1 code implementation • 8 Dec 2023 • Xiaoyun Xu, Shujian Yu, Jingzheng Wu, Stjepan Picek
However, these methods still follow the design of traditional supervised adversarial training, limiting the potential of adversarial training on ViTs.
1 code implementation • 9 Feb 2023 • Xiaoyun Xu, Guilherme Perin, Stjepan Picek
In this paper, we propose a novel method, IB-RAR, which uses Information Bottleneck (IB) to strengthen adversarial robustness for both adversarial training and non-adversarial-trained methods.
no code implementations • 1 Feb 2023 • Xiaoyun Xu, Oguzhan Ersoy, Stjepan Picek
This paper proposes a backdoor detection method by utilizing a special type of adversarial attack, universal adversarial perturbation (UAP), and its similarities with a backdoor trigger.