Search Results for author:
Found 10 papers, 5 papers with code
Investigating the Adversarial Robustness of Density Estimation Using the Probability Flow ODE
Beyond their impressive sampling capabilities, score-based diffusion models offer a powerful analysis tool in the form of unbiased density estimation of a query sample under the training data distribution.
Robust Principles: Architectural Design Principles for Adversarially Robust CNNs
Our research aims to unify existing works' diverging opinions on how architectural components affect the adversarial robustness of CNNs.
LLM Self Defense: By Self Examination, LLMs Know They Are Being Tricked
We test LLM Self Defense on GPT 3. 5 and Llama 2, two of the current most prominent LLMs against various types of attacks, such as forcefully inducing affirmative responses to prompts and prompt engineering attacks.
RobArch: Designing Robust Architectures against Adversarial Attacks
Adversarial Training is the most effective approach for improving the robustness of Deep Neural Networks (DNNs).
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models
Finally, we find that data augmentation degrades the performance of existing attacks to a larger extent, and we propose an adaptive attack using augmentation to train shadow and attack models that improve attack performance.
Synthetic Dataset Generation for Adversarial Machine Learning Research
Existing adversarial example research focuses on digitally inserted perturbations on top of existing natural image datasets.
Toward Few-step Adversarial Training from a Frequency Perspective
We investigate adversarial-sample generation methods from a frequency domain perspective and extend standard $l_{\infty}$ Projected Gradient Descent (PGD) to the frequency domain.
Talk Proposal: Towards the Realistic Evaluation of Evasion Attacks using CARLA
In this talk we describe our content-preserving attack on object detectors, ShapeShifter, and demonstrate how to evaluate this threat in realistic scenarios.
The Efficacy of SHIELD under Different Threat Models
To evaluate the robustness of the defense against an adaptive attacker, we consider the targeted-attack success rate of the Projected Gradient Descent (PGD) attack, which is a strong gradient-based adversarial attack proposed in adversarial machine learning research.
ShapeShifter: Robust Physical Adversarial Attack on Faster R-CNN Object Detector
Given the ability to directly manipulate image pixels in the digital input space, an adversary can easily generate imperceptible perturbations to fool a Deep Neural Network (DNN) image classifier, as demonstrated in prior work.
