Adversarial Defense
State-of-the-art leaderboards
| Trend | Dataset | Best Method | Paper title | Paper | Code | Compare |
|---|---|---|---|---|---|---|
|
||||||
|
||||||
|
Greatest papers with code
Technical Report on the CleverHans v2.1.0 Adversarial Examples Library
An adversarial example library for constructing attacks, building defenses, and benchmarking both
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
ICML 2018 • anishathalye/obfuscated-gradients
We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples.
Feature Denoising for Improving Adversarial Robustness
CVPR 2019 • facebookresearch/ImageNet-Adversarial-Training
This study suggests that adversarial perturbations on images lead to noise in the features constructed by these networks.
SOTA for Adversarial Defense on CAAD 2018
Countering Adversarial Images using Input Transformations
ICLR 2018
• facebookresearch/adversarial_image_defenses
• 
This paper investigates strategies that defend against adversarial-example attacks on image-classification systems by transforming the inputs before feeding them to the system.
advertorch v0.1: An Adversarial Robustness Toolbox based on PyTorch
advertorch is a toolbox for adversarial robustness research.
SOTA for Adversarial Attack on 1B Words (using extra training data)
Towards Deep Learning Models Resistant to Adversarial Attacks
ICLR 2018
• MadryLab/mnist_challenge
• 
Its principled nature also enables us to identify methods for both training and attacking neural networks that are reliable and, in a certain sense, universal.
Benchmarking Neural Network Robustness to Common Corruptions and Perturbations
ICLR 2019
• hendrycks/robustness
•
Then we propose a new dataset called ImageNet-P which enables researchers to benchmark a classifier's robustness to common perturbations.
On Evaluating Adversarial Robustness
• evaluating-adversarial-robustness/adv-eval-paper
•
Correctly evaluating defenses against adversarial examples has proven to be extremely difficult.
Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser
CVPR 2018 • lfz/Guided-Denoise
First, with HGD as a defense, the target model is more robust to either white-box or black-box adversarial attacks.
A Provable Defense for Deep Residual Networks
• eth-sri/diffai
•
We present a training system, which can provably defend significantly larger neural networks than previously possible, including ResNet-34 and DenseNet-100.