English
Related papers

Related papers: PatchCensor: Patch Robustness Certification for Tr…

200 papers

Patch attacks, one of the most threatening forms of physical attack in adversarial examples, can lead networks to induce misclassification by modifying pixels arbitrarily in a continuous region. Certifiable patch defense can guarantee…

Computer Vision and Pattern Recognition · Computer Science 2022-03-17 Zhaoyu Chen , Bo Li , Jianghe Xu , Shuang Wu , Shouhong Ding , Wenqiang Zhang

Recent advances in Vision Transformer (ViT) have demonstrated its impressive performance in image classification, which makes it a promising alternative to Convolutional Neural Network (CNN). Unlike CNNs, ViT represents an input image as a…

Computer Vision and Pattern Recognition · Computer Science 2022-07-19 Jindong Gu , Volker Tresp , Yao Qin

Certified patch defenses can guarantee robustness of an image classifier to arbitrary changes within a bounded contiguous region. But, currently, this robustness comes at a cost of degraded standard accuracies and slower inference times. We…

Computer Vision and Pattern Recognition · Computer Science 2021-10-18 Hadi Salman , Saachi Jain , Eric Wong , Aleksander Mądry

The adversarial patch attack against image classification models aims to inject adversarially crafted pixels within a restricted image region (i.e., a patch) for inducing model misclassification. This attack can be realized in the physical…

Computer Vision and Pattern Recognition · Computer Science 2022-04-12 Chong Xiang , Saeed Mahloujifar , Prateek Mittal

Vision transformers (ViTs) have recently set off a new wave in neural architecture design thanks to their record-breaking performance in various vision tasks. In parallel, to fulfill the goal of deploying ViTs into real-world vision…

Computer Vision and Pattern Recognition · Computer Science 2025-01-07 Yonggan Fu , Shunyao Zhang , Shang Wu , Cheng Wan , Yingyan Celine Lin

Transformers, composed of multiple self-attention layers, hold strong promises toward a generic learning primitive applicable to different data modalities, including the recent breakthroughs in computer vision achieving state-of-the-art…

Computer Vision and Pattern Recognition · Computer Science 2021-12-07 Sayak Paul , Pin-Yu Chen

Deep learning vision systems are increasingly deployed in safety-critical domains such as healthcare, yet they remain vulnerable to small adversarial patches that can trigger misclassifications. Most existing defenses assume a single patch…

Computer Vision and Pattern Recognition · Computer Science 2025-11-12 Aja Khanal , Ahmed Faid , Apurva Narayan

Vision Transformers (ViTs) have a radically different architecture with significantly less inductive bias than Convolutional Neural Networks. Along with the improvement in performance, security and robustness of ViTs are also of great…

Computer Vision and Pattern Recognition · Computer Science 2023-01-18 Khoa D. Doan , Yingjie Lao , Peng Yang , Ping Li

Following the success in advancing natural language processing and understanding, transformers are expected to bring revolutionary changes to computer vision. This work provides a comprehensive study on the robustness of vision transformers…

Computer Vision and Pattern Recognition · Computer Science 2022-11-04 Rulin Shao , Zhouxing Shi , Jinfeng Yi , Pin-Yu Chen , Cho-Jui Hsieh

We investigate the robustness of vision transformers (ViTs) through the lens of their special patch-based architectural structure, i.e., they process an image as a sequence of image patches. We find that ViTs are surprisingly insensitive to…

Machine Learning · Computer Science 2023-02-23 Yao Qin , Chiyuan Zhang , Ting Chen , Balaji Lakshminarayanan , Alex Beutel , Xuezhi Wang

Vision transformers (ViTs) have recently demonstrated state-of-the-art performance in a variety of vision tasks, replacing convolutional neural networks (CNNs). Meanwhile, since ViT has a different architecture than CNN, it may behave…

Computer Vision and Pattern Recognition · Computer Science 2021-11-17 Bum Jun Kim , Hyeyeon Choi , Hyeonah Jang , Dong Gu Lee , Wonseok Jeong , Sang Woo Kim

The increasing reliance on machine learning systems has made their security a critical concern. Evasion attacks enable adversaries to manipulate the decision-making processes of AI systems, potentially causing security breaches or…

Computer Vision and Pattern Recognition · Computer Science 2025-09-26 Kasper Cools , Clara Maathuis , Alexander M. van Oers , Claudia S. Hübner , Nikos Deligiannis , Marijke Vandewal , Geert De Cubber

Deep Convolutional Neural Networks (CNNs) have long been the architecture of choice for computer vision tasks. Recently, Transformer-based architectures like Vision Transformer (ViT) have matched or even surpassed ResNets for image…

Computer Vision and Pattern Recognition · Computer Science 2021-10-11 Srinadh Bhojanapalli , Ayan Chakrabarti , Daniel Glasner , Daliang Li , Thomas Unterthiner , Andreas Veit

Vision Transformer (ViT) has demonstrated promising performance in computer vision tasks, comparable to state-of-the-art neural networks. Yet, this new type of deep neural network architecture is vulnerable to adversarial attacks limiting…

Computer Vision and Pattern Recognition · Computer Science 2023-11-02 Shashank Kotyan , Danilo Vasconcellos Vargas

Recent advances on Vision Transformer (ViT) and its improved variants have shown that self-attention-based networks surpass traditional Convolutional Neural Networks (CNNs) in most vision tasks. However, existing ViTs focus on the standard…

Computer Vision and Pattern Recognition · Computer Science 2022-05-24 Xiaofeng Mao , Gege Qi , Yuefeng Chen , Xiaodan Li , Ranjie Duan , Shaokai Ye , Yuan He , Hui Xue

Patch robustness certification is an emerging kind of defense technique against adversarial patch attacks with provable guarantees. There are two research lines: certified recovery and certified detection. They aim to label malicious…

Software Engineering · Computer Science 2024-05-14 Qilin Zhou , Zhengyuan Wei , Haipeng Wang , Bo Jiang , W. K. Chan

Adversarial patch attacks inject localized perturbations into images to mislead deep vision models. These attacks can be physically deployed, posing serious risks to real-world applications. In this paper, we propose CertMask, a certifiably…

Computer Vision and Pattern Recognition · Computer Science 2025-11-14 Xuntao Lyu , Ching-Chi Lin , Abdullah Al Arafat , Georg von der Brüggen , Jian-Jia Chen , Zhishan Guo

Vision transformers (ViTs) have become essential backbones in advanced computer vision applications and multi-modal foundation models. Despite their strengths, ViTs remain vulnerable to adversarial perturbations, comparable to or even…

Computer Vision and Pattern Recognition · Computer Science 2025-01-06 Bhavna Gopal , Huanrui Yang , Mark Horton , Yiran Chen

With Vision Transformers (ViTs) making great advances in a variety of computer vision tasks, recent literature have proposed various variants of vanilla ViTs to achieve better efficiency and efficacy. However, it remains unclear how their…

Computer Vision and Pattern Recognition · Computer Science 2022-08-22 Rui Tian , Zuxuan Wu , Qi Dai , Han Hu , Yu-Gang Jiang

Localized adversarial patches aim to induce misclassification in machine learning models by arbitrarily modifying pixels within a restricted region of an image. Such attacks can be realized in the physical world by attaching the adversarial…

Computer Vision and Pattern Recognition · Computer Science 2021-04-01 Chong Xiang , Arjun Nitin Bhagoji , Vikash Sehwag , Prateek Mittal
‹ Prev 1 2 3 10 Next ›