Search Results for author:
Found 37 papers, 18 papers with code
Bilinear Representation for Language-based Image Editing Using Conditional Generative Adversarial Networks
The task of Language-Based Image Editing (LBIE) aims at generating a target image by editing the source image based on the given language description.
Robust Visual Tracking Using Dynamic Classifier Selection with Sparse Representation of Label Noise
However, the self-updating scheme makes these methods suffer from drifting problem because of the incorrect labels of weak classifiers in training samples.
Self-Supervised Learning For Few-Shot Image Classification
In this paper, we proposed to train a more generalized embedding network with self-supervised learning (SSL) which can provide robust representation for downstream tasks by learning from the data itself.
Ranked #4 on
Few-Shot Image Classification
on Mini-ImageNet - 1-Shot Learning
(using extra training data)
Learning To Characterize Adversarial Subspaces
To detect these adversarial examples, previous methods use artificially designed metrics to characterize the properties of \textit{adversarial subspaces} where adversarial examples lie.
Self-supervised Adversarial Training
Recent work has demonstrated that neural networks are vulnerable to adversarial examples.
AdvKnn: Adversarial Attacks On K-Nearest Neighbor Classifiers With Approximate Gradients
Deep neural networks have been shown to be vulnerable to adversarial examples---maliciously crafted examples that can trigger the target model to misbehave by adding imperceptible perturbations.
Towards Face Encryption by Generating Adversarial Identity Masks
As billions of personal data being shared through social media and network, the data privacy and security have drawn an increasing attention.
GAP++: Learning to generate target-conditioned adversarial examples
Different from previous single-target attack models, our model can conduct target-conditioned attacks by learning the relations of attack target and the semantics in image.
Sharp Multiple Instance Learning for DeepFake Video Detection
A sharp MIL (S-MIL) is proposed which builds direct mapping from instance embeddings to bag prediction, rather than from instance embeddings to instance prediction and then to bag prediction in traditional MIL.
Composite Adversarial Attacks
Adversarial attack is a technique for deceiving Machine Learning (ML) models, which provides a way to evaluate the adversarial robustness.
Adversarial Examples Detection beyond Image Space
To detect both few-perturbation attacks and large-perturbation attacks, we propose a method beyond image space by a two-stream architecture, in which the image stream focuses on the pixel artifacts and the gradient stream copes with the confidence artifacts.
Spatial-Phase Shallow Learning: Rethinking Face Forgery Detection in Frequency Domain
The remarkable success in face forgery techniques has received considerable attention in computer vision due to security concerns.
QAIR: Practical Query-efficient Black-Box Attacks for Image Retrieval
Comprehensive experiments show that the proposed attack achieves a high attack success rate with few queries against the image retrieval systems under the black-box setting.
Adversarial Laser Beam: Effective Physical-World Attack to DNNs in a Blink
Though it is well known that the performance of deep neural networks (DNNs) degrades under certain light conditions, there exists no study on the threats of light beams emitted from some physical source as adversarial attacker on DNNs in a real-world scenario.
Towards Robust Vision Transformer
By using and combining robust components as building blocks of ViTs, we propose Robust Vision Transformer (RVT), which is a new vision transformer and has superior performance with strong robustness.
Ranked #24 on
Domain Generalization
on ImageNet-C
AdvDrop: Adversarial Attack to DNNs by Dropping Information
Human can easily recognize visual objects with lost information: even losing most details with only contour reserved, e. g. cartoon.
D$^2$ETR: Decoder-Only DETR with Computationally Efficient Cross-Scale Attention
DETR is the first fully end-to-end detector that predicts a final set of predictions without post-processing.
Adversarial Attacks on ML Defense Models Competition
Due to the vulnerability of deep neural networks (DNNs) to adversarial examples, a large number of defense techniques have been proposed to alleviate this problem in recent years.
Unrestricted Adversarial Attacks on ImageNet Competition
Many works have investigated the adversarial attacks or defenses under the settings where a bounded and imperceptible perturbation can be added to the input.
Beyond ImageNet Attack: Towards Crafting Adversarial Examples for Black-box Domains
Notably, our methods outperform state-of-the-art approaches by up to 7. 71\% (towards coarse-grained domains) and 25. 91\% (towards fine-grained domains) on average.
D^2ETR: Decoder-Only DETR with Computationally Efficient Cross-Scale Attention
DETR is the first fully end-to-end detector that predicts a final set of predictions without post-processing.
Enhance the Visual Representation via Discrete Adversarial Training
For borrowing the advantage from NLP-style AT, we propose Discrete Adversarial Training (DAT).
Ranked #1 on
Domain Generalization
on Stylized-ImageNet
MaxMatch: Semi-Supervised Learning with Worst-Case Consistency
In recent years, great progress has been made to incorporate unlabeled data to overcome the inefficiently supervised problem via semi-supervised learning (SSL).
Towards Understanding and Boosting Adversarial Transferability from a Distribution Perspective
We conduct comprehensive transferable attacks against multiple DNNs to demonstrate the effectiveness of the proposed method.
Boosting Out-of-distribution Detection with Typical Features
Out-of-distribution (OOD) detection is a critical task for ensuring the reliability and safety of deep neural networks in real-world scenarios.
Prompt-based Connective Prediction Method for Fine-grained Implicit Discourse Relation Recognition
Due to the absence of connectives, implicit discourse relation recognition (IDRR) is still a challenging and crucial task in discourse analysis.
Defects of Convolutional Decoder Networks in Frequency Representation
In this paper, we prove the representation defects of a cascaded convolutional decoder network, considering the capacity of representing different frequency components of an input sample.
Context-Aware Robust Fine-Tuning
Contrastive Language-Image Pre-trained (CLIP) models have zero-shot ability of classifying an image belonging to "[CLASS]" by using similarity between the image and the prompt sentence "a [CONTEXT] of [CLASS]".
Ranked #1 on
Domain Generalization
on VLCS
Rethinking Out-of-Distribution Detection From a Human-Centric Perspective
Additionally, our experiments demonstrate that model selection is non-trivial for OOD detection and should be considered as an integral of the proposed method, which differs from the claim in existing works that proposed methods are universal across different models.
A Comprehensive Study on Robustness of Image Classification Models: Benchmarking and Rethinking
In our benchmark, we evaluate the robustness of 55 typical deep learning models on ImageNet with diverse architectures (e. g., CNNs, Transformers) and learning algorithms (e. g., normal supervised training, pre-training, adversarial training) under numerous adversarial attacks and out-of-distribution (OOD) datasets.
Information-containing Adversarial Perturbation for Combating Facial Manipulation Systems
We use an encoder to map a facial image and its identity message to a cross-model adversarial example which can disrupt multiple facial manipulation systems to achieve initiative protection.
ImageNet-E: Benchmarking Neural Network Robustness via Attribute Editing
We also evaluate some robust models including both adversarially trained models and other robust trained models and find that some models show worse robustness against attribute changes than vanilla models.
COCO-O: A Benchmark for Object Detectors under Natural Distribution Shifts
To give a more comprehensive robustness assessment, we introduce COCO-O(ut-of-distribution), a test dataset based on COCO with 6 types of natural distribution shifts.
Robust Automatic Speech Recognition via WavAugment Guided Phoneme Adversarial Training
Developing a practically-robust automatic speech recognition (ASR) is challenging since the model should not only maintain the original performance on clean samples, but also achieve consistent efficacy under small volume perturbations and large domain shifts.
Automatic Speech Recognition
Automatic Speech Recognition (ASR)
+1
Revisiting and Exploring Efficient Fast Adversarial Training via LAW: Lipschitz Regularization and Auto Weight Averaging
In this paper, we conduct a comprehensive study of over 10 fast adversarial training methods in terms of adversarial robustness and training costs.
Model Inversion Attack via Dynamic Memory Learning
Model Inversion (MI) attacks aim to recover the private training data from the target model, which has raised security concerns about the deployment of DNNs in practice.
Enhancing Few-shot CLIP with Semantic-Aware Fine-Tuning
Hence, we propose fine-tuning the parameters of the attention pooling layer during the training process to encourage the model to focus on task-specific semantics.
