Search Results for author:
Found 16 papers, 8 papers with code
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples
Evaluating robustness of machine-learning models to adversarial examples is a challenging problem.
Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints
Evaluating adversarial robustness amounts to finding the minimum perturbation needed to have an input sample misclassified.
secml: A Python Library for Secure and Explainable Machine Learning
We present \texttt{secml}, an open-source Python library for secure and explainable machine learning.
$σ$-zero: Gradient-based Optimization of $\ell_0$-norm Adversarial Examples
Evaluating the adversarial robustness of deep networks to gradient-based attacks is challenging.
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches
We showcase the usefulness of this dataset by testing the effectiveness of the computed patches against 127 models.
Evaluating Adversarial Attacks on ImageNet: A Reality Check on Misclassification Classes
We find that $71\%$ of the adversarial examples that achieve model-to-model adversarial transferability are misclassified into one of the top-5 classes predicted for the underlying source images.
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization
Evaluating the adversarial robustness of machine learning models using gradient-based attacks is challenging.
Raze to the Ground: Query-Efficient Adversarial HTML Attacks on Machine-Learning Phishing Webpage Detectors
Machine-learning phishing webpage detectors (ML-PWD) have been shown to suffer from adversarial manipulations of the HTML code of the input webpage.
Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks
Transferability captures the ability of an attack against a machine-learning model to be effective against a different, potentially unknown, model.
Detecting Anomalies from Video-Sequences: a Novel Descriptor
We present a novel descriptor for crowd behavior analysis and anomaly detection.
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference
Adversarial reprogramming allows repurposing a machine-learning model to perform a different task.
Explaining Machine Learning DGA Detectors from DNS Traffic Data
One of the most common causes of lack of continuity of online systems stems from a widely popular Cyber Attack known as Distributed Denial of Service (DDoS), in which a network of infected devices (botnet) gets exploited to flood the computational capacity of services through the commands of an attacker.
A Survey on Reinforcement Learning Security with Application to Autonomous Driving
Reinforcement learning allows machines to learn from their own experience.
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training
Deep learning models undergo a significant increase in the number of parameters they possess, leading to the execution of a larger number of operations during inference.
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks
Neural network pruning has shown to be an effective technique for reducing the network size, trading desirable properties like generalization and robustness to adversarial attacks for higher sparsity.
Robustness-Congruent Adversarial Training for Secure Machine Learning Model Updates
In this work, we show that this problem also affects robustness to adversarial examples, thereby hindering the development of secure model update practices.
