2 code implementations • 26 Mar 2021 • Curtis G. Northcutt, Anish Athalye, Jonas Mueller
Errors in test sets are numerous and widespread: we estimate an average of at least 3. 3% errors across the 10 datasets, where for example label errors comprise at least 6% of the ImageNet validation set.
4 code implementations • 18 Feb 2019 • Nicholas Carlini, Anish Athalye, Nicolas Papernot, Wieland Brendel, Jonas Rauber, Dimitris Tsipras, Ian Goodfellow, Aleksander Madry, Alexey Kurakin
Correctly evaluating defenses against adversarial examples has proven to be extremely difficult.
1 code implementation • 26 Jul 2018 • Logan Engstrom, Andrew Ilyas, Anish Athalye
We evaluate the robustness of Adversarial Logit Pairing, a recently proposed defense against adversarial examples.
2 code implementations • ICML 2018 • Andrew Ilyas, Logan Engstrom, Anish Athalye, Jessy Lin
Current neural network-based classifiers are susceptible to adversarial examples even in the black-box setting, where the attacker only has query access to the model.
2 code implementations • 10 Apr 2018 • Anish Athalye, Nicholas Carlini
Neural networks are known to be vulnerable to adversarial examples.
4 code implementations • ICML 2018 • Anish Athalye, Nicholas Carlini, David Wagner
We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples.
1 code implementation • 19 Dec 2017 • Andrew Ilyas, Logan Engstrom, Anish Athalye, Jessy Lin
Second, we introduce a new algorithm to perform targeted adversarial attacks in the partial-information setting, where the attacker only has access to a limited number of target classes.
3 code implementations • 24 Jul 2017 • Anish Athalye, Logan Engstrom, Andrew Ilyas, Kevin Kwok
We demonstrate the existence of robust 3D adversarial objects, and we present the first algorithm for synthesizing examples that are adversarial over a chosen distribution of transformations.