|TREND||DATASET||BEST METHOD||PAPER TITLE||PAPER||CODE||COMPARE|
An adversarial example library for constructing attacks, building defenses, and benchmarking both
In this work, we formalize the space of adversaries against deep neural networks (DNNs) and introduce a novel class of algorithms to craft adversarial samples based on a precise understanding of the mapping between inputs and outputs of DNNs.
Foolbox is a new Python package to generate such adversarial perturbations and to quantify and compare the robustness of machine learning models.
Based on this observation, we propose a defense approach which inspects the graph and recovers the potential adversarial perturbations.
We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples.
Defensive distillation is a recently proposed approach that can take an arbitrary neural network, and increase its robustness, reducing the success rate of current attacks' ability to find adversarial examples from $95\%$ to $0. 5\%$.
We propose a method to learn deep ReLU-based classifiers that are provably robust against norm-bounded adversarial perturbations on the training data.
In this paper we propose a novel easily reproducible technique to attack the best public Face ID system ArcFace in different shooting conditions.