Adversarial Attack
601 papers with code • 2 benchmarks • 9 datasets
An Adversarial Attack is a technique to find a perturbation that changes the prediction of a machine learning model. The perturbation can be very small and imperceptible to human eyes.
Source: Recurrent Attention Model with Log-Polar Mapping is Robust against Adversarial Attacks
Libraries
Use these libraries to find Adversarial Attack models and implementationsDatasets
CIFAR-10
WSJ0-2mix
ImageNet-P
NAS-Bench-1Shot1
Cifar10Mnist
PointDenoisingBenchmark
REAP
Subtasks
Most implemented papers
Boosting Adversarial Attacks with Momentum
dongyp13/Non-Targeted-Adversarial-Attacks
•
•
CVPR 2018
To further improve the success rates for black-box attacks, we apply momentum iterative algorithms to an ensemble of models, and show that the adversarially trained models with a strong defense ability are also vulnerable to our black-box attacks.
EAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples
Recent studies have highlighted the vulnerability of deep neural networks (DNNs) to adversarial examples - a visually indistinguishable adversarial image can easily be crafted to cause a well-trained model to misclassify.
Adversarial Training for Free!
mahyarnajibi/FreeAdversarialTraining
•
•
NeurIPS 2019
Adversarial training, in which a network is trained on adversarial examples, is one of the few defenses against adversarial attacks that withstands strong attacks.
ZOO: Zeroth Order Optimization based Black-box Attacks to Deep Neural Networks without Training Substitute Models
However, different from leveraging attack transferability from substitute models, we propose zeroth order optimization (ZOO) based attacks to directly estimate the gradients of the targeted DNN for generating adversarial examples.
Local Gradients Smoothing: Defense against localized adversarial attacks
Deep neural networks (DNNs) have shown vulnerability to adversarial attacks, i. e., carefully perturbed inputs designed to mislead the network at inference time.
ResNets Ensemble via the Feynman-Kac Formalism to Improve Natural and Robust Accuracies
BaoWangMath/EnResNet
•
•
NeurIPS 2019
However, both natural and robust accuracies, in classifying clean and adversarial images, respectively, of the trained robust models are far from satisfactory.
Real-world adversarial attack on MTCNN face detection system
Recent studies proved that deep learning approaches achieve remarkable results on face detection task.
Tracklet-Switch Adversarial Attack against Pedestrian Multi-Object Tracking Trackers
Multi-Object Tracking (MOT) has achieved aggressive progress and derived many excellent deep learning trackers.
Certified Defenses against Adversarial Examples
While neural networks have achieved high accuracy on standard image classification benchmarks, their accuracy drops to nearly zero in the presence of small adversarial perturbations to test inputs.
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
anishathalye/obfuscated-gradients
•
•
ICML 2018
We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples.
