Search Results for author:
Found 12 papers, 5 papers with code
Distilling Adversarial Robustness Using Heterogeneous Teachers
Achieving resiliency against adversarial attacks is necessary prior to deploying neural network classifiers in domains where misclassification incurs substantial costs, e. g., self-driving cars or medical imaging.
AutoReP: Automatic ReLU Replacement for Fast Private Network Inference
The growth of the Machine-Learning-As-A-Service (MLaaS) market has highlighted clients' data privacy and security issues.
Multi-Task Models Adversarial Attacks
We then introduce a novel attack framework, the Gradient Balancing Multi-Task Attack (GB-MTA), which treats attacking a multi-task model as an optimization problem.
Neurogenesis Dynamics-inspired Spiking Neural Network Training Acceleration
Experimental results show that NDSNN achieves up to 20. 52\% improvement in accuracy on Tiny-ImageNet using ResNet-19 (with a sparsity of 99\%) as compared to other SOTA methods (e. g., Lottery Ticket Hypothesis (LTH), SET-SNN, RigL-SNN).
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning
First, how can the low transferability between defenses be utilized in a game theoretic framework to improve the robustness?
Privacy Attacks Against Biometric Models with Fewer Samples: Incorporating the Output of Multiple Models
By leveraging the output of multiple models, we are able to conduct model inversion attacks with 1/10th the training set size of Ahmad and Fuller (IJCB 2020) for iris data and 1/1000th the training set size of Mai et al. (Pattern Analysis and Machine Intelligence 2019) for facial data.
Attacking the Spike: On the Transferability and Security of Spiking Neural Networks to Adversarial Examples
First, we show that successful white-box adversarial attacks on SNNs are highly dependent on the underlying surrogate gradient technique, even in the case of adversarially trained SNNs.
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks
In this paper, we seek to help alleviate this problem by systematizing the recent advances in adversarial machine learning black-box attacks since 2019.
On the Robustness of Vision Transformers to Adversarial Examples
In this paper, we study the robustness of Vision Transformers to adversarial examples.
Buffer Zone based Defense against Adversarial Examples in Image Classification
Based on our study of these defenses, we develop three contributions.
Beware the Black-Box: on the Robustness of Recent Defenses to Adversarial Examples
We provide this large scale study and analyses to motivate the field to move towards the development of more robust black-box defenses.
BUZz: BUffer Zones for defending adversarial examples in image classification
We argue that our defense based on buffer zones offers significant improvements over state-of-the-art defenses.
