Search Results for author:
Found 18 papers, 8 papers with code
APBench: A Unified Benchmark for Availability Poisoning Attacks and Defenses
To further evaluate the attack and defense capabilities of these poisoning methods, we have developed a benchmark -- APBench for assessing the efficacy of adversarial poisoning.
Learning the Unlearnable: Adversarial Augmentations Suppress Unlearnable Example Attacks
In this paper, we introduce the UEraser method, which outperforms current defenses against different types of state-of-the-art unlearnable example attacks through a combination of effective data augmentation policies and loss-maximizing adversarial augmentations.
Adaptive Channel Sparsity for Federated Learning Under System Heterogeneity
Owing to the non-i. i. d.
AdvDiffuser: Natural Adversarial Example Synthesis with Diffusion Models
It can generate UAEs from scratch or conditionally based on reference images.
Flareon: Stealthy any2any Backdoor Injection via Poisoned Augmentation
Open software supply chain attacks, once successful, can exact heavy costs in mission-critical applications.
MORA: Improving Ensemble Robustness Evaluation with Model-Reweighing Attack
In particular, most ensemble defenses exhibit near or exactly 0% robustness against MORA with $\ell^\infty$ perturbation within 0. 02 on CIFAR-10, and 0. 01 on CIFAR-100.
Revisiting Structured Dropout
Large neural networks are often overparameterised and prone to overfitting, Dropout is a widely used regularization technique to combat overfitting and improve model generalization.
Adversarial Attacks on ML Defense Models Competition
Due to the vulnerability of deep neural networks (DNNs) to adversarial examples, a large number of defense techniques have been proposed to alleviate this problem in recent years.
FedDrop: Trajectory-weighted Dropout for Efficient Federated Learning
Federated learning (FL) enables edge clients to train collaboratively while preserving individual's data privacy.
Rapid Model Architecture Adaption for Meta-Learning
H-Meta-NAS shows a Pareto dominance compared to a variety of NAS and manual baselines in popular few-shot learning benchmarks with various hardware platforms and constraints.
LAFEAT: Piercing Through Adversarial Defenses with Latent Features
In this paper, we show that latent features in certain "robust" models are surprisingly susceptible to adversarial attacks.
Pay Attention to Features, Transfer Learn Faster CNNs
Deep convolutional neural networks are now widely deployed in vision applications, but a limited size of training data can restrict their task performance.
Probabilistic Dual Network Architecture Search on Graphs
We present the first differentiable Network Architecture Search (NAS) for Graph Neural Networks (GNNs).
Automatic Generation of Multi-precision Multi-arithmetic CNN Accelerators for FPGAs
Furthermore, we show how Tomato produces implementations of networks with various sizes running on single or multiple FPGAs.
Blackbox Attacks on Reinforcement Learning Agents Using Approximated Temporal Information
In this work, we show how such samples can be generalised from White-box and Grey-box attacks to a strong Black-box case, where the attacker has no knowledge of the agents, their training parameters and their training methods.
Focused Quantization for Sparse CNNs
In ResNet-50, we achieved a 18. 08x CR with only 0. 24% loss in top-5 accuracy, outperforming existing compression methods.
Sitatapatra: Blocking the Transfer of Adversarial Samples
Convolutional Neural Networks (CNNs) are widely used to solve classification tasks in computer vision.
Dynamic Channel Pruning: Feature Boosting and Suppression
Making deep convolutional neural networks more accurate typically comes at the cost of increased computational and memory resources.
