no code implementations • 10 Oct 2023 • Marius Arvinte, Cory Cornelius, Jason Martin, Nageen Himayat
Beyond their impressive sampling capabilities, score-based diffusion models offer a powerful analysis tool in the form of unbiased density estimation of a query sample under the training data distribution.
1 code implementation • 30 Aug 2023 • Shengyun Peng, Weilin Xu, Cory Cornelius, Matthew Hull, Kevin Li, Rahul Duggal, Mansi Phute, Jason Martin, Duen Horng Chau
Our research aims to unify existing works' diverging opinions on how architectural components affect the adversarial robustness of CNNs.
no code implementations • 14 Aug 2023 • Mansi Phute, Alec Helbling, Matthew Hull, Shengyun Peng, Sebastian Szyller, Cory Cornelius, Duen Horng Chau
We test LLM Self Defense on GPT 3. 5 and Llama 2, two of the current most prominent LLMs against various types of attacks, such as forcefully inducing affirmative responses to prompts and prompt engineering attacks.
1 code implementation • 8 Jan 2023 • Shengyun Peng, Weilin Xu, Cory Cornelius, Kevin Li, Rahul Duggal, Duen Horng Chau, Jason Martin
Adversarial Training is the most effective approach for improving the robustness of Deep Neural Networks (DNNs).
no code implementations • 22 Aug 2022 • Xinlei He, Zheng Li, Weilin Xu, Cory Cornelius, Yang Zhang
Finally, we find that data augmentation degrades the performance of existing attacks to a larger extent, and we propose an adaptive attack using augmentation to train shadow and attack models that improve attack performance.
1 code implementation • 21 Jul 2022 • Xiruo Liu, Shibani Singh, Cory Cornelius, Colin Busho, Mike Tan, Anindya Paul, Jason Martin
Existing adversarial example research focuses on digitally inserted perturbations on top of existing natural image datasets.
no code implementations • 13 Oct 2020 • Hans Shih-Han Wang, Cory Cornelius, Brandon Edwards, Jason Martin
We investigate adversarial-sample generation methods from a frequency domain perspective and extend standard $l_{\infty}$ Projected Gradient Descent (PGD) to the frequency domain.
3 code implementations • 18 Apr 2019 • Cory Cornelius, Shang-Tse Chen, Jason Martin, Duen Horng Chau
In this talk we describe our content-preserving attack on object detectors, ShapeShifter, and demonstrate how to evaluate this threat in realistic scenarios.
no code implementations • 1 Feb 2019 • Cory Cornelius, Nilaksh Das, Shang-Tse Chen, Li Chen, Michael E. Kounavis, Duen Horng Chau
To evaluate the robustness of the defense against an adaptive attacker, we consider the targeted-attack success rate of the Projected Gradient Descent (PGD) attack, which is a strong gradient-based adversarial attack proposed in adversarial machine learning research.
3 code implementations • 16 Apr 2018 • Shang-Tse Chen, Cory Cornelius, Jason Martin, Duen Horng Chau
Given the ability to directly manipulate image pixels in the digital input space, an adversary can easily generate imperceptible perturbations to fool a Deep Neural Network (DNN) image classifier, as demonstrated in prior work.