English
Related papers

Related papers: DiffAttack: Evasion Attacks Against Diffusion-Base…

200 papers

Adversarial purification refers to a class of defense methods that remove adversarial perturbations using a generative model. These methods do not make assumptions on the form of attack and the classification model, and thus can defend…

Machine Learning · Computer Science 2022-05-17 Weili Nie , Brandon Guo , Yujia Huang , Chaowei Xiao , Arash Vahdat , Anima Anandkumar

Diffusion-based purification (DBP) has become a cornerstone defense against adversarial examples (AEs), regarded as robust due to its use of diffusion models (DMs) that project AEs onto the natural data manifold. We refute this core claim,…

Cryptography and Security · Computer Science 2026-02-11 Andre Kassis , Urs Hengartner , Yaoliang Yu

Deep neural networks (DNNs) are vulnerable to adversarial perturbation, where an imperceptible perturbation is added to the image that can fool the DNNs. Diffusion-based adversarial purification focuses on using the diffusion model to…

Computer Vision and Pattern Recognition · Computer Science 2023-12-11 Kaiyu Song , Hanjiang Lai

The strategy of combining diffusion-based generative models with classifiers continues to demonstrate state-of-the-art performance on adversarial robustness benchmarks. Known as adversarial purification, this exploits a diffusion model's…

Cryptography and Security · Computer Science 2026-01-06 David D. Nguyen , The-Anh Ta , Yansong Gao , Alsharif Abuadbba

Adversarial training and adversarial purification are two widely used defense strategies for enhancing model robustness against adversarial attacks. However, adversarial training requires costly retraining, while adversarial purification…

Computer Vision and Pattern Recognition · Computer Science 2025-09-17 Xuelong Dai , Dong Wang , Xiuzhen Cheng , Bin Xiao

Existing diffusion-based purification methods aim to disrupt adversarial perturbations by introducing a certain amount of noise through a forward diffusion process, followed by a reverse process to recover clean examples. However, this…

Computer Vision and Pattern Recognition · Computer Science 2025-03-25 Gaozheng Pei , Shaojie Lyu , Gong Chen , Ke Ma , Qianqian Xu , Yingfei Sun , Qingming Huang

Adversarial attacks, particularly patch attacks, pose significant threats to the robustness and reliability of deep learning models. Developing reliable defenses against patch attacks is crucial for real-world applications. This paper…

Computer Vision and Pattern Recognition · Computer Science 2024-07-18 Caixin Kang , Yinpeng Dong , Zhengyi Wang , Shouwei Ruan , Yubo Chen , Hang Su , Xingxing Wei

Neural networks have achieved remarkable performance across a wide range of tasks, yet they remain susceptible to adversarial perturbations, which pose significant risks in safety-critical applications. With the rise of multimodality,…

Computer Vision and Pattern Recognition · Computer Science 2024-10-21 Xinxin Liu , Zhongliang Guo , Siyuan Huang , Chun Pong Lau

Diffusion models have recently gained traction as a powerful class of deep generative priors, excelling in a wide range of image restoration tasks due to their exceptional ability to model data distributions. To solve image restoration…

Image and Video Processing · Electrical Eng. & Systems 2025-06-10 Xiang Li , Soo Min Kwon , Shijun Liang , Ismail R. Alkhouri , Saiprasad Ravishankar , Qing Qu

In the ever-evolving adversarial machine learning landscape, developing effective defenses against patch attacks has become a critical challenge, necessitating reliable solutions to safeguard real-world AI systems. Although diffusion models…

Computer Vision and Pattern Recognition · Computer Science 2024-11-15 Jia Fu , Xiao Zhang , Sepideh Pashami , Fatemeh Rahimian , Anders Holst

Adversarial patches present significant challenges to the robustness of deep learning models, making the development of effective defenses become critical for real-world applications. This paper introduces DIFFender, a novel DIFfusion-based…

Computer Vision and Pattern Recognition · Computer Science 2024-09-17 Xingxing Wei , Caixin Kang , Yinpeng Dong , Zhengyi Wang , Shouwei Ruan , Yubo Chen , Hang Su

The escalating sophistication of cyberattacks has encouraged the integration of machine learning techniques in intrusion detection systems, but the rise of adversarial examples presents a significant challenge. These crafted perturbations…

Cryptography and Security · Computer Science 2024-06-26 Mohamed Amine Merzouk , Erwan Beurier , Reda Yaich , Nora Boulahia-Cuppens , Frédéric Cuppens

Although deep learning-based visual tracking methods have made significant progress, they exhibit vulnerabilities when facing carefully designed adversarial attacks, which can lead to a sharp decline in tracking performance. To address this…

Computer Vision and Pattern Recognition · Computer Science 2025-06-03 Long Xu , Peng Gao , Wen-Jia Tang , Fei Wang , Ru-Yue Yuan

The diffusion-based adversarial purification methods attempt to drown adversarial perturbations into a part of isotropic noise through the forward process, and then recover the clean images through the reverse process. Due to the lack of…

Computer Vision and Pattern Recognition · Computer Science 2025-12-09 Gaozheng Pei , Ke Ma , Yingfei Sun , Qianqian Xu , Qingming Huang

Adversarial evasion attacks pose significant threats to graph learning, with lines of studies that have improved the robustness of Graph Neural Networks (GNNs). However, existing works rely on priors about clean graphs or attacking…

Machine Learning · Computer Science 2025-02-10 Jiayi Luo , Qingyun Sun , Haonan Yuan , Xingcheng Fu , Jianxin Li

Recent work indicates that video recognition models are vulnerable to adversarial examples, posing a serious security risk to downstream applications. However, current research has primarily focused on adversarial attacks, with limited work…

Computer Vision and Pattern Recognition · Computer Science 2025-01-28 Kaixun Jiang , Zhaoyu Chen , Jiyuan Fu , Lingyi Hong , Jinglun Li , Wenqiang Zhang

Adversarial attacks can mislead neural network classifiers. The defense against adversarial attacks is important for AI safety. Adversarial purification is a family of approaches that defend adversarial attacks with suitable pre-processing.…

Machine Learning · Computer Science 2023-10-31 Boya Zhang , Weijian Luo , Zhihua Zhang

Deep 3D point cloud models are sensitive to adversarial attacks, which poses threats to safety-critical applications such as autonomous driving. Robust training and defend-by-denoising are typical strategies for defending adversarial…

Computer Vision and Pattern Recognition · Computer Science 2023-09-25 Kui Zhang , Hang Zhou , Jie Zhang , Qidong Huang , Weiming Zhang , Nenghai Yu

Gradient leakage has been identified as a potential source of privacy breaches in modern image processing systems, where the adversary can completely reconstruct the training images from leaked gradients. However, existing methods are…

Computer Vision and Pattern Recognition · Computer Science 2024-06-17 Jiayang Meng , Tao Huang , Hong Chen , Cuiping Li

Adversarial training is a common strategy for enhancing model robustness against adversarial attacks. However, it is typically tailored to the specific attack types it is trained on, limiting its ability to generalize to unseen threat…

Computer Vision and Pattern Recognition · Computer Science 2025-04-16 Fatemeh Amerehi , Patrick Healy
‹ Prev 1 2 3 10 Next ›