AT |
Towards deep learning models resistant to adversarial attacks |
ICLR2018 |
adversarial training |
ImageNet / CIFAR10 / MNIST |
Code |
EAT |
Ensemble Adversarial Training: Attacks and Defenses |
ICLR2018 |
adversarial training |
ImageNet |
Code |
CAT |
Curriculum Adversarial Training |
IJCAI2018 |
adversarial training |
CIFAR100 / CIFAR10 / MNIST |
Code |
FAT |
Attacks which do not kill training make adversarial learning stronger |
ICML2020 |
adversarial training |
CIFAR10 / SVHN |
Code |
RS |
Certified Adversarial Robustness via Randomized Smoothing |
ICML2019 |
adversarial training |
ImageNet |
Code |
STN |
Certified Adversarial Robustness with Additive Noise |
NIPS2019 |
adversarial training |
CIFAR10 |
Code |
R&P |
Mitigating Adversarial Effects Through Randomization |
ICLR2018 |
plug-in |
ImageNet |
Code |
HGD |
Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser |
CVPR2018 |
plug-in |
ImageNet |
Code |
BDR |
Countering Adversarial Images using Input Transformations |
ICLR2018 |
plug-in |
ImageNet |
Code |
JPEG |
Feature Distillation: DNN-Oriented JPEG Compression Against Adversarial Examples |
CVPR2019 |
plug-in |
ImageNet |
Code |
FD |
Feature Denoising for Improving Adversarial Robustness |
CVPR2019 |
adversarial training |
ImageNet |
Code |
PD |
Deflecting Adversarial Attacks with Pixel Deflection |
CVPR2019 |
plug-in |
ImageNet |
Code |
PRN |
Defense against Universal Adversarial Perturbations |
CVPR2018 |
adversarial training |
ImageNet |
Code |
COM |
ComDefend: An Efficient Image Compression Model to Defend Adversarial Examples |
CVPR2019 |
plug-in |
ImageNet |
Code |
RD |
Defending against adversarial attacks by randomized diversification |
CVPR2019 |
adversarial training |
CIFAR10 / MNIST |
Code |
ADP |
Improving adversarial robustness via promoting ensemble diversity |
ICML2019 |
adversarial training / ensemble |
CIFAR100 / CIFAR10 / MNIST |
Code |
TRADES |
Theoretically Principled Trade-off between Robustness and Accuracy |
ICML2019 |
adversarial training |
CIFAR10 / MNIST |
Code |
FS |
Defense Against Adversarial Attacks Using Feature Scattering-based Adversarial Training |
NIPS2019 |
adversarial training |
CIFAR10 |
Code |
DVERGE |
DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles |
NIPS2020 |
adversarial training / ensemble |
CIFAR10 |
Code |
RobNet |
When NAS Meets Robustness: In Search of Robust Architectures against Adversarial Attacks |
CVPR2020 |
adversarial training |
CIFAR10 / SVHN / ImageNet |
Code |
NRP |
A Self-supervised Approach for Adversarial Robustness |
CVPR2020 |
adversarial training |
ImageNet |
Code |
AVMixup |
Adversarial Vertex Mixup: Toward Better Adversarially Robust Generalization |
CVPR2020 |
adversarial training |
MNIST / CIFAR10 / SVHN |
Code |
ADT |
Adversarial distributional training for robust deep learning |
NIPS2020 |
adversarial training |
CIFAR100 / SVHN |
Code |
FLSS |
Boosting Adversarial Robustness using Feature Level Stochastic Smoothing |
CVPR2021 |
adversarial training |
CIFAR100 / CIFAR10 |
Code |
Det-AdvProp |
Robust and Accurate Object Detection via Adversarial Learning |
CVPR2021 |
adversarial training |
COCO2017 |
Code |
ERS |
Boosting randomized smoothing with variance reduced classifiers |
ICLR2022 |
adversarial training / ensemble |
CIFAR10 / ImageNet |
Code |