A Complete List of All (arXiv) Adversarial Example Papers
by Nicholas Carlini 2019-06-15
It can be hard to stay up-to-date on the published papers in the field of adversarial examples, where we have seen massive growth in the number of papers written each year. I have been somewhat religiously keeping track of these papers for the last few years, and realized it may be helpful for others to release this list.
The only requirement I used for selecting papers for this list is that it is primarily a paper about adversarial examples, or extensively uses adversarial examples. Due to the sheer quantity of papers, I can't guarantee that I actually have found all of them.
But I did try.
I also may have included papers that don't match these criteria (and are about something different instead), or made inconsistent judgement calls as to whether or not any given paper is mainly an adversarial example paper. Send me an email if something is wrong and I'll correct it.
As a result, this list is completely un-filtered. Everything that mainly presents itself as an adversarial example paper is listed here; I pass no judgement of quality. For a curated list of papers that I think are excellent and worth reading, see the Adversarial Machine Learning Reading List.
One final note about the data. This list automatically updates with new papers, even before I get a chance to manually filter through them. I do this filtering roughly twice a week, and it's then that I'll remove the ones that aren't related to adversarial examples. As a result, there may be some false positives on the most recent few entries. The new un-verified entries will have a probability indicated that my simplistic (but reasonably well calibrated) bag-of-words classifier believes the given paper is actually about adversarial examples.
The full paper list appears below. I've also released a TXT file (and a TXT file with abstracts) and a JSON file with the same data. If you do anything interesting with this data I'd be happy to hear from you what it was.
Paper List
2022-07-01
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label. (99%)
2022-06-30
Detecting and Recovering Adversarial Examples from Extracting Non-robust and Highly Predictive Adversarial Perturbations. (99%)
Measuring Forgetting of Memorized Training Examples. (83%)
MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. (80%)
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN. (16%)
Threat Assessment in Machine Learning based Systems. (13%)
Robustness of Epinets against Distributional Shifts. (1%)
ProSelfLC: Progressive Self Label Correction Towards A Low-Temperature Entropy State. (1%)
2022-06-29
IBP Regularization for Verified Adversarial Robustness via Branch-and-Bound. (92%)
Adversarial Ensemble Training by Jointly Learning Label Dependencies and Member Models. (33%)
longhorns at DADC 2022: How many linguists does it take to fool a Question Answering model? A systematic approach to adversarial attacks. (10%)
Private Graph Extraction via Feature Explanations. (4%)
RegMixup: Mixup as a Regularizer Can Surprisingly Improve Accuracy and Out Distribution Robustness. (2%)
2022-06-28
Increasing Confidence in Adversarial Robustness Evaluations. (99%)
Rethinking Adversarial Examples for Location Privacy Protection. (93%)
A Deep Learning Approach to Create DNS Amplification Attacks. (92%)
On the amplification of security and privacy risks by post-hoc explanations in machine learning models. (31%)
How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection. (12%)
An Empirical Study of Challenges in Converting Deep Learning Models. (5%)
Reasoning about Moving Target Defense in Attack Modeling Formalisms. (2%)
AS-IntroVAE: Adversarial Similarity Distance Makes Robust IntroVAE. (1%)
2022-06-27
Adversarial Example Detection in Deployed Tree Ensembles. (99%)
Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs. (31%)
Utilizing Class Separation Distance for the Evaluation of Corruption Robustness of Machine Learning Classifiers. (15%)
Cyber Network Resilience against Self-Propagating Malware Attacks. (13%)
Quantification of Deep Neural Network Prediction Uncertainties for VVUQ of Machine Learning Models. (4%)
2022-06-26
Self-Healing Robust Neural Networks via Closed-Loop Control. (45%)
De-END: Decoder-driven Watermarking Network. (1%)
2022-06-25
Empirical Evaluation of Physical Adversarial Patch Attacks Against Overhead Object Detection Models. (99%)
Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising. (99%)
RSTAM: An Effective Black-Box Impersonation Attack on Face Recognition using a Mobile and Compact Printer. (99%)
Defending Multimodal Fusion Models against Single-Source Adversaries. (81%)
BackdoorBench: A Comprehensive Benchmark of Backdoor Learning. (12%)
Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks. (1%)
2022-06-24
Defending Backdoor Attacks on Vision Transformer via Patch Processing. (99%)
AdAUC: End-to-end Adversarial AUC Optimization Against Long-tail Problems. (96%)
Adversarial Robustness of Deep Neural Networks: A Survey from a Formal Verification Perspective. (92%)
Robustness of Explanation Methods for NLP Models. (82%)
zPROBE: Zero Peek Robustness Checks for Federated Learning. (3%)
2022-06-23
Adversarial Zoom Lens: A Novel Physical-World Attack to DNNs. (99%)
A Framework for Understanding Model Extraction Attack and Defense. (98%)
Towards End-to-End Private Automatic Speaker Recognition. (76%)
BERT Rankers are Brittle: a Study using Adversarial Document Perturbations. (75%)
Never trust, always verify : a roadmap for Trustworthy AI? (1%)
Measuring Representational Robustness of Neural Networks Through Shared Invariances. (1%)
2022-06-22
AdvSmo: Black-box Adversarial Attack by Smoothing Linear Structure of Texture. (99%)
InfoAT: Improving Adversarial Training Using the Information Bottleneck Principle. (98%)
Robust Universal Adversarial Perturbations. (97%)
Guided Diffusion Model for Adversarial Purification from Random Noise. (68%)
Understanding the effect of sparsity on neural networks robustness. (61%)
Shilling Black-box Recommender Systems by Learning to Generate Fake User Profiles. (41%)
2022-06-21
Transferable Graph Backdoor Attack. (99%)
SSMI: How to Make Objects of Interest Disappear without Accessing Object Detectors? (99%)
(Certified!!) Adversarial Robustness for Free! (83%)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems. (81%)
FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. (67%)
Natural Backdoor Datasets. (33%)
The Privacy Onion Effect: Memorization is Relative. (22%)
ProML: A Decentralised Platform for Provenance Management of Machine Learning Software Systems. (1%)
2022-06-20
Understanding Robust Learning through the Lens of Representation Similarities. (99%)
Diversified Adversarial Attacks based on Conjugate Gradient Method. (98%)
Robust Deep Reinforcement Learning through Bootstrapped Opportunistic Curriculum. (76%)
SafeBench: A Benchmarking Platform for Safety Evaluation of Autonomous Vehicles. (3%)
Breaking Down Out-of-Distribution Detection: Many Methods Based on OOD Training Data Estimate a Combination of the Same Core Quantities. (1%)
2022-06-19
On the Limitations of Stochastic Pre-processing Defenses. (99%)
A Universal Adversarial Policy for Text Classifiers. (98%)
Towards Adversarial Attack on Vision-Language Pre-training Models. (96%)
JPEG Compression-Resistant Low-Mid Adversarial Perturbation against Unauthorized Face Recognition System. (68%)
Adversarially trained neural representations may already be as robust as corresponding biological neural representations. (31%)
2022-06-18
On the Role of Generalization in Transferability of Adversarial Examples. (99%)
DECK: Model Hardening for Defending Pervasive Backdoors. (98%)
Measuring Lower Bounds of Local Differential Privacy via Adversary Instantiations in Federated Learning. (10%)
Adversarial Scrutiny of Evidentiary Statistical Software. (2%)
2022-06-17
Detecting Adversarial Examples in Batches -- a geometrical approach. (99%)
Minimum Noticeable Difference based Adversarial Privacy Preserving Image Generation. (99%)
Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization. (99%)
Comment on Transferability and Input Transformation with Additive Noise. (99%)
Adversarial Robustness is at Odds with Lazy Training. (98%)
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection. (83%)
RetrievalGuard: Provably Robust 1-Nearest Neighbor Image Retrieval. (81%)
The Consistency of Adversarial Training for Binary Classification. (26%)
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification. (15%)
Understanding Robust Overfitting of Adversarial Training and Beyond. (8%)
2022-06-16
Adversarial Privacy Protection on Speech Enhancement. (99%)
Boosting the Adversarial Transferability of Surrogate Model with Dark Knowledge. (99%)
Analysis and Extensions of Adversarial Training for Video Classification. (93%)
Double Sampling Randomized Smoothing. (89%)
Adversarial Robustness of Graph-based Anomaly Detection. (76%)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks. (68%)
Backdoor Attacks on Vision Transformers. (31%)
Adversarial Patch Attacks and Defences in Vision-Based Tasks: A Survey. (22%)
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences. (5%)
Gradient-Based Adversarial and Out-of-Distribution Detection. (2%)
Catastrophic overfitting is a bug but also a feature. (2%)
"Understanding Robustness Lottery": A Comparative Visual Analysis of Neural Network Pruning Approaches. (1%)
2022-06-15
Fast and Reliable Evaluation of Adversarial Robustness with Minimum-Margin Attack. (99%)
Morphence-2.0: Evasion-Resilient Moving Target Defense Powered by Out-of-Distribution Detection. (99%)
Architectural Backdoors in Neural Networks. (83%)
Hardening DNNs against Transfer Attacks during Network Compression using Greedy Adversarial Pruning. (75%)
Linearity Grafting: Relaxed Neuron Pruning Helps Certifiable Robustness. (74%)
Search-Based Testing Approach for Deep Reinforcement Learning Agents. (61%)
Can pruning improve certified robustness of neural networks? (56%)
Improving Diversity with Adversarially Learned Transformations for Domain Generalization. (33%)
Queried Unlabeled Data Improves and Robustifies Class-Incremental Learning. (11%)
The Manifold Hypothesis for Gradient-Based Explanations. (2%)
READ: Aggregating Reconstruction Error into Out-of-distribution Detection. (1%)
2022-06-14
Adversarial Vulnerability of Randomized Ensembles. (99%)
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training. (99%)
Proximal Splitting Adversarial Attacks for Semantic Segmentation. (92%)
Flatten the Curve: Efficiently Training Low-Curvature Neural Networks. (92%)
Defending Observation Attacks in Deep Reinforcement Learning via Detection and Denoising. (88%)
Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO. (86%)
Turning a Curse Into a Blessing: Enabling Clean-Data-Free Defenses by Model Inversion. (68%)
Human Eyes Inspired Recurrent Neural Networks are More Robust Against Adversarial Noises. (62%)
When adversarial attacks become interpretable counterfactual explanations. (62%)
Attacks on Perception-Based Control Systems: Modeling and Fundamental Limits. (2%)
A Survey on Gradient Inversion: Attacks, Defenses and Future Directions. (1%)
2022-06-13
Distributed Adversarial Training to Robustify Deep Neural Networks at Scale. (99%)
Towards Alternative Techniques for Improving Adversarial Robustness: Analysis of Adversarial Training at a Spectrum of Perturbations. (99%)
Pixel to Binary Embedding Towards Robustness for CNNs. (47%)
Towards Understanding Sharpness-Aware Minimization. (1%)
Efficient Human-in-the-loop System for Guiding DNNs Attention. (1%)
2022-06-12
Consistent Attack: Universal Adversarial Perturbation on Embodied Vision Navigation. (98%)
Security of Machine Learning-Based Anomaly Detection in Cyber Physical Systems. (92%)
Darknet Traffic Classification and Adversarial Attacks. (81%)
InBiaseD: Inductive Bias Distillation to Improve Generalization and Robustness through Shape-awareness. (26%)
RSSD: Defend against Ransomware with Hardware-Isolated Network-Storage Codesign and Post-Attack Analysis. (9%)
Neurotoxin: Durable Backdoors in Federated Learning. (5%)
An Efficient Method for Sample Adversarial Perturbations against Nonlinear Support Vector Machines. (4%)
2022-06-11
Improving the Adversarial Robustness of NLP Models by Information Bottleneck. (99%)
Defending Adversarial Examples by Negative Correlation Ensemble. (99%)
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks. (81%)
Bilateral Dependency Optimization: Defending Against Model-inversion Attacks. (69%)
2022-06-10
Localized adversarial artifacts for compressed sensing MRI. (76%)
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency. (70%)
Blades: A Simulator for Attacks and Defenses in Federated Learning. (33%)
Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers. (9%)
Deep Leakage from Model in Federated Learning. (3%)
Adversarial Counterfactual Environment Model Learning. (1%)
2022-06-09
CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models. (99%)
ReFace: Real-time Adversarial Attacks on Face Recognition Systems. (99%)
Adversarial Noises Are Linearly Separable for (Nearly) Random Neural Networks. (98%)
Meet You Halfway: Explaining Deep Learning Mysteries. (92%)
Early Transferability of Adversarial Examples in Deep Neural Networks. (86%)
GSmooth: Certified Robustness against Semantic Transformations via Generalized Randomized Smoothing. (86%)
Beyond the Imitation Game: Quantifying and extrapolating the capabilities of language models. (84%)
Data-Efficient Double-Win Lottery Tickets from Robust Pre-training. (41%)
DORA: Exploring outlier representations in Deep Neural Networks. (1%)
Membership Inference via Backdooring. (1%)
2022-06-08
Wavelet Regularization Benefits Adversarial Training. (99%)
Latent Boundary-guided Adversarial Training. (99%)
Adversarial Text Normalization. (73%)
Autoregressive Perturbations for Data Poisoning. (70%)
Toward Certified Robustness Against Real-World Distribution Shifts. (5%)
Generative Adversarial Networks and Image-Based Malware Classification. (1%)
Robust Deep Ensemble Method for Real-world Image Denoising. (1%)
2022-06-07
Fooling Explanations in Text Classifiers. (99%)
AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems. (99%)
Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition. (99%)
Adaptive Regularization for Adversarial Training. (98%)
Building Robust Ensembles via Margin Boosting. (83%)
Can Backdoor Attacks Survive Time-Varying Models? (67%)
Adversarial Reprogramming Revisited. (3%)
Certifying Data-Bias Robustness in Linear Regression. (1%)
Parametric Chordal Sparsity for SDP-based Neural Network Verification. (1%)
Can CNNs Be More Robust Than Transformers? (1%)
2022-06-06
Robust Adversarial Attacks Detection based on Explainable Deep Reinforcement Learning For UAV Guidance and Planning. (99%)
Fast Adversarial Training with Adaptive Step Size. (98%)
Certified Robustness in Federated Learning. (87%)
Robust Image Protection Countering Cropping Manipulation. (10%)
PCPT and ACPT: Copyright Protection and Traceability Scheme for DNN Model. (3%)
Tackling covariate shift with node-based Bayesian neural networks. (1%)
Anomaly Detection with Test Time Augmentation and Consistency Evaluation. (1%)
2022-06-05
Federated Adversarial Training with Transformers. (98%)
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training. (98%)
2022-06-04
Soft Adversarial Training Can Retain Natural Accuracy. (76%)
2022-06-03
Saliency Attack: Towards Imperceptible Black-box Adversarial Attack. (99%)
Towards Evading the Limits of Randomized Smoothing: A Theoretical Analysis. (96%)
Evaluating Transfer-based Targeted Adversarial Perturbations against Real-World Computer Vision Systems based on Human Judgments. (92%)
A Robust Backpropagation-Free Framework for Images. (80%)
Gradient Obfuscation Checklist Test Gives a False Sense of Security. (73%)
Kallima: A Clean-label Framework for Textual Backdoor Attacks. (26%)
2022-06-02
FACM: Correct the Output of Deep Neural Network with Middle Layers Features against Adversarial Samples. (99%)
Adaptive Adversarial Training to Improve Adversarial Robustness of DNNs for Medical Image Segmentation and Detection. (99%)
Adversarial RAW: Image-Scaling Attack Against Imaging Pipeline. (99%)
Adversarial Laser Spot: Robust and Covert Physical Adversarial Attack to DNNs. (98%)
Mask-Guided Divergence Loss Improves the Generalization and Robustness of Deep Neural Network. (91%)
Adversarial Unlearning: Reducing Confidence Along Adversarial Directions. (31%)
MaxStyle: Adversarial Style Composition for Robust Medical Image Segmentation. (8%)
A temporal chrominance trigger for clean-label backdoor attack against anti-spoof rebroadcast detection. (4%)
Learning Unbiased Transferability for Domain Adaptation by Uncertainty Modeling. (1%)
2022-06-01
On the reversibility of adversarial attacks. (99%)
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks. (99%)
Attack-Agnostic Adversarial Detection. (99%)
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations. (98%)
Support Vector Machines under Adversarial Label Contamination. (97%)
Defense Against Gradient Leakage Attacks via Learning to Obscure Data. (80%)
The robust way to stack and bag: the local Lipschitz way. (70%)
Robustness Evaluation and Adversarial Training of an Instance Segmentation Model. (54%)
On the Perils of Cascading Robust Classifiers. (15%)
RoCourseNet: Distributionally Robust Training of a Prediction Aware Recourse Model. (1%)
2022-05-31
Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems. (99%)
Exact Feature Collisions in Neural Networks. (95%)
CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. (86%)
CASSOCK: Viable Backdoor Attacks against DNN in The Wall of Source-Specific Backdoor Defences. (83%)
Semantic Autoencoder and Its Potential Usage for Adversarial Attack. (81%)
An Effective Fusion Method to Enhance the Robustness of CNN. (80%)
Order-sensitive Shapley Values for Evaluating Conceptual Soundness of NLP Models. (64%)
Generative Models with Information-Theoretic Protection Against Membership Inference Attacks. (10%)
Likelihood-Free Inference with Generative Neural Networks via Scoring Rule Minimization. (1%)
2022-05-30
Exposing Fine-grained Adversarial Vulnerability of Face Anti-spoofing Models. (99%)
Searching for the Essence of Adversarial Perturbations. (99%)
Guided Diffusion Model for Adversarial Purification. (99%)
Domain Constraints in Feature Space: Strengthening Robustness of Android Malware Detection against Realizable Adversarial Examples. (98%)
Why Adversarial Training of ReLU Networks Is Difficult? (68%)
CalFAT: Calibrated Federated Adversarial Training with Label Skewness. (67%)
Securing AI-based Healthcare Systems using Blockchain Technology: A State-of-the-Art Systematic Literature Review and Future Research Directions. (15%)
Efficient Reward Poisoning Attacks on Online Deep Reinforcement Learning. (13%)
White-box Membership Attack Against Machine Learning Based Retinopathy Classification. (10%)
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance. (2%)
2022-05-29
Robust Weight Perturbation for Adversarial Training. (99%)
Mixture GAN For Modulation Classification Resiliency Against Adversarial Attacks. (99%)
Unfooling Perturbation-Based Post Hoc Explainers. (98%)
On the Robustness of Safe Reinforcement Learning under Observational Perturbations. (92%)
Superclass Adversarial Attack. (80%)
Problem-Space Evasion Attacks in the Android OS: a Survey. (50%)
Context-based Virtual Adversarial Training for Text Classification with Noisy Labels. (11%)
A General Multiple Data Augmentation Based Framework for Training Deep Neural Networks. (1%)
2022-05-28
Contributor-Aware Defenses Against Adversarial Backdoor Attacks. (98%)
BadDet: Backdoor Attacks on Object Detection. (92%)
Syntax-Guided Program Reduction for Understanding Neural Code Intelligence Models. (62%)
2022-05-27
fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems. (96%)
Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power. (92%)
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction. (92%)
Defending Against Stealthy Backdoor Attacks. (73%)
EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks. (13%)
2022-05-26
Transferable Adversarial Attack based on Integrated Gradients. (99%)
A Physical-World Adversarial Attack Against 3D Face Recognition. (98%)
An Analytic Framework for Robust Training of Artificial Neural Networks. (93%)
Denial-of-Service Attack on Object Detection Model Using Universal Adversarial Perturbation. (92%)
Denial-of-Service Attacks on Learned Image Compression. (92%)
Adversarial attacks and defenses in Speaker Recognition Systems: A survey. (81%)
PerDoor: Persistent Non-Uniform Backdoors in Federated Learning using Adversarial Perturbations. (81%)
BppAttack: Stealthy and Efficient Trojan Attacks against Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning. (81%)
Circumventing Backdoor Defenses That Are Based on Latent Separability. (80%)
R-HTDetector: Robust Hardware-Trojan Detection Based on Adversarial Training. (80%)
BagFlip: A Certified Defense against Data Poisoning. (75%)
Fight Poison with Poison: Detecting Backdoor Poison Samples via Decoupling Benign Correlations. (54%)
Membership Inference Attack Using Self Influence Functions. (45%)
2022-05-25
Surprises in adversarially-trained linear regression. (78%)
Textual Backdoor Attacks with Iterative Trigger Injection. (9%)
How explainable are adversarially-robust CNNs? (8%)
2022-05-24
Defending a Music Recommender Against Hubness-Based Adversarial Attacks. (99%)
Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks. (99%)
Certified Robustness Against Natural Language Attacks by Causal Intervention. (98%)
One-Pixel Shortcut: on the Learning Preference of Deep Neural Networks. (83%)
WeDef: Weakly Supervised Backdoor Defense for Text Classification. (56%)
Recipe2Vec: Multi-modal Recipe Representation Learning with Graph Neural Networks. (50%)
Fine-grained Poisoning Attacks to Local Differential Privacy Protocols for Mean and Variance Estimation. (26%)
EBM Life Cycle: MCMC Strategies for Synthesis, Defense, and Density Modeling. (10%)
Comprehensive Privacy Analysis on Federated Recommender System against Attribute Inference Attacks. (9%)
Quarantine: Sparsity Can Uncover the Trojan Attack Trigger for Free. (2%)
CDFKD-MFS: Collaborative Data-free Knowledge Distillation via Multi-level Feature Sharing. (1%)
2022-05-23
Alleviating Robust Overfitting of Adversarial Training With Consistency Regularization. (98%)
Learning to Ignore Adversarial Attacks. (95%)
Collaborative Adversarial Training. (93%)
Towards a Defense against Backdoor Attacks in Continual Federated Learning. (50%)
Compressing Deep Graph Neural Networks via Adversarial Knowledge Distillation. (10%)
RCC-GAN: Regularized Compound Conditional GAN for Large-Scale Tabular Data Synthesis. (1%)
2022-05-22
Robust Quantity-Aware Aggregation for Federated Learning. (13%)
Analysis of functional neural codes of deep learning models. (10%)
2022-05-21
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. (99%)
Gradient Concealment: Free Lunch for Defending Adversarial Attacks. (99%)
Phrase-level Textual Adversarial Attack with Label Preservation. (99%)
On the Feasibility and Generality of Patch-based Adversarial Attacks on Semantic Segmentation Problems. (16%)
2022-05-20
Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness. (99%)
Robust Sensible Adversarial Learning of Deep Neural Networks for Image Classification. (98%)
Adversarial joint attacks on legged robots. (86%)
Towards Consistency in Adversarial Classification. (82%)
Adversarial Body Shape Search for Legged Robots. (80%)
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning. (16%)
The developmental trajectory of object recognition robustness: children are like small adults but unlike big deep neural networks. (11%)
Vulnerability Analysis and Performance Enhancement of Authentication Protocol in Dynamic Wireless Power Transfer Systems. (10%)
Exploring the Trade-off between Plausibility, Change Intensity and Adversarial Power in Counterfactual Explanations using Multi-objective Optimization. (4%)
2022-05-19
Focused Adversarial Attacks. (99%)
Transferable Physical Attack against Object Detection with Separable Attention. (99%)
Enhancing the Transferability of Adversarial Examples via a Few Queries. (99%)
On Trace of PGD-Like Adversarial Attacks. (99%)
Improving Robustness against Real-World and Worst-Case Distribution Shifts through Decision Region Quantification. (98%)
Defending Against Adversarial Attacks by Energy Storage Facility. (92%)
Sparse Adversarial Attack in Multi-agent Reinforcement Learning. (82%)
Data Valuation for Offline Reinforcement Learning. (1%)
2022-05-18
Passive Defense Against 3D Adversarial Point Clouds Through the Lens of 3D Steganalysis. (99%)
Property Unlearning: A Defense Strategy Against Property Inference Attacks. (84%)
Backdoor Attacks on Bayesian Neural Networks using Reverse Distribution. (56%)
Empirical Advocacy of Bio-inspired Models for Robust Image Recognition. (38%)
Constraining the Attack Space of Machine Learning Models with Distribution Clamping Preprocessing. (1%)
Mitigating Neural Network Overconfidence with Logit Normalization. (1%)
2022-05-17
Hierarchical Distribution-Aware Testing of Deep Learning. (98%)
A two-steps approach to improve the performance of Android malware detectors. (10%)
Bankrupting DoS Attackers Despite Uncertainty. (8%)
Recovering Private Text in Federated Learning of Language Models. (2%)
Policy Distillation with Selective Input Gradient Regularization for Efficient Interpretability. (2%)
Semi-Supervised Building Footprint Generation with Feature and Output Consistency Training. (1%)
2022-05-16
Attacking and Defending Deep Reinforcement Learning Policies. (99%)
Diffusion Models for Adversarial Purification. (99%)
Robust Representation via Dynamic Feature Aggregation. (84%)
Sparse Visual Counterfactual Explanations in Image Space. (76%)
On the Difficulty of Defending Self-Supervised Learning against Model Extraction. (67%)
Transferability of Adversarial Attacks on Synthetic Speech Detection. (47%)
2022-05-15
Exploiting the Relationship Between Kendall's Rank Correlation and Cosine Similarity for Attribution Protection. (64%)
RoMFAC: A Robust Mean-Field Actor-Critic Reinforcement Learning against Adversarial Perturbations on States. (38%)
Automation Slicing and Testing for in-App Deep Learning Models. (1%)
2022-05-14
Evaluating Membership Inference Through Adversarial Robustness. (98%)
Verifying Neural Networks Against Backdoor Attacks. (2%)
2022-05-13
Universal Post-Training Backdoor Detection. (98%)
l-Leaks: Membership Inference Attacks with Logits. (41%)
DualCF: Efficient Model Extraction Attack from Counterfactual Explanations. (26%)
Millimeter-Wave Automotive Radar Spoofing. (2%)
2022-05-12
Sample Complexity Bounds for Robustly Learning Decision Lists against Evasion Attacks. (75%)
PoisonedEncoder: Poisoning the Unlabeled Pre-training Data in Contrastive Learning. (61%)
How to Combine Membership-Inference Attacks on Multiple Updated Models. (11%)
Infrared Invisible Clothing:Hiding from Infrared Detectors at Multiple Angles in Real World. (4%)
Smooth-Reduce: Leveraging Patches for Improved Certified Robustness. (2%)
Stalloris: RPKI Downgrade Attack. (1%)
2022-05-11
A Longitudal Study of Cryptographic API -- a Decade of Android Malware. (1%)
Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. (1%)
The Hijackers Guide To The Galaxy: Off-Path Taking Over Internet Resources. (1%)
2022-05-10
Robust Medical Image Classification from Noisy Labeled Data with Global and Local Representation Guided Co-training. (1%)
White-box Testing of NLP models with Mask Neuron Coverage. (1%)
2022-05-09
Btech thesis report on adversarial attack detection and purification of adverserially attacked images. (99%)
Using Frequency Attention to Make Adversarial Patch Powerful Against Person Detector. (98%)
Do You Think You Can Hold Me? The Real Challenge of Problem-Space Evasion Attacks. (97%)
Model-Contrastive Learning for Backdoor Defense. (87%)
How Does Frequency Bias Affect the Robustness of Neural Image Classifiers against Common Corruption and Adversarial Perturbations? (61%)
Federated Multi-Armed Bandits Under Byzantine Attacks. (2%)
Verifying Integrity of Deep Ensemble Models by Lossless Black-box Watermarking with Sensitive Samples. (2%)
2022-05-08
Fingerprint Template Invertibility: Minutiae vs. Deep Templates. (68%)
ResSFL: A Resistance Transfer Framework for Defending Model Inversion Attack in Split Federated Learning. (22%)
VPN: Verification of Poisoning in Neural Networks. (9%)
FOLPETTI: A Novel Multi-Armed Bandit Smart Attack for Wireless Networks. (4%)
PGADA: Perturbation-Guided Adversarial Alignment for Few-shot Learning Under the Support-Query Shift. (1%)
2022-05-07
A Simple Yet Efficient Method for Adversarial Word-Substitute Attack. (99%)
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees. (92%)
2022-05-06
Imperceptible Backdoor Attack: From Input Space to Feature Representation. (68%)
Defending against Reconstruction Attacks through Differentially Private Federated Learning for Classification of Heterogeneous Chest X-Ray Data. (26%)
LPGNet: Link Private Graph Networks for Node Classification. (1%)
Unlimited Lives: Secure In-Process Rollback with Isolated Domains. (1%)
2022-05-05
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems. (99%)
Structural Extensions of Basis Pursuit: Guarantees on Adversarial Robustness. (78%)
Can collaborative learning be private, robust and scalable? (12%)
Large Scale Transfer Learning for Differentially Private Image Classification. (2%)
Heterogeneous Domain Adaptation with Adversarial Neural Representation Learning: Experiments on E-Commerce and Cybersecurity. (1%)
Are GAN-based Morphs Threatening Face Recognition? (1%)
2022-05-04
Based-CE white-box adversarial attack will not work using super-fitting. (99%)
Rethinking Classifier And Adversarial Attack. (98%)
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. (98%)
Robust Conversational Agents against Imperceptible Toxicity Triggers. (92%)
Subverting Fair Image Search with Generative Adversarial Perturbations. (83%)
2022-05-03
Don't sweat the small stuff, classify the rest: Sample Shielding to protect text classifiers against adversarial attacks. (96%)
Adversarial Training for High-Stakes Reliability. (68%)
On the uncertainty principle of neural networks. (3%)
Meta-Cognition. An Inverse-Inverse Reinforcement Learning Approach for Cognitive Radars. (1%)
2022-05-02
SemAttack: Natural Textual Attacks via Different Semantic Spaces. (96%)
Deep-Attack over the Deep Reinforcement Learning. (93%)
Enhancing Adversarial Training with Feature Separability. (92%)
BERTops: Studying BERT Representations under a Topological Lens. (92%)
MIRST-DM: Multi-Instance RST with Drop-Max Layer for Robust Classification of Breast Cancer. (83%)
Revisiting Gaussian Neurons for Online Clustering with Unknown Number of Clusters. (1%)
2022-05-01
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction. (98%)
DDDM: a Brain-Inspired Framework for Robust Classification. (76%)
Robust Fine-tuning via Perturbation and Interpolation from In-batch Instances. (9%)
A Simple Approach to Improve Single-Model Deep Uncertainty via Distance-Awareness. (3%)
Adversarial Plannning. (2%)
2022-04-30
Optimizing One-pixel Black-box Adversarial Attacks. (82%)
Cracking White-box DNN Watermarks via Invariant Neuron Transforms. (26%)
Adapting and Evaluating Influence-Estimation Methods for Gradient-Boosted Decision Trees. (1%)
Loss Function Entropy Regularization for Diverse Decision Boundaries. (1%)
2022-04-29
Adversarial attacks on an optical neural network. (92%)
Logically Consistent Adversarial Attacks for Soft Theorem Provers. (2%)
Bridging Differential Privacy and Byzantine-Robustness via Model Aggregation. (1%)
2022-04-28
Detecting Textual Adversarial Examples Based on Distributional Characteristics of Data Representations. (99%)
Formulating Robustness Against Unforeseen Attacks. (99%)
Randomized Smoothing under Attack: How Good is it in Pratice? (84%)
Improving robustness of language models from a geometry-aware perspective. (68%)
Mixup-based Deep Metric Learning Approaches for Incomplete Supervision. (50%)
AGIC: Approximate Gradient Inversion Attack on Federated Learning. (16%)
An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks. (1%)
2022-04-27
Adversarial Fine-tune with Dynamically Regulated Adversary. (99%)
Defending Against Person Hiding Adversarial Patch Attack with a Universal White Frame. (98%)
An Adversarial Attack Analysis on Malicious Advertisement URL Detection Framework. (81%)
2022-04-26
Boosting Adversarial Transferability of MLP-Mixer. (99%)
Restricted Black-box Adversarial Attack Against DeepFake Face Swapping. (99%)
Improving the Transferability of Adversarial Examples with Restructure Embedded Patches. (99%)
On Fragile Features and Batch Normalization in Adversarial Training. (97%)
Mixed Strategies for Security Games with General Defending Requirements. (75%)
Poisoning Deep Learning based Recommender Model in Federated Learning Scenarios. (26%)
Designing Perceptual Puzzles by Differentiating Probabilistic Programs. (13%)
Enhancing Privacy against Inversion Attacks in Federated Learning by using Mixing Gradients Strategies. (8%)
Performance Analysis of Out-of-Distribution Detection on Trained Neural Networks. (4%)
2022-04-25
Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks. (99%)
When adversarial examples are excusable. (89%)
A Simple Structure For Building A Robust Model. (81%)
Real or Virtual: A Video Conferencing Background Manipulation-Detection System. (67%)
Can Rationalization Improve Robustness? (12%)
PhysioGAN: Training High Fidelity Generative Model for Physiological Sensor Readings. (1%)
VITA: A Multi-Source Vicinal Transfer Augmentation Method for Out-of-Distribution Generalization. (1%)
Enable Deep Learning on Mobile Devices: Methods, Systems, and Applications. (1%)
2022-04-24
A Hybrid Defense Method against Adversarial Attacks on Traffic Sign Classifiers in Autonomous Vehicles. (99%)
Improving Deep Learning Model Robustness Against Adversarial Attack by Increasing the Network Capacity. (81%)
2022-04-23
Smart App Attack: Hacking Deep Learning Models in Android Apps. (98%)
Towards Data-Free Model Stealing in a Hard Label Setting. (13%)
Reinforced Causal Explainer for Graph Neural Networks. (1%)
2022-04-22
How Sampling Impacts the Robustness of Stochastic Neural Networks. (98%)
A Tale of Two Models: Constructing Evasive Attacks on Edge Models. (83%)
Enhancing the Transferability via Feature-Momentum Adversarial Attack. (82%)
Data-Efficient Backdoor Attacks. (76%)
2022-04-21
A Mask-Based Adversarial Defense Scheme. (99%)
Is Neuron Coverage Needed to Make Person Detection More Robust? (98%)
Robustness of Machine Learning Models Beyond Adversarial Attacks. (98%)
Adversarial Contrastive Learning by Permuting Cluster Assignments. (15%)
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation. (4%)
Detecting Topology Attacks against Graph Neural Networks. (1%)
2022-04-20
Adversarial Scratches: Deployable Attacks to CNN Classifiers. (99%)
GUARD: Graph Universal Adversarial Defense. (99%)
Fast AdvProp. (98%)
Case-Aware Adversarial Training. (98%)
Improved Worst-Group Robustness via Classifier Retraining on Independent Splits. (1%)
2022-04-19
Jacobian Ensembles Improve Robustness Trade-offs to Adversarial Attacks. (99%)
Robustness Testing of Data and Knowledge Driven Anomaly Detection in Cyber-Physical Systems. (86%)
Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation. (83%)
2022-04-18
UNBUS: Uncertainty-aware Deep Botnet Detection System in Presence of Perturbed Samples. (99%)
Sardino: Ultra-Fast Dynamic Ensemble for Secure Visual Sensing at Mobile Edge. (99%)
Centralized Adversarial Learning for Robust Deep Hashing. (99%)
Metamorphic Testing-based Adversarial Attack to Fool Deepfake Detectors. (98%)
A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability. (75%)
CorrGAN: Input Transformation Technique Against Natural Corruptions. (70%)
Poisons that are learned faster are more effective. (64%)
2022-04-17
Residue-Based Natural Language Adversarial Attack Detection. (99%)
Towards Comprehensive Testing on the Robustness of Cooperative Multi-agent Reinforcement Learning. (95%)
2022-04-16
SETTI: A Self-supervised Adversarial Malware Detection Architecture in an IoT Environment. (95%)
Homomorphic Encryption and Federated Learning based Privacy-Preserving CNN Training: COVID-19 Detection Use-Case. (67%)
2022-04-15
Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning. (92%)
2022-04-14
From Environmental Sound Representation to Robustness of 2D CNN Models Against Adversarial Attacks. (99%)
Planting Undetectable Backdoors in Machine Learning Models. (99%)
Q-TART: Quickly Training for Adversarial Robustness and in-Transferability. (50%)
Robotic and Generative Adversarial Attacks in Offline Writer-independent Signature Verification. (41%)
2022-04-13
Task-Driven Data Augmentation for Vision-Based Robotic Control. (96%)
Stealing Malware Classifiers and AVs at Low False Positive Conditions. (82%)
Defensive Patches for Robust Recognition in the Physical World. (80%)
A Novel Approach to Train Diverse Types of Language Models for Health Mention Classification of Tweets. (78%)
Overparameterized Linear Regression under Adversarial Attacks. (76%)
Towards A Critical Evaluation of Robustness for Deep Learning Backdoor Countermeasures. (38%)
A Natural Language Processing Approach for Instruction Set Architecture Identification. (1%)
2022-04-12
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS. (99%)
Examining the Proximity of Adversarial Examples to Class Manifolds in Deep Networks. (98%)
Toward Robust Spiking Neural Network Against Adversarial Perturbation. (98%)
Machine Learning Security against Data Poisoning: Are We There Yet? (92%)
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms. (11%)
3DeformRS: Certifying Spatial Deformations on Point Clouds. (9%)
2022-04-11
A Simple Approach to Adversarial Robustness in Few-shot Image Classification. (98%)
Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. (92%)
Generalizing Adversarial Explanations with Grad-CAM. (84%)
Anti-Adversarially Manipulated Attributions for Weakly Supervised Semantic Segmentation and Object Localization. (83%)
Exploring the Universal Vulnerability of Prompt-based Learning Paradigm. (47%)
medXGAN: Visual Explanations for Medical Classifiers through a Generative Latent Space. (1%)
2022-04-10
"That Is a Suspicious Reaction!": Interpreting Logits Variation to Detect NLP Adversarial Attacks. (88%)
Analysis of Power-Oriented Fault Injection Attacks on Spiking Neural Networks. (54%)
Measuring the False Sense of Security. (26%)
2022-04-08
Defense against Adversarial Attacks on Hybrid Speech Recognition using Joint Adversarial Fine-tuning with Denoiser. (99%)
AdvEst: Adversarial Perturbation Estimation to Classify and Detect Adversarial Attacks against Speaker Identification. (99%)
Evaluating the Adversarial Robustness for Fourier Neural Operators. (92%)
Backdoor Attack against NLP models with Robustness-Aware Perturbation defense. (87%)
An Adaptive Black-box Backdoor Detection Method for Deep Neural Networks. (45%)
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment. (13%)
Neural Tangent Generalization Attacks. (12%)
Labeling-Free Comparison Testing of Deep Learning Models. (11%)
Does Robustness on ImageNet Transfer to Downstream Tasks? (2%)
The self-learning AI controller for adaptive power beaming with fiber-array laser transmitter system. (1%)
2022-04-07
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. (99%)
Adaptive-Gravity: A Defense Against Adversarial Samples. (99%)
Using Multiple Self-Supervised Tasks Improves Model Robustness. (81%)
Transformer-Based Language Models for Software Vulnerability Detection: Performance, Model's Security and Platforms. (69%)
Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation. (1%)
2022-04-06
Sampling-based Fast Gradient Rescaling Method for Highly Transferable Adversarial Attacks. (99%)
Masking Adversarial Damage: Finding Adversarial Saliency for Robust and Sparse Network. (95%)
Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck. (93%)
Optimization Models and Interpretations for Three Types of Adversarial Perturbations against Support Vector Machines. (68%)
Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems. (62%)
Adversarial Analysis of the Differentially-Private Federated Learning in Cyber-Physical Critical Infrastructures. (4%)
2022-04-05
Hear No Evil: Towards Adversarial Robustness of Automatic Speech Recognition via Multi-Task Learning. (98%)
Adversarial Robustness through the Lens of Convolutional Filters. (87%)
User-Level Differential Privacy against Attribute Inference Attack of Speech Emotion Recognition in Federated Learning. (2%)
SwapMix: Diagnosing and Regularizing the Over-Reliance on Visual Context in Visual Question Answering. (1%)
GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning. (1%)
2022-04-04
Experimental quantum adversarial learning with programmable superconducting qubits. (99%)
RobustSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition. (99%)
DAD: Data-free Adversarial Defense at Test Time. (99%)
PRADA: Practical Black-Box Adversarial Attacks against Neural Ranking Models. (99%)
FaceSigns: Semi-Fragile Neural Watermarks for Media Authentication and Countering Deepfakes. (98%)
2022-04-03
Breaking the De-Pois Poisoning Defense. (98%)
Adversarially robust segmentation models learn perceptually-aligned gradients. (16%)
Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders. (1%)
2022-04-02
Adversarial Neon Beam: Robust Physical-World Adversarial Attack to DNNs. (98%)
DST: Dynamic Substitute Training for Data-free Black-box Attack. (98%)
2022-04-01
SkeleVision: Towards Adversarial Resiliency of Person Tracking with Multi-Task Learning. (47%)
Robust and Accurate -- Compositional Architectures for Randomized Smoothing. (31%)
FrequencyLowCut Pooling -- Plug & Play against Catastrophic Overfitting. (16%)
Preventing Distillation-based Attacks on Neural Network IP. (2%)
FedRecAttack: Model Poisoning Attack to Federated Recommendation. (1%)
2022-03-31
Improving Adversarial Transferability via Neuron Attribution-Based Attacks. (99%)
Adversarial Examples in Random Neural Networks with General Activations. (98%)
Scalable Whitebox Attacks on Tree-based Models. (96%)
Towards Robust Rain Removal Against Adversarial Attacks: A Comprehensive Benchmark Analysis and Beyond. (86%)
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. (81%)
2022-03-30
Investigating Top-$k$ White-Box and Transferable Black-box Attack. (87%)
Sensor Data Validation and Driving Safety in Autonomous Driving Systems. (83%)
Example-based Explanations with Adversarial Attacks for Respiratory Sound Analysis. (56%)
2022-03-29
Mel Frequency Spectral Domain Defenses against Adversarial Attacks on Speech Recognition Systems. (99%)
Zero-Query Transfer Attacks on Context-Aware Object Detectors. (99%)
Exploring Frequency Adversarial Attacks for Face Forgery Detection. (99%)
StyleFool: Fooling Video Classification Systems via Style Transfer. (99%)
Recent improvements of ASR models in the face of adversarial attacks. (98%)
Robust Structured Declarative Classifiers for 3D Point Clouds: Defending Adversarial Attacks with Implicit Gradients. (83%)
Treatment Learning Transformer for Noisy Image Classification. (26%)
Can NMT Understand Me? Towards Perturbation-based Evaluation of NMT Models for Code Generation. (11%)
2022-03-28
Boosting Black-Box Adversarial Attacks with Meta Learning. (99%)
A Fast and Efficient Conditional Learning for Tunable Trade-Off between Accuracy and Robustness. (62%)
Robust Unlearnable Examples: Protecting Data Against Adversarial Learning. (16%)
Neurosymbolic hybrid approach to driver collision warning. (15%)
Attacker Attribution of Audio Deepfakes. (1%)
2022-03-27
Rebuild and Ensemble: Exploring Defense Against Text Adversaries. (76%)
Adversarial Representation Sharing: A Quantitative and Secure Collaborative Learning Framework. (8%)
2022-03-26
How to Robustify Black-Box ML Models? A Zeroth-Order Optimization Perspective. (99%)
A Survey of Robust Adversarial Training in Pattern Recognition: Fundamental, Theory, and Methodologies. (99%)
Reverse Engineering of Imperceptible Adversarial Image Perturbations. (99%)
Efficient Global Robustness Certification of Neural Networks via Interleaving Twin-Network Encoding. (33%)
A Systematic Survey of Attack Detection and Prevention in Connected and Autonomous Vehicles. (1%)
A Roadmap for Big Model. (1%)
2022-03-25
Improving Adversarial Transferability with Spatial Momentum. (99%)
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch Robustness. (89%)
Origins of Low-dimensional Adversarial Perturbations. (89%)
Improving robustness of jet tagging algorithms with adversarial training. (10%)
A Unified Contrastive Energy-based Model for Understanding the Generative Ability of Adversarial Training. (5%)
A Stitch in Time Saves Nine: A Train-Time Regularizing Loss for Improved Neural Network Calibration. (1%)
2022-03-24
Trojan Horse Training for Breaking Defenses against Backdoor Attacks in Deep Learning. (99%)
A Perturbation Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow. (99%)
NPC: Neuron Path Coverage via Characterizing Decision Logic of Deep Neural Networks. (93%)
MERLIN -- Malware Evasion with Reinforcement LearnINg. (56%)
Repairing Group-Level Errors for DNNs Using Weighted Regularization. (13%)
A Manifold View of Adversarial Risk. (11%)
2022-03-23
Powerful Physical Adversarial Examples Against Practical Face Recognition Systems. (99%)
Adversarial Training for Improving Model Robustness? Look at Both Prediction and Interpretation. (99%)
Input-specific Attention Subnetworks for Adversarial Detection. (99%)
Self-supervised Learning of Adversarial Example: Towards Good Generalizations for Deepfake Detection. (69%)
Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion. (3%)
On the (Limited) Generalization of MasterFace Attacks and Its Relation to the Capacity of Face Representations. (3%)
2022-03-22
Exploring High-Order Structure for Robust Graph Structure Learning. (99%)
On Adversarial Robustness of Large-scale Audio Visual Learning. (93%)
On the (Non-)Robustness of Two-Layer Neural Networks in Different Learning Regimes. (83%)
Semi-Targeted Model Poisoning Attack on Federated Learning via Backward Error Analysis. (78%)
A Girl Has A Name, And It's ... Adversarial Authorship Attribution for Deobfuscation. (2%)
GradViT: Gradient Inversion of Vision Transformers. (1%)
On Robust Classification using Contractive Hamiltonian Neural ODEs. (1%)
2022-03-21
Making DeepFakes more spurious: evading deep face forgery detection via trace removal attack. (92%)
Integrity Fingerprinting of DNN with Double Black-box Design and Verification. (10%)
On The Robustness of Offensive Language Classifiers. (2%)
Defending against Co-residence Attack in Energy-Efficient Cloud: An Optimization based Real-time Secure VM Allocation Strategy. (1%)
2022-03-20
An Intermediate-level Attack Framework on The Basis of Linear Regression. (99%)
A Prompting-based Approach for Adversarial Example Generation and Robustness Enhancement. (99%)
Leveraging Expert Guided Adversarial Augmentation For Improving Generalization in Named Entity Recognition. (82%)
Adversarial Parameter Attack on Deep Neural Networks. (62%)
2022-03-19
Adversarial Defense via Image Denoising with Chaotic Encryption. (99%)
Perturbations in the Wild: Leveraging Human-Written Text Perturbations for Realistic Adversarial Attack and Defense. (98%)
Distinguishing Non-natural from Natural Adversarial Samples for More Robust Pre-trained Language Model. (84%)
Efficient Neural Network Analysis with Sum-of-Infeasibilities. (74%)
Deep Learning Generalization, Extrapolation, and Over-parameterization. (68%)
On Robust Prefix-Tuning for Text Classification. (10%)
2022-03-18
Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike. (99%)
Adversarial Attacks on Deep Learning-based Video Compression and Classification Systems. (99%)
Neural Predictor for Black-Box Adversarial Attacks on Speech Recognition. (99%)
AutoAdversary: A Pixel Pruning Method for Sparse Adversarial Attack. (99%)
Defending Variational Autoencoders from Adversarial Attacks with MCMC. (83%)
DTA: Physical Camouflage Attacks using Differentiable Transformation Network. (83%)
AdIoTack: Quantifying and Refining Resilience of Decision Tree Ensemble Inference Models against Adversarial Volumetric Attacks on IoT Networks. (78%)
Towards Robust 2D Convolution for Reliable Visual Recognition. (9%)
2022-03-17
Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input. (99%)
Self-Ensemble Adversarial Training for Improved Robustness. (99%)
Leveraging Adversarial Examples to Quantify Membership Information Leakage. (98%)
On the Properties of Adversarially-Trained CNNs. (93%)
PiDAn: A Coherence Optimization Approach for Backdoor Attack Detection and Mitigation in Deep Neural Networks. (89%)
HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing. (1%)
2022-03-16
Robustness through Cognitive Dissociation Mitigation in Contrastive Adversarial Training. (99%)
Towards Practical Certifiable Patch Defense with Vision Transformer. (98%)
Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations? (97%)
Provable Adversarial Robustness for Fractional Lp Threat Models. (87%)
What Do Adversarially trained Neural Networks Focus: A Fourier Domain-based Study. (83%)
COPA: Certifying Robust Policies for Offline Reinforcement Learning against Poisoning Attacks. (82%)
Reducing Flipping Errors in Deep Neural Networks. (68%)
Attacking deep networks with surrogate-based adversarial black-box methods is easy. (45%)
On the Convergence of Certified Robust Training with Interval Bound Propagation. (15%)
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. (15%)
Understanding robustness and generalization of artificial neural networks through Fourier masks. (2%)
2022-03-15
Generalized but not Robust? Comparing the Effects of Data Modification Methods on Out-of-Domain Generalization and Adversarial Robustness. (76%)
SoK: Why Have Defenses against Social Engineering Attacks Achieved Limited Success? (11%)
Towards Adversarial Control Loops in Sensor Attacks: A Case Study to Control the Kinematics and Actuation of Embedded Systems. (10%)
LDP: Learnable Dynamic Precision for Efficient Deep Neural Network Training and Inference. (1%)
Adversarial Counterfactual Augmentation: Application in Alzheimer's Disease Classification. (1%)
2022-03-14
Efficient universal shuffle attack for visual object tracking. (99%)
Defending Against Adversarial Attack in ECG Classification with Adversarial Distillation Training. (99%)
Task-Agnostic Robust Representation Learning. (98%)
Adversarial amplitude swap towards robust image classifiers. (83%)
On the benefits of knowledge distillation for adversarial robustness. (82%)
RES-HD: Resilient Intelligent Fault Diagnosis Against Adversarial Attacks Using Hyper-Dimensional Computing. (82%)
Energy-Latency Attacks via Sponge Poisoning. (80%)
Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis. (54%)
2022-03-13
LAS-AT: Adversarial Training with Learnable Attack Strategy. (99%)
Generating Practical Adversarial Network Traffic Flows Using NIDSGAN. (99%)
Model Inversion Attack against Transfer Learning: Inverting a Model without Accessing It. (92%)
One Parameter Defense -- Defending against Data Inference Attacks via Differential Privacy. (67%)
Policy Learning for Robust Markov Decision Process with a Mismatched Generative Model. (3%)
2022-03-12
Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior. (99%)
A survey in Adversarial Defences and Robustness in NLP. (99%)
Label-only Model Inversion Attack: The Attack that Requires the Least Information. (47%)
2022-03-11
Block-Sparse Adversarial Attack to Fool Transformer-Based Text Classifiers. (99%)
Learning from Attacks: Attacking Variational Autoencoder for Improving Image Classification. (98%)
An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks. (96%)
Enhancing Adversarial Training with Second-Order Statistics of Weights. (38%)
ROOD-MRI: Benchmarking the robustness of deep learning segmentation models to out-of-distribution and corrupted data in MRI. (33%)
Perception Over Time: Temporal Dynamics for Robust Image Understanding. (16%)
Reinforcement Learning for Linear Quadratic Control is Vulnerable Under Cost Manipulation. (15%)
2022-03-10
Exploiting the Potential of Datasets: A Data-Centric Approach for Model Robustness. (92%)
Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation. (75%)
Attack Analysis of Face Recognition Authentication Systems Using Fast Gradient Sign Method. (69%)
Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition Systems. (64%)
SoK: On the Semantic AI Security in Autonomous Driving. (10%)
2022-03-09
Practical No-box Adversarial Attacks with Training-free Hybrid Image Transformation. (99%)
Practical Evaluation of Adversarial Robustness via Adaptive Auto Attack. (99%)
Frequency-driven Imperceptible Adversarial Attack on Semantic Similarity. (99%)
Binary Classification Under $\ell_0$ Attacks for General Noise Distribution. (98%)
Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition. (97%)
Reverse Engineering $\ell_p$ attacks: A block-sparse optimization approach with recovery guarantees. (92%)
Defending Black-box Skeleton-based Human Activity Classifiers. (92%)
Robust Federated Learning Against Adversarial Attacks for Speech Emotion Recognition. (81%)
Improving Neural ODEs via Knowledge Distillation. (80%)
Physics-aware Complex-valued Adversarial Machine Learning in Reconfigurable Diffractive All-optical Neural Network. (22%)
On the surprising tradeoff between ImageNet accuracy and perceptual similarity. (1%)
2022-03-08
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust NIDS. (99%)
Shape-invariant 3D Adversarial Point Clouds. (99%)
ART-Point: Improving Rotation Robustness of Point Cloud Classifiers via Adversarial Rotation. (92%)
Robustly-reliable learners under poisoning attacks. (13%)
DeepSE-WF: Unified Security Estimation for Website Fingerprinting Defenses. (2%)
Joint rotational invariance and adversarial training of a dual-stream Transformer yields state of the art Brain-Score for Area V4. (1%)
Harmonicity Plays a Critical Role in DNN Based Versus in Biologically-Inspired Monaural Speech Segregation Systems. (1%)
2022-03-07
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches. (99%)
Art-Attack: Black-Box Adversarial Attack via Evolutionary Art. (99%)
Shadows can be Dangerous: Stealthy and Effective Physical-world Adversarial Attack by Natural Phenomenon. (99%)
Adversarial Texture for Fooling Person Detectors in the Physical World. (98%)
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision. (83%)
Towards Efficient Data-Centric Robust Machine Learning with Noise-based Augmentation. (31%)
2022-03-06
Searching for Robust Neural Architectures via Comprehensive and Reliable Evaluation. (99%)
Protecting Facial Privacy: Generating Adversarial Identity Masks via Style-robust Makeup Transfer. (98%)
Scalable Uncertainty Quantification for Deep Operator Networks using Randomized Priors. (45%)
2022-03-05
aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA. (92%)
2022-03-04
Targeted Data Poisoning Attack on News Recommendation System by Content Perturbation. (82%)
2022-03-03
Ad2Attack: Adaptive Adversarial Attack on Real-Time UAV Tracking. (99%)
Detection of Word Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation. (98%)
Adversarial Patterns: Building Robust Android Malware Classifiers. (98%)
Improving Health Mentioning Classification of Tweets using Contrastive Adversarial Training. (84%)
Label-Only Model Inversion Attacks via Boundary Repulsion. (74%)
Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models. (56%)
Why adversarial training can hurt robust accuracy. (22%)
Understanding Failure Modes of Self-Supervised Learning. (4%)
Ensemble Methods for Robust Support Vector Machines using Integer Programming. (2%)
Autonomous and Resilient Control for Optimal LEO Satellite Constellation Coverage Against Space Threats. (1%)
2022-03-02
Enhancing Adversarial Robustness for Deep Metric Learning. (99%)
Detecting Adversarial Perturbations in Multi-Task Perception. (98%)
Canonical foliations of neural networks: application to robustness. (82%)
Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers. (69%)
Video is All You Need: Attacking PPG-based Biometric Authentication. (13%)
A Quantitative Geometric Approach to Neural Network Smoothness. (2%)
MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members. (2%)
2022-03-01
Adversarial samples for deep monocular 6D object pose estimation. (99%)
Global-Local Regularization Via Distributional Robustness. (86%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (11%)
Signature Correction Attack on Dilithium Signature Scheme. (1%)
2022-02-28
Enhance transferability of adversarial examples with model architecture. (99%)
Towards Robust Stacked Capsule Autoencoder with Hybrid Adversarial Training. (99%)
Evaluating the Adversarial Robustness of Adaptive Test-time Defenses. (98%)
MaMaDroid2.0 -- The Holes of Control Flow Graphs. (88%)
Improving Lexical Embeddings for Robust Question Answering. (67%)
Robust Textual Embedding against Word-level Adversarial Attacks. (26%)
Artificial Intelligence for Cyber Security (AICS). (1%)
Explaining RADAR features for detecting spoofing attacks in Connected Autonomous Vehicles. (1%)
2022-02-27
A Unified Wasserstein Distributional Robustness Framework for Adversarial Training. (99%)
Robust Control of Partially Specified Boolean Networks. (1%)
2022-02-26
Adversarial robustness of sparse local Lipschitz predictors. (87%)
Neuro-Inspired Deep Neural Networks with Sparse, Strong Activations. (45%)
2022-02-25
ARIA: Adversarially Robust Image Attribution for Content Provenance. (99%)
Projective Ranking-based GNN Evasion Attacks. (97%)
On the Effectiveness of Dataset Watermarking in Adversarial Settings. (56%)
2022-02-24
Towards Effective and Robust Neural Trojan Defenses via Input Filtering. (92%)
Robust Probabilistic Time Series Forecasting. (76%)
Understanding Adversarial Robustness from Feature Maps of Convolutional Layers. (50%)
Measuring CLEVRness: Blackbox testing of Visual Reasoning Models. (16%)
Fourier-Based Augmentations for Improved Robustness and Uncertainty Calibration. (3%)
Threading the Needle of On and Off-Manifold Value Functions for Shapley Explanations. (2%)
Interpolation-based Contrastive Learning for Few-Label Semi-Supervised Learning. (1%)
2022-02-23
Improving Robustness of Convolutional Neural Networks Using Element-Wise Activation Scaling. (96%)
Using calibrator to improve robustness in Machine Reading Comprehension. (13%)
2022-02-22
LPF-Defense: 3D Adversarial Defense based on Frequency Analysis. (99%)
Universal adversarial perturbation for remote sensing images. (92%)
Seeing is Living? Rethinking the Security of Facial Liveness Verification in the Deepfake Era. (84%)
2022-02-21
Adversarial Attacks on Speech Recognition Systems for Mission-Critical Applications: A Survey. (99%)
Semi-Implicit Hybrid Gradient Methods with Application to Adversarial Robustness. (99%)
HoneyModels: Machine Learning Honeypots. (99%)
Transferring Adversarial Robustness Through Robust Representation Matching. (99%)
On the Effectiveness of Adversarial Training against Backdoor Attacks. (96%)
Poisoning Attacks and Defenses on Artificial Intelligence: A Survey. (83%)
A Tutorial on Adversarial Learning Attacks and Countermeasures. (75%)
Backdoor Defense in Federated Learning Using Differential Testing and Outlier Detection. (41%)
Privacy Leakage of Adversarial Training Models in Federated Learning Systems. (38%)
Robustness and Accuracy Could Be Reconcilable by (Proper) Definition. (11%)
Cyber-Physical Defense in the Quantum Era. (2%)
2022-02-20
Real-time Over-the-air Adversarial Perturbations for Digital Communications using Deep Neural Networks. (93%)
Sparsity Winning Twice: Better Robust Generaliztion from More Efficient Training. (26%)
Overparametrization improves robustness against adversarial attacks: A replication study. (3%)
2022-02-18
Exploring Adversarially Robust Training for Unsupervised Domain Adaptation. (99%)
Learning Representations Robust to Group Shifts and Adversarial Examples. (93%)
Critical Checkpoints for Evaluating Defence Models Against Adversarial Attack and Robustness. (92%)
Resurrecting Trust in Facial Recognition: Mitigating Backdoor Attacks in Face Recognition to Prevent Potential Privacy Breaches. (80%)
Data-Driven Mitigation of Adversarial Text Perturbation. (75%)
Debiasing Backdoor Attack: A Benign Application of Backdoor Attack in Eliminating Data Bias. (68%)
Stochastic Perturbations of Tabular Features for Non-Deterministic Inference with Automunge. (38%)
Label-Smoothed Backdoor Attack. (33%)
Black-box Node Injection Attack for Graph Neural Networks. (33%)
Robust Reinforcement Learning as a Stackelberg Game via Adaptively-Regularized Adversarial Training. (9%)
Attacks, Defenses, And Tools: A Framework To Facilitate Robust AI/ML Systems. (4%)
Synthetic Disinformation Attacks on Automated Fact Verification Systems. (1%)
2022-02-17
Rethinking Machine Learning Robustness via its Link with the Out-of-Distribution Problem. (99%)
Mitigating Closed-model Adversarial Examples with Bayesian Neural Modeling for Enhanced End-to-End Speech Recognition. (98%)
Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies. (98%)
Fingerprinting Deep Neural Networks Globally via Universal Adversarial Perturbations. (78%)
2022-02-16
The Adversarial Security Mitigations of mmWave Beamforming Prediction Models using Defensive Distillation and Adversarial Retraining. (99%)
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability. (10%)
Gradient Based Activations for Accurate Bias-Free Learning. (1%)
2022-02-15
Unreasonable Effectiveness of Last Hidden Layer Activations. (99%)
StratDef: a strategic defense against adversarial attacks in malware detection. (98%)
Random Walks for Adversarial Meshes. (97%)
Generative Adversarial Network-Driven Detection of Adversarial Tasks in Mobile Crowdsensing. (93%)
Applying adversarial networks to increase the data efficiency and reliability of Self-Driving Cars. (89%)
Improving the repeatability of deep learning models with Monte Carlo dropout. (1%)
Taking a Step Back with KCal: Multi-Class Kernel-Based Calibration for Deep Neural Networks. (1%)
Holistic Adversarial Robustness of Deep Learning Models. (1%)
2022-02-14
Universal Adversarial Examples in Remote Sensing: Methodology and Benchmark. (99%)
Finding Dynamics Preserving Adversarial Winning Tickets. (86%)
Recent Advances in Reliable Deep Graph Learning: Adversarial Attack, Inherent Noise, and Distribution Shift. (83%)
UA-FedRec: Untargeted Attack on Federated News Recommendation. (1%)
2022-02-13
Adversarial Fine-tuning for Backdoor Defense: Connecting Backdoor Attacks to Adversarial Attacks. (99%)
Towards Understanding and Defending Input Space Trojans. (12%)
Extracting Label-specific Key Input Features for Neural Code Intelligence Models. (9%)
Defense Strategies Toward Model Poisoning Attacks in Federated Learning: A Survey. (2%)
SQuant: On-the-Fly Data-Free Quantization via Diagonal Hessian Approximation. (1%)
2022-02-12
RoPGen: Towards Robust Code Authorship Attribution via Automatic Coding Style Transformation. (98%)
DeepSensor: Deep Learning Testing Framework Based on Neuron Sensitivity. (78%)
2022-02-11
Adversarial Attacks and Defense Methods for Power Quality Recognition. (99%)
Open-set Adversarial Defense with Clean-Adversarial Mutual Learning. (98%)
Towards Adversarially Robust Deepfake Detection: An Ensemble Approach. (98%)
Using Random Perturbations to Mitigate Adversarial Attacks on Sentiment Analysis Models. (92%)
Predicting Out-of-Distribution Error with the Projection Norm. (62%)
Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. (62%)
White-Box Attacks on Hate-speech BERT Classifiers in German with Explicit and Implicit Character Level Defense. (12%)
On the Detection of Adaptive Adversarial Attacks in Speaker Verification Systems. (10%)
Noise Augmentation Is All You Need For FGSM Fast Adversarial Training: Catastrophic Overfitting And Robust Overfitting Require Different Augmentation. (10%)
Improving Generalization via Uncertainty Driven Perturbations. (2%)
CMW-Net: Learning a Class-Aware Sample Weighting Mapping for Robust Deep Learning. (1%)
2022-02-10
FAAG: Fast Adversarial Audio Generation through Interactive Attack Optimisation. (99%)
Towards Assessing and Characterizing the Semantic Robustness of Face Recognition. (76%)
Controlling the Complexity and Lipschitz Constant improves polynomial nets. (12%)
FedAttack: Effective and Covert Poisoning Attack on Federated Recommendation via Hard Sampling. (8%)
A Field of Experts Prior for Adapting Neural Networks at Test Time. (1%)
2022-02-09
Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios. (99%)
Gradient Methods Provably Converge to Non-Robust Networks. (82%)
False Memory Formation in Continual Learners Through Imperceptible Backdoor Trigger. (22%)
Learning to Bootstrap for Combating Label Noise. (2%)
Model Architecture Adaption for Bayesian Neural Networks. (1%)
ARIBA: Towards Accurate and Robust Identification of Backdoor Attacks in Federated Learning. (1%)
2022-02-08
Towards Compositional Adversarial Robustness: Generalizing Adversarial Training to Composite Semantic Perturbations. (99%)
Verification-Aided Deep Ensemble Selection. (96%)
Adversarial Detection without Model Information. (87%)
Robust, Deep, and Reinforcement Learning for Management of Communication and Power Networks. (1%)
2022-02-07
On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attacks. (99%)
Blind leads Blind: A Zero-Knowledge Attack on Federated Learning. (98%)
Adversarial Attacks and Defense for Non-Parametric Two-Sample Tests. (98%)
Evaluating Robustness of Cooperative MARL: A Model-based Approach. (97%)
More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks. (68%)
Membership Inference Attacks and Defenses in Neural Network Pruning. (50%)
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation. (4%)
Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning. (3%)
2022-02-06
Pipe Overflow: Smashing Voice Authentication for Fun and Profit. (99%)
Redactor: Targeted Disinformation Generation using Probabilistic Decision Boundaries. (8%)
2022-02-05
Layer-wise Regularized Adversarial Training using Layers Sustainability Analysis (LSA) framework. (99%)
Adversarial Detector with Robust Classifier. (93%)
Memory Defense: More Robust Classification via a Memory-Masking Autoencoder. (76%)
Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation. (75%)
2022-02-04
Pixle: a fast and effective black-box attack based on rearranging pixels. (98%)
Backdoor Defense via Decoupling the Training Process. (80%)
LTU Attacker for Membership Inference. (67%)
A Survey on Safety-Critical Scenario Generation for Autonomous Driving -- A Methodological Perspective. (1%)
2022-02-03
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking. (93%)
Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization. (75%)
2022-02-02
An Eye for an Eye: Defending against Gradient-based Attacks with Gradients. (99%)
Smoothed Embeddings for Certified Few-Shot Learning. (76%)
Probabilistically Robust Learning: Balancing Average- and Worst-case Performance. (75%)
Make Some Noise: Reliable and Efficient Single-Step Adversarial Training. (70%)
Robust Binary Models by Pruning Randomly-initialized Networks. (10%)
NoisyMix: Boosting Robustness by Combining Data Augmentations, Stability Training, and Noise Injections. (10%)
2022-02-01
Language Dependencies in Adversarial Attacks on Speech Recognition Systems. (98%)
Finding Biological Plausibility for Adversarially Robust Features via Metameric Tasks. (80%)
Visualizing Automatic Speech Recognition -- Means for a Better Understanding? (64%)
Datamodels: Predicting Predictions from Training Data. (2%)
2022-01-31
Adversarial Robustness in Deep Learning: Attacks on Fragile Neurons. (99%)
Boundary Defense Against Black-box Adversarial Attacks. (99%)
Query Efficient Decision Based Sparse Attacks Against Black-Box Deep Learning Models. (99%)
Can Adversarial Training Be Manipulated By Non-Robust Features? (98%)
GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection. (96%)
Rate Coding or Direct Coding: Which One is Better for Accurate, Robust, and Energy-efficient Spiking Neural Networks? (93%)
AntidoteRT: Run-time Detection and Correction of Poison Attacks on Neural Networks. (89%)
Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks. (81%)
On the Robustness of Quality Measures for GANs. (80%)
MEGA: Model Stealing via Collaborative Generator-Substitute Networks. (76%)
Learning Robust Representation through Graph Adversarial Contrastive Learning. (26%)
UQGAN: A Unified Model for Uncertainty Quantification of Deep Classifiers trained via Conditional GANs. (11%)
Few-Shot Backdoor Attacks on Visual Object Tracking. (10%)
Studying the Robustness of Anti-adversarial Federated Learning Models Detecting Cyberattacks in IoT Spectrum Sensors. (5%)
Securing Federated Sensitive Topic Classification against Poisoning Attacks. (1%)
2022-01-30
Improving Corruption and Adversarial Robustness by Enhancing Weak Subnets. (92%)
GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks. (84%)
TPC: Transformation-Specific Smoothing for Point Cloud Models. (75%)
2022-01-29
Scale-Invariant Adversarial Attack for Evaluating and Enhancing Adversarial Defenses. (99%)
Robustness of Deep Recommendation Systems to Untargeted Interaction Perturbations. (82%)
Coordinated Attacks against Contextual Bandits: Fundamental Limits and Defense Mechanisms. (1%)
2022-01-28
Adversarial Examples for Good: Adversarial Examples Guided Imbalanced Learning. (87%)
Feature Visualization within an Automated Design Assessment leveraging Explainable Artificial Intelligence Methods. (81%)
Certifying Model Accuracy under Distribution Shifts. (74%)
Benchmarking Robustness of 3D Point Cloud Recognition Against Common Corruptions. (13%)
Plug & Play Attacks: Towards Robust and Flexible Model Inversion Attacks. (8%)
Backdoors Stuck At The Frontdoor: Multi-Agent Backdoor Attacks That Backfire. (3%)
Toward Training at ImageNet Scale with Differential Privacy. (1%)
2022-01-27
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains. (99%)
Vision Checklist: Towards Testable Error Analysis of Image Models to Help System Designers Interrogate Model Capabilities. (10%)
CacheFX: A Framework for Evaluating Cache Security. (1%)
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. (1%)
2022-01-26
Boosting 3D Adversarial Attacks with Attacking On Frequency. (98%)
How Robust are Discriminatively Trained Zero-Shot Learning Models? (98%)
Autonomous Cyber Defense Introduces Risk: Can We Manage the Risk? (2%)
Automatic detection of access control vulnerabilities via API specification processing. (1%)
2022-01-25
Virtual Adversarial Training for Semi-supervised Breast Mass Classification. (3%)
SPIRAL: Self-supervised Perturbation-Invariant Representation Learning for Speech Pre-Training. (1%)
2022-01-24
What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction. (99%)
Attacks and Defenses for Free-Riders in Multi-Discriminator GAN. (76%)
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. (75%)
Backdoor Defense with Machine Unlearning. (33%)
On the Complexity of Attacking Elliptic Curve Based Authentication Chips. (1%)
2022-01-23
Efficient and Robust Classification for Sparse Attacks. (83%)
Gradient-guided Unsupervised Text Style Transfer via Contrastive Learning. (78%)
Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models. (56%)
Increasing the Cost of Model Extraction with Calibrated Proof of Work. (22%)
2022-01-22
Parallel Rectangle Flip Attack: A Query-based Black-box Attack against Object Detection. (99%)
Robust Unpaired Single Image Super-Resolution of Faces. (98%)
On the Robustness of Counterfactual Explanations to Adverse Perturbations. (10%)
2022-01-21
Robust Unsupervised Graph Representation Learning via Mutual Information Maximization. (99%)
Natural Attack for Pre-trained Models of Code. (99%)
The Security of Deep Learning Defences for Medical Imaging. (80%)
Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. (75%)
Identifying Adversarial Attacks on Text Classifiers. (73%)
The Many Faces of Adversarial Risk. (47%)
2022-01-20
Learning-based Hybrid Local Search for the Hard-label Textual Attack. (99%)
Cheating Automatic Short Answer Grading: On the Adversarial Usage of Adjectives and Adverbs. (95%)
Survey on Federated Learning Threats: concepts, taxonomy on attacks and defences, experimental study and challenges. (93%)
Low-Interception Waveform: To Prevent the Recognition of Spectrum Waveform Modulation via Adversarial Examples. (83%)
Post-Training Detection of Backdoor Attacks for Two-Class and Multi-Attack Scenarios. (70%)
Adversarial Jamming for a More Effective Constellation Attack. (56%)
Steerable Pyramid Transform Enables Robust Left Ventricle Quantification. (13%)
DeepGalaxy: Testing Neural Network Verifiers via Two-Dimensional Input Space Exploration. (1%)
2022-01-19
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation. (96%)
Can't Steal? Cont-Steal! Contrastive Stealing Attacks Against Image Encoders. (8%)
2022-01-18
MetaV: A Meta-Verifier Approach to Task-Agnostic Model Fingerprinting. (99%)
Adversarial vulnerability of powerful near out-of-distribution detection. (78%)
Model Transferring Attacks to Backdoor HyperNetwork in Personalized Federated Learning. (13%)
Secure IoT Routing: Selective Forwarding Attacks and Trust-based Defenses in RPL Network. (2%)
Lung Swapping Autoencoder: Learning a Disentangled Structure-texture Representation of Chest Radiographs. (1%)
2022-01-17
Masked Faces with Faced Masks. (81%)
Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbations. (56%)
AugLy: Data Augmentations for Robustness. (3%)
2022-01-16
Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems. (99%)
ALA: Adversarial Lightness Attack via Naturalness-aware Regularizations. (99%)
Adversarial Machine Learning Threat Analysis in Open Radio Access Networks. (33%)
Neighboring Backdoor Attacks on Graph Convolutional Network. (22%)
2022-01-15
StolenEncoder: Stealing Pre-trained Encoders. (13%)
2022-01-14
CommonsenseQA 2.0: Exposing the Limits of AI through Gamification. (56%)
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots. (1%)
2022-01-13
Evaluation of Four Black-box Adversarial Attacks and Some Query-efficient Improvement Analysis. (96%)
The curse of overparametrization in adversarial training: Precise analysis of robust generalization for random features regression. (93%)
On Adversarial Robustness of Trajectory Prediction for Autonomous Vehicles. (83%)
Reconstructing Training Data with Informed Adversaries. (54%)
Jamming Attacks on Federated Learning in Wireless Networks. (2%)
2022-01-12
Adversarially Robust Classification by Conditional Generative Model Inversion. (99%)
Towards Adversarially Robust Deep Image Denoising. (99%)
Get your Foes Fooled: Proximal Gradient Split Learning for Defense against Model Inversion Attacks on IoMT data. (70%)
2022-01-11
Quantifying Robustness to Adversarial Word Substitutions. (99%)
Similarity-based Gray-box Adversarial Attack Against Deep Face Recognition. (99%)
2022-01-10
Evaluation of Neural Networks Defenses and Attacks using NDCG and Reciprocal Rank Metrics. (98%)
IoTGAN: GAN Powered Camouflage Against Machine Learning Based IoT Device Identification. (89%)
Reciprocal Adversarial Learning for Brain Tumor Segmentation: A Solution to BraTS Challenge 2021 Segmentation Task. (73%)
GMFIM: A Generative Mask-guided Facial Image Manipulation Model for Privacy Preservation. (3%)
Towards Group Robustness in the presence of Partial Group Labels. (1%)
2022-01-09
Rethink Stealthy Backdoor Attacks in Natural Language Processing. (89%)
A Retrospective and Futurespective of Rowhammer Attacks and Defenses on DRAM. (76%)
Privacy-aware Early Detection of COVID-19 through Adversarial Training. (10%)
2022-01-08
LoMar: A Local Defense Against Poisoning Attack on Federated Learning. (9%)
PocketNN: Integer-only Training and Inference of Neural Networks via Direct Feedback Alignment and Pocket Activations in Pure C++. (1%)
2022-01-07
iDECODe: In-distribution Equivariance for Conformal Out-of-distribution Detection. (93%)
Asymptotic Security using Bayesian Defense Mechanisms with Application to Cyber Deception. (11%)
Negative Evidence Matters in Interpretable Histology Image Classification. (1%)
2022-01-06
Phrase-level Adversarial Example Generation for Neural Machine Translation. (98%)
Learning to be adversarially robust and differentially private. (31%)
Efficient Global Optimization of Two-layer ReLU Networks: Quadratic-time Algorithms and Adversarial Training. (2%)
2022-01-05
On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving. (99%)
ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints. (99%)
Adversarial Robustness in Cognitive Radio Networks. (1%)
2022-01-04
Towards Transferable Unrestricted Adversarial Examples with Minimum Changes. (99%)
Towards Understanding and Harnessing the Effect of Image Transformation in Adversarial Detection. (99%)
On the Minimal Adversarial Perturbation for Deep Neural Networks with Provable Estimation Error. (86%)
Corrupting Data to Remove Deceptive Perturbation: Using Preprocessing Method to Improve System Robustness. (10%)
Towards Understanding Quality Challenges of the Federated Learning: A First Look from the Lens of Robustness. (2%)
2022-01-03
Compression-Resistant Backdoor Attack against Deep Neural Networks. (75%)
DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. (68%)
Revisiting PGD Attacks for Stability Analysis of Large-Scale Nonlinear Systems and Perception-Based Control. (11%)
2022-01-02
Actor-Critic Network for Q&A in an Adversarial Environment. (33%)
On Sensitivity of Deep Learning Based Text Classification Algorithms to Practical Input Perturbations. (12%)
2022-01-01
Rethinking Feature Uncertainty in Stochastic Neural Networks for Adversarial Robustness. (87%)
Revisiting Neuron Coverage Metrics and Quality of Deep Neural Networks. (41%)
Generating Adversarial Samples For Training Wake-up Word Detection Systems Against Confusing Words. (1%)
2021-12-31
Adversarial Attack via Dual-Stage Network Erosion. (99%)
On Distinctive Properties of Universal Perturbations. (83%)
2021-12-30
Benign Overfitting in Adversarially Robust Linear Classification. (99%)
Causal Attention for Interpretable and Generalizable Graph Classification. (1%)
2021-12-29
Invertible Image Dataset Protection. (92%)
Challenges and approaches for mitigating byzantine attacks in federated learning. (4%)
2021-12-28
Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently. (99%)
Constrained Gradient Descent: A Powerful and Principled Evasion Attack Against Neural Networks. (99%)
Repairing Adversarial Texts through Perturbation. (99%)
DeepAdversaries: Examining the Robustness of Deep Learning Models for Galaxy Morphology Classification. (91%)
Super-Efficient Super Resolution for Fast Adversarial Defense at the Edge. (88%)
A General Framework for Evaluating Robustness of Combinatorial Optimization Solvers on Graphs. (86%)
Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities. (1%)
2021-12-27
Adversarial Attack for Asynchronous Event-based Data. (99%)
PRIME: A Few Primitives Can Boost Robustness to Common Corruptions. (81%)
Associative Adversarial Learning Based on Selective Attack. (26%)
Learning Robust and Lightweight Model through Separable Structured Transformations. (8%)
2021-12-26
Perlin Noise Improve Adversarial Robustness. (99%)
2021-12-25
Task and Model Agnostic Adversarial Attack on Graph Neural Networks. (93%)
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification. (50%)
2021-12-24
Stealthy Attack on Algorithmic-Protected DNNs via Smart Bit Flipping. (99%)
NIP: Neuron-level Inverse Perturbation Against Adversarial Attacks. (98%)
CatchBackdoor: Backdoor Testing by Critical Trojan Neural Path Identification via Differential Fuzzing. (82%)
SoK: A Study of the Security on Voice Processing Systems. (9%)
DP-UTIL: Comprehensive Utility Analysis of Differential Privacy in Machine Learning. (1%)
Gradient Leakage Attack Resilient Deep Learning. (1%)
2021-12-23
Adaptive Modeling Against Adversarial Attacks. (99%)
Revisiting and Advancing Fast Adversarial Training Through The Lens of Bi-Level Optimization. (99%)
Robust Secretary and Prophet Algorithms for Packing Integer Programs. (2%)
Counterfactual Memorization in Neural Language Models. (2%)
2021-12-22
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. (99%)
How Should Pre-Trained Language Models Be Fine-Tuned Towards Adversarial Robustness? (98%)
Detect & Reject for Transferability of Black-box Adversarial Attacks Against Network Intrusion Detection Systems. (98%)
Adversarial Deep Reinforcement Learning for Improving the Robustness of Multi-agent Autonomous Driving Policies. (96%)
Understanding and Measuring Robustness of Multimodal Learning. (69%)
Evaluating the Robustness of Deep Reinforcement Learning for Autonomous and Adversarial Policies in a Multi-agent Urban Driving Environment. (41%)
2021-12-21
A Theoretical View of Linear Backpropagation and Its Convergence. (99%)
An Attention Score Based Attacker for Black-box NLP Classifier. (91%)
Covert Communications via Adversarial Machine Learning and Reconfigurable Intelligent Surfaces. (81%)
Input-Specific Robustness Certification for Randomized Smoothing. (68%)
Improving Robustness with Image Filtering. (68%)
On the Adversarial Robustness of Causal Algorithmic Recourse. (10%)
MIA-Former: Efficient and Robust Vision Transformers via Multi-grained Input-Adaptation. (4%)
Exploring Credibility Scoring Metrics of Perception Systems for Autonomous Driving. (2%)
Adversarial Gradient Driven Exploration for Deep Click-Through Rate Prediction. (2%)
Longitudinal Study of the Prevalence of Malware Evasive Techniques. (1%)
Mind the Gap! A Study on the Transferability of Virtual vs Physical-world Testing of Autonomous Driving Systems. (1%)
2021-12-20
Certified Federated Adversarial Training. (98%)
Energy-bounded Learning for Robust Models of Code. (83%)
Black-Box Testing of Deep Neural Networks through Test Case Diversity. (82%)
Unifying Model Explainability and Robustness for Joint Text Classification and Rationale Extraction. (80%)
Adversarially Robust Stability Certificates can be Sample-Efficient. (2%)
2021-12-19
Initiative Defense against Facial Manipulation. (67%)
2021-12-18
Being Friends Instead of Adversaries: Deep Networks Learn from Data Simplified by Other Networks. (12%)
Android-COCO: Android Malware Detection with Graph Neural Network for Byte- and Native-Code. (1%)
2021-12-17
Reasoning Chain Based Adversarial Attack for Multi-hop Question Answering. (92%)
Deep Bayesian Learning for Car Hacking Detection. (81%)
Explain, Edit, and Understand: Rethinking User Study Design for Evaluating Model Explanations. (81%)
Dynamics-aware Adversarial Attack of 3D Sparse Convolution Network. (80%)
Provable Adversarial Robustness in the Quantum Model. (62%)
Domain Adaptation on Point Clouds via Geometry-Aware Implicits. (1%)
2021-12-16
Towards Robust Neural Image Compression: Adversarial Attack and Model Finetuning. (99%)
Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives. (99%)
All You Need is RAW: Defending Against Adversarial Attacks with Camera Image Pipelines. (99%)
TAFIM: Targeted Adversarial Attacks against Facial Image Manipulations. (64%)
A Robust Optimization Approach to Deep Learning. (45%)
Sharpness-Aware Minimization with Dynamic Reweighting. (31%)
APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts. (16%)
Dataset correlation inference attacks against machine learning models. (13%)
Models in the Loop: Aiding Crowdworkers with Generative Annotation Assistants. (2%)
Pure Noise to the Rescue of Insufficient Data: Improving Imbalanced Classification by Training on Random Noise Images. (2%)
2021-12-15
On the Convergence and Robustness of Adversarial Training. (99%)
Temporal Shuffling for Defending Deep Action Recognition Models against Adversarial Attacks. (97%)
DuQM: A Chinese Dataset of Linguistically Perturbed Natural Questions for Evaluating the Robustness of Question Matching Models. (75%)
Robust Neural Network Classification via Double Regularization. (1%)
2021-12-14
Robustifying automatic speech recognition by extracting slowly varying features. (99%)
Adversarial Examples for Extreme Multilabel Text Classification. (99%)
Dual-Key Multimodal Backdoors for Visual Question Answering. (81%)
On the Impact of Hard Adversarial Instances on Overfitting in Adversarial Training. (76%)
MuxLink: Circumventing Learning-Resilient MUX-Locking Using Graph Neural Network-based Link Prediction. (4%)
2021-12-13
Detecting Audio Adversarial Examples with Logit Noising. (99%)
Triangle Attack: A Query-efficient Decision-based Adversarial Attack. (99%)
2021-12-12
Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses. (98%)
Quantifying and Understanding Adversarial Examples in Discrete Input Spaces. (91%)
SparseFed: Mitigating Model Poisoning Attacks in Federated Learning with Sparsification. (91%)
WOOD: Wasserstein-based Out-of-Distribution Detection. (12%)
2021-12-11
MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare. (99%)
Improving the Transferability of Adversarial Examples with Resized-Diverse-Inputs, Diversity-Ensemble and Region Fitting. (98%)
Stereoscopic Universal Perturbations across Different Architectures and Datasets. (98%)
2021-12-10
Learning to Learn Transferable Attack. (99%)
Cross-Modal Transferable Adversarial Attacks from Images to Videos. (99%)
Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks. (92%)
Attacking Point Cloud Segmentation with Color-only Perturbation. (87%)
Batch Label Inference and Replacement Attacks in Black-Boxed Vertical Federated Learning. (75%)
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models. (68%)
Efficient Action Poisoning Attacks on Linear Contextual Bandits. (67%)
How Private Is Your RL Policy? An Inverse RL Based Analysis Framework. (41%)
SoK: On the Security & Privacy in Federated Learning. (5%)
2021-12-09
RamBoAttack: A Robust Query Efficient Deep Neural Network Decision Exploit. (99%)
Amicable Aid: Turning Adversarial Attack to Benefit Classification. (99%)
Mutual Adversarial Training: Learning together is better than going alone. (99%)
PARL: Enhancing Diversity of Ensemble Networks to Resist Adversarial Attacks via Pairwise Adversarially Robust Loss Function. (99%)
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures. (69%)
Robustness Certificates for Implicit Neural Networks: A Mixed Monotone Contractive Approach. (38%)
PixMix: Dreamlike Pictures Comprehensively Improve Safety Measures. (10%)
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems. (2%)
3D-VField: Learning to Adversarially Deform Point Clouds for Robust 3D Object Detection. (1%)
2021-12-08
Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection. (99%)
On visual self-supervision and its effect on model robustness. (99%)
SNEAK: Synonymous Sentences-Aware Adversarial Attack on Natural Language Video Localization. (93%)
Revisiting Contrastive Learning through the Lens of Neighborhood Component Analysis: an Integrated Framework. (8%)
2021-12-07
Saliency Diversified Deep Ensemble for Robustness to Adversaries. (99%)
Vehicle trajectory prediction works, but not everywhere. (50%)
Lightning: Striking the Secure Isolation on GPU Clouds with Transient Hardware Faults. (11%)
Membership Inference Attacks From First Principles. (2%)
Training Deep Models to be Explained with Fewer Examples. (1%)
Presentation Attack Detection Methods based on Gaze Tracking and Pupil Dynamic: A Comprehensive Survey. (1%)
2021-12-06
Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review. (99%)
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial Removal. (84%)
ML Attack Models: Adversarial Attacks and Data Poisoning Attacks. (82%)
Test-Time Detection of Backdoor Triggers for Poisoned Deep Neural Networks. (82%)
When the Curious Abandon Honesty: Federated Learning Is Not Private. (68%)
Defending against Model Stealing via Verifying Embedded External Features. (33%)
Context-Aware Transfer Attacks for Object Detection. (1%)
2021-12-05
Robust Active Learning: Sample-Efficient Training of Robust Deep Learning Models. (96%)
Stochastic Local Winner-Takes-All Networks Enable Profound Adversarial Robustness. (88%)
Beyond Robustness: Resilience Verification of Tree-Based Classifiers. (2%)
On Impact of Semantically Similar Apps in Android Malware Datasets. (1%)
2021-12-04
RADA: Robust Adversarial Data Augmentation for Camera Localization in Challenging Weather. (10%)
2021-12-03
Single-Shot Black-Box Adversarial Attacks Against Malware Detectors: A Causal Language Model Approach. (99%)
Generalized Likelihood Ratio Test for Adversarially Robust Hypothesis Testing. (99%)
Blackbox Untargeted Adversarial Testing of Automatic Speech Recognition Systems. (98%)
Attack-Centric Approach for Evaluating Transferability of Adversarial Samples in Machine Learning Models. (54%)
Adversarial Attacks against a Satellite-borne Multispectral Cloud Detector. (13%)
A Game-Theoretic Approach for AI-based Botnet Attack Defence. (9%)
2021-12-02
A Unified Framework for Adversarial Attack and Defense in Constrained Feature Space. (99%)
Is Approximation Universally Defensive Against Adversarial Attacks in Deep Neural Networks? (93%)
Is RobustBench/AutoAttack a suitable Benchmark for Adversarial Robustness? (75%)
Training Efficiency and Robustness in Deep Learning. (41%)
FedRAD: Federated Robust Adaptive Distillation. (10%)
FIBA: Frequency-Injection based Backdoor Attack in Medical Image Analysis. (3%)
On the Existence of the Adversarial Bayes Classifier (Extended Version). (2%)
Editing a classifier by rewriting its prediction rules. (1%)
2021-12-01
Adversarial Robustness of Deep Reinforcement Learning based Dynamic Recommender Systems. (99%)
Push Stricter to Decide Better: A Class-Conditional Feature Adaptive Framework for Improving Adversarial Robustness. (99%)
$\ell_\infty$-Robustness and Beyond: Unleashing Efficient Adversarial Training. (99%)
Certified Adversarial Defenses Meet Out-of-Distribution Corruptions: Benchmarking Robustness and Simple Baselines. (96%)
Adv-4-Adv: Thwarting Changing Adversarial Perturbations via Adversarial Domain Adaptation. (95%)
Robustness in Deep Learning for Computer Vision: Mind the gap? (31%)
CYBORG: Blending Human Saliency Into the Loss Improves Deep Learning. (1%)
2021-11-30
Using a GAN to Generate Adversarial Examples to Facial Image Recognition. (99%)
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users. (86%)
Human Imperceptible Attacks and Applications to Improve Fairness. (83%)
Evaluating Gradient Inversion Attacks and Defenses in Federated Learning. (81%)
FROB: Few-shot ROBust Model for Classification and Out-of-Distribution Detection. (78%)
COREATTACK: Breaking Up the Core Structure of Graphs. (78%)
Adversarial Attacks Against Deep Generative Models on Data: A Survey. (12%)
A Face Recognition System's Worst Morph Nightmare, Theoretically. (1%)
New Datasets for Dynamic Malware Classification. (1%)
Reliability Assessment and Safety Arguments for Machine Learning Components in Assuring Learning-Enabled Autonomous Systems. (1%)
2021-11-29
MedRDF: A Robust and Retrain-Less Diagnostic Framework for Medical Pretrained Models Against Adversarial Attack. (99%)
Adversarial Attacks in Cooperative AI. (82%)
Living-Off-The-Land Command Detection Using Active Learning. (10%)
Exploring Representational Alignment with Human Perception Using Identically Represented Inputs. (2%)
A Simple Long-Tailed Recognition Baseline via Vision-Language Model. (1%)
ROBIN : A Benchmark for Robustness to Individual Nuisances in Real-World Out-of-Distribution Shifts. (1%)
Pyramid Adversarial Training Improves ViT Performance. (1%)
2021-11-28
Detecting Adversaries, yet Faltering to Noise? Leveraging Conditional Variational AutoEncoders for Adversary Detection in the Presence of Noisy Images. (96%)
MALIGN: Adversarially Robust Malware Family Detection using Sequence Alignment. (54%)
Automated Runtime-Aware Scheduling for Multi-Tenant DNN Inference on GPU. (1%)
ExCon: Explanation-driven Supervised Contrastive Learning for Image Classification. (1%)
2021-11-27
Adaptive Image Transformations for Transfer-based Adversarial Attack. (99%)
Adaptive Perturbation for Adversarial Attack. (99%)
Statically Detecting Adversarial Malware through Randomised Chaining. (98%)
Dissecting Malware in the Wild. (1%)
2021-11-26
ArchRepair: Block-Level Architecture-Oriented Repairing for Deep Neural Networks. (50%)
2021-11-25
AdvBokeh: Learning to Adversarially Defocus Blur. (99%)
Clustering Effect of (Linearized) Adversarial Robust Models. (97%)
Simple Contrastive Representation Adversarial Learning for NLP Tasks. (93%)
Going Grayscale: The Road to Understanding and Improving Unlearnable Examples. (92%)
Towards Practical Deployment-Stage Backdoor Attack on Deep Neural Networks. (92%)
Gradient Inversion Attack: Leaking Private Labels in Two-Party Split Learning. (3%)
Joint inference and input optimization in equilibrium networks. (1%)
2021-11-24
Thundernna: a white box adversarial attack. (99%)
Unity is strength: Improving the Detection of Adversarial Examples with Ensemble Approaches. (99%)
Robustness against Adversarial Attacks in Neural Networks using Incremental Dissipativity. (92%)
WFDefProxy: Modularly Implementing and Empirically Evaluating Website Fingerprinting Defenses. (15%)
SLA$^2$P: Self-supervised Anomaly Detection with Adversarial Perturbation. (5%)
An Attack on Facial Soft-biometric Privacy Enhancement. (2%)
Accelerating Deep Learning with Dynamic Data Pruning. (1%)
2021-11-23
Adversarial machine learning for protecting against online manipulation. (92%)
Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS. (84%)
Subspace Adversarial Training. (69%)
HERO: Hessian-Enhanced Robust Optimization for Unifying and Improving Generalization and Quantization Performance. (1%)
2021-11-22
Adversarial Examples on Segmentation Models Can be Easy to Transfer. (99%)
Evaluating Adversarial Attacks on ImageNet: A Reality Check on Misclassification Classes. (99%)
Imperceptible Transfer Attack and Defense on 3D Point Cloud Classification. (99%)
Backdoor Attack through Frequency Domain. (92%)
NTD: Non-Transferability Enabled Backdoor Detection. (69%)
A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries. (33%)
Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data. (13%)
Automatic Mapping of the Best-Suited DNN Pruning Schemes for Real-Time Mobile Acceleration. (1%)
Electric Vehicle Attack Impact on Power Grid Operation. (1%)
2021-11-21
Adversarial Mask: Real-World Adversarial Attack Against Face Recognition Models. (99%)
Stochastic Variance Reduced Ensemble Adversarial Attack for Boosting the Adversarial Transferability. (99%)
Medical Aegis: Robust adversarial protectors for medical images. (99%)
Local Linearity and Double Descent in Catastrophic Overfitting. (73%)
Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks. (62%)
2021-11-20
Are Vision Transformers Robust to Patch Perturbations? (98%)
2021-11-19
Zero-Shot Certified Defense against Adversarial Patches with Vision Transformers. (99%)
Towards Efficiently Evaluating the Robustness of Deep Neural Networks in IoT Systems: A GAN-based Method. (99%)
Meta Adversarial Perturbations. (99%)
Resilience from Diversity: Population-based approach to harden models against adversarial attacks. (99%)
Enhanced countering adversarial attacks via input denoising and feature restoring. (99%)
Fooling Adversarial Training with Inducing Noise. (98%)
Exposing Weaknesses of Malware Detectors with Explainability-Guided Evasion Attacks. (86%)
2021-11-18
TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems. (99%)
A Review of Adversarial Attack and Defense for Classification Methods. (99%)
Robust Person Re-identification with Multi-Modal Joint Defence. (98%)
Enhancing the Insertion of NOP Instructions to Obfuscate Malware via Deep Reinforcement Learning. (96%)
How to Build Robust FAQ Chatbot with Controllable Question Generator? (80%)
Adversarial attacks on voter model dynamics in complex networks. (76%)
Enhanced Membership Inference Attacks against Machine Learning Models. (12%)
Wiggling Weights to Improve the Robustness of Classifiers. (2%)
Improving Transferability of Representations via Augmentation-Aware Self-Supervision. (1%)
2021-11-17
TraSw: Tracklet-Switch Adversarial Attacks against Multi-Object Tracking. (99%)
Generating Unrestricted 3D Adversarial Point Clouds. (99%)
SmoothMix: Training Confidence-calibrated Smoothed Classifiers for Certified Robustness. (93%)
Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation. (92%)
Do Not Trust Prediction Scores for Membership Inference Attacks. (33%)
2021-11-16
Robustness of Bayesian Neural Networks to White-Box Adversarial Attacks. (99%)
Improving the robustness and accuracy of biomedical language models through adversarial training. (99%)
Detecting AutoAttack Perturbations in the Frequency Domain. (99%)
Adversarial Tradeoffs in Linear Inverse Problems and Robust StateEstimation. (92%)
Consistent Semantic Attacks on Optical Flow. (81%)
An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences. (54%)
Enabling equivariance for arbitrary Lie groups. (1%)
2021-11-15
A Survey on Adversarial Attacks for Malware Analysis. (98%)
Triggerless Backdoor Attack for NLP Tasks with Clean Labels. (68%)
Property Inference Attacks Against GANs. (67%)
2021-11-14
Generating Band-Limited Adversarial Surfaces Using Neural Networks. (99%)
Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks. (76%)
Towards Interpretability of Speech Pause in Dementia Detection using Adversarial Learning. (75%)
Improving Compound Activity Classification via Deep Transfer and Representation Learning. (1%)
2021-11-13
Robust and Accurate Object Detection via Self-Knowledge Distillation. (62%)
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction. (2%)
2021-11-12
Neural Population Geometry Reveals the Role of Stochasticity in Robust Perception. (99%)
Measuring the Contribution of Multiple Model Representations in Detecting Adversarial Instances. (98%)
Adversarially Robust Learning for Security-Constrained Optimal Power Flow. (10%)
On Transferability of Prompt Tuning for Natural Language Understanding. (8%)
A Bayesian Nash equilibrium-based moving target defense against stealthy sensor attacks. (1%)
Resilient Consensus-based Multi-agent Reinforcement Learning. (1%)
2021-11-11
On the Equivalence between Neural Network and Support Vector Machine. (1%)
2021-11-10
Trustworthy Medical Segmentation with Uncertainty Estimation. (13%)
Robust Learning via Ensemble Density Propagation in Deep Neural Networks. (2%)
2021-11-09
Tightening the Approximation Error of Adversarial Risk with Auto Loss Function Search. (99%)
MixACM: Mixup-Based Robustness Transfer via Distillation of Activated Channel Maps. (99%)
Sparse Adversarial Video Attacks with Spatial Transformations. (98%)
A Statistical Difference Reduction Method for Escaping Backdoor Detection. (97%)
Data Augmentation Can Improve Robustness. (73%)
Are Transformers More Robust Than CNNs? (67%)
2021-11-08
Geometrically Adaptive Dictionary Attack on Face Recognition. (99%)
Defense Against Explanation Manipulation. (98%)
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. (98%)
On Assessing The Safety of Reinforcement Learning algorithms Using Formal Methods. (75%)
Get a Model! Model Hijacking Attack Against Machine Learning Models. (69%)
Robust and Information-theoretically Safe Bias Classifier against Adversarial Attacks. (69%)
Characterizing the adversarial vulnerability of speech self-supervised learning. (68%)
HAPSSA: Holistic Approach to PDF Malware Detection Using Signal and Statistical Analysis. (67%)
Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning. (67%)
BARFED: Byzantine Attack-Resistant Federated Averaging Based on Outlier Elimination. (1%)
2021-11-07
Generative Dynamic Patch Attack. (99%)
Natural Adversarial Objects. (81%)
2021-11-06
"How Does It Detect A Malicious App?" Explaining the Predictions of AI-based Android Malware Detector. (11%)
2021-11-05
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Sequential Randomized Smoothing for Adversarially Robust Speech Recognition. (96%)
Federated Learning Attacks Revisited: A Critical Discussion of Gaps, Assumptions, and Evaluation Setups. (2%)
2021-11-04
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models. (99%)
Adversarial Attacks on Graph Classification via Bayesian Optimisation. (87%)
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods. (47%)
Attacking Deep Reinforcement Learning-Based Traffic Signal Control Systems with Colluding Vehicles. (3%)
2021-11-03
LTD: Low Temperature Distillation for Robust Adversarial Training. (54%)
Multi-Glimpse Network: A Robust and Efficient Classification Architecture based on Recurrent Downsampled Attention. (41%)
2021-11-02
HydraText: Multi-objective Optimization for Adversarial Textual Attack. (99%)
Meta-Learning the Search Distribution of Black-Box Random Search Based Adversarial Attacks. (96%)
Training Certifiably Robust Neural Networks with Efficient Local Lipschitz Bounds. (70%)
Pareto Adversarial Robustness: Balancing Spatial Robustness and Sensitivity-based Robustness. (68%)
Knowledge Cross-Distillation for Membership Privacy. (38%)
Adversarially Perturbed Wavelet-based Morphed Face Generation. (9%)
2021-11-01
Availability Attacks Create Shortcuts. (89%)
Robustness of deep learning algorithms in astronomy -- galaxy morphology studies. (83%)
When Does Contrastive Learning Preserve Adversarial Robustness from Pretraining to Finetuning? (69%)
Graph Structural Attack by Spectral Distance. (67%)
ZeBRA: Precisely Destroying Neural Networks with Zero-Data Based Repeated Bit Flip Attack. (9%)
2021-10-31
An Actor-Critic Method for Simulation-Based Optimization. (56%)
2021-10-30
Get Fooled for the Right Reason: Improving Adversarial Robustness through a Teacher-guided Curriculum Learning Approach. (97%)
AdvCodeMix: Adversarial Attack on Code-Mixed Data. (93%)
Backdoor Pre-trained Models Can Transfer to All. (3%)
2021-10-29
Attacking Video Recognition Models with Bullet-Screen Comments. (99%)
Adversarial Robustness with Semi-Infinite Constrained Learning. (92%)
{\epsilon}-weakened Robustness of Deep Neural Networks. (62%)
You are caught stealing my winning lottery ticket! Making a lottery ticket claim its ownership. (11%)
2021-10-28
Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework. (99%)
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value Analysis. (92%)
The magnitude vector of images. (1%)
2021-10-27
Towards Evaluating the Robustness of Neural Networks Learned by Transduction. (98%)
CAP: Co-Adversarial Perturbation on Weights and Features for Improving Generalization of Graph Neural Networks. (98%)
Towards Robust Reasoning over Knowledge Graphs. (83%)
Generalized Depthwise-Separable Convolutions for Adversarially Robust and Efficient Neural Networks. (74%)
Adversarial Neuron Pruning Purifies Backdoored Deep Models. (15%)
From Intrinsic to Counterfactual: On the Explainability of Contextualized Recommender Systems. (5%)
Robust Contrastive Learning Using Negative Samples with Diminished Semantics. (1%)
RoMA: Robust Model Adaptation for Offline Model-based Optimization. (1%)
2021-10-26
Can't Fool Me: Adversarially Robust Transformer for Video Understanding. (99%)
Frequency Centric Defense Mechanisms against Adversarial Examples. (99%)
ScaleCert: Scalable Certified Defense against Adversarial Patches with Sparse Superficial Layers. (99%)
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks. (99%)
FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective. (98%)
A Frequency Perspective of Adversarial Robustness. (98%)
Disrupting Deep Uncertainty Estimation Without Harming Accuracy. (86%)
Improving Local Effectiveness for Global robust training. (83%)
Robustness of Graph Neural Networks at Scale. (76%)
Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions. (75%)
Adversarial Robustness in Multi-Task Learning: Promises and Illusions. (64%)
AugMax: Adversarial Composition of Random Augmentations for Robust Training. (56%)
Qu-ANTI-zation: Exploiting Quantization Artifacts for Achieving Adversarial Outcomes. (50%)
Semantic Host-free Trojan Attack. (10%)
CAFE: Catastrophic Data Leakage in Vertical Federated Learning. (3%)
MEST: Accurate and Fast Memory-Economic Sparse Training Framework on the Edge. (1%)
Reliable and Trustworthy Machine Learning for Health Using Dataset Shift Detection. (1%)
Defensive Tensorization. (1%)
Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware. (1%)
2021-10-25
Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks. (99%)
Generating Watermarked Adversarial Texts. (99%)
Beyond $L_p$ clipping: Equalization-based Psychoacoustic Attacks against ASRs. (92%)
Fast Gradient Non-sign Methods. (92%)
Ensemble Federated Adversarial Training with Non-IID data. (87%)
GANash -- A GAN approach to steganography. (81%)
A Dynamical System Perspective for Lipschitz Neural Networks. (81%)
An Adaptive Structural Learning of Deep Belief Network for Image-based Crack Detection in Concrete Structures Using SDNET2018. (13%)
2021-10-24
Towards A Conceptually Simple Defensive Approach for Few-shot classifiers Against Adversarial Support Samples. (80%)
2021-10-23
ADC: Adversarial attacks against object Detection that evade Context consistency checks. (99%)
A Layer-wise Adversarial-aware Quantization Optimization for Improving Robustness. (81%)
2021-10-22
Improving Robustness of Malware Classifiers using Adversarial Strings Generated from Perturbed Latent Representations. (99%)
How and When Adversarial Robustness Transfers in Knowledge Distillation? (91%)
Fairness Degrading Adversarial Attacks Against Clustering Algorithms. (86%)
Adversarial robustness for latent models: Revisiting the robust-standard accuracies tradeoff. (80%)
ProtoShotXAI: Using Prototypical Few-Shot Architecture for Explainable AI. (15%)
PRECAD: Privacy-Preserving and Robust Federated Learning via Crypto-Aided Differential Privacy. (15%)
Spoofing Detection on Hand Images Using Quality Assessment. (1%)
Text Counterfactuals via Latent Optimization and Shapley-Guided Search. (1%)
MANDERA: Malicious Node Detection in Federated Learning via Ranking. (1%)
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. (1%)
2021-10-21
CAPTIVE: Constrained Adversarial Perturbations to Thwart IC Reverse Engineering. (98%)
PROVES: Establishing Image Provenance using Semantic Signatures. (93%)
RoMA: a Method for Neural Network Robustness Measurement and Assessment. (92%)
Anti-Backdoor Learning: Training Clean Models on Poisoned Data. (83%)
PipAttack: Poisoning Federated Recommender Systems forManipulating Item Promotion. (68%)
Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness. (61%)
Watermarking Graph Neural Networks based on Backdoor Attacks. (9%)
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey. (8%)
2021-10-20
Adversarial Socialbot Learning via Multi-Agent Deep Hierarchical Reinforcement Learning. (83%)
Surrogate Representation Learning with Isometric Mapping for Gray-box Graph Adversarial Attacks. (62%)
Moir\'e Attack (MA): A New Potential Risk of Screen Photos. (56%)
Adversarial attacks against Bayesian forecasting dynamic models. (13%)
No One Representation to Rule Them All: Overlapping Features of Training Methods. (1%)
2021-10-19
Multi-concept adversarial attacks. (99%)
A Regularization Method to Improve Adversarial Robustness of Neural Networks for ECG Signal Classification. (96%)
TESSERACT: Gradient Flip Score to Secure Federated Learning Against Model Poisoning Attacks. (69%)
Understanding Convolutional Neural Networks from Theoretical Perspective via Volterra Convolution. (61%)
Detecting Backdoor Attacks Against Point Cloud Classifiers. (26%)
Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition. (13%)
A Deeper Look into RowHammer`s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses. (5%)
2021-10-18
Boosting the Transferability of Video Adversarial Examples via Temporal Translation. (99%)
Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal Information. (99%)
Improving Robustness using Generated Data. (97%)
MEMO: Test Time Robustness via Adaptation and Augmentation. (13%)
Minimal Multi-Layer Modifications of Deep Neural Networks. (4%)
2021-10-17
ECG-ATK-GAN: Robustness against Adversarial Attacks on ECG using Conditional Generative Adversarial Networks. (99%)
Unrestricted Adversarial Attacks on ImageNet Competition. (99%)
Improving Robustness of Reinforcement Learning for Power System Control with Adversarial Training. (99%)
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications. (22%)
Poisoning Attacks on Fair Machine Learning. (12%)
2021-10-16
Black-box Adversarial Attacks on Network-wide Multi-step Traffic State Prediction Models. (99%)
Analyzing Dynamic Adversarial Training Data in the Limit. (82%)
Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services. (5%)
Tackling the Imbalance for GNNs. (4%)
2021-10-15
Adversarial Attacks on Gaussian Process Bandits. (99%)
Generating Natural Language Adversarial Examples through An Improved Beam Search Algorithm. (99%)
Adversarial Attacks on ML Defense Models Competition. (99%)
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. (76%)
Robustness of different loss functions and their impact on networks learning capability. (76%)
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures. (22%)
Textual Backdoor Attacks Can Be More Harmful via Two Simple Tricks. (10%)
Understanding and Improving Robustness of Vision Transformers through Patch-based Negative Augmentation. (8%)
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand. (1%)
2021-10-14
Adversarial examples by perturbing high-level features in intermediate decoder layers. (99%)
DI-AA: An Interpretable White-box Attack for Fooling Deep Neural Networks. (99%)
Adversarial Purification through Representation Disentanglement. (99%)
RAP: Robustness-Aware Perturbations for Defending against Backdoor Attacks on NLP Models. (93%)
An Optimization Perspective on Realizing Backdoor Injection Attacks on Deep Neural Networks in Hardware. (87%)
Interactive Analysis of CNN Robustness. (80%)
On Adversarial Vulnerability of PHM algorithms: An Initial Study. (69%)
Identifying and Mitigating Spurious Correlations for Improving Robustness in NLP Models. (61%)
Toward Degradation-Robust Voice Conversion. (9%)
Interpreting the Robustness of Neural NLP Models to Textual Perturbations. (9%)
Retrieval-guided Counterfactual Generation for QA. (2%)
Effective Certification of Monotone Deep Equilibrium Models. (1%)
2021-10-13
A Framework for Verification of Wasserstein Adversarial Robustness. (99%)
Identification of Attack-Specific Signatures in Adversarial Examples. (99%)
Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness. (99%)
Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer. (98%)
Brittle interpretations: The Vulnerability of TCAV and Other Concept-based Explainability Tools to Adversarial Attack. (93%)
Poison Forensics: Traceback of Data Poisoning Attacks in Neural Networks. (92%)
Boosting the Certified Robustness of L-infinity Distance Nets. (1%)
Benchmarking the Robustness of Spatial-Temporal Models Against Corruptions. (1%)
2021-10-12
Adversarial Attack across Datasets. (99%)
Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning. (99%)
SEPP: Similarity Estimation of Predicted Probabilities for Defending and Detecting Adversarial Text. (92%)
On the Security Risks of AutoML. (45%)
Zero-bias Deep Neural Network for Quickest RF Signal Surveillance. (1%)
2021-10-11
Boosting Fast Adversarial Training with Learnable Adversarial Initialization. (99%)
Parameterizing Activation Functions for Adversarial Robustness. (98%)
Amicable examples for informed source separation. (86%)
Doubly-Trained Adversarial Data Augmentation for Neural Machine Translation. (12%)
Large Language Models Can Be Strong Differentially Private Learners. (1%)
Intriguing Properties of Input-dependent Randomized Smoothing. (1%)
Hiding Images into Images with Real-world Robustness. (1%)
Source Mixing and Separation Robust Audio Steganography. (1%)
Homogeneous Learning: Self-Attention Decentralized Deep Learning. (1%)
Certified Patch Robustness via Smoothed Vision Transformers. (1%)
2021-10-10
Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability. (98%)
Universal Adversarial Attacks on Neural Networks for Power Allocation in a Massive MIMO System. (92%)
2021-10-09
Demystifying the Transferability of Adversarial Attacks in Computer Networks. (99%)
Provably Efficient Black-Box Action Poisoning Attacks Against Reinforcement Learning. (93%)
Widen The Backdoor To Let More Attackers In. (13%)
2021-10-08
Explainability-Aware One Point Attack for Point Cloud Neural Networks. (99%)
Game Theory for Adversarial Attacks and Defenses. (98%)
Graphs as Tools to Improve Deep Learning Methods. (10%)
IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization. (3%)
A Wireless Intrusion Detection System for 802.11 WPA3 Networks. (1%)
Salient ImageNet: How to discover spurious features in Deep Learning? (1%)
2021-10-07
One Thing to Fool them All: Generating Interpretable, Universal, and Physically-Realizable Adversarial Features. (99%)
EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection. (99%)
Adversarial Attack by Limited Point Cloud Surface Modifications. (98%)
Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks. (98%)
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction. (80%)
Fingerprinting Multi-exit Deep Neural Network Models via Inference Time. (62%)
Adversarial Unlearning of Backdoors via Implicit Hypergradient. (56%)
MPSN: Motion-aware Pseudo Siamese Network for Indoor Video Head Detection in Buildings. (1%)
2021-10-06
HIRE-SNN: Harnessing the Inherent Robustness of Energy-Efficient Deep Spiking Neural Networks by Training with Crafted Input Noise. (99%)
Reversible adversarial examples against local visual perturbation. (99%)
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack. (99%)
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs. (99%)
Adversarial Attacks on Machinery Fault Diagnosis. (99%)
Adversarial Attacks on Spiking Convolutional Networks for Event-based Vision. (98%)
A Uniform Framework for Anomaly Detection in Deep Neural Networks. (97%)
Double Descent in Adversarial Training: An Implicit Label Noise Perspective. (88%)
Improving Adversarial Robustness for Free with Snapshot Ensemble. (83%)
DoubleStar: Long-Range Attack Towards Depth Estimation based Obstacle Avoidance in Autonomous Systems. (45%)
Inference Attacks Against Graph Neural Networks. (2%)
Data-driven behavioural biometrics for continuous and adaptive user verification using Smartphone and Smartwatch. (1%)
On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks. (1%)
Efficient Sharpness-aware Minimization for Improved Training of Neural Networks. (1%)
Stegomalware: A Systematic Survey of MalwareHiding and Detection in Images, Machine LearningModels and Research Challenges. (1%)
Exploring the Common Principal Subspace of Deep Features in Neural Networks. (1%)
Generalizing Neural Networks by Reflecting Deviating Data in Production. (1%)
2021-10-05
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems. (99%)
Adversarial Attacks on Black Box Video Classifiers: Leveraging the Power of Geometric Transformations. (99%)
Adversarial defenses via a mixture of generators. (99%)
Neural Network Adversarial Attack Method Based on Improved Genetic Algorithm. (92%)
BadPre: Task-agnostic Backdoor Attacks to Pre-trained NLP Foundation Models. (33%)
Spectral Bias in Practice: The Role of Function Frequency in Generalization. (1%)
CADA: Multi-scale Collaborative Adversarial Domain Adaptation for Unsupervised Optic Disc and Cup Segmentation. (1%)
Noisy Feature Mixup. (1%)
2021-10-04
Benchmarking Safety Monitors for Image Classifiers with Machine Learning. (1%)
2021-10-03
Adversarial Examples Generation for Reducing Implicit Gender Bias in Pre-trained Models. (82%)
2021-10-02
Evaluating Deep Learning Models and Adversarial Attacks on Accelerometer-Based Gesture Authentication. (98%)
Anti-aliasing Deep Image Classifiers using Novel Depth Adaptive Blurring and Activation Function. (13%)
2021-10-01
Calibrated Adversarial Training. (98%)
Universal Adversarial Spoofing Attacks against Face Recognition. (87%)
Score-Based Generative Classifiers. (84%)
One Timestep is All You Need: Training Spiking Neural Networks with Ultra Low Latency. (1%)
2021-09-30
Mitigating Black-Box Adversarial Attacks via Output Noise Perturbation. (98%)
You Cannot Easily Catch Me: A Low-Detectable Adversarial Patch for Object Detectors. (95%)
Adversarial Semantic Contour for Object Detection. (92%)
From Zero-Shot Machine Learning to Zero-Day Attack Detection. (10%)
2021-09-29
On Brightness Agnostic Adversarial Examples Against Face Recognition Systems. (99%)
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks. (70%)
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining. (41%)
Mitigation of Adversarial Policy Imitation via Constrained Randomization of Policy (CRoP). (10%)
2021-09-28
slimTrain -- A Stochastic Approximation Method for Training Separable Deep Neural Networks. (1%)
2021-09-27
MUTEN: Boosting Gradient-Based Adversarial Attacks via Mutant-Based Ensembles. (99%)
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors. (99%)
Classification and Adversarial examples in an Overparameterized Linear Model: A Signal Processing Perspective. (98%)
GANG-MAM: GAN based enGine for Modifying Android Malware. (64%)
Distributionally Robust Multi-Output Regression Ranking. (3%)
Improving Uncertainty of Deep Learning-based Object Classification on Radar Spectra using Label Smoothing. (1%)
Federated Deep Learning with Bayesian Privacy. (1%)
2021-09-26
Distributionally Robust Multiclass Classification and Applications in Deep CNN Image Classifiers. (11%)
2021-09-25
Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency. (99%)
Contributions to Large Scale Bayesian Inference and Adversarial Machine Learning. (98%)
MINIMAL: Mining Models for Data Free Universal Adversarial Triggers. (93%)
2021-09-24
Local Intrinsic Dimensionality Signals Adversarial Perturbations. (98%)
2021-09-23
Breaking BERT: Understanding its Vulnerabilities for Biomedical Named Entity Recognition through Adversarial Attack. (98%)
FooBaR: Fault Fooling Backdoor Attack on Neural Network Training. (88%)
AES Systems Are Both Overstable And Oversensitive: Explaining Why And Proposing Defenses. (68%)
DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications. (1%)
2021-09-22
Exploring Adversarial Examples for Efficient Active Learning in Machine Learning Classifiers. (99%)
CC-Cert: A Probabilistic Approach to Certify General Robustness of Neural Networks. (81%)
Security Analysis of Capsule Network Inference using Horizontal Collaboration. (69%)
Adversarial Transfer Attacks With Unknown Data and Class Overlap. (62%)
Pushing the Right Buttons: Adversarial Evaluation of Quality Estimation. (1%)
Backdoor Attacks on Federated Learning with Lottery Ticket Hypothesis. (1%)
2021-09-21
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability. (99%)
3D Point Cloud Completion with Geometric-Aware Adversarial Augmentation. (93%)
DeSMP: Differential Privacy-exploited Stealthy Model Poisoning Attacks in Federated Learning. (76%)
Privacy, Security, and Utility Analysis of Differentially Private CPES Data. (13%)
2021-09-20
Robust Physical-World Attacks on Face Recognition. (99%)
Modeling Adversarial Noise for Adversarial Defense. (99%)
Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection? (99%)
Robustness Analysis of Deep Learning Frameworks on Mobile Platforms. (10%)
"Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real World. (2%)
Towards Energy-Efficient and Secure Edge AI: A Cross-Layer Framework. (1%)
2021-09-19
On the Noise Stability and Robustness of Adversarially Trained Networks on NVM Crossbars. (99%)
Adversarial Training with Contrastive Learning in NLP. (16%)
2021-09-18
Clean-label Backdoor Attack against Deep Hashing based Retrieval. (98%)
2021-09-17
Messing Up 3D Virtual Environments: Transferable Adversarial 3D Objects. (98%)
Exploring the Training Robustness of Distributional Reinforcement Learning against Noisy State Observations. (8%)
2021-09-16
Harnessing Perceptual Adversarial Patches for Crowd Counting. (99%)
KATANA: Simple Post-Training Robustness Using Test Time Augmentations. (98%)
Targeted Attack on Deep RL-based Autonomous Driving with Learned Visual Patterns. (96%)
Adversarial Attacks against Deep Learning Based Power Control in Wireless Communications. (95%)
Don't Search for a Search Method -- Simple Heuristics Suffice for Adversarial Text Attacks. (68%)
Membership Inference Attacks Against Recommender Systems. (3%)
2021-09-15
Universal Adversarial Attack on Deep Learning Based Prognostics. (99%)
Balancing detectability and performance of attacks on the control channel of Markov Decision Processes. (98%)
FCA: Learning a 3D Full-coverage Vehicle Camouflage for Multi-view Physical Adversarial Attack. (95%)
BERT is Robust! A Case Against Synonym-Based Adversarial Examples in Text Classification. (92%)
Adversarial Mixing Policy for Relaxing Locally Linear Constraints in Mixup. (13%)
Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side Channel. (10%)
2021-09-14
A Novel Data Encryption Method Inspired by Adversarial Attacks. (99%)
Improving Gradient-based Adversarial Training for Text Classification by Contrastive Learning and Auto-Encoder. (99%)
PETGEN: Personalized Text Generation Attack on Deep Sequence Embedding-based Classification Models. (99%)
EVAGAN: Evasion Generative Adversarial Network for Low Data Regimes. (76%)
Dodging Attack Using Carefully Crafted Natural Makeup. (47%)
Avengers Ensemble! Improving Transferability of Authorship Obfuscation. (12%)
ARCH: Efficient Adversarial Regularized Training with Caching. (8%)
2021-09-13
Adversarial Bone Length Attack on Action Recognition. (99%)
Randomized Substitution and Vote for Textual Adversarial Example Detection. (99%)
Improving the Robustness of Adversarial Attacks Using an Affine-Invariant Gradient Estimator. (99%)
Evolving Architectures with Gradient Misalignment toward Low Adversarial Transferability. (98%)
A Practical Adversarial Attack on Contingency Detection of Smart Energy Systems. (98%)
Adversarial Examples for Evaluating Math Word Problem Solvers. (96%)
PAT: Pseudo-Adversarial Training For Detecting Adversarial Videos. (86%)
SignGuard: Byzantine-robust Federated Learning through Collaborative Malicious Gradient Filtering. (81%)
Formalizing and Estimating Distribution Inference Risks. (56%)
Virtual Data Augmentation: A Robust and General Framework for Fine-tuning Pre-trained Models. (50%)
Sensor Adversarial Traits: Analyzing Robustness of 3D Object Detection Sensor Fusion Models. (16%)
Adversarially Trained Object Detector for Unsupervised Domain Adaptation. (3%)
Perturbation CheckLists for Evaluating NLG Evaluation Metrics. (1%)
How to Select One Among All? An Extensive Empirical Study Towards the Robustness of Knowledge Distillation in Natural Language Understanding. (1%)
Detecting Safety Problems of Multi-Sensor Fusion in Autonomous Driving. (1%)
2021-09-12
TREATED:Towards Universal Defense against Textual Adversarial Attacks. (99%)
CoG: a Two-View Co-training Framework for Defending Adversarial Attacks on Graph. (98%)
Check Your Other Door! Creating Backdoor Attacks in the Frequency Domain. (93%)
RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models. (84%)
Shape-Biased Domain Generalization via Shock Graph Embeddings. (2%)
Source Inference Attacks in Federated Learning. (1%)
2021-09-11
RobustART: Benchmarking Robustness on Architecture Design and Training Techniques. (98%)
2-in-1 Accelerator: Enabling Random Precision Switch for Winning Both Adversarial Robustness and Efficiency. (81%)
2021-09-10
A Strong Baseline for Query Efficient Attacks in a Black Box Setting. (99%)
2021-09-09
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification. (99%)
Energy Attack: On Transferring Adversarial Examples. (99%)
Protein Folding Neural Networks Are Not Robust. (99%)
Towards Transferable Adversarial Attacks on Vision Transformers. (99%)
Multi-granularity Textual Adversarial Attack with Behavior Cloning. (98%)
Spatially Focused Attack against Spatiotemporal Graph Neural Networks. (81%)
Differential Privacy in Personalized Pricing with Nonparametric Demand Models. (26%)
EvilModel 2.0: Bringing Neural Network Models into Malware Attacks. (5%)
2021-09-08
Where Did You Learn That From? Surprising Effectiveness of Membership Inference Attacks Against Temporally Correlated Data in Deep Reinforcement Learning. (89%)
Robust Optimal Classification Trees Against Adversarial Examples. (80%)
2021-09-07
Adversarial Parameter Defense by Multi-Step Risk Minimization. (98%)
POW-HOW: An enduring timing side-channel to evade online malware sandboxes. (12%)
Unpaired Adversarial Learning for Single Image Deraining with Rain-Space Contrastive Constraints. (1%)
2021-09-06
Robustness and Generalization via Generative Adversarial Training. (82%)
Trojan Signatures in DNN Weights. (33%)
Automated Robustness with Adversarial Training as a Post-Processing Step. (4%)
Exposing Length Divergence Bias of Textual Matching Models. (2%)
2021-09-05
Efficient Combinatorial Optimization for Word-level Adversarial Textual Attack. (98%)
Tolerating Adversarial Attacks and Byzantine Faults in Distributed Machine Learning. (2%)
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode. (1%)
2021-09-04
Real-World Adversarial Examples involving Makeup Application. (99%)
Utilizing Adversarial Targeted Attacks to Boost Adversarial Robustness. (99%)
Training Meta-Surrogate Model for Transferable Adversarial Attack. (99%)
2021-09-03
SEC4SR: A Security Analysis Platform for Speaker Recognition. (99%)
Risk Assessment for Connected Vehicles under Stealthy Attacks on Vehicle-to-Vehicle Networks. (1%)
2021-09-02
A Synergetic Attack against Neural Network Classifiers combining Backdoor and Adversarial Examples. (99%)
Impact of Attention on Adversarial Robustness of Image Classification Models. (99%)
Adversarial Robustness for Unsupervised Domain Adaptation. (98%)
Real World Robustness from Systematic Noise. (91%)
Building Compact and Robust Deep Neural Networks with Toeplitz Matrices. (61%)
2021-09-01
Towards Improving Adversarial Training of NLP Models. (98%)
Excess Capacity and Backdoor Poisoning. (97%)
Regional Adversarial Training for Better Robust Generalization. (96%)
R-SNN: An Analysis and Design Methodology for Robustifying Spiking Neural Networks against Adversarial Attacks through Noise Filters for Dynamic Vision Sensors. (86%)
Proof Transfer for Neural Network Verification. (9%)
Guarding Machine Learning Hardware Against Physical Side-Channel Attacks. (2%)
2021-08-31
EG-Booster: Explanation-Guided Booster of ML Evasion Attacks. (99%)
Morphence: Moving Target Defense Against Adversarial Examples. (99%)
DPA: Learning Robust Physical Adversarial Camouflages for Object Detectors. (93%)
Black-Box Attacks on Sequential Recommenders via Data-Free Model Extraction. (83%)
Segmentation Fault: A Cheap Defense Against Adversarial Machine Learning. (75%)
Backdoor Attacks on Pre-trained Models by Layerwise Weight Poisoning. (4%)
2021-08-30
Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings. (99%)
Investigating Vulnerabilities of Deep Neural Policies. (99%)
Adversarial Example Devastation and Detection on Speech Recognition System by Adding Random Noise. (99%)
Single Node Injection Attack against Graph Neural Networks. (68%)
Benchmarking the Accuracy and Robustness of Feedback Alignment Algorithms. (41%)
Adaptive perturbation adversarial training: based on reinforcement learning. (41%)
How Does Adversarial Fine-Tuning Benefit BERT? (33%)
ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation. (26%)
DuTrust: A Sentiment Analysis Dataset for Trustworthiness Evaluation. (1%)
2021-08-29
Searching for an Effective Defender: Benchmarking Defense against Adversarial Word Substitution. (99%)
Reinforcement Learning Based Sparse Black-box Adversarial Attack on Video Recognition Models. (98%)
DropAttack: A Masked Weight Adversarial Training Method to Improve Generalization of Neural Networks. (82%)
Rumor Detection on Social Media with Hierarchical Adversarial Training. (47%)
2021-08-27
Mal2GCN: A Robust Malware Detection Approach Using Deep Graph Convolutional Networks With Non-Negative Weights. (99%)
Disrupting Adversarial Transferability in Deep Neural Networks. (98%)
Evaluating the Robustness of Neural Language Models to Input Perturbations. (16%)
Deep learning models are not robust against noise in clinical text. (1%)
2021-08-26
Understanding the Logit Distributions of Adversarially-Trained Deep Neural Networks. (99%)
A Hierarchical Assessment of Adversarial Severity. (98%)
Physical Adversarial Attacks on an Aerial Imagery Object Detector. (96%)
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference. (80%)
Detection and Continual Learning of Novel Face Presentation Attacks. (2%)
2021-08-25
Adversarially Robust One-class Novelty Detection. (99%)
Uncertify: Attacks Against Neural Network Certification. (99%)
Bridged Adversarial Training. (93%)
Generalized Real-World Super-Resolution through Adversarial Robustness. (93%)
2021-08-24
Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE. (99%)
Are socially-aware trajectory prediction models really socially-aware? (92%)
OOWL500: Overcoming Dataset Collection Bias in the Wild. (76%)
StyleAugment: Learning Texture De-biased Representations by Style Augmentation without Pre-defined Textures. (1%)
2021-08-23
Adversarial Robustness of Deep Learning: Theory, Algorithms, and Applications. (99%)
Semantic-Preserving Adversarial Text Attacks. (99%)
Deep Bayesian Image Set Classification: A Defence Approach against Adversarial Attacks. (99%)
Kryptonite: An Adversarial Attack Using Regional Focus. (99%)
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning. (73%)
SegMix: Co-occurrence Driven Mixup for Semantic Segmentation and Adversarial Robustness. (4%)
2021-08-22
Robustness-via-Synthesis: Robust Training with Generative Adversarial Perturbations. (99%)
Multi-Expert Adversarial Attack Detection in Person Re-identification Using Context Inconsistency. (98%)
Relating CNNs with brain: Challenges and findings. (10%)
2021-08-21
A Hard Label Black-box Adversarial Attack Against Graph Neural Networks. (99%)
"Adversarial Examples" for Proof-of-Learning. (98%)
Regularizing Instabilities in Image Reconstruction Arising from Learned Denoisers. (2%)
2021-08-20
AdvDrop: Adversarial Attack to DNNs by Dropping Information. (99%)
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier. (99%)
Integer-arithmetic-only Certified Robustness for Quantized Neural Networks. (98%)
Towards Understanding the Generative Capability of Adversarially Robust Classifiers. (98%)
Detecting and Segmenting Adversarial Graphics Patterns from Images. (93%)
UnSplit: Data-Oblivious Model Inversion, Model Stealing, and Label Inference Attacks Against Split Learning. (1%)
Early-exit deep neural networks for distorted images: providing an efficient edge offloading. (1%)
2021-08-19
Application of Adversarial Examples to Physical ECG Signals. (99%)
Pruning in the Face of Adversaries. (99%)
ASAT: Adaptively Scaled Adversarial Training in Time Series. (98%)
Amplitude-Phase Recombination: Rethinking Robustness of Convolutional Neural Networks in Frequency Domain. (80%)
2021-08-18
Revisiting Adversarial Robustness Distillation: Robust Soft Labels Make Student Better. (99%)
Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes. (98%)
MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression. (45%)
Proceedings of the 1st International Workshop on Adaptive Cyber Defense. (1%)
2021-08-17
When Should You Defend Your Classifier -- A Game-theoretical Analysis of Countermeasures against Adversarial Examples. (98%)
Adversarial Relighting against Face Recognition. (98%)
Semantic Perturbations with Normalizing Flows for Improved Generalization. (13%)
Coalesced Multi-Output Tsetlin Machines with Clause Sharing. (1%)
Appearance Based Deep Domain Adaptation for the Classification of Aerial Images. (1%)
2021-08-16
Exploring Transferable and Robust Adversarial Perturbation Generation from the Perspective of Network Hierarchy. (99%)
Interpreting Attributions and Interactions of Adversarial Attacks. (83%)
Patch Attack Invariance: How Sensitive are Patch Attacks to 3D Pose? (62%)
NeuraCrypt is not private. (10%)
Identifying and Exploiting Structures for Reliable Deep Learning. (2%)
On the Opportunities and Risks of Foundation Models. (2%)
2021-08-15
Neural Architecture Dilation for Adversarial Robustness. (81%)
Deep Adversarially-Enhanced k-Nearest Neighbors. (74%)
IADA: Iterative Adversarial Data Augmentation Using Formal Verification and Expert Guidance. (1%)
2021-08-14
LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis. (1%)
2021-08-13
Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks. (99%)
Optical Adversarial Attack. (98%)
Understanding Structural Vulnerability in Graph Convolutional Networks. (96%)
The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs. (1%)
2021-08-12
AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-directional Metric Learning. (99%)
Deep adversarial attack on target detection systems. (99%)
Hatemoji: A Test Suite and Adversarially-Generated Dataset for Benchmarking and Detecting Emoji-based Hate. (69%)
2021-08-11
Turning Your Strength against You: Detecting and Mitigating Robust and Universal Adversarial Patch Attacks. (98%)
Attacks against Ranking Algorithms with Text Embeddings: a Case Study on Recruitment Algorithms. (78%)
Are Neural Ranking Models Robust? (4%)
Logic Explained Networks. (1%)
2021-08-10
Simple black-box universal adversarial attacks on medical image classification based on deep neural networks. (99%)
On the Effect of Pruning on Adversarial Robustness. (81%)
SoK: How Robust is Image Classification Deep Neural Network Watermarking? (Extended Version). (68%)
Perturbing Inputs for Fragile Interpretations in Deep Natural Language Processing. (64%)
UniNet: A Unified Scene Understanding Network and Exploring Multi-Task Relationships through the Lens of Adversarial Attacks. (2%)
Instance-wise Hard Negative Example Generation for Contrastive Learning in Unpaired Image-to-Image Translation. (1%)
2021-08-09
Meta Gradient Adversarial Attack. (99%)
On Procedural Adversarial Noise Attack And Defense. (99%)
Enhancing Knowledge Tracing via Adversarial Training. (98%)
Neural Network Repair with Reachability Analysis. (96%)
Classification Auto-Encoder based Detector against Diverse Data Poisoning Attacks. (92%)
Mis-spoke or mis-lead: Achieving Robustness in Multi-Agent Communicative Reinforcement Learning. (82%)
Privacy-Preserving Machine Learning: Methods, Challenges and Directions. (16%)
Explainable AI and susceptibility to adversarial attacks: a case study in classification of breast ultrasound images. (15%)
2021-08-07
Jointly Attacking Graph Neural Network and its Explanations. (96%)
Membership Inference Attacks on Lottery Ticket Networks. (33%)
Information Bottleneck Approach to Spatial Attention Learning. (1%)
2021-08-06
Evaluating Adversarial Attacks on Driving Safety in Vision-Based Autonomous Vehicles. (80%)
Ensemble Augmentation for Deep Neural Networks Using 1-D Time Series Vibration Data. (2%)
2021-08-05
BOSS: Bidirectional One-Shot Synthesis of Adversarial Examples. (99%)
Poison Ink: Robust and Invisible Backdoor Attack. (99%)
Imperceptible Adversarial Examples by Spatial Chroma-Shift. (99%)
Householder Activations for Provable Robustness against Adversarial Attacks. (83%)
Fairness Properties of Face Recognition and Obfuscation Systems. (68%)
Exploring Structure Consistency for Deep Model Watermarking. (10%)
Locally Interpretable One-Class Anomaly Detection for Credit Card Fraud Detection. (1%)
2021-08-04
Robust Transfer Learning with Pretrained Language Models through Adapters. (82%)
Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective. (31%)
2021-08-03
On the Robustness of Domain Adaption to Adversarial Attacks. (99%)
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples. (99%)
AdvRush: Searching for Adversarially Robust Neural Architectures. (99%)
The Devil is in the GAN: Defending Deep Generative Models Against Backdoor Attacks. (88%)
DeepFreeze: Cold Boot Attacks and High Fidelity Model Recovery on Commercial EdgeML Device. (69%)
Tutorials on Testing Neural Networks. (1%)
2021-08-02
Hybrid Classical-Quantum Deep Learning Models for Autonomous Vehicle Traffic Image Classification Under Adversarial Attack. (98%)
Adversarial Attacks Against Deep Reinforcement Learning Framework in Internet of Vehicles. (10%)
Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. (9%)
Efficacy of Statistical and Artificial Intelligence-based False Information Cyberattack Detection Models for Connected Vehicles. (1%)
2021-08-01
Advances in adversarial attacks and defenses in computer vision: A survey. (92%)
Certified Defense via Latent Space Randomized Smoothing with Orthogonal Encoders. (80%)
An Effective and Robust Detector for Logo Detection. (70%)
Style Curriculum Learning for Robust Medical Image Segmentation. (2%)
2021-07-31
Delving into Deep Image Prior for Adversarial Defense: A Novel Reconstruction-based Defense Framework. (99%)
Adversarial Robustness of Deep Code Comment Generation. (99%)
Towards Adversarially Robust and Domain Generalizable Stereo Matching by Rethinking DNN Feature Backbones. (93%)
T$_k$ML-AP: Adversarial Attacks to Top-$k$ Multi-Label Learning. (81%)
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning. (67%)
Fair Representation Learning using Interpolation Enabled Disentanglement. (1%)
2021-07-30
Who's Afraid of Thomas Bayes? (92%)
Practical Attacks on Voice Spoofing Countermeasures. (86%)
Can You Hear It? Backdoor Attacks via Ultrasonic Triggers. (50%)
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection. (13%)
2021-07-29
Feature Importance-aware Transferable Adversarial Attacks. (99%)
Enhancing Adversarial Robustness via Test-time Transformation Ensembling. (98%)
The Robustness of Graph k-shell Structure under Adversarial Attacks. (93%)
Understanding the Effects of Adversarial Personalized Ranking Optimization Method on Recommendation Quality. (31%)
Towards robust vision by multi-task learning on monkey visual cortex. (3%)
2021-07-28
Imbalanced Adversarial Training with Reweighting. (86%)
Towards Robustness Against Natural Language Word Substitutions. (73%)
Models of Computational Profiles to Study the Likelihood of DNN Metamorphic Test Cases. (67%)
WaveCNet: Wavelet Integrated CNNs to Suppress Aliasing Effect for Noise-Robust Image Classification. (15%)
TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data Releasing. (2%)
2021-07-27
Towards Black-box Attacks on Deep Learning Apps. (89%)
Poisoning Online Learning Filters: DDoS Attacks and Countermeasures. (50%)
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks. (8%)
2021-07-26
Benign Adversarial Attack: Tricking Algorithm for Goodness. (99%)
Learning to Adversarially Blur Visual Object Tracking. (98%)
Adversarial Attacks with Time-Scale Representations. (96%)
2021-07-24
Adversarial training may be a double-edged sword. (99%)
Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them. (98%)
Stress Test Evaluation of Biomedical Word Embeddings. (73%)
X-GGM: Graph Generative Modeling for Out-of-Distribution Generalization in Visual Question Answering. (1%)
2021-07-23
A Differentiable Language Model Adversarial Attack on Text Classifiers. (99%)
Structack: Structure-based Adversarial Attacks on Graph Neural Networks. (86%)
Adversarial Reinforced Instruction Attacker for Robust Vision-Language Navigation. (45%)
Clipped Hyperbolic Classifiers Are Super-Hyperbolic Classifiers. (8%)
2021-07-22
On the Certified Robustness for Ensemble Models and Beyond. (99%)
Unsupervised Detection of Adversarial Examples with Model Explanations. (99%)
Membership Inference Attack and Defense for Wireless Signal Classifiers with Deep Learning. (83%)
Towards Explaining Adversarial Examples Phenomenon in Artificial Neural Networks. (75%)
Estimating Predictive Uncertainty Under Program Data Distribution Shift. (1%)
Ready for Emerging Threats to Recommender Systems? A Graph Convolution-based Generative Shilling Attack. (1%)
2021-07-21
Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients. (98%)
Improved Text Classification via Contrastive Adversarial Training. (84%)
Black-box Probe for Unsupervised Domain Adaptation without Model Transferring. (81%)
Defending against Reconstruction Attack in Vertical Federated Learning. (10%)
Generative Models for Security: Attacks, Defenses, and Opportunities. (10%)
A Tandem Framework Balancing Privacy and Security for Voice User Interfaces. (5%)
Spinning Sequence-to-Sequence Models with Meta-Backdoors. (4%)
On the Convergence of Prior-Guided Zeroth-Order Optimization Algorithms. (2%)
2021-07-20
Using Undervolting as an On-Device Defense Against Adversarial Machine Learning Attacks. (99%)
A Markov Game Model for AI-based Cyber Security Attack Mitigation. (10%)
Leaking Secrets through Modern Branch Predictor in the Speculative World. (1%)
2021-07-19
Discriminator-Free Generative Adversarial Attack. (99%)
Feature-Filter: Detecting Adversarial Examples through Filtering off Recessive Features. (99%)
Examining the Human Perceptibility of Black-Box Adversarial Attacks on Face Recognition. (98%)
On the Veracity of Local, Model-agnostic Explanations in Audio Classification: Targeted Investigations with Adversarial Examples. (80%)
MEGEX: Data-Free Model Extraction Attack against Gradient-Based Explainable AI. (33%)
Structural Watermarking to Deep Neural Networks via Network Channel Pruning. (11%)
Generative Adversarial Neural Cellular Automata. (1%)
Improving Interpretability of Deep Neural Networks in Medical Diagnosis by Investigating the Individual Units. (1%)
Just Train Twice: Improving Group Robustness without Training Group Information. (1%)
2021-07-18
RobustFed: A Truth Inference Approach for Robust Federated Learning. (1%)
2021-07-17
BEDS-Bench: Behavior of EHR-models under Distributional Shift--A Benchmark. (9%)
2021-07-16
EGC2: Enhanced Graph Classification with Easy Graph Compression. (84%)
Proceedings of ICML 2021 Workshop on Theoretic Foundation, Criticism, and Application Trend of Explainable AI. (1%)
2021-07-15
Self-Supervised Contrastive Learning with Adversarial Perturbations for Defending Word Substitution-based Attacks. (99%)
Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving. (98%)
ECG-Adv-GAN: Detecting ECG Adversarial Examples with Conditional Generative Adversarial Networks. (92%)
Adversarial Attack for Uncertainty Estimation: Identifying Critical Regions in Neural Networks. (80%)
Subnet Replacement: Deployment-stage backdoor attack against deep neural networks in gray-box setting. (16%)
Tailor: Generating and Perturbing Text with Semantic Controls. (3%)
Shifts: A Dataset of Real Distributional Shift Across Multiple Large-Scale Tasks. (1%)
2021-07-14
AdvFilter: Predictive Perturbation-aware Filtering against Adversarial Attack via Multi-domain Learning. (99%)
Conservative Objective Models for Effective Offline Model-Based Optimization. (67%)
2021-07-13
AID-Purifier: A Light Auxiliary Network for Boosting Adversarial Defense. (88%)
Using BERT Encoding to Tackle the Mad-lib Attack in SMS Spam Detection. (69%)
Correlation Analysis between the Robustness of Sparse Neural Networks and their Random Hidden Structural Priors. (41%)
What classifiers know what they don't? (1%)
2021-07-12
EvoBA: An Evolution Strategy as a Strong Baseline forBlack-Box Adversarial Attacks. (99%)
Detect and Defense Against Adversarial Examples in Deep Learning using Natural Scene Statistics and Adaptive Denoising. (99%)
Perceptual-based deep-learning denoiser as a defense against adversarial attacks on ASR systems. (96%)
Putting words into the system's mouth: A targeted attack on neural machine translation using monolingual data poisoning. (81%)
A Closer Look at the Adversarial Robustness of Information Bottleneck Models. (70%)
SoftHebb: Bayesian inference in unsupervised Hebbian soft winner-take-all networks. (56%)
2021-07-11
Adversarial for Good? How the Adversarial ML Community's Values Impede Socially Beneficial Uses of Attacks. (76%)
Stateful Detection of Model Extraction Attacks. (2%)
Attack Rules: An Adversarial Approach to Generate Attacks for Industrial Control Systems using Machine Learning. (1%)
2021-07-10
Hack The Box: Fooling Deep Learning Abstraction-Based Monitors. (91%)
HOMRS: High Order Metamorphic Relations Selector for Deep Neural Networks. (88%)
Identifying Layers Susceptible to Adversarial Attacks. (83%)
Out of Distribution Detection and Adversarial Attacks on Deep Neural Networks for Robust Medical Image Analysis. (22%)
Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. (1%)
2021-07-09
Learning to Detect Adversarial Examples Based on Class Scores. (99%)
Resilience of Autonomous Vehicle Object Category Detection to Universal Adversarial Perturbations. (99%)
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems. (99%)
GGT: Graph-Guided Testing for Adversarial Sample Detection of Deep Neural Network. (98%)
Towards Robust General Medical Image Segmentation. (83%)
ARC: Adversarially Robust Control Policies for Autonomous Vehicles. (38%)
2021-07-08
Output Randomization: A Novel Defense for both White-box and Black-box Adversarial Models. (99%)
Improving Model Robustness with Latent Distribution Locally and Globally. (99%)
Analytically Tractable Hidden-States Inference in Bayesian Neural Networks. (50%)
Understanding the Limits of Unsupervised Domain Adaptation via Data Poisoning. (33%)
2021-07-07
Controlled Caption Generation for Images Through Adversarial Attacks. (99%)
Incorporating Label Uncertainty in Understanding Adversarial Robustness. (38%)
RoFL: Attestable Robustness for Secure Federated Learning. (2%)
2021-07-06
GradDiv: Adversarial Robustness of Randomized Neural Networks via Gradient Diversity Regularization. (99%)
Self-Adversarial Training incorporating Forgery Attention for Image Forgery Localization. (95%)
ROPUST: Improving Robustness through Fine-tuning with Photonic Processors and Synthetic Gradients. (76%)
On Generalization of Graph Autoencoders with Adversarial Training. (12%)
On Robustness of Lane Detection Models to Physical-World Adversarial Attacks in Autonomous Driving. (1%)
2021-07-05
When and How to Fool Explainable Models (and Humans) with Adversarial Examples. (99%)
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks. (99%)
Adversarial Robustness of Probabilistic Network Embedding for Link Prediction. (87%)
Dealing with Adversarial Player Strategies in the Neural Network Game iNNk through Ensemble Learning. (69%)
Understanding the Security of Deepfake Detection. (33%)
Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems. (15%)
Poisoning Attack against Estimating from Pairwise Comparisons. (15%)
Confidence Conditioned Knowledge Distillation. (10%)
2021-07-04
Certifiably Robust Interpretation via Renyi Differential Privacy. (67%)
Mirror Mirror on the Wall: Next-Generation Wireless Jamming Attacks Based on Software-Controlled Surfaces. (1%)
2021-07-03
Demiguise Attack: Crafting Invisible Semantic Adversarial Perturbations with Perceptual Similarity. (99%)
2021-07-01
Using Anomaly Feature Vectors for Detecting, Classifying and Warning of Outlier Adversarial Examples. (99%)
DVS-Attacks: Adversarial Attacks on Dynamic Vision Sensors for Spiking Neural Networks. (99%)
CLINE: Contrastive Learning with Semantic Negative Examples for Natural Language Understanding. (68%)
Adversarial Sample Detection for Speaker Verification by Neural Vocoders. (41%)
The Interplay between Distribution Parameters and the Accuracy-Robustness Tradeoff in Classification. (16%)
Reinforcement Learning for Feedback-Enabled Cyber Resilience. (10%)
2021-06-30
Single-Step Adversarial Training for Semantic Segmentation. (96%)
Understanding Adversarial Attacks on Observations in Deep Reinforcement Learning. (84%)
Explanation-Guided Diagnosis of Machine Learning Evasion Attacks. (82%)
Bi-Level Poisoning Attack Model and Countermeasure for Appliance Consumption Data of Smart Homes. (8%)
Exploring Robustness of Neural Networks through Graph Measures. (8%)
A Context-Aware Information-Based Clone Node Attack Detection Scheme in Internet of Things. (1%)
Understanding and Improving Early Stopping for Learning with Noisy Labels. (1%)
2021-06-29
Adversarial Machine Learning for Cybersecurity and Computer Vision: Current Developments and Challenges. (99%)
Understanding Adversarial Examples Through Deep Neural Network's Response Surface and Uncertainty Regions. (99%)
Attack Transferability Characterization for Adversarially Robust Multi-label Classification. (99%)
Inconspicuous Adversarial Patches for Fooling Image Recognition Systems on Mobile Devices. (99%)
Bio-Inspired Adversarial Attack Against Deep Neural Networks. (98%)
Do Not Deceive Your Employer with a Virtual Background: A Video Conferencing Manipulation-Detection System. (62%)
The Threat of Offensive AI to Organizations. (54%)
Local Reweighting for Adversarial Training. (22%)
On the Interaction of Belief Bias and Explanations. (15%)
2021-06-28
Feature Importance Guided Attack: A Model Agnostic Adversarial Attack. (99%)
Evading Adversarial Example Detection Defenses with Orthogonal Projected Gradient Descent. (99%)
Improving Transferability of Adversarial Patches on Face Recognition with Generative Models. (99%)
Data Poisoning Won't Save You From Facial Recognition. (97%)
Adversarial Robustness of Streaming Algorithms through Importance Sampling. (61%)
Test-Time Adaptation to Distribution Shift by Confidence Maximization and Input Transformation. (2%)
Certified Robustness via Randomized Smoothing over Multiplicative Parameters. (1%)
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis. (1%)
2021-06-27
RAILS: A Robust Adversarial Immune-inspired Learning System. (98%)
Who is Responsible for Adversarial Defense? (93%)
ASK: Adversarial Soft k-Nearest Neighbor Attack and Defense. (82%)
Immuno-mimetic Deep Neural Networks (Immuno-Net). (64%)
Stabilizing Equilibrium Models by Jacobian Regularization. (1%)
2021-06-26
Multi-stage Optimization based Adversarial Training. (99%)
The Feasibility and Inevitability of Stealth Attacks. (68%)
2021-06-24
On the (Un-)Avoidability of Adversarial Examples. (99%)
Countering Adversarial Examples: Combining Input Transformation and Noisy Training. (99%)
2021-06-23
Adversarial Examples in Multi-Layer Random ReLU Networks. (81%)
Teacher Model Fingerprinting Attacks Against Transfer Learning. (2%)
Meaningfully Explaining Model Mistakes Using Conceptual Counterfactuals. (1%)
Feature Attributions and Counterfactual Explanations Can Be Manipulated. (1%)
2021-06-22
DetectX -- Adversarial Input Detection using Current Signatures in Memristive XBar Arrays. (99%)
Self-Supervised Iterative Contextual Smoothing for Efficient Adversarial Defense against Gray- and Black-Box Attack. (99%)
Long-term Cross Adversarial Training: A Robust Meta-learning Method for Few-shot Classification Tasks. (83%)
On Adversarial Robustness of Synthetic Code Generation. (81%)
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data. (67%)
2021-06-21
Policy Smoothing for Provably Robust Reinforcement Learning. (99%)
Delving into the pixels of adversarial samples. (98%)
HODA: Hardness-Oriented Detection of Model Extraction Attacks. (98%)
Friendly Training: Neural Networks Can Adapt Data To Make Learning Easier. (91%)
Membership Inference on Word Embedding and Beyond. (38%)
An Alternative Auxiliary Task for Enhancing Image Classification. (11%)
Zero-shot learning approach to adaptive Cybersecurity using Explainable AI. (1%)
2021-06-20
Adversarial Examples Make Strong Poisons. (98%)
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem. (95%)
Generative Model Adversarial Training for Deep Compressed Sensing. (8%)
2021-06-19
Attack to Fool and Explain Deep Networks. (99%)
A Stealthy and Robust Fingerprinting Scheme for Generative Models. (47%)
2021-06-18
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. (99%)
Residual Error: a New Performance Measure for Adversarial Robustness. (99%)
The Dimpled Manifold Model of Adversarial Examples in Machine Learning. (99%)
Exploring Counterfactual Explanations Through the Lens of Adversarial Examples: A Theoretical and Empirical Analysis. (99%)
Light Lies: Optical Adversarial Attack. (92%)
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection. (82%)
Less is More: Feature Selection for Adversarial Robustness with Compressive Counter-Adversarial Attacks. (80%)
Group-Structured Adversarial Training. (68%)
Accumulative Poisoning Attacks on Real-time Data. (45%)
Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks. (45%)
Federated Robustness Propagation: Sharing Adversarial Robustness in Federated Learning. (5%)
2021-06-17
Analyzing Adversarial Robustness of Deep Neural Networks in Pixel Space: a Semantic Perspective. (99%)
Bad Characters: Imperceptible NLP Attacks. (99%)
DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs. (99%)
Adversarial Visual Robustness by Causal Intervention. (99%)
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. (92%)
Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks. (91%)
Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems. (82%)
Poisoning and Backdooring Contrastive Learning. (70%)
CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing. (69%)
CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing. (64%)
On Deep Neural Network Calibration by Regularization and its Impact on Refinement. (3%)
Effective Model Sparsification by Scheduled Grow-and-Prune Methods. (1%)
2021-06-16
Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses. (99%)
Localized Uncertainty Attacks. (99%)
Evaluating the Robustness of Bayesian Neural Networks Against Different Types of Attacks. (67%)
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch. (38%)
Explainable AI for Natural Adversarial Images. (13%)
A Winning Hand: Compressing Deep Networks Can Improve Out-Of-Distribution Robustness. (2%)
Scaling-up Diverse Orthogonal Convolutional Networks with a Paraunitary Framework. (1%)
Loki: Hardening Code Obfuscation Against Automated Attacks. (1%)
2021-06-15
Adversarial Attacks on Deep Models for Financial Transaction Records. (99%)
Model Extraction and Adversarial Attacks on Neural Networks using Switching Power Information. (99%)
Towards Adversarial Robustness via Transductive Learning. (80%)
Voting for the right answer: Adversarial defense for speaker verification. (78%)
Detect and remove watermark in deep neural networks via generative adversarial networks. (68%)
CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. (13%)
Securing Face Liveness Detection Using Unforgeable Lip Motion Patterns. (12%)
Probabilistic Margins for Instance Reweighting in Adversarial Training. (8%)
CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals. (1%)
2021-06-14
PopSkipJump: Decision-Based Attack for Probabilistic Classifiers. (99%)
Now You See It, Now You Dont: Adversarial Vulnerabilities in Computational Pathology. (99%)
Audio Attacks and Defenses against AED Systems -- A Practical Study. (99%)
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions. (92%)
Evading Malware Classifiers via Monte Carlo Mutant Feature Discovery. (81%)
On the Relationship between Heterophily and Robustness of Graph Neural Networks. (81%)
Partial success in closing the gap between human and machine vision. (15%)
Text Generation with Efficient (Soft) Q-Learning. (2%)
Resilient Control of Platooning Networked Robitic Systems via Dynamic Watermarking. (1%)
Self-training Guided Adversarial Domain Adaptation For Thermal Imagery. (1%)
Code Integrity Attestation for PLCs using Black Box Neural Network Predictions. (1%)
2021-06-13
Target Model Agnostic Adversarial Attacks with Query Budgets on Language Understanding Models. (99%)
Selection of Source Images Heavily Influences the Effectiveness of Adversarial Attacks. (99%)
ATRAS: Adversarially Trained Robust Architecture Search. (96%)
Security Analysis of Camera-LiDAR Semantic-Level Fusion Against Black-Box Attacks on Autonomous Vehicles. (64%)
Weakly-supervised High-resolution Segmentation of Mammography Images for Breast Cancer Diagnosis. (1%)
HistoTransfer: Understanding Transfer Learning for Histopathology. (1%)
2021-06-12
Adversarial Robustness via Fisher-Rao Regularization. (67%)
What can linearized neural networks actually say about generalization? (31%)
FeSHI: Feature Map Based Stealthy Hardware Intrinsic Attack. (2%)
2021-06-11
CausalAdv: Adversarial Robustness through the Lens of Causality. (99%)
Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks. (99%)
Adversarial purification with Score-based generative models. (89%)
Relaxing Local Robustness. (80%)
TDGIA:Effective Injection Attacks on Graph Neural Networks. (76%)
Turn the Combination Lock: Learnable Textual Backdoor Attacks via Word Substitution. (56%)
CARTL: Cooperative Adversarially-Robust Transfer Learning. (8%)
A Shuffling Framework for Local Differential Privacy. (1%)
2021-06-10
Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm. (99%)
Deep neural network loses attention to adversarial images. (99%)
Verifying Quantized Neural Networks using SMT-Based Model Checking. (92%)
Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation. (80%)
An Ensemble Approach Towards Adversarial Robustness. (41%)
Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning. (1%)
Fair Classification with Adversarial Perturbations. (1%)
2021-06-09
HASI: Hardware-Accelerated Stochastic Inference, A Defense Against Adversarial Machine Learning Attacks. (99%)
Towards Defending against Adversarial Examples via Attack-Invariant Features. (99%)
Improving White-box Robustness of Pre-processing Defenses via Joint Adversarial Training. (99%)
Attacking Adversarial Attacks as A Defense. (99%)
We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature. (98%)
Who Is the Strongest Enemy? Towards Optimal and Efficient Evasion Attacks in Deep RL. (93%)
URLTran: Improving Phishing URL Detection Using Transformers. (10%)
ZoPE: A Fast Optimizer for ReLU Networks with Low-Dimensional Inputs. (5%)
Practical Machine Learning Safety: A Survey and Primer. (4%)
Network insensitivity to parameter noise via adversarial regularization. (2%)
2021-06-08
On Improving Adversarial Transferability of Vision Transformers. (99%)
Simulated Adversarial Testing of Face Recognition Models. (99%)
Towards the Memorization Effect of Neural Networks in Adversarial Training. (93%)
Handcrafted Backdoors in Deep Neural Networks. (92%)
Enhancing Robustness of Neural Networks through Fourier Stabilization. (73%)
Provably Robust Detection of Out-of-distribution Data (almost) for free. (1%)
2021-06-07
Adversarial Attack and Defense in Deep Ranking. (99%)
Reveal of Vision Transformers Robustness against Adversarial Attacks. (99%)
Position Bias Mitigation: A Knowledge-Aware Graph Model for EmotionCause Extraction. (89%)
3DB: A Framework for Debugging Computer Vision Models. (45%)
RoSearch: Search for Robust Student Architectures When Distilling Pre-trained Language Models. (11%)
2021-06-06
A Primer on Multi-Neuron Relaxation-based Adversarial Robustness Certification. (98%)
Zero-Shot Knowledge Distillation from a Decision-Based Black-Box Model. (4%)
2021-06-05
Ensemble Defense with Data Diversity: Weak Correlation Implies Strong Robustness. (92%)
Robust Stochastic Linear Contextual Bandits Under Adversarial Attacks. (69%)
RDA: Robust Domain Adaptation via Fourier Adversarial Attacking. (2%)
2021-06-04
Revisiting Hilbert-Schmidt Information Bottleneck for Adversarial Robustness. (99%)
BO-DBA: Query-Efficient Decision-Based Adversarial Attacks via Bayesian Optimization. (99%)
Human-Adversarial Visual Question Answering. (31%)
Predify: Augmenting deep neural networks with brain-inspired predictive coding dynamics. (15%)
DOCTOR: A Simple Method for Detecting Misclassification Errors. (1%)
Teaching keyword spotters to spot new keywords with limited examples. (1%)
2021-06-03
Improving the Transferability of Adversarial Examples with New Iteration Framework and Input Dropout. (99%)
Imperceptible Adversarial Examples for Fake Image Detection. (99%)
A Little Robustness Goes a Long Way: Leveraging Universal Features for Targeted Transfer Attacks. (99%)
Transferable Adversarial Examples for Anchor Free Object Detection. (99%)
Exploring Memorization in Adversarial Training. (98%)
Improving Neural Network Robustness via Persistency of Excitation. (68%)
Defending against Backdoor Attacks in Natural Language Generation. (38%)
Sneak Attack against Mobile Robotic Networks under Formation Control. (1%)
2021-06-02
PDPGD: Primal-Dual Proximal Gradient Descent Adversarial Attack. (99%)
Towards Robustness of Text-to-SQL Models against Synonym Substitution. (75%)
BERT-Defense: A Probabilistic Model Based on BERT to Combat Cognitively Inspired Orthographic Adversarial Attacks. (62%)
2021-06-01
Adversarial Defense for Automatic Speaker Verification by Self-Supervised Learning. (99%)
Improving Compositionality of Neural Networks by Decoding Representations to Inputs. (68%)
Markpainting: Adversarial Machine Learning meets Inpainting. (12%)
On the Efficacy of Adversarial Data Collection for Question Answering: Results from a Large-Scale Randomized Study. (9%)
Adversarial VQA: A New Benchmark for Evaluating the Robustness of VQA Models. (5%)
Memory Wrap: a Data-Efficient and Interpretable Extension to Image Classification Models. (1%)
Concurrent Adversarial Learning for Large-Batch Training. (1%)
2021-05-31
Adaptive Feature Alignment for Adversarial Training. (99%)
QueryNet: An Efficient Attack Framework with Surrogates Carrying Multiple Identities. (99%)
Transferable Sparse Adversarial Attack. (99%)
Adversarial Training with Rectified Rejection. (99%)
Robustifying $\ell_\infty$ Adversarial Training to the Union of Perturbation Models. (82%)
Dominant Patterns: Critical Features Hidden in Deep Neural Networks. (80%)
Exploration and Exploitation: Two Ways to Improve Chinese Spelling Correction Models. (75%)
Gradient-based Data Subversion Attack Against Binary Classifiers. (73%)
DISSECT: Disentangled Simultaneous Explanations via Concept Traversals. (1%)
The effectiveness of feature attribution methods and its correlation with automatic evaluation scores. (1%)
2021-05-30
Generating Adversarial Examples with Graph Neural Networks. (99%)
Defending Pre-trained Language Models from Adversarial Word Substitutions Without Performance Sacrifice. (98%)
Evaluating Resilience of Encrypted Traffic Classification Against Adversarial Evasion Attacks. (62%)
NoiLIn: Do Noisy Labels Always Hurt Adversarial Training? (26%)
DAAIN: Detection of Anomalous and Adversarial Input using Normalizing Flows. (12%)
EEG-based Cross-Subject Driver Drowsiness Recognition with an Interpretable Convolutional Neural Network. (1%)
2021-05-29
Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations. (99%)
Analysis and Applications of Class-wise Robustness in Adversarial Training. (99%)
A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices. (2%)
2021-05-28
Demotivate adversarial defense in remote sensing. (99%)
AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption. (92%)
Robust Regularization with Adversarial Labelling of Perturbed Samples. (83%)
SafeAMC: Adversarial training for robust modulation recognition models. (83%)
Towards optimally abstaining from prediction. (81%)
Rethinking Noisy Label Models: Labeler-Dependent Noise with Adversarial Awareness. (76%)
Visualizing Representations of Adversarially Perturbed Inputs. (68%)
Chromatic and spatial analysis of one-pixel attacks against an image classifier. (15%)
FoveaTer: Foveated Transformer for Image Classification. (10%)
DeepMoM: Robust Deep Learning With Median-of-Means. (1%)
2021-05-27
A BIC-based Mixture Model Defense against Data Poisoning Attacks on Classifiers. (84%)
2021-05-26
Deep Repulsive Prototypes for Adversarial Robustness. (99%)
Adversarial Attack Framework on Graph Embedding Models with Limited Knowledge. (98%)
Can Linear Programs Have Adversarial Examples? A Causal Perspective. (81%)
Adversarial robustness against multiple $l_p$-threat models at the price of one and how to quickly fine-tune robust models to another threat model. (76%)
Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger. (61%)
Fooling Partial Dependence via Data Poisoning. (13%)
2021-05-25
Practical Convex Formulation of Robust One-hidden-layer Neural Network Training. (98%)
Adversarial Attack Driven Data Augmentation for Accurate And Robust Medical Image Segmentation. (98%)
Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' Outputs. (67%)
Robust Value Iteration for Continuous Control Tasks. (9%)
2021-05-24
OFEI: A Semi-black-box Android Adversarial Sample Attack Framework Against DLaaS. (99%)
Learning Security Classifiers with Verified Global Robustness Properties. (92%)
Feature Space Targeted Attacks by Statistic Alignment. (82%)
Improved OOD Generalization via Adversarial Training and Pre-training. (12%)
Out-of-Distribution Detection in Dermatology using Input Perturbation and Subset Scanning. (5%)
Every Byte Matters: Traffic Analysis of Bluetooth Wearable Devices. (1%)
Using Adversarial Attacks to Reveal the Statistical Bias in Machine Reading Comprehension Models. (1%)
Dissecting Click Fraud Autonomy in the Wild. (1%)
2021-05-23
Killing Two Birds with One Stone: Stealing Model and Inferring Attribute from BERT-based APIs. (99%)
CMUA-Watermark: A Cross-Model Universal Adversarial Watermark for Combating Deepfakes. (92%)
Regularization Can Help Mitigate Poisoning Attacks... with the Right Hyperparameters. (12%)
2021-05-22
Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems. (99%)
Exploring Robustness of Unsupervised Domain Adaptation in Semantic Segmentation. (98%)
Securing Optical Networks using Quantum-secured Blockchain: An Overview. (1%)
2021-05-21
ReLUSyn: Synthesizing Stealthy Attacks for Deep Neural Network Based Cyber-Physical Systems. (81%)
Exploring Misclassifications of Robust Neural Networks to Enhance Adversarial Attacks. (76%)
Backdoor Attacks on Self-Supervised Learning. (68%)
Intriguing Properties of Vision Transformers. (8%)
Explainable Enterprise Credit Rating via Deep Feature Crossing Network. (1%)
2021-05-20
Simple Transparent Adversarial Examples. (99%)
Anomaly Detection of Adversarial Examples using Class-conditional Generative Adversarial Networks. (99%)
Preventing Machine Learning Poisoning Attacks Using Authentication and Provenance. (11%)
TestRank: Bringing Order into Unlabeled Test Instances for Deep Learning Tasks. (1%)
2021-05-19
Attack on practical speaker verification system using universal adversarial perturbations. (99%)
Local Aggressive Adversarial Attacks on 3D Point Cloud. (99%)
An Orthogonal Classifier for Improving the Adversarial Robustness of Neural Networks. (76%)
Balancing Robustness and Sensitivity using Feature Contrastive Learning. (15%)
DeepStrike: Remotely-Guided Fault Injection Attacks on DNN Accelerator in Cloud-FPGA. (1%)
User Label Leakage from Gradients in Federated Learning. (1%)
Hunter in the Dark: Deep Ensemble Networks for Discovering Anomalous Activity from Smart Networks. (1%)
2021-05-18
Sparta: Spatially Attentive and Adversarially Robust Activation. (99%)
Detecting Adversarial Examples with Bayesian Neural Network. (99%)
Fighting Gradients with Gradients: Dynamic Defenses against Adversarial Attacks. (98%)
On the Robustness of Domain Constraints. (98%)
Learning and Certification under Instance-targeted Poisoning. (82%)
2021-05-17
Towards Robust Vision Transformer. (95%)
Gradient Masking and the Underestimated Robustness Threats of Differential Privacy in Deep Learning. (93%)
An SDE Framework for Adversarial Training, with Convergence and Robustness Analysis. (69%)
A Fusion-Denoising Attack on InstaHide with Data Augmentation. (1%)
2021-05-16
Vision Transformers are Robust Learners. (99%)
Prototype-supervised Adversarial Network for Targeted Attack of Deep Hashing. (99%)
SoundFence: Securing Ultrasonic Sensors in Vehicles Using Physical-Layer Defense. (2%)
2021-05-15
Real-time Detection of Practical Universal Adversarial Perturbations. (99%)
2021-05-14
Salient Feature Extractor for Adversarial Defense on Deep Neural Networks. (99%)
High-Robustness, Low-Transferability Fingerprinting of Neural Networks. (9%)
Information-theoretic Evolution of Model Agnostic Global Explanations. (1%)
Iterative Algorithms for Assessing Network Resilience Against Structured Perturbations. (1%)
2021-05-13
Stochastic-Shield: A Probabilistic Approach Towards Training-Free Adversarial Defense in Quantized CNNs. (98%)
When Human Pose Estimation Meets Robustness: Adversarial Algorithms and Benchmarks. (5%)
DeepObliviate: A Powerful Charm for Erasing Data Residual Memory in Deep Neural Networks. (1%)
Biometrics: Trust, but Verify. (1%)
2021-05-12
AVA: Adversarial Vignetting Attack against Visual Recognition. (99%)
OutFlip: Generating Out-of-Domain Samples for Unknown Intent Detection with Natural Language Attack. (70%)
Adversarial Reinforcement Learning in Dynamic Channel Access and Power Control. (2%)
A Statistical Threshold for Adversarial Classification in Laplace Mechanisms. (1%)
2021-05-11
Poisoning MorphNet for Clean-Label Backdoor Attack to Point Clouds. (99%)
Improving Adversarial Transferability with Gradient Refining. (99%)
Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective. (5%)
2021-05-10
Adversarial examples attack based on random warm restart mechanism and improved Nesterov momentum. (99%)
Examining and Mitigating Kernel Saturation in Convolutional Neural Networks using Negative Images. (1%)
2021-05-09
Automated Decision-based Adversarial Attacks. (99%)
Efficiency-driven Hardware Optimization for Adversarially Robust Neural Networks. (88%)
Security Concerns on Machine Learning Solutions for 6G Networks in mmWave Beam Prediction. (81%)
Robust Training Using Natural Transformation. (13%)
Learning Image Attacks toward Vision Guided Autonomous Vehicles. (4%)
Combining Time-Dependent Force Perturbations in Robot-Assisted Surgery Training. (1%)
2021-05-08
Self-Supervised Adversarial Example Detection by Disentangled Representation. (99%)
De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks. (96%)
Certified Robustness to Text Adversarial Attacks by Randomized [MASK]. (93%)
Provable Guarantees against Data Poisoning Using Self-Expansion and Compatibility. (16%)
Mental Models of Adversarial Machine Learning. (16%)
2021-05-07
Adv-Makeup: A New Imperceptible and Transferable Attack on Face Recognition. (99%)
Uniform Convergence, Adversarial Spheres and a Simple Remedy. (15%)
2021-05-06
Dynamic Defense Approach for Adversarial Robustness in Deep Neural Networks via Stochastic Ensemble Smoothed Model. (99%)
A Simple and Strong Baseline for Universal Targeted Attacks on Siamese Visual Tracking. (99%)
Understanding Catastrophic Overfitting in Adversarial Training. (92%)
Attestation Waves: Platform Trust via Remote Power Analysis. (1%)
2021-05-05
Attack-agnostic Adversarial Detection on Medical Data Using Explainable Machine Learning. (99%)
Exploiting Vulnerabilities in Deep Neural Networks: Adversarial and Fault-Injection Attacks. (97%)
Contrastive Learning and Self-Training for Unsupervised Domain Adaptation in Semantic Segmentation. (1%)
A Theoretical-Empirical Approach to Estimating Sample Complexity of DNNs. (1%)
2021-05-04
Poisoning the Unlabeled Dataset of Semi-Supervised Learning. (92%)
Broadly Applicable Targeted Data Sample Omission Attacks. (68%)
An Overview of Laser Injection against Embedded Neural Network Models. (2%)
2021-05-03
Physical world assistive signals for deep neural network classifiers -- neither defense nor attack. (83%)
Black-Box Dissector: Towards Erasing-based Hard-Label Model Stealing Attack. (73%)
2021-05-02
Intriguing Usage of Applicability Domain: Lessons from Cheminformatics Applied to Adversarial Learning. (99%)
Who's Afraid of Adversarial Transferability? (99%)
Multi-Robot Coordination and Planning in Uncertain and Adversarial Environments. (10%)
GRNN: Generative Regression Neural Network -- A Data Leakage Attack for Federated Learning. (2%)
Spinner: Automated Dynamic Command Subsystem Perturbation. (1%)
2021-05-01
Adversarial Example Detection for DNN Models: A Review and Experimental Comparison. (99%)
A Perceptual Distortion Reduction Framework: Towards Generating Adversarial Examples with High Perceptual Quality and Attack Success Rate. (98%)
On the Adversarial Robustness of Quantized Neural Networks. (75%)
Hidden Backdoors in Human-Centric Language Models. (73%)
One Detector to Rule Them All: Towards a General Deepfake Attack Detection Framework. (62%)
A Master Key Backdoor for Universal Impersonation Attack against DNN-based Face Verification. (62%)
Load Oscillating Attacks of Smart Grids: Demand Strategies and Vulnerability Analysis. (2%)
RATT: Leveraging Unlabeled Data to Guarantee Generalization. (1%)
2021-04-30
Deep Image Destruction: A Comprehensive Study on Vulnerability of Deep Image-to-Image Models against Adversarial Attacks. (99%)
Black-box Gradient Attack on Graph Neural Networks: Deeper Insights in Graph-based Attack and Defense. (99%)
Black-box adversarial attacks using Evolution Strategies. (98%)
IPatch: A Remote Adversarial Patch. (97%)
DeFiRanger: Detecting Price Manipulation Attacks on DeFi Applications. (10%)
FIPAC: Thwarting Fault- and Software-Induced Control-Flow Attacks with ARM Pointer Authentication. (2%)
2021-04-29
GasHis-Transformer: A Multi-scale Visual Transformer Approach for Gastric Histopathology Image Classification. (67%)
A neural anisotropic view of underspecification in deep learning. (26%)
Analytical bounds on the local Lipschitz constants of ReLU networks. (12%)
Learning Robust Variational Information Bottleneck with Reference. (5%)
2021-04-28
AdvHaze: Adversarial Haze Attack. (99%)
2021-04-27
Improved and Efficient Text Adversarial Attacks using Target Information. (97%)
Metamorphic Detection of Repackaged Malware. (91%)
Structure-Aware Hierarchical Graph Pooling using Information Bottleneck. (2%)
Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model's Complexity. (1%)
2021-04-26
Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT. (99%)
Delving into Data: Effectively Substitute Training for Black-box Attack. (99%)
secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python. (99%)
Impact of Spatial Frequency Based Constraints on Adversarial Robustness. (98%)
PatchGuard++: Efficient Provable Attack Detection against Adversarial Patches. (87%)
Good Artists Copy, Great Artists Steal: Model Extraction Attacks Against Image Translation Generative Adversarial Networks. (22%)
2021-04-25
3D Adversarial Attacks Beyond Point Cloud. (99%)
Making Generated Images Hard To Spot: A Transferable Attack On Synthetic Image Detectors. (81%)
2021-04-24
Influence Based Defense Against Data Poisoning Attacks in Online Learning. (99%)
2021-04-23
Theoretical Study of Random Noise Defense against Query-Based Black-Box Attacks. (98%)
Evaluating Deception Detection Model Robustness To Linguistic Variation. (82%)
Lightweight Detection of Out-of-Distribution and Adversarial Samples via Channel Mean Discrepancy. (3%)
Improving Neural Silent Speech Interface Models by Adversarial Training. (1%)
2021-04-22
Towards Adversarial Patch Analysis and Certified Defense against Crowd Counting. (99%)
Learning Transferable 3D Adversarial Cloaks for Deep Trained Detectors. (98%)
Performance Evaluation of Adversarial Attacks: Discrepancies and Solutions. (86%)
Operator Shifting for General Noisy Matrix Systems. (56%)
SPECTRE: Defending Against Backdoor Attacks Using Robust Statistics. (22%)
2021-04-21
Dual Head Adversarial Training. (99%)
Mixture of Robust Experts (MoRE): A Flexible Defense Against Multiple Perturbations. (99%)
Robust Certification for Laplace Learning on Geometric Graphs. (96%)
Jacobian Regularization for Mitigating Universal Adversarial Perturbations. (95%)
Dataset Inference: Ownership Resolution in Machine Learning. (83%)
2021-04-20
Adversarial Training for Deep Learning-based Intrusion Detection Systems. (99%)
MixDefense: A Defense-in-Depth Framework for Adversarial Example Detection Based on Statistical and Semantic Analysis. (99%)
MagicPai at SemEval-2021 Task 7: Method for Detecting and Rating Humor Based on Multi-Task Adversarial Training. (64%)
Does enhanced shape bias improve neural network robustness to common corruptions? (26%)
Robust Sensor Fusion Algorithms Against Voice Command Attacks in Autonomous Vehicles. (9%)
Network Defense is Not a Game. (1%)
2021-04-19
Staircase Sign Method for Boosting Adversarial Attacks. (99%)
Improving Adversarial Robustness Using Proxy Distributions. (99%)
Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models. (99%)
LAFEAT: Piercing Through Adversarial Defenses with Latent Features. (99%)
Removing Adversarial Noise in Class Activation Feature Space. (99%)
Direction-Aggregated Attack for Transferable Adversarial Examples. (99%)
Manipulating SGD with Data Ordering Attacks. (95%)
Provable Robustness of Adversarial Training for Learning Halfspaces with Noise. (22%)
Protecting the Intellectual Properties of Deep Neural Networks with an Additional Class and Steganographic Images. (11%)
Semi-Supervised Domain Adaptation with Prototypical Alignment and Consistency Learning. (1%)
2021-04-18
Best Practices for Noise-Based Augmentation to Improve the Performance of Emotion Recognition "In the Wild". (83%)
On the Sensitivity and Stability of Model Interpretations in NLP. (1%)
2021-04-17
Attacking Text Classifiers via Sentence Rewriting Sampler. (99%)
Rethinking Image-Scaling Attacks: The Interplay Between Vulnerabilities in Machine Learning Systems. (99%)
Improving Question Answering Model Robustness with Synthetic Adversarial Data Generation. (98%)
Improving Zero-Shot Cross-Lingual Transfer Learning via Robust Training. (87%)
AM2iCo: Evaluating Word Meaning in Context across Low-ResourceLanguages with Adversarial Examples. (15%)
2021-04-16
Fashion-Guided Adversarial Attack on Person Segmentation. (99%)
Towards Variable-Length Textual Adversarial Attacks. (99%)
An Adversarially-Learned Turing Test for Dialog Generation Models. (96%)
Random and Adversarial Bit Error Robustness: Energy-Efficient and Secure DNN Accelerators. (83%)
Lower Bounds on Cross-Entropy Loss in the Presence of Test-time Adversaries. (2%)
2021-04-15
Gradient-based Adversarial Attacks against Text Transformers. (99%)
Robust Backdoor Attacks against Deep Neural Networks in Real Physical World. (86%)
Are Multilingual BERT models robust? A Case Study on Adversarial Attacks for Multilingual Question Answering. (12%)
Federated Learning for Malware Detection in IoT Devices. (10%)
2021-04-14
Meaningful Adversarial Stickers for Face Recognition in Physical World. (98%)
Orthogonalizing Convolutional Layers with the Cayley Transform. (80%)
Defending Against Adversarial Denial-of-Service Data Poisoning Attacks. (38%)
Improved Branch and Bound for Neural Network Verification via Lagrangian Decomposition. (1%)
2021-04-13
Mitigating Adversarial Attack for Compute-in-Memory Accelerator Utilizing On-chip Finetune. (99%)
Detecting Operational Adversarial Examples for Reliable Deep Learning. (82%)
Fall of Giants: How popular text-based MLaaS fall against a simple evasion attack. (75%)
2021-04-12
Sparse Coding Frontend for Robust Neural Networks. (99%)
A Backdoor Attack against 3D Point Cloud Classifiers. (96%)
Plot-guided Adversarial Example Construction for Evaluating Open-domain Story Generation. (56%)
Double Perturbation: On the Robustness of Robustness and Counterfactual Bias Evaluation. (50%)
Thief, Beware of What Get You There: Towards Understanding Model Extraction Attack. (1%)
2021-04-11
Achieving Model Robustness through Discrete Adversarial Training. (99%)
Pay attention to your loss: understanding misconceptions about 1-Lipschitz neural networks. (1%)
2021-04-10
Fool Me Twice: Entailment from Wikipedia Gamification. (61%)
Adversarial Regularization as Stackelberg Game: An Unrolled Optimization Approach. (15%)
Disentangled Contrastive Learning for Learning Robust Textual Representations. (11%)
2021-04-09
Relating Adversarially Robust Generalization to Flat Minima. (99%)
SPoTKD: A Protocol for Symmetric Key Distribution over Public Channels Using Self-Powered Timekeeping Devices. (1%)
Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication. (1%)
Learning Sampling Policy for Faster Derivative Free Optimization. (1%)
2021-04-08
FACESEC: A Fine-grained Robustness Evaluation Framework for Face Recognition Systems. (98%)
Explainability-based Backdoor Attacks Against Graph Neural Networks. (15%)
A single gradient step finds adversarial examples on random two-layers neural networks. (10%)
Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses. (8%)
2021-04-07
Universal Adversarial Training with Class-Wise Perturbations. (99%)
The art of defense: letting networks fool the attacker. (98%)
Universal Spectral Adversarial Attacks for Deformable Shapes. (81%)
Adversarial Robustness Guarantees for Gaussian Processes. (68%)
Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective. (61%)
Improving Robustness of Deep Reinforcement Learning Agents: Environment Attacks based on Critic Networks. (10%)
Sparse Oblique Decision Trees: A Tool to Understand and Manipulate Neural Net Features. (3%)
An Object Detection based Solver for Google's Image reCAPTCHA v2. (1%)
2021-04-06
Exploring Targeted Universal Adversarial Perturbations to End-to-end ASR Models. (93%)
Adversarial Robustness under Long-Tailed Distribution. (89%)
Robust Adversarial Classification via Abstaining. (75%)
Backdoor Attack in the Physical World. (2%)
2021-04-05
Robust Classification Under $\ell_0$ Attack for the Gaussian Mixture Model. (99%)
Adaptive Clustering of Robust Semantic Representations for Adversarial Image Purification. (98%)
BBAEG: Towards BERT-based Biomedical Adversarial Example Generation for Text Classification. (96%)
Deep Learning-Based Autonomous Driving Systems: A Survey of Attacks and Defenses. (74%)
Can audio-visual integration strengthen robustness under multimodal attacks? (68%)
Jekyll: Attacking Medical Image Diagnostics using Deep Generative Models. (33%)
Unified Detection of Digital and Physical Face Attacks. (8%)
Beyond Categorical Label Representations for Image Classification. (2%)
Rethinking Perturbations in Encoder-Decoders for Fast Training. (1%)
2021-04-04
Semantically Stealthy Adversarial Attacks against Segmentation Models. (99%)
Reliably fast adversarial training via latent adversarial perturbation. (93%)
2021-04-03
Mitigating Gradient-based Adversarial Attacks via Denoising and Compression. (99%)
Gradient-based Adversarial Deep Modulation Classification with Data-driven Subsampling. (93%)
Property-driven Training: All You (N)Ever Wanted to Know About. (26%)
2021-04-02
Defending Against Image Corruptions Through Adversarial Augmentations. (92%)
RABA: A Robust Avatar Backdoor Attack on Deep Neural Network. (83%)
Diverse Gaussian Noise Consistency Regularization for Robustness and Uncertainty Calibration under Noise Domain Shifts. (2%)
Fast-adapting and Privacy-preserving Federated Recommender System. (1%)
2021-04-01
TRS: Transferability Reduced Ensemble via Encouraging Gradient Diversity and Model Smoothness. (99%)
Domain Invariant Adversarial Learning. (98%)
Normal vs. Adversarial: Salience-based Analysis of Adversarial Samples for Relation Extraction. (93%)
Towards Evaluating and Training Verifiably Robust Neural Networks. (45%)
Augmenting Zero Trust Architecture to Endpoints Using Blockchain: A Systematic Review. (3%)
Learning from Noisy Labels via Dynamic Loss Thresholding. (1%)
2021-03-31
Adversarial Heart Attack: Neural Networks Fooled to Segment Heart Symbols in Chest X-Ray Images. (99%)
Adversarial Attacks and Defenses for Speech Recognition Systems. (99%)
Fast Certified Robust Training with Short Warmup. (86%)
Fast Jacobian-Vector Product for Deep Networks. (22%)
Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid. (2%)
Digital Forensics vs. Anti-Digital Forensics: Techniques, Limitations and Recommendations. (1%)
2021-03-30
On the Robustness of Vision Transformers to Adversarial Examples. (99%)
Class-Aware Robust Adversarial Training for Object Detection. (96%)
PointBA: Towards Backdoor Attacks in 3D Point Cloud. (92%)
What Causes Optical Flow Networks to be Vulnerable to Physical Adversarial Attacks. (91%)
Statistical inference for individual fairness. (67%)
Learning Lipschitz Feedback Policies from Expert Demonstrations: Closed-Loop Guarantees, Generalization and Robustness. (47%)
Improving robustness against common corruptions with frequency biased models. (1%)
2021-03-29
Lagrangian Objective Function Leads to Improved Unforeseen Attack Generalization in Adversarial Training. (99%)
Enhancing the Transferability of Adversarial Attacks through Variance Tuning. (99%)
On the Adversarial Robustness of Vision Transformers. (99%)
ZeroGrad : Mitigating and Explaining Catastrophic Overfitting in FGSM Adversarial Training. (95%)
Certifiably-Robust Federated Adversarial Learning via Randomized Smoothing. (93%)
Fooling LiDAR Perception via Adversarial Trajectory Perturbation. (83%)
Robust Reinforcement Learning under model misspecification. (31%)
Automating Defense Against Adversarial Attacks: Discovery of Vulnerabilities and Application of Multi-INT Imagery to Protect Deployed Models. (16%)
MISA: Online Defense of Trojaned Models using Misattributions. (10%)
Be Careful about Poisoned Word Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models. (9%)
Selective Output Smoothing Regularization: Regularize Neural Networks by Softening Output Distributions. (1%)
2021-03-28
Improved Autoregressive Modeling with Distribution Smoothing. (86%)
2021-03-27
On the benefits of robust models in modulation recognition. (99%)
IoU Attack: Towards Temporally Coherent Black-Box Adversarial Attack for Visual Object Tracking. (99%)
LiBRe: A Practical Bayesian Approach to Adversarial Detection. (99%)
2021-03-26
Cyclic Defense GAN Against Speech Adversarial Attacks. (99%)
Combating Adversaries with Anti-Adversaries. (93%)
On Generating Transferable Targeted Perturbations. (93%)
Building Reliable Explanations of Unreliable Neural Networks: Locally Smoothing Perspective of Model Interpretation. (86%)
Ensemble-in-One: Learning Ensemble within Random Gated Networks for Enhanced Adversarial Robustness. (83%)
Visual Explanations from Spiking Neural Networks using Interspike Intervals. (62%)
Unsupervised Robust Domain Adaptation without Source Data. (13%)
2021-03-25
Adversarial Attacks are Reversible with Natural Supervision. (99%)
Adversarial Attacks on Deep Learning Based mmWave Beam Prediction in 5G and Beyond. (98%)
MagDR: Mask-guided Detection and Reconstruction for Defending Deepfakes. (81%)
Deep-RBF Networks for Anomaly Detection in Automotive Cyber-Physical Systems. (70%)
Orthogonal Projection Loss. (45%)
THAT: Two Head Adversarial Training for Improving Robustness at Scale. (26%)
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography. (11%)
HufuNet: Embedding the Left Piece as Watermark and Keeping the Right Piece for Ownership Verification in Deep Neural Networks. (10%)
The Geometry of Over-parameterized Regression and Adversarial Perturbations. (2%)
Synthesize-It-Classifier: Learning a Generative Classifier through RecurrentSelf-analysis. (1%)
Spirit Distillation: Precise Real-time Prediction with Insufficient Data. (1%)
Recent Advances in Large Margin Learning. (1%)
2021-03-24
Adversarial Feature Stacking for Accurate and Robust Predictions. (99%)
Vulnerability of Appearance-based Gaze Estimation. (97%)
Black-box Detection of Backdoor Attacks with Limited Information and Data. (96%)
Deepfake Forensics via An Adversarial Game. (10%)
2021-03-23
Robust and Accurate Object Detection via Adversarial Learning. (98%)
CLIP: Cheap Lipschitz Training of Neural Networks. (96%)
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers? (92%)
Characterizing and Improving the Robustness of Self-Supervised Learning through Background Augmentations. (87%)
RPATTACK: Refined Patch Attack on General Object Detectors. (76%)
NNrepair: Constraint-based Repair of Neural Network Classifiers. (50%)
Are all outliers alike? On Understanding the Diversity of Outliers for Detecting OODs. (31%)
Improved Estimation of Concentration Under $\ell_p$-Norm Distance Metrics Using Half Spaces. (22%)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. (1%)
2021-03-22
Grey-box Adversarial Attack And Defence For Sentiment Classification. (99%)
Fast Approximate Spectral Normalization for Robust Deep Neural Networks. (98%)
Spatio-Temporal Sparsification for General Robust Graph Convolution Networks. (87%)
RA-BNN: Constructing Robust & Accurate Binary Neural Network to Simultaneously Defend Adversarial Bit-Flip Attack and Improve Accuracy. (75%)
Adversarial Feature Augmentation and Normalization for Visual Recognition. (13%)
Adversarially Optimized Mixup for Robust Classification. (13%)
2021-03-21
ExAD: An Ensemble Approach for Explanation-based Adversarial Detection. (99%)
TextFlint: Unified Multilingual Robustness Evaluation Toolkit for Natural Language Processing. (75%)
Natural Perturbed Training for General Robustness of Neural Network Classifiers. (38%)
Self adversarial attack as an augmentation method for immunohistochemical stainings. (33%)
2021-03-20
Robust Models Are More Interpretable Because Attributions Look Normal. (15%)
2021-03-19
LSDAT: Low-Rank and Sparse Decomposition for Decision-based Adversarial Attack. (99%)
SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems. (93%)
Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions. (86%)
Interpretable Deep Learning: Interpretation, Interpretability, Trustworthiness, and Beyond. (2%)
2021-03-18
Generating Adversarial Computer Programs using Optimized Obfuscations. (99%)
Boosting Adversarial Transferability through Enhanced Momentum. (99%)
Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles. (98%)
Enhancing Transformer for Video Understanding Using Gated Multi-Level Attention and Temporal Adversarial Training. (76%)
Model Extraction and Adversarial Transferability, Your BERT is Vulnerable! (69%)
TOP: Backdoor Detection in Neural Networks via Transferability of Perturbation. (61%)
Noise Modulation: Let Your Model Interpret Itself. (54%)
KoDF: A Large-scale Korean DeepFake Detection Dataset. (16%)
Reading Isn't Believing: Adversarial Attacks On Multi-Modal Neurons. (9%)
2021-03-17
Can Targeted Adversarial Examples Transfer When the Source and Target Models Have No Label Space Overlap? (99%)
Adversarial Attacks on Camera-LiDAR Models for 3D Car Detection. (98%)
Improved, Deterministic Smoothing for L1 Certified Robustness. (82%)
Understanding Generalization in Adversarial Training via the Bias-Variance Decomposition. (41%)
Code-Mixing on Sesame Street: Dawn of the Adversarial Polyglots. (38%)
Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss. (13%)
2021-03-16
Adversarial YOLO: Defense Human Detection Patch Attacks via Detecting Adversarial Patches. (92%)
Anti-Adversarially Manipulated Attributions for Weakly and Semi-Supervised Semantic Segmentation. (75%)
Bio-inspired Robustness: A Review. (70%)
Adversarial Driving: Attacking End-to-End Autonomous Driving Systems. (68%)
2021-03-15
Constant Random Perturbations Provide Adversarial Robustness with Minimal Effect on Accuracy. (83%)
Adversarial Training is Not Ready for Robot Learning. (67%)
HDTest: Differential Fuzz Testing of Brain-Inspired Hyperdimensional Computing. (64%)
Understanding invariance via feedforward inversion of discriminatively trained classifiers. (10%)
Meta-Solver for Neural Ordinary Differential Equations. (2%)
2021-03-14
Towards Robust Speech-to-Text Adversarial Attack. (99%)
BreakingBED -- Breaking Binary and Efficient Deep Neural Networks by Adversarial Attacks. (98%)
Multi-Discriminator Sobolev Defense-GAN Against Adversarial Attacks for End-to-End Speech Systems. (82%)
Membership Inference Attacks on Machine Learning: A Survey. (68%)
2021-03-13
Attack as Defense: Characterizing Adversarial Examples using Robustness. (99%)
Generating Unrestricted Adversarial Examples via Three Parameters. (99%)
Simeon -- Secure Federated Machine Learning Through Iterative Filtering. (12%)
2021-03-12
Learning Defense Transformers for Counterattacking Adversarial Examples. (99%)
Internal Wasserstein Distance for Adversarial Attack and Defense. (99%)
A Unified Game-Theoretic Interpretation of Adversarial Robustness. (98%)
Adversarial Machine Learning Security Problems for 6G: mmWave Beam Prediction Use-Case. (82%)
Network Environment Design for Autonomous Cyberdefense. (1%)
2021-03-11
Stochastic-HMDs: Adversarial Resilient Hardware Malware Detectors through Voltage Over-scaling. (99%)
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Verification. (99%)
Adversarial Laser Beam: Effective Physical-World Attack to DNNs in a Blink. (99%)
DAFAR: Detecting Adversaries by Feedback-Autoencoder Reconstruction. (99%)
ReinforceBug: A Framework to Generate Adversarial Textual Examples. (97%)
Multi-Task Federated Reinforcement Learning with Adversaries. (15%)
BODAME: Bilevel Optimization for Defense Against Model Extraction. (8%)
2021-03-10
Improving Adversarial Robustness via Channel-wise Activation Suppressing. (99%)
TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack. (92%)
VideoMoCo: Contrastive Video Representation Learning with Temporally Adversarial Examples. (67%)
Fine-tuning of Pre-trained End-to-end Speech Recognition with Generative Adversarial Networks. (1%)
2021-03-09
Stabilized Medical Image Attacks. (99%)
Revisiting Model's Uncertainty and Confidences for Adversarial Example Detection. (99%)
Practical Relative Order Attack in Deep Ranking. (99%)
BASAR:Black-box Attack on Skeletal Action Recognition. (99%)
Understanding the Robustness of Skeleton-based Action Recognition under Adversarial Attack. (98%)
Deep Learning for Android Malware Defenses: a Systematic Literature Review. (11%)
Robust Black-box Watermarking for Deep NeuralNetwork using Inverse Document Frequency. (10%)
Towards Strengthening Deep Learning-based Side Channel Attacks with Mixup. (2%)
2021-03-08
Packet-Level Adversarial Network Traffic Crafting using Sequence Generative Adversarial Networks. (99%)
Enhancing Transformation-based Defenses against Adversarial Examples with First-Order Perturbations. (99%)
Contemplating real-world object classification. (81%)
Consistency Regularization for Adversarial Robustness. (50%)
Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses. (2%)
Deeply Unsupervised Patch Re-Identification for Pre-training Object Detectors. (1%)
Deep Model Intellectual Property Protection via Deep Watermarking. (1%)
2021-03-07
Universal Adversarial Perturbations and Image Spam Classifiers. (99%)
Detecting Adversarial Examples from Sensitivity Inconsistency of Spatial-Transform Domain. (99%)
Improving Global Adversarial Robustness Generalization With Adversarially Trained GAN. (99%)
Insta-RS: Instance-wise Randomized Smoothing for Improved Robustness and Accuracy. (76%)
2021-03-06
T-Miner: A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification. (98%)
Hidden Backdoor Attack against Semantic Segmentation Models. (93%)
2021-03-05
Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence. (13%)
Don't Forget to Sign the Gradients! (10%)
Tor circuit fingerprinting defenses using adaptive padding. (1%)
2021-03-04
Hard-label Manifolds: Unexpected Advantages of Query Efficiency for Finding On-manifold Adversarial Examples. (99%)
WaveGuard: Understanding and Mitigating Audio Adversarial Examples. (99%)
Towards Evaluating the Robustness of Deep Diagnostic Models by Adversarial Attack. (99%)
QAIR: Practical Query-efficient Black-Box Attacks for Image Retrieval. (99%)
SpectralDefense: Detecting Adversarial Attacks on CNNs in the Fourier Domain. (99%)
Gradient-Guided Dynamic Efficient Adversarial Training. (96%)
PointGuard: Provably Robust 3D Point Cloud Classification. (92%)
Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods. (12%)
A Novel Framework for Threat Analysis of Machine Learning-based Smart Healthcare Systems. (1%)
On the privacy-utility trade-off in differentially private hierarchical text classification. (1%)
2021-03-03
Structure-Preserving Progressive Low-rank Image Completion for Defending Adversarial Attacks. (99%)
A Modified Drake Equation for Assessing Adversarial Risk to Machine Learning Models. (89%)
Shift Invariance Can Reduce Adversarial Robustness. (87%)
A Robust Adversarial Network-Based End-to-End Communications System With Strong Generalization Ability Against Adversarial Attacks. (81%)
On the effectiveness of adversarial training against common corruptions. (67%)
Formalizing Generalization and Robustness of Neural Networks to Weight Perturbations. (64%)
2021-03-02
Evaluating the Robustness of Geometry-Aware Instance-Reweighted Adversarial Training. (99%)
A Survey On Universal Adversarial Attack. (99%)
Online Adversarial Attacks. (99%)
Adversarial Examples for Unsupervised Machine Learning Models. (98%)
ActiveGuard: An Active DNN IP Protection Technique via Adversarial Examples. (97%)
DeepCert: Verification of Contextually Relevant Robustness for Neural Network Image Classifiers. (97%)
Fixing Data Augmentation to Improve Adversarial Robustness. (69%)
A Brief Survey on Deep Learning Based Data Hiding. (54%)
Group-wise Inhibition based Feature Regularization for Robust Classification. (16%)
DP-InstaHide: Provably Defusing Poisoning and Backdoor Attacks with Differentially Private Data Augmentations. (1%)
2021-03-01
Dual Attention Suppression Attack: Generate Adversarial Camouflage in Physical World. (99%)
Brain Programming is Immune to Adversarial Attacks: Towards Accurate and Robust Image Classification using Symbolic Learning. (99%)
Smoothness Analysis of Adversarial Training. (98%)
Explaining Adversarial Vulnerability with a Data Sparsity Hypothesis. (96%)
Mind the box: $l_1$-APGD for sparse adversarial attacks on image classifiers. (93%)
Adversarial training in communication constrained federated learning. (87%)
Counterfactual Explanations for Oblique Decision Trees: Exact, Efficient Algorithms. (82%)
Am I a Real or Fake Celebrity? Measuring Commercial Face Recognition Web APIs under Deepfake Impersonation Attack. (70%)
A Multiclass Boosting Framework for Achieving Fast and Provable Adversarial Robustness. (64%)
Benchmarking Robustness of Deep Learning Classifiers Using Two-Factor Perturbation. (62%)
2021-02-28
Model-Agnostic Defense for Lane Detection against Adversarial Attack. (98%)
Robust learning under clean-label attack. (22%)
2021-02-27
Effective Universal Unrestricted Adversarial Attacks using a MOE Approach. (98%)
Tiny Adversarial Mulit-Objective Oneshot Neural Architecture Search. (93%)
End-to-end Uncertainty-based Mitigation of Adversarial Attacks to Automated Lane Centering. (73%)
Adversarial Information Bottleneck. (33%)
Neuron Coverage-Guided Domain Generalization. (2%)
2021-02-26
What Doesn't Kill You Makes You Robust(er): Adversarial Training against Poisons and Backdoors.
NEUROSPF: A tool for the Symbolic Analysis of Neural Networks. (68%)
2021-02-25
On Instabilities of Conventional Multi-Coil MRI Reconstruction to Small Adverserial Perturbations.
Do Input Gradients Highlight Discriminative Features?
Nonlinear Projection Based Gradient Estimation for Query Efficient Blackbox Attacks.
Understanding Robustness in Teacher-Student Setting: A New Perspective.
Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints.
Cybersecurity Threats in Connected and Automated Vehicles based Federated Learning Systems.
A statistical framework for efficient out of distribution detection in deep neural networks. (1%)
2021-02-24
Confidence Calibration with Bounded Error Using Transformations.
Sketching Curvature for Efficient Out-of-Distribution Detection for Deep Neural Networks.
Robust SleepNets.
Multiplicative Reweighting for Robust Neural Network Optimization.
Identifying Untrustworthy Predictions in Neural Networks by Geometric Gradient Analysis.
Graphfool: Targeted Label Adversarial Attack on Graph Embedding.
2021-02-23
The Sensitivity of Word Embeddings-based Author Detection Models to Semantic-preserving Adversarial Perturbations.
Rethinking Natural Adversarial Examples for Classification Models.
Automated Discovery of Adaptive Attacks on Adversarial Defenses.
Adversarial Robustness with Non-uniform Perturbations.
Non-Singular Adversarial Robustness of Neural Networks.
Enhancing Model Robustness By Incorporating Adversarial Knowledge Into Semantic Representation.
Adversarial Examples Detection beyond Image Space.
Oriole: Thwarting Privacy against Trustworthy Deep Learning Models.
2021-02-22
On the robustness of randomized classifiers to adversarial examples.
Resilience of Bayesian Layer-Wise Explanations under Adversarial Attacks.
Man-in-The-Middle Attacks and Defense in a Power System Cyber-Physical Testbed.
Sandwich Batch Normalization: A Drop-In Replacement for Feature Distribution Heterogeneity.
2021-02-21
The Effects of Image Distribution and Task on Adversarial Robustness.
A Zeroth-Order Block Coordinate Descent Algorithm for Huge-Scale Black-Box Optimization.
Constrained Optimization to Train Neural Networks on Critical and Under-Represented Classes. (1%)
2021-02-20
On Fast Adversarial Robustness Adaptation in Model-Agnostic Meta-Learning.
Measuring $\ell_\infty$ Attacks by the $\ell_2$ Norm.
2021-02-19
A PAC-Bayes Analysis of Adversarial Robustness.
Effective and Efficient Vote Attack on Capsule Networks.
2021-02-18
Random Projections for Improved Adversarial Robustness.
Fortify Machine Learning Production Systems: Detect and Classify Adversarial Attacks.
Make Sure You're Unsure: A Framework for Verifying Probabilistic Specifications.
Center Smoothing: Provable Robustness for Functions with Metric-Space Outputs.
2021-02-17
Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids.
Improving Hierarchical Adversarial Robustness of Deep Neural Networks.
Consistent Non-Parametric Methods for Maximizing Robustness.
Bridging the Gap Between Adversarial Robustness and Optimization Bias.
2021-02-16
Globally-Robust Neural Networks.
A Law of Robustness for Weight-bounded Neural Networks.
Just Noticeable Difference for Machine Perception and Generation of Regularized Adversarial Images with Minimal Perturbation.
2021-02-15
Data Profiling for Adversarial Training: On the Ruin of Problematic Data.
Certified Robustness to Programmable Transformations in LSTMs.
Generating Structured Adversarial Attacks Using Frank-Wolfe Method.
Universal Adversarial Examples and Perturbations for Quantum Classifiers.
Low Curvature Activations Reduce Overfitting in Adversarial Training.
And/or trade-off in artificial neurons: impact on adversarial robustness.
Certifiably Robust Variational Autoencoders.
2021-02-14
Guided Interpolation for Adversarial Training.
Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS.
Exploring Adversarial Robustness of Deep Metric Learning.
Adversarial Attack on Network Embeddings via Supervised Network Poisoning.
Perceptually Constrained Adversarial Attacks.
CAP-GAN: Towards Adversarial Robustness with Cycle-consistent Attentional Purification.
Cross-modal Adversarial Reprogramming.
2021-02-13
Mixed Nash Equilibria in the Adversarial Examples Game.
Adversarial defense for automatic speaker verification by cascaded self-supervised learning models.
2021-02-12
UAVs Path Deviation Attacks: Survey and Research Challenges.
Universal Adversarial Perturbations Through the Lens of Deep Steganography: Towards A Fourier Perspective.
Universal Adversarial Perturbations for Malware.
Certified Defenses: Why Tighter Relaxations May Hurt Training. (13%)
2021-02-11
Adversarially robust deepfake media detection using fused convolutional neural network predictions.
Defuse: Harnessing Unrestricted Adversarial Examples for Debugging Models Beyond Test Accuracy.
RobOT: Robustness-Oriented Testing for Deep Learning Systems.
2021-02-10
Meta Federated Learning.
Adversarial Robustness: What fools you makes you stronger.
CIFS: Improving Adversarial Robustness of CNNs via Channel-wise Importance-based Feature Selection.
Dompteur: Taming Audio Adversarial Examples.
Enhancing Real-World Adversarial Patches through 3D Modeling of Complex Target Scenes.
Towards Certifying L-infinity Robustness using Neural Networks with L-inf-dist Neurons.
RoBIC: A benchmark suite for assessing classifiers robustness.
Bayesian Inference with Certifiable Adversarial Robustness.
2021-02-09
Target Training Does Adversarial Training Without Adversarial Samples.
Security and Privacy for Artificial Intelligence: Opportunities and Challenges.
"What's in the box?!": Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models.
Adversarial Perturbations Are Not So Weird: Entanglement of Robust and Non-Robust Features in Neural Network Classifiers.
Detecting Localized Adversarial Examples: A Generic Approach using Critical Region Analysis.
Making Paper Reviewing Robust to Bid Manipulation Attacks.
Adversarially Trained Models with Test-Time Covariate Shift Adaptation.
2021-02-08
Efficient Certified Defenses Against Patch Attacks on Image Classifiers.
A Real-time Defense against Website Fingerprinting Attacks.
Benford's law: what does it say on adversarial images?
Exploiting epistemic uncertainty of the deep learning models to generate adversarial samples.
2021-02-07
Adversarial example generation with AdaBelief Optimizer and Crop Invariance.
Adversarial Imaging Pipelines.
2021-02-06
SPADE: A Spectral Method for Black-Box Adversarial Robustness Evaluation.
2021-02-05
Corner Case Generation and Analysis for Safety Assessment of Autonomous Vehicles.
Model Agnostic Answer Reranking System for Adversarial Question Answering.
Robust Single-step Adversarial Training with Regularizer.
Understanding the Interaction of Adversarial Training with Noisy Labels.
Optimal Transport as a Defense Against Adversarial Attacks.
2021-02-04
DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks.
Adversarial Training Makes Weight Loss Landscape Sharper in Logistic Regression.
Adversarial Robustness Study of Convolutional Neural Network for Lumbar Disk Shape Reconstruction from MR images.
PredCoin: Defense against Query-based Hard-label Attack.
Adversarial Attacks and Defenses in Physiological Computing: A Systematic Review.
Audio Adversarial Examples: Attacks Using Vocal Masks.
ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models.
2021-02-03
Adversarially Robust Learning with Unknown Perturbation Sets.
IWA: Integrated Gradient based White-box Attacks for Fooling Deep Neural Networks.
2021-02-02
On Robustness of Neural Semantic Parsers.
Towards Robust Neural Networks via Close-loop Control.
Recent Advances in Adversarial Training for Adversarial Robustness.
Probabilistic Trust Intervals for Out of Distribution Detection. (2%)
2021-02-01
Fast Training of Provably Robust Neural Networks by SingleProp.
Towards Speeding up Adversarial Training in Latent Spaces.
Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems.
2021-01-31
Deep Deterministic Information Bottleneck with Matrix-based Entropy Functional.
Towards Imperceptible Query-limited Adversarial Attacks with Perceptual Feature Fidelity Loss.
Admix: Enhancing the Transferability of Adversarial Attacks.
2021-01-30
Cortical Features for Defense Against Adversarial Audio Attacks.
2021-01-29
You Only Query Once: Effective Black Box Adversarial Attacks with Minimal Repeated Queries.
2021-01-28
Adversarial Machine Learning Attacks on Condition-Based Maintenance Capabilities.
Adversarial Attacks on Deep Learning Based Power Allocation in a Massive MIMO Network.
Increasing the Confidence of Deep Neural Networks by Coverage Analysis.
Adversarial Learning with Cost-Sensitive Classes.
2021-01-27
Robust Android Malware Detection System against Adversarial Attacks using Q-Learning.
Adversaries in Online Learning Revisited: with applications in Robust Optimization and Adversarial training.
Adversarial Stylometry in the Wild: Transferable Lexical Substitution Attacks on Author Profiling.
Meta Adversarial Training against Universal Patches.
Detecting Adversarial Examples by Input Transformations, Defense Perturbations, and Voting.
Improving Neural Network Robustness through Neighborhood Preserving Layers.
2021-01-26
Blind Image Denoising and Inpainting Using Robust Hadamard Autoencoders.
Property Inference From Poisoning.
Adversarial Vulnerability of Active Transfer Learning.
Introducing and assessing the explainable AI (XAI)method: SIDU.
SkeletonVis: Interactive Visualization for Understanding Adversarial Attacks on Human Action Recognition Models.
The Effect of Class Definitions on the Transferability of Adversarial Attacks Against Forensic CNNs.
Defenses Against Multi-Sticker Physical Domain Attacks on Classifiers.
Investigating the significance of adversarial attacks and their relation to interpretability for radar-based human activity recognition systems.
Towards Universal Physical Attacks On Cascaded Camera-Lidar 3D Object Detection Models.
2021-01-25
Diverse Adversaries for Mitigating Bias in Training.
They See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors.
Generalizing Adversarial Examples by AdaBelief Optimizer.
Towards Practical Robustness Analysis for DNNs based on PAC-Model Learning.
Few-Shot Website Fingerprinting Attack.
Understanding and Achieving Efficient Robustness with Adversarial Supervised Contrastive Learning.
2021-01-23
A Transferable Anti-Forensic Attack on Forensic CNNs Using A Generative Adversarial Network.
A Comprehensive Evaluation Framework for Deep Model Robustness.
Error Diffusion Halftoning Against Adversarial Examples.
2021-01-22
Partition-Based Convex Relaxations for Certifying the Robustness of ReLU Neural Networks.
Online Adversarial Purification based on Self-Supervision.
Generating Black-Box Adversarial Examples in Sparse Domain.
Adaptive Neighbourhoods for the Discovery of Adversarial Examples.
2021-01-21
Self-Adaptive Training: Bridging the Supervised and Self-Supervised Learning.
Robust Reinforcement Learning on State Observations with Learned Optimal Adversary.
Adv-OLM: Generating Textual Adversaries via OLM.
A Person Re-identification Data Augmentation Method with Adversarial Defense Effect.
Adversarial Attacks and Defenses for Speaker Identification Systems.
A general multi-modal data learning method for Person Re-identification. (78%)
2021-01-20
Fooling thermal infrared pedestrian detectors in real world using small bulbs.
Adversarial Attacks for Tabular Data: Application to Fraud Detection and Imbalanced Data.
Invariance, encodings, and generalization: learning identity effects with neural networks.
2021-01-19
LowKey: Leveraging Adversarial Attacks to Protect Social Media Users from Facial Recognition.
A Search-Based Testing Framework for Deep Neural Networks of Source Code Embedding.
PICA: A Pixel Correlation-based Attentional Black-box Adversarial Attack.
Attention-Guided Black-box Adversarial Attacks with Large-Scale Multiobjective Evolutionary Optimization.
2021-01-18
What Do Deep Nets Learn? Class-wise Patterns Revealed in the Input Space.
Red Alarm for Pre-trained Models: Universal Vulnerability to Neuron-Level Backdoor Attacks. (1%)
2021-01-17
Adversarial Interaction Attack: Fooling AI to Misinterpret Human Intentions.
GraphAttacker: A General Multi-Task GraphAttack Framework.
Exploring Adversarial Robustness of Multi-Sensor Perception Systems in Self Driving.
2021-01-16
Multi-objective Search of Robust Neural Architectures against Multiple Types of Adversarial Attacks.
Adversarial Attacks On Multi-Agent Communication.
2021-01-15
Fundamental Tradeoffs in Distributionally Adversarial Training.
Black-box Adversarial Attacks in Autonomous Vehicle Technology.
Heating up decision boundaries: isocapacitory saturation, adversarial scenarios and generalization bounds.
Mining Data Impressions from Deep Models as Substitute for the Unavailable Training Data.
2021-01-14
Context-Aware Image Denoising with Auto-Threshold Canny Edge Detection to Suppress Adversarial Perturbation.
Robusta: Robust AutoML for Feature Selection via Reinforcement Learning.
Neural Attention Distillation: Erasing Backdoor Triggers from Deep Neural Networks.
2021-01-13
Untargeted, Targeted and Universal Adversarial Attacks and Defenses on Time Series.
Image Steganography based on Iteratively Adversarial Samples of A Synchronized-directions Sub-image.
2021-01-12
Robustness Gym: Unifying the NLP Evaluation Landscape.
Robustness of on-device Models: Adversarial Attack to Deep Learning Models on Android Apps.
Random Transformation of Image Brightness for Adversarial Attack.
On the Effectiveness of Small Input Noise for Defending Against Query-based Black-Box Attacks.
2021-01-11
The Vulnerability of Semantic Segmentation Networks to Adversarial Attacks in Autonomous Driving: Enhancing Extensive Environment Sensing.
2021-01-10
Adversarially Robust and Explainable Model Compression with On-Device Personalization for Text Classification.
2021-01-08
Adversarial Attack Attribution: Discovering Attributable Signals in Adversarial ML Attacks.
DiPSeN: Differentially Private Self-normalizing Neural Networks For Adversarial Robustness in Federated Learning.
Exploring Adversarial Fake Images on Face Manifold.
2021-01-07
The Effect of Prior Lipschitz Continuity on the Adversarial Robustness of Bayesian Neural Networks.
Robust Text CAPTCHAs Using Adversarial Examples.
2021-01-06
Adversarial Robustness by Design through Analog Computing and Synthetic Gradients.
Understanding the Error in Evaluating Adversarial Robustness.
2021-01-05
Noise Sensitivity-Based Energy Efficient and Robust Adversary Detection in Neural Networks.
2021-01-04
Fooling Object Detectors: Adversarial Attacks by Half-Neighbor Masks.
Local Competition and Stochasticity for Adversarial Robustness in Deep Learning.
Local Black-box Adversarial Attacks: A Query Efficient Approach.
Robust Machine Learning Systems: Challenges, Current Trends, Perspectives, and the Road Ahead.
2021-01-02
Improving DGA-Based Malicious Domain Classifiers for Malware Defense with Adversarial Machine Learning.
2020-12-31
Better Robustness by More Coverage: Adversarial Training with Mixup Augmentation for Robust Fine-tuning.
Patch-wise++ Perturbation for Adversarial Targeted Attacks.
2020-12-30
Temporally-Transferable Perturbations: Efficient, One-Shot Adversarial Attacks for Online Visual Object Trackers.
Beating Attackers At Their Own Games: Adversarial Example Detection Using Adversarial Gradient Directions.
2020-12-29
Black-box Adversarial Attacks on Monocular Depth Estimation Using Evolutionary Multi-objective Optimization.
Generating Adversarial Examples in Chinese Texts Using Sentence-Pieces.
Improving Adversarial Robustness in Weight-quantized Neural Networks.
With False Friends Like These, Who Can Have Self-Knowledge?
Generating Natural Language Attacks in a Hard Label Black Box Setting.
2020-12-28
Enhanced Regularizers for Attributional Robustness.
Analysis of Dominant Classes in Universal Adversarial Perturbations.
2020-12-27
Person Re-identification with Adversarial Triplet Embedding.
My Teacher Thinks The World Is Flat! Interpreting Automatic Essay Scoring Mechanism.
2020-12-26
Sparse Adversarial Attack to Object Detection.
Assessment of the Relative Importance of different hyper-parameters of LSTM for an IDS.
2020-12-25
Robustness, Privacy, and Generalization of Adversarial Training.
A Simple Fine-tuning Is All You Need: Towards Robust Deep Learning Via Adversarial Fine-tuning.
2020-12-24
A Context Aware Approach for Generating Natural Language Attacks.
Exploring Adversarial Examples via Invertible Neural Networks.
Improving the Certified Robustness of Neural Networks via Consistency Regularization.
Adversarial Momentum-Contrastive Pre-Training.
Learning Robust Representation for Clustering through Locality Preserving Variational Discriminative Network.
2020-12-23
The Translucent Patch: A Physical and Universal Attack on Object Detectors.
Gradient-Free Adversarial Attacks for Bayesian Neural Networks.
SCOPE CPS: Secure Compiling of PLCs in Cyber-Physical Systems.
Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems.
2020-12-22
Learning to Initialize Gradient Descent Using Gradient Descent.
Unadversarial Examples: Designing Objects for Robust Vision.
Multi-shot NAS for Discovering Adversarially Robust Convolutional Neural Architectures at Targeted Capacities.
On Frank-Wolfe Optimization for Adversarial Robustness and Interpretability.
2020-12-21
Genetic Adversarial Training of Decision Trees.
Incremental Verification of Fixed-Point Implementations of Neural Networks.
Blurring Fools the Network -- Adversarial Attacks by Feature Peak Suppression and Gaussian Blurring.
Exploiting Vulnerability of Pooling in Convolutional Neural Networks by Strict Layer-Output Manipulation for Adversarial Attacks.
Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification.
Self-Progressing Robust Training.
Adjust-free adversarial example generation in speech recognition using evolutionary multi-objective optimization under black-box condition.
Defence against adversarial attacks using classical and quantum-enhanced Boltzmann machines.
On Success and Simplicity: A Second Look at Transferable Targeted Attacks.
Learning from What We Know: How to Perform Vulnerability Prediction using Noisy Historical Data. (1%)
2020-12-20
Color Channel Perturbation Attacks for Fooling Convolutional Neural Networks and A Defense Against Such Attacks.
2020-12-19
Sample Complexity of Adversarially Robust Linear Classification on Separated Data.
2020-12-18
Semantics and explanation: why counterfactual explanations produce adversarial examples in deep neural networks.
ROBY: Evaluating the Robustness of a Deep Model by its Decision Boundaries.
AdvExpander: Generating Natural Language Adversarial Examples by Expanding Text.
Adversarially Robust Estimate and Risk Analysis in Linear Regression.
RAILS: A Robust Adversarial Immune-inspired Learning System.
Efficient Training of Robust Decision Trees Against Adversarial Examples.
On the human-recognizability phenomenon of adversarially trained deep image classifiers.
2020-12-17
Characterizing the Evasion Attackability of Multi-label Classifiers.
A Hierarchical Feature Constraint to Camouflage Medical Adversarial Attacks.
2020-12-16
On the Limitations of Denoising Strategies as Adversarial Defenses.
2020-12-15
FoggySight: A Scheme for Facial Lookup Privacy.
FAWA: Fast Adversarial Watermark Attack on Optical Character Recognition (OCR) Systems.
Amata: An Annealing Mechanism for Adversarial Training Acceleration.
2020-12-14
Disentangled Information Bottleneck.
Adaptive Verifiable Training Using Pairwise Class Similarity.
Robustness Threats of Differential Privacy.
HaS-Nets: A Heal and Select Mechanism to Defend DNNs Against Backdoor Attacks for Data Collection Scenarios.
Improving Adversarial Robustness via Probabilistically Compact Loss with Logit Constraints.
Binary Black-box Evasion Attacks Against Deep Learning-based Static Malware Detectors with Adversarial Byte-Level Language Model.
Contrastive Learning with Adversarial Perturbations for Conditional Text Generation.
2020-12-13
Achieving Adversarial Robustness Requires An Active Teacher.
2020-12-12
Query-free Black-box Adversarial Attacks on Graphs.
2020-12-11
Closeness and Uncertainty Aware Adversarial Examples Detection in Adversarial Machine Learning.
Attack Agnostic Detection of Adversarial Examples via Random Subspace Analysis.
Analyzing and Improving Adversarial Training for Generative Modeling. (86%)
2020-12-10
GNNUnlock: Graph Neural Networks-based Oracle-less Unlocking Scheme for Provably Secure Logic Locking.
Next Wave Artificial Intelligence: Robust, Explainable, Adaptable, Ethical, and Accountable.
DSRNA: Differentiable Search of Robust Neural Architectures.
I-GCN: Robust Graph Convolutional Network via Influence Mechanism.
An Empirical Review of Adversarial Defenses.
Robustness and Transferability of Universal Attacks on Compressed Models.
Geometric Adversarial Attacks and Defenses on 3D Point Clouds.
SPAA: Stealthy Projector-based Adversarial Attacks on Deep Image Classifiers.
2020-12-09
Generating Out of Distribution Adversarial Attack using Latent Space Poisoning.
Detection of Adversarial Supports in Few-shot Classifiers Using Self-Similarity and Filtering.
Securing Deep Spiking Neural Networks against Adversarial Attacks through Inherent Structural Parameters.
Composite Adversarial Attacks.
2020-12-08
Provable Defense against Privacy Leakage in Federated Learning from Representation Perspective.
On 1/n neural representation and robustness.
Locally optimal detection of stochastic targeted universal adversarial perturbations.
A Deep Marginal-Contrastive Defense against Adversarial Attacks on 1D Models.
Using Feature Alignment can Improve Clean Average Precision and Adversarial Robustness in Object Detection.
EvaLDA: Efficient Evasion Attacks Towards Latent Dirichlet Allocation.
Overcomplete Representations Against Adversarial Videos.
Mitigating the Impact of Adversarial Attacks in Very Deep Networks.
Reinforcement Based Learning on Classification Task Could Yield Better Generalization and Adversarial Accuracy.
Poisoning Semi-supervised Federated Learning via Unlabeled Data: Attacks and Defenses. (95%)
Data Dependent Randomized Smoothing. (1%)
2020-12-07
A Singular Value Perspective on Model Robustness.
Backpropagating Linearly Improves Transferability of Adversarial Examples.
Learning to Separate Clusters of Adversarial Representations for Robust Adversarial Detection.
Are DNNs fooled by extremely unrecognizable images?
Reprogramming Language Models for Molecular Representation Learning.
2020-12-06
Black-box Model Inversion Attribute Inference Attacks on Classification Models.
PAC-Learning for Strategic Classification.
2020-12-05
Evaluating adversarial robustness in simulated cerebellum.
2020-12-04
Advocating for Multiple Defense Strategies against Adversarial Examples.
Practical No-box Adversarial Attacks against DNNs.
Towards Natural Robustness Against Adversarial Examples.
Unsupervised Adversarially-Robust Representation Learning on Graphs.
Kernel-convoluted Deep Neural Networks with Data Augmentation.
2020-12-03
Ethical Testing in the Real World: Evaluating Physical Testing of Adversarial Machine Learning.
FAT: Federated Adversarial Training.
An Empirical Study of Derivative-Free-Optimization Algorithms for Targeted Black-Box Attacks in Deep Neural Networks.
Channel Effects on Surrogate Models of Adversarial Attacks against Wireless Signal Classifiers.
Attribute-Guided Adversarial Training for Robustness to Natural Perturbations.
2020-12-02
From a Fourier-Domain Perspective on Adversarial Examples to a Wiener Filter Defense for Semantic Segmentation.
Towards Defending Multiple Adversarial Perturbations via Gated Batch Normalization.
FenceBox: A Platform for Defeating Adversarial Examples with Data Augmentation Techniques.
Essential Features: Content-Adaptive Pixel Discretization to Improve Model Robustness to Adaptive Adversarial Attacks.
How Robust are Randomized Smoothing based Defenses to Data Poisoning?
2020-12-01
Adversarial Robustness Across Representation Spaces.
Robustness Out of the Box: Compositional Representations Naturally Defend Against Black-Box Patch Attacks.
Boosting Adversarial Attacks on Neural Networks with Better Optimizer.
One-Pixel Attack Deceives Computer-Assisted Diagnosis of Cancer.
Towards Imperceptible Adversarial Image Patches Based on Network Explanations.
2020-11-30
Guided Adversarial Attack for Evaluating and Enhancing Adversarial Defenses.
Just One Moment: Structural Vulnerability of Deep Action Recognition against One Frame Attack.
2020-11-29
Architectural Adversarial Robustness: The Case for Deep Pursuit.
SwitchX- Gmin-Gmax Switching for Energy-Efficient and Robust Implementation of Binary Neural Networks on Memristive Xbars.
A Targeted Universal Attack on Graph Convolutional Network.
2020-11-28
Cyberbiosecurity: DNA Injection Attack in Synthetic Biology.
Deterministic Certification to Adversarial Attacks via Bernstein Polynomial Approximation.
FaceGuard: A Self-Supervised Defense Against Adversarial Face Images.
2020-11-27
3D Invisible Cloak.
SocialGuard: An Adversarial Example Based Privacy-Preserving Technique for Social Images.
Use the Spear as a Shield: A Novel Adversarial Example based Privacy-Preserving Technique against Membership Inference Attacks.
Fast and Complete: Enabling Complete Neural Network Verification with Rapid and Massively Parallel Incomplete Verifiers.
Voting based ensemble improves robustness of defensive models.
Generalized Adversarial Examples: Attacks and Defenses.
Robust and Natural Physical Adversarial Examples for Object Detectors.
2020-11-26
Regularization with Latent Space Virtual Adversarial Training.
Rethinking Uncertainty in Deep Learning: Whether and How it Improves Robustness.
Exposing the Robustness and Vulnerability of Hybrid 8T-6T SRAM Memory Architectures to Adversarial Attacks in Deep Neural Networks.
Robust Attacks on Deep Learning Face Recognition in the Physical World.
Invisible Perturbations: Physical Adversarial Examples Exploiting the Rolling Shutter Effect.
2020-11-25
Adversarial Attack on Facial Recognition using Visible Light.
Adversarial Evaluation of Multimodal Models under Realistic Gray Box Assumption.
SurFree: a fast surrogate-free black-box attack.
Advancing diagnostic performance and clinical usability of neural networks via adversarial training and dual batch normalization.
Probing Model Signal-Awareness via Prediction-Preserving Input Minimization. (80%)
2020-11-24
Trust but Verify: Assigning Prediction Credibility by Counterfactual Constrained Learning.
Stochastic sparse adversarial attacks.
On the Adversarial Robustness of 3D Point Cloud Classification.
Towards Imperceptible Universal Attacks on Texture Recognition.
2020-11-23
Omni: Automated Ensemble with Unexpected Models against Adversarial Evasion Attack.
Augmented Lagrangian Adversarial Attacks.
2020-11-22
Learnable Boundary Guided Adversarial Training.
Nudge Attacks on Point-Cloud DNNs.
2020-11-21
Spatially Correlated Patterns in Adversarial Images.
A Neuro-Inspired Autoencoding Defense Against Adversarial Perturbations.
Robust Data Hiding Using Inverse Gradient Attention. (2%)
2020-11-20
Are Chess Discussions Racist? An Adversarial Hate Speech Data Set.
Detecting Universal Trigger's Adversarial Attack with Honeypot.
2020-11-19
An Experimental Study of Semantic Continuity for Deep Learning Models.
Adversarial Examples for $k$-Nearest Neighbor Classifiers Based on Higher-Order Voronoi Diagrams.
Adversarial Threats to DeepFake Detection: A Practical Perspective.
Multi-Task Adversarial Attack.
Latent Adversarial Debiasing: Mitigating Collider Bias in Deep Neural Networks.
2020-11-18
Robustified Domain Adaptation.
Adversarial collision attacks on image hashing functions.
Contextual Fusion For Adversarial Robustness.
Adversarial Turing Patterns from Cellular Automata.
Self-Gradient Networks.
Adversarial Profiles: Detecting Out-Distribution & Adversarial Samples in Pre-trained CNNs.
2020-11-17
FoolHD: Fooling speaker identification by Highly imperceptible adversarial Disturbances.
SIENA: Stochastic Multi-Expert Neural Patcher.
Shaping Deep Feature Space towards Gaussian Mixture for Visual Classification.
Generating universal language adversarial examples by understanding and enhancing the transferability across neural models.
Probing Predictions on OOD Images via Nearest Categories. (75%)
2020-11-16
MAAC: Novel Alert Correlation Method To Detect Multi-step Attack.
Enforcing robust control guarantees within neural network policies.
Adversarially Robust Classification based on GLRT.
Combining GANs and AutoEncoders for Efficient Anomaly Detection.
Extreme Value Preserving Networks.
2020-11-15
Towards Understanding the Regularization of Adversarial Robustness on Neural Networks.
Ensemble of Models Trained by Key-based Transformed Images for Adversarially Robust Defense Against Black-box Attacks.
Almost Tight L0-norm Certified Robustness of Top-k Predictions against Adversarial Perturbations.
Power Side-Channel Attacks on BNN Accelerators in Remote FPGAs. (1%)
2020-11-14
Audio-Visual Event Recognition through the lens of Adversary.
2020-11-13
Transformer-Encoder Detector Module: Using Context to Improve Robustness to Adversarial Attacks on Object Detection.
Query-based Targeted Action-Space Adversarial Policies on Deep Reinforcement Learning Agents.
2020-11-12
Adversarial Robustness Against Image Color Transformation within Parametric Filter Space.
Sparse PCA: Algorithms, Adversarial Perturbations and Certificates.
2020-11-11
Adversarial images for the primate brain.
Detecting Adversarial Patches with Class Conditional Reconstruction Networks.
2020-11-10
Efficient and Transferable Adversarial Examples from Bayesian Neural Networks.
2020-11-09
Solving Inverse Problems With Deep Neural Networks -- Robustness Included?
2020-11-07
Adversarial Black-Box Attacks On Text Classifiers Using Multi-Objective Genetic Optimization Guided By Deep Networks.
Bridging the Performance Gap between FGSM and PGD Adversarial Training.
2020-11-06
Single-Node Attack for Fooling Graph Neural Networks.
A survey on practical adversarial examples for malware classifiers.
2020-11-05
A Black-Box Attack Model for Visually-Aware Recommender Systems.
Data Augmentation via Structured Adversarial Perturbations.
Defense-friendly Images in Adversarial Attacks: Dataset and Metrics forPerturbation Difficulty.
Dynamically Sampled Nonlocal Gradients for Stronger Adversarial Attacks.
2020-11-03
You Do (Not) Belong Here: Detecting DPI Evasion Attacks with Context Learning.
Detecting Word Sense Disambiguation Biases in Machine Translation for Model-Agnostic Adversarial Attacks.
Penetrating RF Fingerprinting-based Authentication with a Generative Adversarial Attack.
Recent Advances in Understanding Adversarial Robustness of Deep Neural Networks.
A Tunable Robust Pruning Framework Through Dynamic Network Rewiring of DNNs.
MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors.
2020-11-02
Adversarial Examples in Constrained Domains.
Frequency-based Automated Modulation Classification in the Presence of Adversaries.
Robust Algorithms for Online Convex Problems via Primal-Dual.
Trustworthy AI.
2020-11-01
LG-GAN: Label Guided Adversarial Network for Flexible Targeted Attack of Point Cloud-based Deep Networks.
Vulnerability of the Neural Networks Against Adversarial Examples: A Survey.
2020-10-31
MAD-VAE: Manifold Awareness Defense Variational Autoencoder.
2020-10-30
Integer Programming-based Error-Correcting Output Code Design for Robust Classification.
Leveraging Extracted Model Adversaries for Improved Black Box Attacks.
EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks.
Adversarial Attacks on Optimization based Planners.
Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks.
Perception Improvement for Free: Exploring Imperceptible Black-box Adversarial Attacks on Image Classification.
Adversarial Robust Training of Deep Learning MRI Reconstruction Models.
2020-10-29
Volumetric Medical Image Segmentation: A 3D Deep Coarse-to-fine Framework and Its Adversarial Examples.
Perception Matters: Exploring Imperceptible and Transferable Anti-forensics for GAN-generated Fake Face Imagery Detection.
Can the state of relevant neurons in a deep neural networks serve as indicators for detecting adversarial attacks?
Reliable Graph Neural Networks via Robust Aggregation.
Passport-aware Normalization for Deep Model Protection.
Robustifying Binary Classification to Adversarial Perturbation.
Beyond cross-entropy: learning highly separable feature distributions for robust and accurate classification.
WaveTransform: Crafting Adversarial Examples via Input Decomposition.
2020-10-28
Most ReLU Networks Suffer from $\ell^2$ Adversarial Perturbations.
Object Hider: Adversarial Patch Attack Against Object Detectors.
Evaluating Robustness of Predictive Uncertainty Estimation: Are Dirichlet-based Models Reliable?
Transferable Universal Adversarial Perturbations Using Generative Models.
2020-10-27
Fast Local Attack: Generating Local Adversarial Examples for Object Detectors.
Anti-perturbation of Online Social Networks by Graph Label Transition.
2020-10-26
Robust and Verifiable Information Embedding Attacks to Deep Neural Networks via Error-Correcting Codes.
GreedyFool: Distortion-Aware Sparse Adversarial Attack.
Robust Pre-Training by Adversarial Contrastive Learning.
Versatile Verification of Tree Ensembles.
Robustness May Be at Odds with Fairness: An Empirical Study on Class-wise Accuracy.
Exploring the Security Boundary of Data Reconstruction via Neuron Exclusivity Analysis. (16%)
2020-10-25
Attack Agnostic Adversarial Defense via Visual Imperceptible Bound.
Dynamic Adversarial Patch for Evading Object Detection Models.
Asymptotic Behavior of Adversarial Training in Binary Classification.
2020-10-24
ATRO: Adversarial Training with a Rejection Option.
Are Adversarial Examples Created Equal? A Learnable Weighted Minimax Risk for Robustness under Non-uniform Attacks.
Stop Bugging Me! Evading Modern-Day Wiretapping Using Adversarial Perturbations.
2020-10-23
Improving Robustness by Augmenting Training Sentences with Predicate-Argument Structures.
Towards Robust Neural Networks via Orthogonal Diversity.
2020-10-22
Contrastive Learning with Adversarial Examples.
Adversarial Attacks on Binary Image Recognition Systems.
Rewriting Meaningful Sentences via Conditional BERT Sampling and an application on fooling text classifiers.
An Efficient Adversarial Attack for Tree Ensembles.
Adversarial Robustness of Supervised Sparse Coding.
Enabling certification of verification-agnostic networks via memory-efficient semidefinite programming.
Defense-guided Transferable Adversarial Attacks.
Once-for-All Adversarial Training: In-Situ Tradeoff between Robustness and Accuracy for Free.
2020-10-21
Adversarial Attacks on Deep Algorithmic Trading Policies.
Maximum Mean Discrepancy is Aware of Adversarial Attacks.
Precise Statistical Analysis of Classification Accuracies for Adversarial Training.
Learning Black-Box Attackers with Transferable Priors and Query Feedback.
Class-Conditional Defense GAN Against End-to-End Speech Attacks.
A Distributional Robustness Certificate by Randomized Smoothing.
2020-10-20
Preventing Personal Data Theft in Images with Adversarial ML.
Towards Understanding the Dynamics of the First-Order Adversaries.
Robust Neural Networks inspired by Strong Stability Preserving Runge-Kutta methods.
Boosting Gradient for White-Box Adversarial Attacks.
Tight Second-Order Certificates for Randomized Smoothing.
2020-10-19
A Survey of Machine Learning Techniques in Adversarial Image Forensics.
Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification.
RobustBench: a standardized adversarial robustness benchmark.
Optimism in the Face of Adversity: Understanding and Improving Deep Learning through Adversarial Robustness.
Verifying the Causes of Adversarial Examples.
When Bots Take Over the Stock Market: Evasion Attacks Against Algorithmic Traders.
FLAG: Adversarial Data Augmentation for Graph Neural Networks.
2020-10-18
FADER: Fast Adversarial Example Rejection.
Poisoned classifiers are not only backdoored, they are fundamentally broken.
2020-10-17
A Generative Model based Adversarial Security of Deep Learning and Linear Classifier Models.
Finding Physical Adversarial Examples for Autonomous Driving with Fast and Differentiable Image Compositing.
Weight-Covariance Alignment for Adversarially Robust Neural Networks.
2020-10-16
DPAttack: Diffused Patch Attacks against Universal Object Detection.
Mischief: A Simple Black-Box Attack Against Transformer Architectures.
Learning Robust Algorithms for Online Allocation Problems Using Adversarial Training.
2020-10-15
Certifying Neural Network Robustness to Random Input Noise from Samples.
Adversarial Images through Stega Glasses.
A Hamiltonian Monte Carlo Method for Probabilistic Adversarial Attack and Learning.
Generalizing Universal Adversarial Attacks Beyond Additive Perturbations.
Overfitting or Underfitting? Understand Robustness Drop in Adversarial Training.
Maximum-Entropy Adversarial Data Augmentation for Improved Generalization and Robustness.
Exploiting Vulnerabilities of Deep Learning-based Energy Theft Detection in AMI through Adversarial Attacks.
Progressive Defense Against Adversarial Attacks for Deep Learning as a Service in Internet of Things.
2020-10-14
Pair the Dots: Jointly Examining Training History and Test Stimuli for Model Interpretability.
Towards Resistant Audio Adversarial Examples.
An Adversarial Attack against Stacked Capsule Autoencoder.
Explain2Attack: Text Adversarial Attacks via Cross-Domain Interpretability.
GreedyFool: Multi-Factor Imperceptibility and Its Application to Designing Black-box Adversarial Example Attack.
2020-10-13
Toward Few-step Adversarial Training from a Frequency Perspective.
Higher-Order Certification for Randomized Smoothing.
Linking average- and worst-case perturbation robustness via class selectivity and dimensionality.
2020-10-12
Universal Model for 3D Medical Image Analysis.
To be Robust or to be Fair: Towards Fairness in Adversarial Training.
Learning to Attack with Fewer Pixels: A Probabilistic Post-hoc Framework for Refining Arbitrary Dense Adversarial Attacks.
Shape-Texture Debiased Neural Network Training.
On the Power of Abstention and Data-Driven Decision Making for Adversarial Robustness.
From Hero to Z\'eroe: A Benchmark of Low-Level Adversarial Attacks.
EFSG: Evolutionary Fooling Sentences Generator.
Contrast and Classify: Training Robust VQA Models. (2%)
2020-10-11
Gradient-based Analysis of NLP Models is Manipulable.
IF-Defense: 3D Adversarial Point Cloud Defense via Implicit Function based Restoration.
2020-10-10
Is It Time to Redefine the Classification Task for Deep Neural Networks?
Regularizing Neural Networks via Adversarial Model Perturbation. (1%)
2020-10-09
Understanding Spatial Robustness of Deep Neural Networks.
How Does Mixup Help With Robustness and Generalization?
2020-10-08
Transcending Transcend: Revisiting Malware Classification with Conformal Evaluation.
Improve Adversarial Robustness via Weight Penalization on Classification Layer.
A Unified Approach to Interpreting and Boosting Adversarial Transferability.
Improved Techniques for Model Inversion Attacks.
Affine-Invariant Robust Training.
Targeted Attention Attack on Deep Learning Models in Road Sign Recognition.
Gaussian MRF Covariance Modeling for Efficient Black-Box Adversarial Attacks.
2020-10-07
Hiding the Access Pattern is Not Enough: Exploiting Search Pattern Leakage in Searchable Encryption.
Learning Clusterable Visual Features for Zero-Shot Recognition.
Don't Trigger Me! A Triggerless Backdoor Attack Against Deep Neural Networks.
Revisiting Batch Normalization for Improving Corruption Robustness.
Batch Normalization Increases Adversarial Vulnerability: Disentangling Usefulness and Robustness of Model Features.
Decamouflage: A Framework to Detect Image-Scaling Attacks on Convolutional Neural Networks.
Global Optimization of Objective Functions Represented by ReLU Networks.
CD-UAP: Class Discriminative Universal Adversarial Perturbation.
Not All Datasets Are Born Equal: On Heterogeneous Data and Adversarial Examples.
Double Targeted Universal Adversarial Perturbations.
Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples.
Adversarial Attacks to Machine Learning-Based Smart Healthcare Systems.
Adversarial attacks on audio source separation.
2020-10-06
Visualizing Color-wise Saliency of Black-Box Image Classification Models.
Constraining Logits by Bounded Function for Adversarial Robustness.
Adversarial Patch Attacks on Monocular Depth Estimation Networks.
BAAAN: Backdoor Attacks Against Autoencoder and GAN-Based Machine Learning Models.
2020-10-05
Detecting Misclassification Errors in Neural Networks with a Gaussian Process Model.
Adversarial Boot Camp: label free certified robustness in one epoch.
Understanding Classifier Mistakes with Generative Models.
CAT-Gen: Improving Robustness in NLP Models via Controlled Adversarial Text Generation.
Second-Order NLP Adversarial Examples.
A Panda? No, It's a Sloth: Slowdown Attacks on Adaptive Multi-Exit Neural Network Inference.
InfoBERT: Improving Robustness of Language Models from An Information Theoretic Perspective.
Understanding Catastrophic Overfitting in Single-step Adversarial Training.
Downscaling Attack and Defense: Turning What You See Back Into What You Get.
Metadata-Based Detection of Child Sexual Abuse Material. (1%)
2020-10-04
TextAttack: Lessons learned in designing Python frameworks for NLP.
A Study for Universal Adversarial Attacks on Texture Recognition.
Adversarial Attack and Defense of Structured Prediction Models.
Geometry-aware Instance-reweighted Adversarial Training.
Unknown Presentation Attack Detection against Rational Attackers.
2020-10-03
Adversarial and Natural Perturbations for General Robustness.
Multi-Step Adversarial Perturbations on Recommender Systems Embeddings.
A Geometry-Inspired Attack for Generating Natural Language Adversarial Examples.
Efficient Robust Training via Backward Smoothing.
Do Wider Neural Networks Really Help Adversarial Robustness?
2020-10-02
Note: An alternative proof of the vulnerability of $k$-NN classifiers in high intrinsic dimensionality regions.
An Empirical Study of DNNs Robustification Inefficacy in Protecting Visual Recommenders.
Block-wise Image Transformation with Secret Key for Adversarially Robust Defense.
Query complexity of adversarial attacks.
CorrAttack: Black-box Adversarial Attack with Structured Search.
A Deep Genetic Programming based Methodology for Art Media Classification Robust to Adversarial Perturbations.
2020-10-01
Assessing Robustness of Text Classification through Maximal Safe Radius Computation.
Bag of Tricks for Adversarial Training.
2020-09-30
Erratum Concerning the Obfuscated Gradients Attack on Stochastic Activation Pruning.
Accurate and Robust Feature Importance Estimation under Distribution Shifts.
Uncertainty-Matching Graph Neural Networks to Defend Against Poisoning Attacks.
DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles.
2020-09-29
Neural Topic Modeling with Cycle-Consistent Adversarial Training.
Fast Fr\'echet Inception Distance.
2020-09-28
Adversarial Attacks Against Deep Learning Systems for ICD-9 Code Assignment.
STRATA: Building Robustness with a Simple Method for Generating Black-box Adversarial Attacks for Models of Code.
Graph Adversarial Networks: Protecting Information against Adversarial Attacks.
Adversarial Robustness of Stabilized NeuralODEs Might be from Obfuscated Gradients.
Generating End-to-End Adversarial Examples for Malware Classifiers Using Explainability.
Learned Fine-Tuner for Incongruous Few-Shot Adversarial Learning. (82%)
2020-09-27
Learning to Improve Image Compression without Changing the Standard Decoder.
RoGAT: a robust GNN combined revised GAT with adjusted graphs.
Where Does the Robustness Come from? A Study of the Transformation-based Ensemble Defence.
2020-09-26
Differentially Private Adversarial Robustness Through Randomized Perturbations.
Beneficial Perturbations Network for Defending Adversarial Examples.
2020-09-25
Training CNNs in Presence of JPEG Compression: Multimedia Forensics vs Computer Vision.
Attention Meets Perturbations: Robust and Interpretable Attention with Adversarial Training.
2020-09-24
Advancing the Research and Development of Assured Artificial Intelligence and Machine Learning Capabilities.
Adversarial Examples in Deep Learning for Multivariate Time Series Regression.
Improving Query Efficiency of Black-box Adversarial Attack.
2020-09-23
Enhancing Mixup-based Semi-Supervised Learning with Explicit Lipschitz Regularization.
Improving Dialog Evaluation with a Multi-reference Adversarial Dataset and Large Scale Pretraining.
Adversarial robustness via stochastic regularization of neural activation sensitivity.
A Partial Break of the Honeypots Defense to Catch Adversarial Attacks.
Semantics-Preserving Adversarial Training.
Robustification of Segmentation Models Against Adversarial Perturbations In Medical Imaging.
Detection of Iterative Adversarial Attacks via Counter Attack.
Torchattacks: A PyTorch Repository for Adversarial Attacks.
2020-09-22
What Do You See? Evaluation of Explainable Artificial Intelligence (XAI) Interpretability through Neural Backdoors.
Tailoring: encoding inductive biases by optimizing unsupervised objectives at prediction time.
Adversarial Attack Based Countermeasures against Deep Learning Side-Channel Attacks.
2020-09-21
Uncertainty-aware Attention Graph Neural Network for Defending Adversarial Attacks.
Scalable Adversarial Attack on Graph Neural Networks with Alternating Direction Method of Multipliers.
Generating Adversarial yet Inconspicuous Patches with a Single Image.
Adversarial Training with Stochastic Weight Average.
Improving Ensemble Robustness by Collaboratively Promoting and Demoting Adversarial Robustness.
DeepDyve: Dynamic Verification for Deep Neural Networks.
Feature Distillation With Guided Adversarial Contrastive Learning.
Crafting Adversarial Examples for Deep Learning Based Prognostics (Extended Version).
Stereopagnosia: Fooling Stereo Networks with Adversarial Perturbations.
Optimal Provable Robustness of Quantum Classification via Quantum Hypothesis Testing.
Password Strength Signaling: A Counter-Intuitive Defense Against Password Cracking. (1%)
2020-09-20
Improving Robustness and Generality of NLP Models Using Disentangled Representations.
2020-09-19
Efficient Certification of Spatial Robustness.
OpenAttack: An Open-source Textual Adversarial Attack Toolkit.
Making Images Undiscoverable from Co-Saliency Detection.
Adversarial Exposure Attack on Diabetic Retinopathy Imagery.
Bias Field Poses a Threat to DNN-based X-Ray Recognition.
Learning to Attack: Towards Textual Adversarial Attacking in Real-world Situations.
Adversarial Rain Attack and Defensive Deraining for DNN Perception.
EI-MTD:Moving Target Defense for Edge Intelligence against Adversarial Attacks.
2020-09-18
Robust Decentralized Learning for Neural Networks.
MIRAGE: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design. (1%)
2020-09-17
Certifying Confidence via Randomized Smoothing.
Generating Label Cohesive and Well-Formed Adversarial Claims.
Vax-a-Net: Training-time Defence Against Adversarial Patch Attacks.
Label Smoothing and Adversarial Robustness.
Online Alternate Generator against Adversarial Attacks.
MultAV: Multiplicative Adversarial Videos.
On the Transferability of Minimal Prediction Preserving Inputs in Question Answering.
Large Norms of CNN Layers Do Not Hurt Adversarial Robustness.
2020-09-16
Multimodal Safety-Critical Scenarios Generation for Decision-Making Algorithms Evaluation.
Analysis of Generalizability of Deep Neural Networks Based on the Complexity of Decision Boundary.
Malicious Network Traffic Detection via Deep Learning: An Information Theoretic View.
Contextualized Perturbation for Textual Adversarial Attack.
2020-09-15
Puzzle Mix: Exploiting Saliency and Local Statistics for Optimal Mixup.
Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition Systems.
Switching Gradient Directions for Query-Efficient Black-Box Adversarial Attacks.
Decision-based Universal Adversarial Attack.
2020-09-14
A Game Theoretic Analysis of Additive Adversarial Attacks and Defenses.
Input Hessian Regularization of Neural Networks.
Robust Deep Learning Ensemble against Deception.
Hold Tight and Never Let Go: Security of Deep Learning based Automated Lane Centering under Physical-World Attack.
2020-09-13
Manifold attack.
Towards the Quantification of Safety Risks in Deep Neural Networks.
2020-09-12
Certified Robustness of Graph Classification against Topology Attack with Randomized Smoothing.
2020-09-11
Achieving Adversarial Robustness via Sparsity.
Defending Against Multiple and Unforeseen Adversarial Videos.
Robust Neural Machine Translation: Modeling Orthographic and Interpunctual Variation.
The Intriguing Relation Between Counterfactual Explanations and Adversarial Examples.
Semantic-preserving Reinforcement Learning Attack Against Graph Neural Networks for Malware Detection.
2020-09-10
Second Order Optimization for Adversarial Robustness and Interpretability.
Quantifying the Preferential Direction of the Model Gradient in Adversarial Training With Projected Gradient Descent.
2020-09-09
End-to-end Kernel Learning via Generative Random Fourier Features.
Searching for a Search Method: Benchmarking Search Algorithms for Generating NLP Adversarial Examples.
A black-box adversarial attack for poisoning clustering.
SoK: Certified Robustness for Deep Neural Networks.
2020-09-08
Fuzzy Unique Image Transformation: Defense Against Adversarial Attacks On Deep COVID-19 Models.
Adversarial Machine Learning in Image Classification: A Survey Towards the Defender's Perspective.
2020-09-07
Adversarial attacks on deep learning models for fatty liver disease classification by modification of ultrasound image reconstruction method.
Adversarial Attack on Large Scale Graph.
Black Box to White Box: Discover Model Characteristics Based on Strategic Probing.
2020-09-06
A Game Theoretic Analysis of LQG Control under Adversarial Attack.
Dynamically Computing Adversarial Perturbations for Recurrent Neural Networks.
Detection Defense Against Adversarial Attacks with Saliency Map.
2020-09-05
Bluff: Interactively Deciphering Adversarial Attacks on Deep Neural Networks.
Dual Manifold Adversarial Robustness: Defense against Lp and non-Lp Adversarial Attacks.
2020-09-03
MIPGAN -- Generating Strong and High Quality Morphing Attacks Using Identity Prior Driven GAN. (10%)
2020-09-02
Yet Meta Learning Can Adapt Fast, It Can Also Break Easily.
Perceptual Deep Neural Networks: Adversarial Robustness through Input Recreation.
Open-set Adversarial Defense.
Adversarially Robust Neural Architectures.
Flow-based detection and proxy-based evasion of encrypted malware C2 traffic.
Adversarial Attacks on Deep Learning Systems for User Identification based on Motion Sensors.
Simulating Unknown Target Models for Query-Efficient Black-box Attacks.
2020-09-01
Defending against substitute model black box adversarial attacks with the 01 loss.
2020-08-31
Adversarial Patch Camouflage against Aerial Detection.
Evasion Attacks to Graph Neural Networks via Influence Function.
MALCOM: Generating Malicious Comments to Attack Neural Fake News Detection Models.
2020-08-30
An Integrated Approach to Produce Robust Models with High Efficiency.
Benchmarking adversarial attacks and defenses for time-series data.
Shape Defense Against Adversarial Attacks.
2020-08-29
Improving Resistance to Adversarial Deformations by Regularizing Gradients.
2020-08-27
A Scene-Agnostic Framework with Adversarial Training for Abnormal Event Detection in Video.
GhostBuster: Looking Into Shadows to Detect Ghost Objects in Autonomous Vehicle 3D Sensing.
Minimal Adversarial Examples for Deep Learning on 3D Point Clouds.
On the Intrinsic Robustness of NVM Crossbars Against Adversarial Attacks.
Adversarial Eigen Attack on Black-Box Models.
Color and Edge-Aware Adversarial Image Perturbations.
Adversarially Robust Learning via Entropic Regularization.
2020-08-26
Adversarially Training for Audio Classifiers.
2020-08-25
Likelihood Landscapes: A Unifying Principle Behind Many Adversarial Defenses.
Two Sides of the Same Coin: White-box and Black-box Attacks for Transfer Learning.
Rethinking Non-idealities in Memristive Crossbars for Adversarial Robustness in Neural Networks.
An Adversarial Attack Defending System for Securing In-Vehicle Networks.
2020-08-24
Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation.
2020-08-23
Developing and Defeating Adversarial Examples.
Ptolemy: Architecture Support for Robust Deep Learning.
PermuteAttack: Counterfactual Explanation of Machine Learning Credit Scorecards.
2020-08-22
Self-Competitive Neural Networks.
2020-08-21
A Survey on Assessing the Generalization Envelope of Deep Neural Networks: Predictive Uncertainty, Out-of-distribution and Adversarial Samples.
2020-08-20
Towards adversarial robustness with 01 loss neural networks.
On Attribution of Deepfakes.
$\beta$-Variational Classifiers Under Attack.
Yet Another Intermediate-Level Attack.
2020-08-19
Prototype-based interpretation of the functionality of neurons in winner-take-all neural networks.
Addressing Neural Network Robustness with Mixup and Targeted Labeling Adversarial Training.
On $\ell_p$-norm Robustness of Ensemble Stumps and Trees.
2020-08-18
Improving adversarial robustness of deep neural networks by using semantic information.
Direct Adversarial Training for GANs.
Accelerated Zeroth-Order and First-Order Momentum Methods from Mini to Minimax Optimization.
2020-08-17
A Deep Dive into Adversarial Robustness in Zero-Shot Learning.
Adversarial Attack and Defense Strategies for Deep Speaker Recognition Systems.
Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection.
Robustness Verification of Quantum Classifiers. (81%)
2020-08-16
TextDecepter: Hard Label Black Box Attack on Text Classifiers.
Adversarial Concurrent Training: Optimizing Robustness and Accuracy Trade-off of Deep Neural Networks.
2020-08-15
Relevance Attack on Detectors.
2020-08-14
Efficiently Constructing Adversarial Examples by Feature Watermarking.
Defending Adversarial Attacks without Adversarial Attacks in Deep Reinforcement Learning.
On the Generalization Properties of Adversarial Training.
2020-08-13
Adversarial Training and Provable Robustness: A Tale of Two Objectives.
Semantically Adversarial Learnable Filters.
2020-08-12
Learning to Learn from Mistakes: Robust Optimization for Adversarial Noise.
Defending Adversarial Examples via DNN Bottleneck Reinforcement.
Feature Binding with Category-Dependant MixUp for Semantic Segmentation and Adversarial Robustness.
Semantics-preserving adversarial attacks in NLP.
2020-08-11
Revisiting Adversarially Learned Injection Attacks Against Recommender Systems.
2020-08-10
Informative Dropout for Robust Representation Learning: A Shape-bias Perspective.
FireBERT: Hardening BERT-based classifiers against adversarial attack.
2020-08-09
Enhancing Robustness Against Adversarial Examples in Network Intrusion Detection Systems.
Adversarial Training with Fast Gradient Projection Method against Synonym Substitution based Text Attacks.
2020-08-08
Enhance CNN Robustness Against Noises for Classification of 12-Lead ECG with Variable Length.
2020-08-07
Visual Attack and Defense on Text.
Optimizing Information Loss Towards Robust Neural Networks.
Adversarial Examples on Object Recognition: A Comprehensive Survey.
2020-08-06
Stronger and Faster Wasserstein Adversarial Attacks.
Improve Generalization and Robustness of Neural Networks via Weight Scale Shifting Invariant Regularizations.
2020-08-05
One word at a time: adversarial attacks on retrieval models.
Robust Deep Reinforcement Learning through Adversarial Loss.
2020-08-04
Adv-watermark: A Novel Watermark Perturbation for Adversarial Examples.
TREND: Transferability based Robust ENsemble Design.
Can Adversarial Weight Perturbations Inject Neural Backdoors?
Entropy Guided Adversarial Model for Weakly Supervised Object Localization.
2020-08-03
Hardware Accelerator for Adversarial Attacks on Deep Learning Neural Networks.
Anti-Bandit Neural Architecture Search for Model Defense.
2020-08-01
Efficient Adversarial Attacks for Visual Object Tracking.
Trojaning Language Models for Fun and Profit.
2020-07-31
Vulnerability Under Adversarial Machine Learning: Bias or Variance?
Physical Adversarial Attack on Vehicle Detector in the Carla Simulator.
Adversarial Attacks with Multiple Antennas Against Deep Learning-Based Modulation Classifiers.
TEAM: We Need More Powerful Adversarial Examples for DNNs.
2020-07-30
Black-box Adversarial Sample Generation Based on Differential Evolution.
A Data Augmentation-based Defense Method Against Adversarial Attacks in Neural Networks.
2020-07-29
End-to-End Adversarial White Box Attacks on Music Instrument Classification.
Adversarial Robustness for Machine Learning Cyber Defenses Using Log Data.
Stylized Adversarial Defense.
Generative Classifiers as a Basis for Trustworthy Computer Vision.
Detecting Anomalous Inputs to DNN Classifiers By Joint Statistical Testing at the Layers.
2020-07-28
Cassandra: Detecting Trojaned Networks from Adversarial Perturbations.
Derivation of Information-Theoretically Optimal Adversarial Attacks with Applications to Robust Machine Learning.
Reachable Sets of Classifiers and Regression Models: (Non-)Robustness Analysis and Robust Training.
Label-Only Membership Inference Attacks.
2020-07-27
Attacking and Defending Machine Learning Applications of Public Cloud.
KOVIS: Keypoint-based Visual Servoing with Zero-Shot Sim-to-Real Transfer for Robotics Manipulation.
From Sound Representation to Model Robustness.
Towards Accuracy-Fairness Paradox: Adversarial Example-based Data Augmentation for Visual Debiasing.
2020-07-26
RANDOM MASK: Towards Robust Convolutional Neural Networks.
Robust Collective Classification against Structural Attacks.
Train Like a (Var)Pro: Efficient Training of Neural Networks with Variable Projection. (1%)
2020-07-25
MirrorNet: Bio-Inspired Adversarial Attack for Camouflaged Object Segmentation.
Adversarial Privacy-preserving Filter.
MP3 Compression To Diminish Adversarial Noise in End-to-End Speech Recognition.
2020-07-24
Deep Co-Training with Task Decomposition for Semi-Supervised Domain Adaptation. (1%)
2020-07-23
Provably Robust Adversarial Examples.
2020-07-22
SOCRATES: Towards a Unified Platform for Neural Network Verification.
Adversarial Training Reduces Information and Improves Transferability.
Robust Machine Learning via Privacy/Rate-Distortion Theory.
Threat of Adversarial Attacks on Face Recognition: A Comprehensive Survey.
2020-07-21
Audio Adversarial Examples for Robust Hybrid CTC/Attention Speech Recognition.
Towards Visual Distortion in Black-Box Attacks.
2020-07-20
DeepNNK: Explaining deep models and their generalization using polytope interpolation.
Evaluating a Simple Retraining Strategy as a Defense Against Adversarial Attacks.
Robust Tracking against Adversarial Attacks.
Scaling Polyhedral Neural Network Verification on GPUs.
AdvFoolGen: Creating Persistent Troubles for Deep Classifiers.
2020-07-19
Semantic Equivalent Adversarial Data Augmentation for Visual Question Answering.
Exploiting vulnerabilities of deep neural networks for privacy protection.
Connecting the Dots: Detecting Adversarial Perturbations Using Context Inconsistency.
Adversarial Immunization for Improving Certifiable Robustness on Graphs.
2020-07-18
DDR-ID: Dual Deep Reconstruction Networks Based Image Decomposition for Anomaly Detection.
Towards Quantum-Secure Authentication and Key Agreement via Abstract Multi-Agent Interaction. (1%)
2020-07-17
Anomaly Detection in Unsupervised Surveillance Setting Using Ensemble of Multimodal Data with Adversarial Defense.
Neural Networks with Recurrent Generative Feedback.
2020-07-16
Understanding and Diagnosing Vulnerability under Adversarial Attacks.
Transfer Learning without Knowing: Reprogramming Black-box Machine Learning Models with Scarce Data and Limited Resources.
Accelerated Stochastic Gradient-free and Projection-free Methods.
Provable Worst Case Guarantees for the Detection of Out-of-Distribution Data.
An Empirical Study on the Robustness of NAS based Architectures.
Do Adversarially Robust ImageNet Models Transfer Better?
Learning perturbation sets for robust machine learning.
On Robustness and Transferability of Convolutional Neural Networks. (1%)
Less is More: A privacy-respecting Android malware classifier using Federated Learning. (1%)
2020-07-15
A Survey of Privacy Attacks in Machine Learning.
Accelerating Robustness Verification of Deep Neural Networks Guided by Target Labels.
A Survey on Security Attacks and Defense Techniques for Connected and Autonomous Vehicles.
2020-07-14
Towards robust sensing for Autonomous Vehicles: An adversarial perspective.
Robustifying Reinforcement Learning Agents via Action Space Adversarial Training.
Bounding The Number of Linear Regions in Local Area for Neural Networks with ReLU Activations.
Multitask Learning Strengthens Adversarial Robustness.
Adversarial Examples and Metrics.
AdvFlow: Inconspicuous Black-box Adversarial Attacks using Normalizing Flows.
Pasadena: Perceptually Aware and Stealthy Adversarial Denoise Attack.
Adversarial Attacks against Neural Networks in Audio Domain: Exploiting Principal Components.
Towards a Theoretical Understanding of the Robustness of Variational Autoencoders.
2020-07-13
A simple defense against adversarial attacks on heatmap explanations.
Understanding Adversarial Examples from the Mutual Influence of Images and Perturbations.
Adversarial robustness via robust low rank representations.
Security and Machine Learning in the Real World.
Hard Label Black-box Adversarial Attacks in Low Query Budget Regimes.
Calling Out Bluff: Attacking the Robustness of Automatic Scoring Systems with Simple Adversarial Testing.
SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems.
Patch-wise Attack for Fooling Deep Neural Network.
2020-07-12
Adversarial jamming attacks and defense strategies via adaptive deep reinforcement learning.
Generating Fluent Adversarial Examples for Natural Languages.
Probabilistic Jacobian-based Saliency Maps Attacks.
2020-07-11
Understanding Object Detection Through An Adversarial Lens.
ManiGen: A Manifold Aided Black-box Generator of Adversarial Examples.
Adversarially-Trained Deep Nets Transfer Better: Illustration on Image Classification. (15%)
2020-07-10
Improved Detection of Adversarial Images Using Deep Neural Networks.
Miss the Point: Targeted Adversarial Attack on Multiple Landmark Detection.
Generating Adversarial Inputs Using A Black-box Differential Technique.
2020-07-09
Improving Adversarial Robustness by Enforcing Local and Global Compactness.
Boundary thickness and robustness in learning models.
Node Copying for Protection Against Graph Neural Network Topology Attacks.
Efficient detection of adversarial images.
2020-07-08
How benign is benign overfitting?
SLAP: Improving Physical Adversarial Examples with Short-Lived Adversarial Perturbations.
RobFR: Benchmarking Adversarial Robustness on Face Recognition.
A Critical Evaluation of Open-World Machine Learning.
On the relationship between class selectivity, dimensionality, and robustness.
Evaluation of Adversarial Training on Different Types of Neural Networks in Deep Learning-based IDSs.
2020-07-07
Robust Learning with Frequency Domain Regularization.
Regional Image Perturbation Reduces $L_p$ Norms of Adversarial Examples While Maintaining Model-to-model Transferability.
Fast Training of Deep Neural Networks Robust to Adversarial Perturbations.
Making Adversarial Examples More Transferable and Indistinguishable.
Detection as Regression: Certified Object Detection by Median Smoothing.
2020-07-06
Certifying Decision Trees Against Evasion Attacks by Program Analysis.
On Data Augmentation and Adversarial Risk: An Empirical Analysis.
Understanding and Improving Fast Adversarial Training.
Black-box Adversarial Example Generation with Normalizing Flows.
2020-07-05
Adversarial Learning in the Cyber Security Domain.
2020-07-04
On Connections between Regularizations for Improving DNN Robustness.
Relationship between manifold smoothness and adversarial vulnerability in deep learning with local errors.
Deep Active Learning via Open Set Recognition. (1%)
2020-07-03
Towards Robust Deep Learning with Ensemble Networks and Noisy Layers.
2020-07-02
Efficient Proximal Mapping of the 1-path-norm of Shallow Networks.
Deep Learning Defenses Against Adversarial Examples for Dynamic Risk Assessment.
Decoder-free Robustness Disentanglement without (Additional) Supervision.
Increasing Trustworthiness of Deep Neural Networks via Accuracy Monitoring.
Trace-Norm Adversarial Examples.
Generating Adversarial Examples withControllable Non-transferability.
2020-07-01
Unifying Model Explainability and Robustness via Machine-Checkable Concepts.
Measuring Robustness to Natural Distribution Shifts in Image Classification.
Determining Sequence of Image Processing Technique (IPT) to Detect Adversarial Attacks.
Query-Free Adversarial Transfer via Undertrained Surrogates.
Adversarial Example Games.
Robustness against Relational Adversary.
A Le Cam Type Bound for Adversarial Learning and Applications.
Opportunities and Challenges in Deep Learning Adversarial Robustness: A Survey.
2020-06-30
Towards Robust LiDAR-based Perception in Autonomous Driving: General Black-box Adversarial Sensor Attack and Countermeasures.
Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection.
Black-box Certification and Learning under Adversarial Perturbations.
Neural Network Virtual Sensors for Fuel Injection Quantities with Provable Performance Specifications.
Generating Adversarial Examples with an Optimized Quality.
2020-06-29
Harnessing Adversarial Distances to Discover High-Confidence Errors.
Sharp Statistical Guarantees for Adversarially Robust Gaussian Classification.
Legal Risks of Adversarial Machine Learning Research.
Biologically Inspired Mechanisms for Adversarial Robustness.
Improving Uncertainty Estimates through the Relationship with Adversarial Robustness.
2020-06-28
FDA3 : Federated Defense Against Adversarial Attacks for Cloud-Based IIoT Applications.
Geometry-Inspired Top-k Adversarial Perturbations.
2020-06-26
Orthogonal Deep Models As Defense Against Black-Box Attacks.
A Unified Framework for Analyzing and Detecting Malicious Examples of DNN Models.
Informative Outlier Matters: Robustifying Out-of-distribution Detection Using Outlier Mining.
Diverse Knowledge Distillation (DKD): A Solution for Improving The Robustness of Ensemble Models Against Adversarial Attacks.
2020-06-25
Smooth Adversarial Training.
Proper Network Interpretability Helps Adversarial Robustness in Classification.
Uncovering the Connections Between Adversarial Transferability and Knowledge Transferability.
Can 3D Adversarial Logos Cloak Humans?
2020-06-24
Defending against adversarial attacks on medical imaging AI system, classification or detection?
Compositional Explanations of Neurons.
Blacklight: Defending Black-Box Adversarial Attacks on Deep Neural Networks.
Imbalanced Gradients: A Subtle Cause of Overestimated Adversarial Robustness.
2020-06-23
RayS: A Ray Searching Method for Hard-label Adversarial Attack.
Sparse-RS: a versatile framework for query-efficient sparse black-box adversarial attacks.
Adversarial Robustness of Deep Sensor Fusion Models.
2020-06-22
Learning to Generate Noise for Multi-Attack Robustness.
Perceptual Adversarial Robustness: Defense Against Unseen Threat Models.
2020-06-21
Network Moments: Extensions and Sparse-Smooth Attacks.
2020-06-20
How do SGD hyperparameters in natural training affect adversarial robustness?
Defense against Adversarial Attacks in NLP via Dirichlet Neighborhood Ensemble.
Stochastic Shortest Path with Adversarially Changing Costs. (1%)
2020-06-19
Local Convolutions Cause an Implicit Bias towards High Frequency Adversarial Examples.
A general framework for defining and optimizing robustness.
Analyzing the Real-World Applicability of DGA Classifiers.
Towards an Adversarially Robust Normalization Approach.
Differentiable Language Model Adversarial Attacks on Categorical Sequence Classifiers.
Adversarial Attacks for Multi-view Deep Models.
2020-06-18
Local Competition and Uncertainty for Adversarial Robustness in Deep Learning.
Dissecting Deep Networks into an Ensemble of Generative Classifiers for Robust Predictions.
The Dilemma Between Dimensionality Reduction and Adversarial Robustness.
Beware the Black-Box: on the Robustness of Recent Defenses to Adversarial Examples.
2020-06-17
Noise or Signal: The Role of Image Backgrounds in Object Recognition.
Adversarial Examples Detection and Analysis with Layer-wise Autoencoders.
Adversarial Defense by Latent Style Transformations.
Disrupting Deepfakes with an Adversarial Attack that Survives Training.
Universal Lower-Bounds on Classification Error under Adversarial Attacks and Random Corruption.
Fairness Through Robustness: Investigating Robustness Disparity in Deep Learning.
2020-06-16
Calibrating Deep Neural Network Classifiers on Out-of-Distribution Datasets.
SPLASH: Learnable Activation Functions for Improving Accuracy and Adversarial Robustness.
Debona: Decoupled Boundary Network Analysis for Tighter Bounds and Faster Adversarial Robustness Proofs.
On sparse connectivity, adversarial robustness, and a novel model of the artificial neuron.
AdvMind: Inferring Adversary Intent of Black-Box Attacks.
The shape and simplicity biases of adversarially robust ImageNet-trained CNNs.
2020-06-15
Total Deep Variation: A Stable Regularizer for Inverse Problems.
DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder.
Improving Adversarial Robustness via Unlabeled Out-of-Domain Data.
Fast & Accurate Method for Bounding the Singular Values of Convolutional Layers with Application to Lipschitz Regularization.
GNNGuard: Defending Graph Neural Networks against Adversarial Attacks.
CG-ATTACK: Modeling the Conditional Distribution of Adversarial Perturbations to Boost Black-Box Attack.
Multiscale Deep Equilibrium Models.
2020-06-14
GradAug: A New Regularization Method for Deep Neural Networks.
PatchUp: A Regularization Technique for Convolutional Neural Networks.
On Saliency Maps and Adversarial Robustness.
On the transferability of adversarial examples between convex and 01 loss models.
Adversarial Attacks and Detection on Reinforcement Learning-Based Interactive Recommender Systems.
Sparsity Turns Adversarial: Energy and Latency Attacks on Deep Neural Networks.
Duplicity Games for Deception Design with an Application to Insider Threat Mitigation. (11%)
2020-06-13
The Pitfalls of Simplicity Bias in Neural Networks.
Adversarial Self-Supervised Contrastive Learning.
Rethinking Clustering for Robustness.
Defensive Approximation: Securing CNNs using Approximate Computing.
2020-06-12
Provably Robust Metric Learning.
Defending against GAN-based Deepfake Attacks via Transformation-aware Adversarial Faces.
D-square-B: Deep Distribution Bound for Natural-looking Adversarial Attack.
Targeted Adversarial Perturbations for Monocular Depth Prediction.
2020-06-11
Large-Scale Adversarial Training for Vision-and-Language Representation Learning.
Smoothed Geometry for Robust Attribution.
Protecting Against Image Translation Deepfakes by Leaking Universal Perturbations from Black-Box Neural Networks.
Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification.
Robustness to Adversarial Attacks in Learning-Enabled Controllers.
On the Tightness of Semidefinite Relaxations for Certifying Robustness to Adversarial Examples.
Adversarial Attack Vulnerability of Medical Image Analysis Systems: Unexplored Factors.
Achieving robustness in classification using optimal transport with hinge regularization.
Backdoor Smoothing: Demystifying Backdoor Attacks on Deep Neural Networks. (96%)
2020-06-10
Evaluating Graph Vulnerability and Robustness using TIGER.
Towards Robust Fine-grained Recognition by Maximal Separation of Discriminative Features.
Deterministic Gaussian Averaged Neural Networks.
Interpolation between Residual and Non-Residual Networks.
Towards Certified Robustness of Metric Learning.
2020-06-09
Towards an Intrinsic Definition of Robustness for a Classifier.
Black-Box Adversarial Attacks on Graph Neural Networks with Limited Node Access.
GAP++: Learning to generate target-conditioned adversarial examples.
Adversarial Attacks on Brain-Inspired Hyperdimensional Computing-Based Classifiers.
Provable tradeoffs in adversarially robust classification.
Distributional Robust Batch Contextual Bandits. (1%)
2020-06-08
Calibrated neighborhood aware confidence measure for deep metric learning.
A Self-supervised Approach for Adversarial Robustness.
Distributional Robustness with IPMs and links to Regularization and GANs.
On Universalized Adversarial and Invariant Perturbations.
Tricking Adversarial Attacks To Fail.
Global Robustness Verification Networks.
Trade-offs between membership privacy & adversarially robust learning.
Adversarial Feature Desensitization.
2020-06-07
Extensions and limitations of randomized smoothing for robustness guarantees.
Uncertainty-Aware Deep Classifiers using Generative Models.
2020-06-06
Unique properties of adversarially trained linear classifiers on Gaussian data.
Can Domain Knowledge Alleviate Adversarial Attacks in Multi-Label Classifiers?
2020-06-05
Adversarial Image Generation and Training for Deep Convolutional Neural Networks.
Lipschitz Bounds and Provably Robust Training by Laplacian Smoothing.
Sponge Examples: Energy-Latency Attacks on Neural Networks.
2020-06-04
Characterizing the Weight Space for Different Learning Models.
Towards Understanding Fast Adversarial Training.
Defense for Black-box Attacks on Anti-spoofing Models by Self-Supervised Learning.
Pick-Object-Attack: Type-Specific Adversarial Attack for Object Detection.
2020-06-02
SaliencyMix: A Saliency Guided Data Augmentation Strategy for Better Regularization.
Exploring the role of Input and Output Layers of a Deep Neural Network in Adversarial Defense.
Perturbation Analysis of Gradient-based Adversarial Attacks.
Adversarial Item Promotion: Vulnerabilities at the Core of Top-N Recommenders that Use Images to Address Cold Start.
Detecting Audio Attacks on ASR Systems with Dropout Uncertainty.
2020-06-01
Second-Order Provable Defenses against Adversarial Attacks.
Adversarial Attacks on Reinforcement Learning based Energy Management Systems of Extended Range Electric Delivery Vehicles.
Adversarial Attacks on Classifiers for Eye-based User Modelling.
Rethinking Empirical Evaluation of Adversarial Robustness Using First-Order Attack Methods.
2020-05-31
Evaluations and Methods for Explanation through Robustness Analysis.
Estimating Principal Components under Adversarial Perturbations.
2020-05-30
Exploring Model Robustness with Adaptive Networks and Improved Adversarial Training.
2020-05-29
SAFER: A Structure-free Approach for Certified Robustness to Adversarial Word Substitutions.
2020-05-28
Monocular Depth Estimators: Vulnerabilities and Attacks.
QEBA: Query-Efficient Boundary-Based Blackbox Attack.
Adversarial Attacks and Defense on Texts: A Survey.
Adversarial Robustness of Deep Convolutional Candlestick Learner.
2020-05-27
Enhancing Resilience of Deep Learning Networks by Means of Transferable Adversaries.
Mitigating Advanced Adversarial Attacks with More Advanced Gradient Obfuscation Techniques.
Stochastic Security: Adversarial Defense Using Long-Run Dynamics of Energy-Based Models.
Calibrated Surrogate Losses for Adversarially Robust Classification.
2020-05-26
Effects of Forward Error Correction on Communications Aware Evasion Attacks.
Investigating a Spectral Deception Loss Metric for Training Machine Learning-based Evasion Attacks.
Generating Semantically Valid Adversarial Questions for TableQA.
2020-05-25
Adversarial Feature Selection against Evasion Attacks.
2020-05-24
Detecting Adversarial Examples for Speech Recognition via Uncertainty Quantification.
SoK: Arms Race in Adversarial Malware Detection.
Adaptive Adversarial Logits Pairing.
2020-05-23
ShapeAdv: Generating Shape-Aware Adversarial 3D Point Clouds.
Adversarial Attack on Hierarchical Graph Pooling Neural Networks.
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend. (1%)
2020-05-22
Vulnerability of deep neural networks for detecting COVID-19 cases from chest X-ray images to universal adversarial attacks.
2020-05-21
Revisiting Role of Autoencoders in Adversarial Settings.
Robust Ensemble Model Training via Random Layer Sampling Against Adversarial Attack.
Inaudible Adversarial Perturbations for Targeted Attack in Speaker Recognition.
Investigating Vulnerability to Adversarial Examples on Multimodal Data Fusion in Deep Learning.
2020-05-20
Graph Structure Learning for Robust Graph Neural Networks.
Model-Based Robust Deep Learning: Generalizing to Natural, Out-of-Distribution Data.
An Adversarial Approach for Explaining the Predictions of Deep Neural Networks.
A survey on Adversarial Recommender Systems: from Attack/Defense strategies to Generative Adversarial Networks.
Feature Purification: How Adversarial Training Performs Robust Deep Learning.
2020-05-19
Synthesizing Unrestricted False Positive Adversarial Objects Using Generative Models.
Bias-based Universal Adversarial Patch Attack for Automatic Check-out.
2020-05-18
An Evasion Attack against ML-based Phishing URL Detectors.