Search Results for author:
Found 18 papers, 6 papers with code
Flatness-aware Adversarial Attack
We reveal that input regularization based methods make resultant adversarial examples biased towards flat extreme regions.
Model Inversion Attack via Dynamic Memory Learning
Model Inversion (MI) attacks aim to recover the private training data from the target model, which has raised security concerns about the deployment of DNNs in practice.
ImageNet-E: Benchmarking Neural Network Robustness via Attribute Editing
We also evaluate some robust models including both adversarially trained models and other robust trained models and find that some models show worse robustness against attribute changes than vanilla models.
Information-containing Adversarial Perturbation for Combating Facial Manipulation Systems
We use an encoder to map a facial image and its identity message to a cross-model adversarial example which can disrupt multiple facial manipulation systems to achieve initiative protection.
Refiner: Data Refining against Gradient Leakage Attacks in Federated Learning
Recent works have brought attention to the vulnerability of Federated Learning (FL) systems to gradient leakage attacks.
Rethinking Out-of-Distribution Detection From a Human-Centric Perspective
Additionally, our experiments demonstrate that model selection is non-trivial for OOD detection and should be considered as an integral of the proposed method, which differs from the claim in existing works that proposed methods are universal across different models.
Boosting Out-of-distribution Detection with Typical Features
Out-of-distribution (OOD) detection is a critical task for ensuring the reliability and safety of deep neural networks in real-world scenarios.
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective
We conduct comprehensive transferable attacks against multiple DNNs to demonstrate the effectiveness of the proposed method.
MaxMatch: Semi-Supervised Learning with Worst-Case Consistency
In recent years, great progress has been made to incorporate unlabeled data to overcome the inefficiently supervised problem via semi-supervised learning (SSL).
Enhance the Visual Representation via Discrete Adversarial Training
For borrowing the advantage from NLP-style AT, we propose Discrete Adversarial Training (DAT).
Ranked #1 on
Domain Generalization
on Stylized-ImageNet
Enhanced compound-protein binding affinity prediction by representing protein multimodal information via a coevolutionary strategy
FeatNN provides an outstanding method for higher CPA prediction accuracy and better generalization ability by efficiently representing multimodal information of proteins via a coevolutionary strategy.
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains
Notably, our methods outperform state-of-the-art approaches by up to 7. 71\% (towards coarse-grained domains) and 25. 91\% (towards fine-grained domains) on average.
Towards Robust Vision Transformer
By using and combining robust components as building blocks of ViTs, we propose Robust Vision Transformer (RVT), which is a new vision transformer and has superior performance with strong robustness.
Ranked #24 on
Domain Generalization
on ImageNet-C
QAIR: Practical Query-efficient Black-Box Attacks for Image Retrieval
Comprehensive experiments show that the proposed attack achieves a high attack success rate with few queries against the image retrieval systems under the black-box setting.
Spatial-Phase Shallow Learning: Rethinking Face Forgery Detection in Frequency Domain
The remarkable success in face forgery techniques has received considerable attention in computer vision due to security concerns.
Sharp Multiple Instance Learning for DeepFake Video Detection
A sharp MIL (S-MIL) is proposed which builds direct mapping from instance embeddings to bag prediction, rather than from instance embeddings to instance prediction and then to bag prediction in traditional MIL.
AdvKnn: Adversarial Attacks On K-Nearest Neighbor Classifiers With Approximate Gradients
Deep neural networks have been shown to be vulnerable to adversarial examples---maliciously crafted examples that can trigger the target model to misbehave by adding imperceptible perturbations.
A Deep Belief Network Based Machine Learning System for Risky Host Detection
The system leverages alert information, various security logs and analysts' investigation results in a real enterprise environment to flag hosts that have high likelihood of being compromised.
