Browse > Adversarial > Adversarial Attack

Adversarial Attack

35 papers with code · Adversarial

State-of-the-art leaderboards

No evaluation results yet. Help compare methods by submit evaluation metrics.

Greatest papers with code

Technical Report on the CleverHans v2.1.0 Adversarial Examples Library

3 Oct 2016openai/cleverhans

The library may be used to develop more robust machine learning models and to provide standardized benchmarks of models' performance in the adversarial setting. Section 1 provides an overview of adversarial examples in machine learning and of the CleverHans software.

ADVERSARIAL ATTACK ADVERSARIAL DEFENSE

Foolbox: A Python toolbox to benchmark the robustness of machine learning models

13 Jul 2017bethgelab/foolbox

Foolbox is a new Python package to generate such adversarial perturbations and to quantify and compare the robustness of machine learning models. The code is licensed under the MIT license and is openly available at https://github.com/bethgelab/foolbox .

ADVERSARIAL ATTACK

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

ICML 2018 anishathalye/obfuscated-gradients

We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples. While defenses that cause obfuscated gradients appear to defeat iterative optimization-based attacks, we find defenses relying on this effect can be circumvented.

ADVERSARIAL ATTACK ADVERSARIAL DEFENSE

DeepFool: a simple and accurate method to fool deep neural networks

CVPR 2016 facebookresearch/adversarial_image_defenses

State-of-the-art deep neural networks have achieved impressive results on many image classification tasks. However, these same architectures have been shown to be unstable to small, well sought, perturbations of the images.

ADVERSARIAL ATTACK IMAGE CLASSIFICATION

Feature Denoising for Improving Adversarial Robustness

9 Dec 2018facebookresearch/ImageNet-Adversarial-Training

This study suggests that adversarial perturbations on images lead to noise in the features constructed by these networks. Motivated by this observation, we develop new network architectures that increase adversarial robustness by performing feature denoising.

ADVERSARIAL ATTACK ADVERSARIAL DEFENSE IMAGE CLASSIFICATION

Provable defenses against adversarial examples via the convex outer adversarial polytope

ICML 2018 locuslab/convex_adversarial

We propose a method to learn deep ReLU-based classifiers that are provably robust against norm-bounded adversarial perturbations on the training data. For previously unseen examples, the approach is guaranteed to detect all adversarial examples, though it may flag some non-adversarial examples as well.

ADVERSARIAL ATTACK

Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser

CVPR 2018 lfz/Guided-Denoise

First, with HGD as a defense, the target model is more robust to either white-box or black-box adversarial attacks. Second, HGD can be trained on a small subset of the images and generalizes well to other images and unseen classes.

ADVERSARIAL ATTACK ADVERSARIAL DEFENSE IMAGE CLASSIFICATION

Generating Natural Adversarial Examples

ICLR 2018 zhengliz/natural-adversary

Due to their complex nature, it is hard to characterize the ways in which machine learning models can misbehave or be exploited when deployed. Recent work on adversarial examples, i.e. inputs with minor perturbations that result in substantially different model predictions, is helpful in evaluating the robustness of these models by exposing the adversarial scenarios where they fail.

ADVERSARIAL ATTACK IMAGE CLASSIFICATION MACHINE TRANSLATION NATURAL LANGUAGE INFERENCE

Adversarial-Playground: A Visualization Suite Showing How Adversarial Examples Fool Deep Learning

1 Aug 2017QData/AdversarialDNN-Playground

Due to the complex nature of deep learning, it is challenging to understand how deep models can be fooled by adversarial examples. (2) It can help security experts explore more vulnerability of deep learning as a software module.

ADVERSARIAL ATTACK ADVERSARIAL DEFENSE IMAGE CLASSIFICATION

Boosting Adversarial Attacks with Momentum

CVPR 2018 dongyp13/Non-Targeted-Adversarial-Attacks

However, most of existing adversarial attacks can only fool a black-box model with a low success rate. To further improve the success rates for black-box attacks, we apply momentum iterative algorithms to an ensemble of models, and show that the adversarially trained models with a strong defense ability are also vulnerable to our black-box attacks.

ADVERSARIAL ATTACK