对抗样本

Adversarial examples are imperceptible to human but can easily fool deep neural networks in the testing/deploying stage. The vulnerability to adversarial examples becomes one of the major risks for applying deep neural networks in safety-critical scenarios. Therefore, the attacks and defenses on adversarial examples draw great attention.


## Survey

  • Adversarial Examples Attacks and Defenses for Deep Learning, arxiv 2017.
  • Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey, arxiv 2018.

## Blog


## General

  • Explaining and Harnessing Adversarial Examples
  • Decision Boundary Analysis of Adversarial Examples, ICLR 2018.
  • Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality, ICLR 2018.
  • Evaluating the Robustness of Neural Networks: An Extreme Value Theory Approach, ICLR 2018.
  • Adversarial Spheres, ICLR Workshop 2018.
  • Intriguing Properties of Adversarial Examples, ICLR Workshop 2018.
  • On the Limitation of Local Intrinsic Dimensionality for Characterizing the Subspaces of Adversarial Examples, ICLR Workshop 2018.
  • Analyzing the Robustness of Nearest Neighbors to Adversarial Examples, ICML 2018.
  • Adversarial Risk and the Dangers of Evaluating Against Weak Attacks, ICML 2018.
  • There Is No Free Lunch In Adversarial Robustness(But There Are Unexpected Benefits), arxiv 2018. Code

## Attacks

### Universal Perturbations

  • Universal adversarial perturbations, CVPR 2017.
  • Fast feature fool: A data independent approach to universal adversarial perturbations, BMVC 2017.
  • Generalizable data-free objective for crafting universal adversarial perturbations, arXiv 2018.
  • NAG: Network for Adversary Generation, CVPR 2018.

### OnePixel Perturbations

  • One pixel attack for fooling deep neural networks, arXiv 2017.
  • Attacking Convolutional Neural Network using Differential Evolution, arXiv 2018.
  • Exploring Adversarial Examples Patterns of One-Pixel Attacks, arXiv 2018.

### General Perturbations

  • Adversarial Manipulation of Deep Representations, ICLR 2016. Code
  • Adversarial Patch, arxiv 2017.
  • Adversarial Examples for Semantic Segmentation and Object Detection, ICCV 2017.
  • Adversarial Image Perturbation for Privacy Protection - A Game Theory Perspective, ICCV 2017.
  • Adversarial examples in the physical world, ICLR 2017.
  • Delving into Transferable Adversarial Examples and Black-box Attacks, ICLR 2017.
  • Delving into adversarial attacks on deep policies, ICLR Workshop 2017.
  • Adversarial Examples for Semantic Image Segmentation, ICLR Workshop 2017.
  • Adversarial Attacks on Neural Network Policies, ICLR Workshop 2017.
  • Robustness to Adversarial Examples through an Ensemble of Specialists, ICLR Workshop 2017.
  • Art of singular vectors and universal adversarial perturbations, CVPR 2018.
  • Boosting Adversarial Attacks With Momentum, CVPR 2018.
  • Generative Adversarial Perturbations, CVPR 2018.
  • Attacking Binarized Neural Networks, ICLR 2018.
  • Noisy Networks For Exploration, ICLR 2018.
  • Mitigating Adversarial Effects Through Randomization, ICLR 2018.
  • Synthetic and Natural Noise Both Break Neural Machine Translation, ICLR 2018.
  • Generating Natural Adversarial Examples, ICLR 2018. Code
  • Spatially Transformed Adversarial Examples, ICLR 2018.
  • Black-box Attacks on Deep Neural Networks via Gradient Estimation, ICLR Workshop 2018.
  • Attacking the Madry Defense Model with $L_1$ based Adversarial Examples, ICLR Workshop 2018.
  • LaVAN: Localized and Visible Adversarial Noise, ICML 2018.
  • Adversarial Attack on Graph Structured Data, ICML 2018.
  • Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training, ICML 2018.
  • Synthesizing Robust Adversarial Examples, ICML 2018.
  • Adversarial Attacks under Restricted Threat Models, ICML 2018.

## Defences

  • Towards Deep Neural Network Architectures Robust to Adversarial Examples, arxiv 2014.
  • On Detecting Adversarial Perturbations, arxiv 2017.
  • Practical Black-Box Attacks against Machine Learning, ACCCS 2017.
  • Making Deep Neural Networks Robust to Label Noise: A Loss Correction Approach, CVPR 2017.
  • Noise Robust Depth From Focus Using a Ring Difference Filter, CVPR 2017.
  • SafetyNet: Detecting and Rejecting Adversarial Examples Robustly, ICCV 2017.
  • Adversarial Examples Detection in Deep Networks With Convolutional Filter Statistics, ICCV 2017.
  • Universal Adversarial Perturbations Against Semantic Image Segmentation, ICCV 2017.
  • Adversarial Machine Learning at Scale, ICLR 2017.
  • Early Methods for Detecting Adversarial Images, ICLR 2017.
  • Tactics of Adversarial Attack on Deep Reinforcement Learning Agents, ICLR Workshop 2017.
  • DeepCloak: Masking Deep Neural Network Models for Robustness Against Adversarial Samples, ICLR Workshop 2017.
  • A Theoretical Framework for Robustness of (Deep) Classifiers against Adversarial Samples, ICLR 2017.
  • Parseval Networks: Improving Robustness to Adversarial Examples, ICML 2017.
  • Adversarial Attacks Against Medical Deep Learning Systems, arxiv 2018.
  • On the Robustness of Semantic Segmentation Models to Adversarial Attacks, CVPR 2018.
  • On the Robustness of Semantic Segmentation Models to Adversarial Attacks, CVPR 2018.
  • Defense Against Adversarial Attacks Using High-Level Representation Guided Denoiser, CVPR 2018.
  • Deflecting Adversarial Attacks with Pixel Deflection, CVPR 2018.
  • Defense Against Universal Adversarial Perturbations, CVPR 2018.
  • Robust Physical-World Attacks on Deep Learning Visual Classification, CVPR 2018.
  • Certifying Some Distributional Robustness with Principled Adversarial Training, ICLR 2018.
  • Towards Deep Learning Models Resistant to Adversarial Attacks, ICLR 2018.
  • Certified Defenses against Adversarial Examples, ICLR 2018.
  • Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models, ICLR 2018.
  • Ensemble Adversarial Training: Attacks and Defenses, ICLR 2018.
  • Countering Adversarial Images using Input Transformations, ICLR 2018.
  • Fix your classifier: the marginal value of training the last weight layer, ICLR 2018.
  • Robustness of Classifiers to Universal Perturbations: A Geometric Perspective , ICLR 2018.
  • PixelDefend: Leveraging Generative Models to Understand and Defend against Adversarial Examples, ICLR 2018.
  • Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models, ICLR 2018.
  • Stochastic Activation Pruning for Robust Adversarial Defense, ICLR 2018.
  • Thermometer Encoding: One Hot Way To Resist Adversarial Examples, ICLR 2018.
  • Certifying Some Distributional Robustness with Principled Adversarial Training, ICLR 2018.
  • Ensemble Robustness and Generalization of Stochastic Deep Learning Algorithms, ICLR Workshop 2018.
  • Provable Defenses against Adversarial Examples via the Convex Outer Adversarial Polytope, ICML 2018.
  • Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples, ICML 2018. Code

## Others

  • Understanding Deep Neural Networks with Rectified Linear Units, ICLR 2018.

## Competition


## Useful Package/Code



© 2019-2021 coggle.club 版权所有     京ICP备20022947    京公网安备 11030102010643号