English
Related papers

Related papers: Adversarial Samples Are Not Created Equal

200 papers
Adversarial Perturbations Are Not So Weird: Entanglement of Robust and Non-Robust Features in Neural Network Classifiers

Neural networks trained on visual data are well-known to be vulnerable to often imperceptible adversarial perturbations. The reasons for this vulnerability are still being debated in the literature. Recently Ilyas et al. (2019) showed that…

Machine Learning · Computer Science 2021-02-11 Jacob M. Springer , Melanie Mitchell , Garrett T. Kenyon
Adversarial Examples Are Not Real Features

The existence of adversarial examples has been a mystery for years and attracted much interest. A well-known theory by \citet{ilyas2019adversarial} explains adversarial vulnerability from a data perspective by showing that one can extract…

Machine Learning · Computer Science 2024-05-07 Ang Li , Yifei Wang , Yiwen Guo , Yisen Wang
Adversarial Examples Are Not Bugs, They Are Features

Adversarial examples have attracted significant attention in machine learning, but the reasons for their existence and pervasiveness remain unclear. We demonstrate that adversarial examples can be directly attributed to the presence of…

Machine Learning · Statistics 2019-08-13 Andrew Ilyas , Shibani Santurkar , Dimitris Tsipras , Logan Engstrom , Brandon Tran , Aleksander Madry
Identifying Adversarially Attackable and Robust Samples

Adversarial attacks insert small, imperceptible perturbations to input samples that cause large, undesired changes to the output of deep learning models. Despite extensive research on generating adversarial attacks and building defense…

Machine Learning · Computer Science 2023-06-27 Vyas Raina , Mark Gales
Improving Adversarial Robustness to Sensitivity and Invariance Attacks with Deep Metric Learning

Intentionally crafted adversarial samples have effectively exploited weaknesses in deep neural networks. A standard method in adversarial robustness assumes a framework to defend against samples crafted by minimally perturbing a sample such…

Machine Learning · Computer Science 2022-11-07 Anaelia Ovalle , Evan Czyzycki , Cho-Jui Hsieh
Adversarial Robustness with Non-uniform Perturbations

Robustness of machine learning models is critical for security related applications, where real-world adversaries are uniquely focused on evading neural network based detectors. Prior work mainly focus on crafting adversarial examples (AEs)…

Machine Learning · Computer Science 2021-11-01 Ecenaz Erdemir , Jeffrey Bickford , Luca Melis , Sergul Aydore
Not So Robust After All: Evaluating the Robustness of Deep Neural Networks to Unseen Adversarial Attacks

Deep neural networks (DNNs) have gained prominence in various applications, such as classification, recognition, and prediction, prompting increased scrutiny of their properties. A fundamental attribute of traditional DNNs is their…

Machine Learning · Computer Science 2023-08-15 Roman Garaev , Bader Rasheed , Adil Khan
Interpreting and Evaluating Neural Network Robustness

Recently, adversarial deception becomes one of the most considerable threats to deep neural networks. However, compared to extensive research in new designs of various adversarial attacks and defenses, the neural networks' intrinsic…

Machine Learning · Computer Science 2019-05-13 Fuxun Yu , Zhuwei Qin , Chenchen Liu , Liang Zhao , Yanzhi Wang , Xiang Chen
Using Non-invertible Data Transformations to Build Adversarial-Robust Neural Networks

Deep neural networks have proven to be quite effective in a wide variety of machine learning tasks, ranging from improved speech recognition systems to advancing the development of autonomous vehicles. However, despite their superior…

Machine Learning · Computer Science 2016-12-14 Qinglong Wang , Wenbo Guo , Alexander G. Ororbia , Xinyu Xing , Lin Lin , C. Lee Giles , Xue Liu , Peng Liu , Gang Xiong
Adversarial Training Can Provably Improve Robustness: Theoretical Analysis of Feature Learning Process Under Structured Data

Adversarial training is a widely-applied approach to training deep neural networks to be robust against adversarial perturbation. However, although adversarial training has achieved empirical success in practice, it still remains unclear…

Machine Learning · Computer Science 2025-02-10 Binghui Li , Yuanzhi Li
On the Effects of Adversarial Perturbations on Distribution Robustness

Adversarial robustness refers to a model's ability to resist perturbation of inputs, while distribution robustness evaluates the performance of the model under data shifts. Although both aim to ensure reliable performance, prior work has…

Machine Learning · Computer Science 2026-01-26 Yipei Wang , Zhaoying Pan , Xiaoqian Wang
Adversarially Robust Estimate and Risk Analysis in Linear Regression

Adversarially robust learning aims to design algorithms that are robust to small adversarial perturbations on input variables. Beyond the existing studies on the predictive performance to adversarial samples, our goal is to understand…

Machine Learning · Statistics 2020-12-21 Yue Xing , Ruizhi Zhang , Guang Cheng
Understanding Adversarial Behavior of DNNs by Disentangling Non-Robust and Robust Components in Performance Metric

The vulnerability to slight input perturbations is a worrying yet intriguing property of deep neural networks (DNNs). Despite many previous works studying the reason behind such adversarial behavior, the relationship between the…

Machine Learning · Statistics 2019-06-07 Yujun Shi , Benben Liao , Guangyong Chen , Yun Liu , Ming-Ming Cheng , Jiashi Feng
Holistic Approach to Measure Sample-level Adversarial Vulnerability and its Utility in Building Trustworthy Systems

Adversarial attack perturbs an image with an imperceptible noise, leading to incorrect model prediction. Recently, a few works showed inherent bias associated with such attack (robustness bias), where certain subgroups in a dataset (e.g.…

Computer Vision and Pattern Recognition · Computer Science 2022-05-06 Gaurav Kumar Nayak , Ruchit Rawal , Rohit Lal , Himanshu Patil , Anirban Chakraborty
How many perturbations break this model? Evaluating robustness beyond adversarial accuracy

Robustness to adversarial attacks is typically evaluated with adversarial accuracy. While essential, this metric does not capture all aspects of robustness and in particular leaves out the question of how many perturbations can be found for…

Machine Learning · Computer Science 2023-08-14 Raphael Olivier , Bhiksha Raj
Learning to Separate Clusters of Adversarial Representations for Robust Adversarial Detection

Although deep neural networks have shown promising performances on various tasks, they are susceptible to incorrect predictions induced by imperceptibly small perturbations in inputs. A large number of previous works proposed to detect…

Machine Learning · Computer Science 2020-12-08 Byunggill Joe , Jihun Hamm , Sung Ju Hwang , Sooel Son , Insik Shin
On the Sensitivity of Adversarial Robustness to Input Data Distributions

Neural networks are vulnerable to small adversarial perturbations. Existing literature largely focused on understanding and mitigating the vulnerability of learned models. In this paper, we demonstrate an intriguing phenomenon about the…

Machine Learning · Computer Science 2019-02-25 Gavin Weiguang Ding , Kry Yik Chau Lui , Xiaomeng Jin , Luyu Wang , Ruitong Huang
Exploring Robust Features for Improving Adversarial Robustness

While deep neural networks (DNNs) have revolutionized many fields, their fragility to carefully designed adversarial attacks impedes the usage of DNNs in safety-critical applications. In this paper, we strive to explore the robust features…

Computer Vision and Pattern Recognition · Computer Science 2023-09-12 Hong Wang , Yuefan Deng , Shinjae Yoo , Yuewei Lin
Understanding (Non-)Robust Feature Disentanglement and the Relationship Between Low- and High-Dimensional Adversarial Attacks

Recent work has put forth the hypothesis that adversarial vulnerabilities in neural networks are due to them overusing "non-robust features" inherent in the training data. We show empirically that for PGD-attacks, there is a training stage…

Computer Vision and Pattern Recognition · Computer Science 2020-04-07 Zuowen Wang , Leo Horne
Evaluating Ensemble Robustness Against Adversarial Attacks

Adversarial examples, which are slightly perturbed inputs generated with the aim of fooling a neural network, are known to transfer between models; adversaries which are effective on one model will often fool another. This concept of…

Machine Learning · Computer Science 2020-05-13 George Adam , Romain Speciel
‹ Prev 1 2 3 10 Next ›