Adversarial Defense
177 papers with code • 10 benchmarks • 5 datasets
Competitions with currently unpublished results:
Benchmarks
These leaderboards are used to track progress in Adversarial Defense
| Trend | Dataset | Best Model | Paper | Code | Compare |
|---|---|---|---|---|---|
|
|||||
|
|||||
|
|||||
|
|||||
|
|||||
|
|||||
|
|||||
|
|||||
|
|||||
|
Libraries
Use these libraries to find Adversarial Defense models and implementations
CIFAR-10
ImageNet
CIFAR-100
MNIST
Icons-50
Latest papers with no code
Adversarial Infrared Geometry: Using Geometry to Perform Adversarial Attack against Infrared Pedestrian Detectors
Physical attack experiments are conducted to assess the attack success rate of AdvIG at different distances.
Enhancing the "Immunity" of Mixture-of-Experts Networks for Adversarial Defense
Recent studies have revealed the vulnerability of Deep Neural Networks (DNNs) to adversarial examples, which can easily fool DNNs into making incorrect predictions.
Enhancing Tracking Robustness with Auxiliary Adversarial Defense Networks
Moreover, it can be seamlessly integrated with other visual trackers as a plug-and-play module without requiring any parameter adjustments.
MGE: A Training-Free and Efficient Model Generation and Enhancement Scheme
To provide a foundation for the research of deep learning models, the construction of model pool is an essential step.
Two Heads Are Better Than One: Boosting Graph Sparse Training via Semantic and Topological Awareness
Specifically, GST initially constructs a topology & semantic anchor at a low training cost, followed by performing dynamic sparse training to align the sparse graph with the anchor.
Fast Adversarial Training against Textual Adversarial Attacks
Based on the observation that the adversarial perturbations crafted by single-step and multi-step gradient ascent are similar, FAT uses single-step gradient ascent to craft adversarial examples in the embedding space to expedite the training process.
AR-GAN: Generative Adversarial Network-Based Defense Method Against Adversarial Attacks on the Traffic Sign Classification System of Autonomous Vehicles
The novelty of the AR-GAN lies in (i) assuming zero knowledge of adversarial attack models and samples and (ii) providing consistently high traffic sign classification performance under various adversarial attack types.
Adversarial Infrared Curves: An Attack on Infrared Pedestrian Detectors in the Physical World
Using Particle Swarm Optimization, we optimize two Bezier curves and employ cold patches in the physical realm to introduce perturbations, creating infrared curve patterns for physical sample generation.
Continual Adversarial Defense
In response to the rapidly evolving nature of adversarial attacks against visual classifiers on a monthly basis, numerous defenses have been proposed to generalize against as many known attacks as possible.
Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
Furthermore, CA prevents the consequential model collapse, based on a novel metric, collapseness, which is incorporated into the optimization of perturbation.
