features. (98%)
Invisible Backdoor Attacks Using Data Poisoning in the Frequency Domain. (98%)
Dynamic Time Warping based Adversarial Framework for Time-Series Domain. (97%)
Training Robust Deep Models for Time-Series Domain: Novel Algorithms and Theoretical Analysis. (67%)
2022-07-08
Not all broken defenses are equal: The dead angles of adversarial accuracy. (99%)
Improved and Interpretable Defense to Transferred Adversarial Examples by Jacobian Norm with Selective Input Gradient Regularization. (99%)
Defense Against Multi-target Trojan Attacks. (80%)
Guiding the retraining of convolutional neural networks against adversarial inputs. (80%)
Online Evasion Attacks on Recurrent Models:The Power of Hallucinating the Future. (68%)
Models Out of Line: A Fourier Lens on Distribution Shift Robustness. (10%)
A law of adversarial risk, interpolation, and label noise. (1%)
2022-07-07
On the Relationship Between Adversarial Robustness and Decision Region in Deep Neural Network. (99%)
Harnessing Out-Of-Distribution Examples via Augmenting Content and Style. (11%)
CausalAgents: A Robustness Benchmark for Motion Forecasting using Causal Relationships. (5%)
2022-07-06
The Weaknesses of Adversarial Camouflage in Overhead Imagery. (83%)
Adversarial Robustness of Visual Dialog. (64%)
Enhancing Adversarial Attacks on Single-Layer NVM Crossbar-Based Neural Networks with Power Consumption Information. (54%)
When does Bias Transfer in Transfer Learning? (10%)
Privacy-preserving Reflection Rendering for Augmented Reality. (2%)
Not All Models Are Equal: Predicting Model Transferability in a Self-challenging Fisher Space. (1%)
2022-07-05
Query-Efficient Adversarial Attack Based on Latin Hypercube Sampling. (99%)
Defending against the Label-flipping Attack in Federated Learning. (98%)
UniCR: Universally Approximated Certified Robustness via Randomized Smoothing. (93%)
PRoA: A Probabilistic Robustness Assessment against Functional Perturbations. (92%)
Learning to Accelerate Approximate Methods for Solving Integer Programming via Early Fixing. (38%)
Robustness Analysis of Video-Language Models Against Visual and Language Perturbations. (1%)
Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. (1%)
PoF: Post-Training of Feature Extractor for Improving Generalization. (1%)
Class-Specific Semantic Reconstruction for Open Set Recognition. (1%)
2022-07-04
Hessian-Free Second-Order Adversarial Examples for Adversarial Learning. (99%)
Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples. (98%)
Task-agnostic Defense against Adversarial Patch Attacks. (98%)
Large-scale Robustness Analysis of Video Action Recognition Models. (70%)
Counterbalancing Teacher: Regularizing Batch Normalized Models for Robustness. (1%)
2022-07-03
RAF: Recursive Adversarial Attacks on Face Recognition Using Extremely Limited Queries. (99%)
Removing Batch Normalization Boosts Adversarial Training. (98%)
Anomaly Detection with Adversarially Learned Perturbations of Latent Space. (13%)
Identifying the Context Shift between Test Benchmarks and Production Data. (1%)
2022-07-02
FL-Defender: Combating Targeted Attacks in Federated Learning. (80%)
Backdoor Attack is a Devil in Federated GAN-based Medical Image Synthesis. (11%)
PhilaeX: Explaining the Failure and Success of AI Models in Malware Detection. (1%)
2022-07-01
Efficient Adversarial Training With Data Pruning. (99%)
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label. (99%)
2022-06-30
Detecting and Recovering Adversarial Examples from Extracting Non-robust and Highly Predictive Adversarial Perturbations. (99%)
Measuring Forgetting of Memorized Training Examples. (83%)
MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. (80%)
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN. (16%)
Threat Assessment in Machine Learning based Systems. (13%)
Robustness of Epinets against Distributional Shifts. (1%)
ProSelfLC: Progressive Self Label Correction Towards A Low-Temperature Entropy State. (1%)
No Reason for No Supervision: Improved Generalization in Supervised Models. (1%)
Augment like there's no tomorrow: Consistently performing neural networks for medical imaging. (1%)
2022-06-29
IBP Regularization for Verified Adversarial Robustness via Branch-and-Bound. (92%)
Adversarial Ensemble Training by Jointly Learning Label Dependencies and Member Models. (33%)
longhorns at DADC 2022: How many linguists does it take to fool a Question Answering model? A systematic approach to adversarial attacks. (10%)
Private Graph Extraction via Feature Explanations. (10%)
RegMixup: Mixup as a Regularizer Can Surprisingly Improve Accuracy and Out Distribution Robustness. (2%)
2022-06-28
Increasing Confidence in Adversarial Robustness Evaluations. (99%)
Rethinking Adversarial Examples for Location Privacy Protection. (93%)
A Deep Learning Approach to Create DNS Amplification Attacks. (92%)
On the amplification of security and privacy risks by post-hoc explanations in machine learning models. (31%)
How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection. (12%)
An Empirical Study of Challenges in Converting Deep Learning Models. (5%)
Reasoning about Moving Target Defense in Attack Modeling Formalisms. (2%)
AS-IntroVAE: Adversarial Similarity Distance Makes Robust IntroVAE. (1%)
2022-06-27
Adversarial Example Detection in Deployed Tree Ensembles. (99%)
Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs. (38%)
Utilizing Class Separation Distance for the Evaluation of Corruption Robustness of Machine Learning Classifiers. (15%)
Cyber Network Resilience against Self-Propagating Malware Attacks. (13%)
Quantification of Deep Neural Network Prediction Uncertainties for VVUQ of Machine Learning Models. (4%)
2022-06-26
Self-Healing Robust Neural Networks via Closed-Loop Control. (45%)
De-END: Decoder-driven Watermarking Network. (1%)
2022-06-25
Empirical Evaluation of Physical Adversarial Patch Attacks Against Overhead Object Detection Models. (99%)
Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising. (99%)
RSTAM: An Effective Black-Box Impersonation Attack on Face Recognition using a Mobile and Compact Printer. (99%)
Defending Multimodal Fusion Models against Single-Source Adversaries. (81%)
BackdoorBench: A Comprehensive Benchmark of Backdoor Learning. (12%)
Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks. (1%)
2022-06-24
Defending Backdoor Attacks on Vision Transformer via Patch Processing. (99%)
AdAUC: End-to-end Adversarial AUC Optimization Against Long-tail Problems. (96%)
Adversarial Robustness of Deep Neural Networks: A Survey from a Formal Verification Perspective. (92%)
Robustness of Explanation Methods for NLP Models. (82%)
zPROBE: Zero Peek Robustness Checks for Federated Learning. (4%)
Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems. (2%)
2022-06-23
Adversarial Zoom Lens: A Novel Physical-World Attack to DNNs. (99%)
A Framework for Understanding Model Extraction Attack and Defense. (98%)
Towards End-to-End Private Automatic Speaker Recognition. (76%)
BERT Rankers are Brittle: a Study using Adversarial Document Perturbations. (75%)
Never trust, always verify : a roadmap for Trustworthy AI? (1%)
Measuring Representational Robustness of Neural Networks Through Shared Invariances. (1%)
2022-06-22
AdvSmo: Black-box Adversarial Attack by Smoothing Linear Structure of Texture. (99%)
InfoAT: Improving Adversarial Training Using the Information Bottleneck Principle. (98%)
Robust Universal Adversarial Perturbations. (97%)
Guided Diffusion Model for Adversarial Purification from Random Noise. (68%)
Understanding the effect of sparsity on neural networks robustness. (61%)
Shilling Black-box Recommender Systems by Learning to Generate Fake User Profiles. (41%)
2022-06-21
SSMI: How to Make Objects of Interest Disappear without Accessing Object Detectors? (99%)
Transferable Graph Backdoor Attack. (99%)
(Certified!!) Adversarial Robustness for Free! (84%)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems. (81%)
FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. (68%)
Natural Backdoor Datasets. (33%)
The Privacy Onion Effect: Memorization is Relative. (22%)
ProML: A Decentralised Platform for Provenance Management of Machine Learning Software Systems. (1%)
2022-06-20
Understanding Robust Learning through the Lens of Representation Similarities. (99%)
Diversified Adversarial Attacks based on Conjugate Gradient Method. (98%)
Robust Deep Reinforcement Learning through Bootstrapped Opportunistic Curriculum. (76%)
SafeBench: A Benchmarking Platform for Safety Evaluation of Autonomous Vehicles. (5%)
Breaking Down Out-of-Distribution Detection: Many Methods Based on OOD Training Data Estimate a Combination of the Same Core Quantities. (1%)
2022-06-19
On the Limitations of Stochastic Pre-processing Defenses. (99%)
Towards Adversarial Attack on Vision-Language Pre-training Models. (98%)
A Universal Adversarial Policy for Text Classifiers. (98%)
JPEG Compression-Resistant Low-Mid Adversarial Perturbation against Unauthorized Face Recognition System. (68%)
Adversarially trained neural representations may already be as robust as corresponding biological neural representations. (31%)
2022-06-18
Demystifying the Adversarial Robustness of Random Transformation Defenses. (99%)
On the Role of Generalization in Transferability of Adversarial Examples. (99%)
DECK: Model Hardening for Defending Pervasive Backdoors. (98%)
Measuring Lower Bounds of Local Differential Privacy via Adversary Instantiations in Federated Learning. (10%)
Adversarial Scrutiny of Evidentiary Statistical Software. (2%)
2022-06-17
Detecting Adversarial Examples in Batches -- a geometrical approach. (99%)
Minimum Noticeable Difference based Adversarial Privacy Preserving Image Generation. (99%)
Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization. (99%)
Comment on Transferability and Input Transformation with Additive Noise. (99%)
Adversarial Robustness is at Odds with Lazy Training. (98%)
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection. (83%)
RetrievalGuard: Provably Robust 1-Nearest Neighbor Image Retrieval. (81%)
The Consistency of Adversarial Training for Binary Classification. (26%)
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification. (15%)
Understanding Robust Overfitting of Adversarial Training and Beyond. (8%)
2022-06-16
Adversarial Privacy Protection on Speech Enhancement. (99%)
Boosting the Adversarial Transferability of Surrogate Model with Dark Knowledge. (99%)
Analysis and Extensions of Adversarial Training for Video Classification. (93%)
Double Sampling Randomized Smoothing. (89%)
Adversarial Robustness of Graph-based Anomaly Detection. (76%)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks. (68%)
Backdoor Attacks on Vision Transformers. (31%)
Adversarial Patch Attacks and Defences in Vision-Based Tasks: A Survey. (22%)
Catastrophic overfitting is a bug but also a feature. (16%)
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences. (5%)
Gradient-Based Adversarial and Out-of-Distribution Detection. (2%)
"Understanding Robustness Lottery": A Comparative Visual Analysis of Neural Network Pruning Approaches. (1%)
2022-06-15
Fast and Reliable Evaluation of Adversarial Robustness with Minimum-Margin Attack. (99%)
Morphence-2.0: Evasion-Resilient Moving Target Defense Powered by Out-of-Distribution Detection. (99%)
Architectural Backdoors in Neural Networks. (83%)
Hardening DNNs against Transfer Attacks during Network Compression using Greedy Adversarial Pruning. (75%)
Linearity Grafting: Relaxed Neuron Pruning Helps Certifiable Robustness. (74%)
A Search-Based Testing Approach for Deep Reinforcement Learning Agents. (62%)
Can pruning improve certified robustness of neural networks? (56%)
Improving Diversity with Adversarially Learned Transformations for Domain Generalization. (33%)
Queried Unlabeled Data Improves and Robustifies Class-Incremental Learning. (11%)
The Manifold Hypothesis for Gradient-Based Explanations. (2%)
READ: Aggregating Reconstruction Error into Out-of-distribution Detection. (1%)
2022-06-14
Adversarial Vulnerability of Randomized Ensembles. (99%)
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training. (99%)
Efficiently Training Low-Curvature Neural Networks. (92%)
Proximal Splitting Adversarial Attacks for Semantic Segmentation. (92%)
Defending Observation Attacks in Deep Reinforcement Learning via Detection and Denoising. (88%)
On the explainable properties of 1-Lipschitz Neural Networks: An Optimal Transport Perspective. (88%)
Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO. (86%)
Turning a Curse Into a Blessing: Enabling Clean-Data-Free Defenses by Model Inversion. (68%)
Human Eyes Inspired Recurrent Neural Networks are More Robust Against Adversarial Noises. (62%)
Attacks on Perception-Based Control Systems: Modeling and Fundamental Limits. (2%)
A Gift from Label Smoothing: Robust Training with Adaptive Label Smoothing via Auxiliary Classifier under Label Noise. (1%)
A Survey on Gradient Inversion: Attacks, Defenses and Future Directions. (1%)
2022-06-13
Towards Alternative Techniques for Improving Adversarial Robustness: Analysis of Adversarial Training at a Spectrum of Perturbations. (99%)
Distributed Adversarial Training to Robustify Deep Neural Networks at Scale. (99%)
Pixel to Binary Embedding Towards Robustness for CNNs. (47%)
Towards Understanding Sharpness-Aware Minimization. (1%)
An adversarially robust data-market for spatial, crowd-sourced data. (1%)
Efficient Human-in-the-loop System for Guiding DNNs Attention. (1%)
2022-06-12
Consistent Attack: Universal Adversarial Perturbation on Embodied Vision Navigation. (98%)
Security of Machine Learning-Based Anomaly Detection in Cyber Physical Systems. (92%)
Darknet Traffic Classification and Adversarial Attacks. (81%)
InBiaseD: Inductive Bias Distillation to Improve Generalization and Robustness through Shape-awareness. (26%)
RSSD: Defend against Ransomware with Hardware-Isolated Network-Storage Codesign and Post-Attack Analysis. (9%)
Neurotoxin: Durable Backdoors in Federated Learning. (5%)
An Efficient Method for Sample Adversarial Perturbations against Nonlinear Support Vector Machines. (4%)
2022-06-11
Improving the Adversarial Robustness of NLP Models by Information Bottleneck. (99%)
Defending Adversarial Examples by Negative Correlation Ensemble. (99%)
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks. (81%)
Bilateral Dependency Optimization: Defending Against Model-inversion Attacks. (69%)
2022-06-10
Localized adversarial artifacts for compressed sensing MRI. (76%)
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency. (70%)
Blades: A Unified Benchmark Suite for Byzantine Attacks and Defenses in Federated Learning. (33%)
Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers. (9%)
Deep Leakage from Model in Federated Learning. (3%)
Adversarial Counterfactual Environment Model Learning. (1%)
2022-06-09
CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models. (99%)
ReFace: Real-time Adversarial Attacks on Face Recognition Systems. (99%)
Adversarial Noises Are Linearly Separable for (Nearly) Random Neural Networks. (98%)
Meet You Halfway: Explaining Deep Learning Mysteries. (92%)
Early Transferability of Adversarial Examples in Deep Neural Networks. (86%)
GSmooth: Certified Robustness against Semantic Transformations via Generalized Randomized Smoothing. (86%)
Beyond the Imitation Game: Quantifying and extrapolating the capabilities of language models. (84%)
Data-Efficient Double-Win Lottery Tickets from Robust Pre-training. (41%)
DORA: Exploring outlier representations in Deep Neural Networks. (1%)
Membership Inference via Backdooring. (1%)
2022-06-08
Wavelet Regularization Benefits Adversarial Training. (99%)
Latent Boundary-guided Adversarial Training. (99%)
Adversarial Text Normalization. (73%)
Autoregressive Perturbations for Data Poisoning. (70%)
Toward Certified Robustness Against Real-World Distribution Shifts. (5%)
Generative Adversarial Networks and Image-Based Malware Classification. (1%)
Robust Deep Ensemble Method for Real-world Image Denoising. (1%)
2022-06-07
Fooling Explanations in Text Classifiers. (99%)
AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems. (99%)
Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition. (99%)
Adaptive Regularization for Adversarial Training. (98%)
Building Robust Ensembles via Margin Boosting. (83%)
On the Permanence of Backdoors in Evolving Models. (67%)
Subject Membership Inference Attacks in Federated Learning. (4%)
Adversarial Reprogramming Revisited. (3%)
Certifying Data-Bias Robustness in Linear Regression. (1%)
Parametric Chordal Sparsity for SDP-based Neural Network Verification. (1%)
Can CNNs Be More Robust Than Transformers? (1%)
2022-06-06
Robust Adversarial Attacks Detection based on Explainable Deep Reinforcement Learning For UAV Guidance and Planning. (99%)
Fast Adversarial Training with Adaptive Step Size. (98%)
Certified Robustness in Federated Learning. (87%)
Robust Image Protection Countering Cropping Manipulation. (12%)
PCPT and ACPT: Copyright Protection and Traceability Scheme for DNN Model. (3%)
Tackling covariate shift with node-based Bayesian neural networks. (1%)
Anomaly Detection with Test Time Augmentation and Consistency Evaluation. (1%)
2022-06-05
Federated Adversarial Training with Transformers. (98%)
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training. (98%)
Which models are innately best at uncertainty estimation? (1%)
2022-06-04
Soft Adversarial Training Can Retain Natural Accuracy. (76%)
2022-06-03
Saliency Attack: Towards Imperceptible Black-box Adversarial Attack. (99%)
Towards Evading the Limits of Randomized Smoothing: A Theoretical Analysis. (96%)
Evaluating Transfer-based Targeted Adversarial Perturbations against Real-World Computer Vision Systems based on Human Judgments. (92%)
A Robust Backpropagation-Free Framework for Images. (80%)
Gradient Obfuscation Checklist Test Gives a False Sense of Security. (73%)
Kallima: A Clean-label Framework for Textual Backdoor Attacks. (26%)
2022-06-02
Improving the Robustness and Generalization of Deep Neural Network with Confidence Threshold Reduction. (99%)
FACM: Intermediate Layer Still Retain Effective Features against Adversarial Examples. (99%)
Adaptive Adversarial Training to Improve Adversarial Robustness of DNNs for Medical Image Segmentation and Detection. (99%)
Adversarial RAW: Image-Scaling Attack Against Imaging Pipeline. (99%)
Adversarial Laser Spot: Robust and Covert Physical Adversarial Attack to DNNs. (98%)
Adversarial Unlearning: Reducing Confidence Along Adversarial Directions. (31%)
MaxStyle: Adversarial Style Composition for Robust Medical Image Segmentation. (8%)
A temporal chrominance trigger for clean-label backdoor attack against anti-spoof rebroadcast detection. (4%)
Learning Unbiased Transferability for Domain Adaptation by Uncertainty Modeling. (1%)
2022-06-01
On the reversibility of adversarial attacks. (99%)
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks. (99%)
Attack-Agnostic Adversarial Detection. (99%)
On the Perils of Cascading Robust Classifiers. (98%)
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations. (98%)
Support Vector Machines under Adversarial Label Contamination. (97%)
Defense Against Gradient Leakage Attacks via Learning to Obscure Data. (80%)
The robust way to stack and bag: the local Lipschitz way. (70%)
Robustness Evaluation and Adversarial Training of an Instance Segmentation Model. (54%)
RoCourseNet: Distributionally Robust Training of a Prediction Aware Recourse Model. (1%)
2022-05-31
Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems. (99%)
Exact Feature Collisions in Neural Networks. (95%)
CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. (93%)
CASSOCK: Viable Backdoor Attacks against DNN in The Wall of Source-Specific Backdoor Defences. (83%)
Semantic Autoencoder and Its Potential Usage for Adversarial Attack. (81%)
An Effective Fusion Method to Enhance the Robustness of CNN. (80%)
Order-sensitive Shapley Values for Evaluating Conceptual Soundness of NLP Models. (64%)
Generative Models with Information-Theoretic Protection Against Membership Inference Attacks. (10%)
Likelihood-Free Inference with Generative Neural Networks via Scoring Rule Minimization. (1%)
2022-05-30
Domain Constraints in Feature Space: Strengthening Robustness of Android Malware Detection against Realizable Adversarial Examples. (99%)
Searching for the Essence of Adversarial Perturbations. (99%)
Exposing Fine-Grained Adversarial Vulnerability of Face Anti-Spoofing Models. (99%)
Guided Diffusion Model for Adversarial Purification. (99%)
Why Adversarial Training of ReLU Networks Is Difficult? (68%)
CalFAT: Calibrated Federated Adversarial Training with Label Skewness. (67%)
Securing AI-based Healthcare Systems using Blockchain Technology: A State-of-the-Art Systematic Literature Review and Future Research Directions. (15%)
Efficient Reward Poisoning Attacks on Online Deep Reinforcement Learning. (13%)
White-box Membership Attack Against Machine Learning Based Retinopathy Classification. (10%)
Fool SHAP with Stealthily Biased Sampling. (2%)
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance. (2%)
2022-05-29
Robust Weight Perturbation for Adversarial Training. (99%)
Mixture GAN For Modulation Classification Resiliency Against Adversarial Attacks. (99%)
Unfooling Perturbation-Based Post Hoc Explainers. (98%)
On the Robustness of Safe Reinforcement Learning under Observational Perturbations. (93%)
Superclass Adversarial Attack. (80%)
Problem-Space Evasion Attacks in the Android OS: a Survey. (50%)
Context-based Virtual Adversarial Training for Text Classification with Noisy Labels. (11%)
A General Multiple Data Augmentation Based Framework for Training Deep Neural Networks. (1%)
2022-05-28
Contributor-Aware Defenses Against Adversarial Backdoor Attacks. (98%)
BadDet: Backdoor Attacks on Object Detection. (92%)
Syntax-Guided Program Reduction for Understanding Neural Code Intelligence Models. (62%)
2022-05-27
fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems. (96%)
Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power. (95%)
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction. (93%)
Defending Against Stealthy Backdoor Attacks. (73%)
EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks. (13%)
2022-05-26
A Physical-World Adversarial Attack Against 3D Face Recognition. (99%)
Transferable Adversarial Attack based on Integrated Gradients. (99%)
MALICE: Manipulation Attacks on Learned Image ComprEssion. (99%)
Phantom Sponges: Exploiting Non-Maximum Suppression to Attack Deep Object Detectors. (98%)
Circumventing Backdoor Defenses That Are Based on Latent Separability. (96%)
An Analytic Framework for Robust Training of Artificial Neural Networks. (93%)
Adversarial attacks and defenses in Speaker Recognition Systems: A survey. (81%)
PerDoor: Persistent Non-Uniform Backdoors in Federated Learning using Adversarial Perturbations. (81%)
BppAttack: Stealthy and Efficient Trojan Attacks against Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning. (81%)
R-HTDetector: Robust Hardware-Trojan Detection Based on Adversarial Training. (80%)
BagFlip: A Certified Defense against Data Poisoning. (75%)
Towards A Proactive ML Approach for Detecting Backdoor Poison Samples. (67%)
Membership Inference Attack Using Self Influence Functions. (45%)
MemeTector: Enforcing deep focus for meme detection. (1%)
ES-GNN: Generalizing Graph Neural Networks Beyond Homophily with Edge Splitting. (1%)
2022-05-25
Surprises in adversarially-trained linear regression. (87%)
BITE: Textual Backdoor Attacks with Iterative Trigger Injection. (75%)
Impartial Games: A Challenge for Reinforcement Learning. (10%)
How explainable are adversarially-robust CNNs? (8%)
2022-05-24
Defending a Music Recommender Against Hubness-Based Adversarial Attacks. (99%)
Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks. (99%)
Certified Robustness Against Natural Language Attacks by Causal Intervention. (98%)
One-Pixel Shortcut: on the Learning Preference of Deep Neural Networks. (92%)
Fine-grained Poisoning Attacks to Local Differential Privacy Protocols for Mean and Variance Estimation. (64%)
WeDef: Weakly Supervised Backdoor Defense for Text Classification. (56%)
Recipe2Vec: Multi-modal Recipe Representation Learning with Graph Neural Networks. (50%)
EBM Life Cycle: MCMC Strategies for Synthesis, Defense, and Density Modeling. (10%)
Comprehensive Privacy Analysis on Federated Recommender System against Attribute Inference Attacks. (9%)
Fast & Furious: Modelling Malware Detection as Evolving Data Streams. (2%)
Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free. (2%)
CDFKD-MFS: Collaborative Data-free Knowledge Distillation via Multi-level Feature Sharing. (1%)
2022-05-23
Collaborative Adversarial Training. (98%)
Alleviating Robust Overfitting of Adversarial Training With Consistency Regularization. (98%)
Learning to Ignore Adversarial Attacks. (95%)
Towards a Defense against Backdoor Attacks in Continual Federated Learning. (50%)
Compressing Deep Graph Neural Networks via Adversarial Knowledge Distillation. (10%)
RCC-GAN: Regularized Compound Conditional GAN for Large-Scale Tabular Data Synthesis. (1%)
2022-05-22
AutoJoin: Efficient Adversarial Training for Robust Maneuvering via Denoising Autoencoder and Joint Learning. (26%)
Robust Quantity-Aware Aggregation for Federated Learning. (13%)
Analysis of functional neural codes of deep learning models. (10%)
2022-05-21
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. (99%)
Gradient Concealment: Free Lunch for Defending Adversarial Attacks. (99%)
Phrase-level Textual Adversarial Attack with Label Preservation. (99%)
On the Feasibility and Generality of Patch-based Adversarial Attacks on Semantic Segmentation Problems. (16%)
2022-05-20
Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness. (99%)
Robust Sensible Adversarial Learning of Deep Neural Networks for Image Classification. (98%)
Adversarial joint attacks on legged robots. (86%)
Towards Consistency in Adversarial Classification. (82%)
Adversarial Body Shape Search for Legged Robots. (80%)
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning. (64%)
The developmental trajectory of object recognition robustness: children are like small adults but unlike big deep neural networks. (11%)
Vulnerability Analysis and Performance Enhancement of Authentication Protocol in Dynamic Wireless Power Transfer Systems. (10%)
Exploring the Trade-off between Plausibility, Change Intensity and Adversarial Power in Counterfactual Explanations using Multi-objective Optimization. (4%)
2022-05-19
Focused Adversarial Attacks. (99%)
Transferable Physical Attack against Object Detection with Separable Attention. (99%)
Gradient Aligned Attacks via a Few Queries. (99%)
On Trace of PGD-Like Adversarial Attacks. (99%)
Improving Robustness against Real-World and Worst-Case Distribution Shifts through Decision Region Quantification. (98%)
Defending Against Adversarial Attacks by Energy Storage Facility. (96%)
Sparse Adversarial Attack in Multi-agent Reinforcement Learning. (82%)
Data Valuation for Offline Reinforcement Learning. (1%)
2022-05-18
Passive Defense Against 3D Adversarial Point Clouds Through the Lens of 3D Steganalysis. (99%)
Property Unlearning: A Defense Strategy Against Property Inference Attacks. (84%)
Backdoor Attacks on Bayesian Neural Networks using Reverse Distribution. (56%)
Empirical Advocacy of Bio-inspired Models for Robust Image Recognition. (38%)
Constraining the Attack Space of Machine Learning Models with Distribution Clamping Preprocessing. (1%)
Mitigating Neural Network Overconfidence with Logit Normalization. (1%)
2022-05-17
Hierarchical Distribution-Aware Testing of Deep Learning. (99%)
Bankrupting DoS Attackers Despite Uncertainty. (12%)
A two-steps approach to improve the performance of Android malware detectors. (10%)
Policy Distillation with Selective Input Gradient Regularization for Efficient Interpretability. (2%)
Recovering Private Text in Federated Learning of Language Models. (2%)
Semi-Supervised Building Footprint Generation with Feature and Output Consistency Training. (1%)
2022-05-16
Attacking and Defending Deep Reinforcement Learning Policies. (99%)
Diffusion Models for Adversarial Purification. (99%)
Robust Representation via Dynamic Feature Aggregation. (84%)
Sparse Visual Counterfactual Explanations in Image Space. (83%)
On the Difficulty of Defending Self-Supervised Learning against Model Extraction. (67%)
Transferability of Adversarial Attacks on Synthetic Speech Detection. (47%)
2022-05-15
Learn2Weight: Parameter Adaptation against Similar-domain Adversarial Attacks. (99%)
Exploiting the Relationship Between Kendall's Rank Correlation and Cosine Similarity for Attribution Protection. (64%)
RoMFAC: A robust mean-field actor-critic reinforcement learning against adversarial perturbations on states. (62%)
Automation Slicing and Testing for in-App Deep Learning Models. (1%)
2022-05-14
Evaluating Membership Inference Through Adversarial Robustness. (98%)
Verifying Neural Networks Against Backdoor Attacks. (2%)
2022-05-13
MM-BD: Post-Training Detection of Backdoor Attacks with Arbitrary Backdoor Pattern Types Using a Maximum Margin Statistic. (98%)
l-Leaks: Membership Inference Attacks with Logits. (41%)
DualCF: Efficient Model Extraction Attack from Counterfactual Explanations. (26%)
Millimeter-Wave Automotive Radar Spoofing. (2%)
2022-05-12
Sample Complexity Bounds for Robustly Learning Decision Lists against Evasion Attacks. (75%)
PoisonedEncoder: Poisoning the Unlabeled Pre-training Data in Contrastive Learning. (61%)
How to Combine Membership-Inference Attacks on Multiple Updated Models. (11%)
Infrared Invisible Clothing:Hiding from Infrared Detectors at Multiple Angles in Real World. (4%)
Smooth-Reduce: Leveraging Patches for Improved Certified Robustness. (2%)
Stalloris: RPKI Downgrade Attack. (1%)
2022-05-11
Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. (1%)
The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. (1%)
A Longitudinal Study of Cryptographic API: a Decade of Android Malware. (1%)
2022-05-10
Robust Medical Image Classification from Noisy Labeled Data with Global and Local Representation Guided Co-training. (1%)
White-box Testing of NLP models with Mask Neuron Coverage. (1%)
2022-05-09
Btech thesis report on adversarial attack detection and purification of adverserially attacked images. (99%)
Using Frequency Attention to Make Adversarial Patch Powerful Against Person Detector. (98%)
Do You Think You Can Hold Me? The Real Challenge of Problem-Space Evasion Attacks. (97%)
Model-Contrastive Learning for Backdoor Defense. (87%)
How Does Frequency Bias Affect the Robustness of Neural Image Classifiers against Common Corruption and Adversarial Perturbations? (61%)
Federated Multi-Armed Bandits Under Byzantine Attacks. (2%)
Verifying Integrity of Deep Ensemble Models by Lossless Black-box Watermarking with Sensitive Samples. (2%)
2022-05-08
Fingerprint Template Invertibility: Minutiae vs. Deep Templates. (68%)
ResSFL: A Resistance Transfer Framework for Defending Model Inversion Attack in Split Federated Learning. (22%)
VPN: Verification of Poisoning in Neural Networks. (9%)
FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks. (4%)
PGADA: Perturbation-Guided Adversarial Alignment for Few-shot Learning Under the Support-Query Shift. (1%)
2022-05-07
A Simple Yet Efficient Method for Adversarial Word-Substitute Attack. (99%)
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees. (92%)
2022-05-06
Imperceptible Backdoor Attack: From Input Space to Feature Representation. (68%)
Defending against Reconstruction Attacks through Differentially Private Federated Learning for Classification of Heterogeneous Chest X-Ray Data. (26%)
LPGNet: Link Private Graph Networks for Node Classification. (1%)
Unlimited Lives: Secure In-Process Rollback with Isolated Domains. (1%)
2022-05-05
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems. (99%)
Structural Extensions of Basis Pursuit: Guarantees on Adversarial Robustness. (78%)
Can collaborative learning be private, robust and scalable? (61%)
Large Scale Transfer Learning for Differentially Private Image Classification. (2%)
Are GAN-based Morphs Threatening Face Recognition? (1%)
Heterogeneous Domain Adaptation with Adversarial Neural Representation Learning: Experiments on E-Commerce and Cybersecurity. (1%)
2022-05-04
Based-CE white-box adversarial attack will not work using super-fitting. (99%)
Rethinking Classifier And Adversarial Attack. (98%)
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. (98%)
Robust Conversational Agents against Imperceptible Toxicity Triggers. (92%)
Subverting Fair Image Search with Generative Adversarial Perturbations. (83%)
2022-05-03
Adversarial Training for High-Stakes Reliability. (98%)
Don't sweat the small stuff, classify the rest: Sample Shielding to protect text classifiers against adversarial attacks. (96%)
On the uncertainty principle of neural networks. (3%)
Meta-Cognition. An Inverse-Inverse Reinforcement Learning Approach for Cognitive Radars. (1%)
2022-05-02
SemAttack: Natural Textual Attacks via Different Semantic Spaces. (96%)
Deep-Attack over the Deep Reinforcement Learning. (93%)
Enhancing Adversarial Training with Feature Separability. (92%)
BERTops: Studying BERT Representations under a Topological Lens. (92%)
MIRST-DM: Multi-Instance RST with Drop-Max Layer for Robust Classification of Breast Cancer. (83%)
Revisiting Gaussian Neurons for Online Clustering with Unknown Number of Clusters. (1%)
2022-05-01
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction. (98%)
DDDM: a Brain-Inspired Framework for Robust Classification. (76%)
Robust Fine-tuning via Perturbation and Interpolation from In-batch Instances. (9%)
A Simple Approach to Improve Single-Model Deep Uncertainty via Distance-Awareness. (3%)
Adversarial Plannning. (2%)
2022-04-30
Optimizing One-pixel Black-box Adversarial Attacks. (82%)
Cracking White-box DNN Watermarks via Invariant Neuron Transforms. (26%)
Loss Function Entropy Regularization for Diverse Decision Boundaries. (1%)
Adapting and Evaluating Influence-Estimation Methods for Gradient-Boosted Decision Trees. (1%)
2022-04-29
Adversarial attacks on an optical neural network. (92%)
Logically Consistent Adversarial Attacks for Soft Theorem Provers. (2%)
Bridging Differential Privacy and Byzantine-Robustness via Model Aggregation. (1%)
2022-04-28
Detecting Textual Adversarial Examples Based on Distributional Characteristics of Data Representations. (99%)
Formulating Robustness Against Unforeseen Attacks. (99%)
Randomized Smoothing under Attack: How Good is it in Pratice? (84%)
Improving robustness of language models from a geometry-aware perspective. (68%)
Mixup-based Deep Metric Learning Approaches for Incomplete Supervision. (50%)
AGIC: Approximate Gradient Inversion Attack on Federated Learning. (16%)
An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks. (1%)
2022-04-27
Adversarial Fine-tune with Dynamically Regulated Adversary. (99%)
Defending Against Person Hiding Adversarial Patch Attack with a Universal White Frame. (98%)
An Adversarial Attack Analysis on Malicious Advertisement URL Detection Framework. (81%)
2022-04-26
Boosting Adversarial Transferability of MLP-Mixer. (99%)
Restricted Black-box Adversarial Attack Against DeepFake Face Swapping. (99%)
Improving the Transferability of Adversarial Examples with Restructure Embedded Patches. (99%)
On Fragile Features and Batch Normalization in Adversarial Training. (97%)
Mixed Strategies for Security Games with General Defending Requirements. (75%)
Poisoning Deep Learning based Recommender Model in Federated Learning Scenarios. (26%)
Designing Perceptual Puzzles by Differentiating Probabilistic Programs. (13%)
Enhancing Privacy against Inversion Attacks in Federated Learning by using Mixing Gradients Strategies. (8%)
Performance Analysis of Out-of-Distribution Detection on Trained Neural Networks. (4%)
2022-04-25
Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks. (99%)
When adversarial examples are excusable. (89%)
A Simple Structure For Building A Robust Model. (81%)
Real or Virtual: A Video Conferencing Background Manipulation-Detection System. (67%)
Can Rationalization Improve Robustness? (12%)
PhysioGAN: Training High Fidelity Generative Model for Physiological Sensor Readings. (1%)
VITA: A Multi-Source Vicinal Transfer Augmentation Method for Out-of-Distribution Generalization. (1%)
Enable Deep Learning on Mobile Devices: Methods, Systems, and Applications. (1%)
2022-04-24
A Hybrid Defense Method against Adversarial Attacks on Traffic Sign Classifiers in Autonomous Vehicles. (99%)
Improving Deep Learning Model Robustness Against Adversarial Attack by Increasing the Network Capacity. (81%)
2022-04-23
Smart App Attack: Hacking Deep Learning Models in Android Apps. (98%)
Towards Data-Free Model Stealing in a Hard Label Setting. (13%)
Reinforced Causal Explainer for Graph Neural Networks. (1%)
2022-04-22
How Sampling Impacts the Robustness of Stochastic Neural Networks. (99%)
A Tale of Two Models: Constructing Evasive Attacks on Edge Models. (83%)
Enhancing the Transferability via Feature-Momentum Adversarial Attack. (82%)
Data-Efficient Backdoor Attacks. (76%)
2022-04-21
A Mask-Based Adversarial Defense Scheme. (99%)
Is Neuron Coverage Needed to Make Person Detection More Robust? (98%)
Testing robustness of predictions of trained classifiers against naturally occurring perturbations. (98%)
Adversarial Contrastive Learning by Permuting Cluster Assignments. (15%)
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation. (4%)
Detecting Topology Attacks against Graph Neural Networks. (1%)
2022-04-20
Adversarial Scratches: Deployable Attacks to CNN Classifiers. (99%)
GUARD: Graph Universal Adversarial Defense. (99%)
Fast AdvProp. (98%)
Case-Aware Adversarial Training. (98%)
Improved Worst-Group Robustness via Classifier Retraining on Independent Splits. (1%)
2022-04-19
Jacobian Ensembles Improve Robustness Trade-offs to Adversarial Attacks. (99%)
Robustness Testing of Data and Knowledge Driven Anomaly Detection in Cyber-Physical Systems. (86%)
Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation. (83%)
2022-04-18
UNBUS: Uncertainty-aware Deep Botnet Detection System in Presence of Perturbed Samples. (99%)
Sardino: Ultra-Fast Dynamic Ensemble for Secure Visual Sensing at Mobile Edge. (99%)
CgAT: Center-Guided Adversarial Training for Deep Hashing-Based Retrieval. (99%)
Metamorphic Testing-based Adversarial Attack to Fool Deepfake Detectors. (98%)
A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability. (75%)
CorrGAN: Input Transformation Technique Against Natural Corruptions. (70%)
Poisons that are learned faster are more effective. (64%)
2022-04-17
Residue-Based Natural Language Adversarial Attack Detection. (99%)
Towards Comprehensive Testing on the Robustness of Cooperative Multi-agent Reinforcement Learning. (95%)
2022-04-16
SETTI: A Self-supervised Adversarial Malware Detection Architecture in an IoT Environment. (95%)
Homomorphic Encryption and Federated Learning based Privacy-Preserving CNN Training: COVID-19 Detection Use-Case. (67%)
2022-04-15
Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning. (92%)
2022-04-14
From Environmental Sound Representation to Robustness of 2D CNN Models Against Adversarial Attacks. (99%)
Planting Undetectable Backdoors in Machine Learning Models. (99%)
Q-TART: Quickly Training for Adversarial Robustness and in-Transferability. (50%)
Robotic and Generative Adversarial Attacks in Offline Writer-independent Signature Verification. (41%)
2022-04-13
Task-Driven Data Augmentation for Vision-Based Robotic Control. (96%)
Stealing and Evading Malware Classifiers and Antivirus at Low False Positive Conditions. (87%)
Defensive Patches for Robust Recognition in the Physical World. (80%)
A Novel Approach to Train Diverse Types of Language Models for Health Mention Classification of Tweets. (78%)
Overparameterized Linear Regression under Adversarial Attacks. (76%)
Towards A Critical Evaluation of Robustness for Deep Learning Backdoor Countermeasures. (38%)
A Natural Language Processing Approach for Instruction Set Architecture Identification. (1%)
2022-04-12
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS. (99%)
Examining the Proximity of Adversarial Examples to Class Manifolds in Deep Networks. (98%)
Toward Robust Spiking Neural Network Against Adversarial Perturbation. (98%)
Machine Learning Security against Data Poisoning: Are We There Yet? (92%)
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms. (11%)
3DeformRS: Certifying Spatial Deformations on Point Clouds. (9%)
2022-04-11
A Simple Approach to Adversarial Robustness in Few-shot Image Classification. (98%)
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. (92%)
Generalizing Adversarial Explanations with Grad-CAM. (84%)
Anti-Adversarially Manipulated Attributions for Weakly Supervised Semantic Segmentation and Object Localization. (83%)
Exploring the Universal Vulnerability of Prompt-based Learning Paradigm. (47%)
medXGAN: Visual Explanations for Medical Classifiers through a Generative Latent Space. (1%)
2022-04-10
"That Is a Suspicious Reaction!": Interpreting Logits Variation to Detect NLP Adversarial Attacks. (88%)
Analysis of Power-Oriented Fault Injection Attacks on Spiking Neural Networks. (54%)
Measuring the False Sense of Security. (26%)
2022-04-08
Defense against Adversarial Attacks on Hybrid Speech Recognition using Joint Adversarial Fine-tuning with Denoiser. (99%)
AdvEst: Adversarial Perturbation Estimation to Classify and Detect Adversarial Attacks against Speaker Identification. (99%)
Evaluating the Adversarial Robustness for Fourier Neural Operators. (92%)
Backdoor Attack against NLP models with Robustness-Aware Perturbation defense. (87%)
An Adaptive Black-box Backdoor Detection Method for Deep Neural Networks. (45%)
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment. (13%)
Neural Tangent Generalization Attacks. (12%)
Labeling-Free Comparison Testing of Deep Learning Models. (11%)
Does Robustness on ImageNet Transfer to Downstream Tasks? (2%)
The self-learning AI controller for adaptive power beaming with fiber-array laser transmitter system. (1%)
2022-04-07
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. (99%)
Adaptive-Gravity: A Defense Against Adversarial Samples. (99%)
Using Multiple Self-Supervised Tasks Improves Model Robustness. (81%)
Transformer-Based Language Models for Software Vulnerability Detection: Performance, Model's Security and Platforms. (69%)
Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation. (1%)
2022-04-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
Masking Adversarial Damage: Finding Adversarial Saliency for Robust and Sparse Network. (95%)
Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck. (93%)
Optimization Models and Interpretations for Three Types of Adversarial Perturbations against Support Vector Machines. (68%)
Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems. (62%)
Adversarial Analysis of the Differentially-Private Federated Learning in Cyber-Physical Critical Infrastructures. (33%)
2022-04-05
Hear No Evil: Towards Adversarial Robustness of Automatic Speech Recognition via Multi-Task Learning. (98%)