Adversarial Purification
27 papers with code • 0 benchmarks • 0 datasets
A class of adversarial defense methods that remove adversarial perturbations using a generative model.
Benchmarks
These leaderboards are used to track progress in Adversarial Purification
Most implemented papers
Diffusion Models for Adversarial Purification
NVlabs/DiffPure
•
•
Adversarial purification refers to a class of defense methods that remove adversarial perturbations using a generative model.
Guided Diffusion Model for Adversarial Purification
In this paper, we propose a novel purification approach, referred to as guided diffusion model for purification (GDMP), to help protect classifiers from adversarial attacks.
Stochastic Security: Adversarial Defense Using Long-Run Dynamics of Energy-Based Models
point0bar1/ebm-defense
•
•
ICLR 2021
Our contributions are 1) an improved method for training EBM's with realistic long-run MCMC samples, 2) an Expectation-Over-Transformation (EOT) defense that resolves theoretical ambiguities for stochastic defenses and from which the EOT attack naturally follows, and 3) state-of-the-art adversarial defense for naturally-trained classifiers and competitive defense compared to adversarially-trained classifiers on Cifar-10, SVHN, and Cifar-100.
Adversarial purification with Score-based generative models
jmyoon1/adp
•
•
Recently, an Energy-Based Model (EBM) trained with Markov-Chain Monte-Carlo (MCMC) has been highlighted as a purification model, where an attacked image is purified by running a long Markov-chain using the gradients of the EBM.
Defending against Adversarial Audio via Diffusion Model
In this paper, we propose an adversarial purification-based defense pipeline, AudioPure, for acoustic systems via off-the-shelf diffusion models.
Robust Evaluation of Diffusion-Based Adversarial Purification
ml-postech/robust-evaluation-of-diffusion-based-purification
•
•
ICCV 2023
We analyze the current practices and provide a new guideline for measuring the robustness of purification methods against adversarial attacks.
Carefully Blending Adversarial Training, Purification, and Aggregation Improves Adversarial Robustness
In this work, we propose a novel adversarial defence mechanism for image classification - CARSO - blending the paradigms of adversarial training and adversarial purification in a synergistic robustness-enhancing way.
Universal Adversarial Defense in Remote Sensing Based on Pre-trained Denoising Diffusion Models
ericyu97/uad-rs
•
•
Deep neural networks (DNNs) have risen to prominence as key solutions in numerous AI applications for earth observation (AI4EO).
DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing
Diffusion models have been leveraged to perform adversarial purification and thus provide both empirical and certified robustness for a standard model.
Language Guided Adversarial Purification
Visual-Conception-Group/LGAP
•
•
Adversarial purification using generative models demonstrates strong adversarial defense performance.
