Giter VIP home page Giter VIP logo

adversarial-attack-defense-papers's Introduction

Adversarial-Attack-Defense-Papers

A collection of Adversarial Attack & Defense papers.

Outline

Dataset and Network

Dataset Introduction Link
NIPS2017 A subset of ImageNet validation set containing 1000 images, which are used in the NIPS 2017 competition. Download
SACP2019 A subset of ImageNet validation set containing 1216 images, which are used in Tianchi Security AI Challenger Program Competition. Download
ImageNet-A Natural Adversarial Examples: Real-world, unmodified, and naturally occurring examples that cause classifier accuracy to significantly degrade. Download
ImageNet-C Benchmarking Neural Network Robustness to Common Corruptions and Perturbations. Download
Network Paper Source Code
VggNet Very Deep Convolutional Networks for Large-Scale Image Recognition ICLR2015 Code
InceptionNet Rethinking the inception architecture for computer vision CVPR2016 Code
ResNet Deep residual learning for image recognition CVPR2016 Code
DenseNet Densely Connected Convolutional Networks CVPR2017 Code
EfficientNet EfficientNet: Rethinking model scaling for convolutional neural networks ICML2019 Code
ViT An image is worth 16x16 words: Transformers for image recognition at scale ICLR2020 Code

Adversarial Attack

Name Paper Source Type Code
FGSM Explaining and harnessing adversarial examples ICLR2015 white-box & transfer
BIM Adversarial examples in the physical world ICLR2017 Workshop white-box
UAP Universal Adversarial Perturbations CVPR2017 white-box / universal Code
C&W Towards Evaluating the Robustness of Neural Networks SP2017 white-box / transfer Code
MIM Boosting Adversarial Attacks With Momentum CVPR2018 white-box / transfer Code
DIM Improving Transferability of Adversarial Examples With Input Diversity CVPR2019 white-box / transfer Code
TIM Evading defenses to transferable adversarial examples by translation-invariant attacks CVPR2019 white-box / transfer Code
SIM Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks ICLR2020 white-box / transfer Code
DEM Improving the Transferability of Adversarial Examples with Resized-Diverse-Inputs, Diversity-Ensemble and Region Fitting ECCV2020 white-box / transfer Code
SAM Enhancing Adversarial Examples Via Self-Augmentation ICME2021 white-box / transfer Code
VIM Enhancing the Transferability of Adversarial Attacks through Variance Tuning CVPR2020 white-box / transfer Code
BPDA Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples ICML2018 white-box Code
RP2 Robust Physical-World Attacks on Deep Learning Visual Classification CVPR2018 white-box / physical Code
NAG NAG: Network for Adversary Generation CVPR2017 white-box / GAN Code
SF SparseFool: a few pixels make a big difference CVPR2019 white-box Code
GAP Generative Adversarial Perturbations CVPR2018 white-box / GAN Code
RH Regional Homogeneity: Towards Learning Transferable Universal Adversarial Perturbations Against Defenses ECCV2020 white-box / transfer / universal Code
CAMOU CAMOU: Learning Physical Vehicle Camouflages to Adversarially Attack Detectors in the Wild ICLR2019 black-box / physical Code
UPC Universal Physical Camouflage Attacks on Object Detectors CVPR2020 white-box / physical Code
AdvPatch Fooling automated surveillance cameras: adversarial patches to attack person detection CVPRW2019 white-box / physical Code
TRA Trust Region Based Adversarial Attack on neural networks CVPR2019 white-box Code
AA Feature Space Perturbations Yield More Transferable Adversarial Examples CVPR2019 white-box / transfer Code
Ghost Learning Transferable Adversarial Examples via Ghost Networks AAA2019 white-box / transfer Code
ILA Enhancing Adversarial Example Transferability with an Intermediate Level Attack ICCV2019 white-box / transfer Code
Boundary Decision-based adversarial attacks: Reliable attacks against black-box machine learning models ICLR2018 black-box / decision Code
HLA Query-Efficient Hard-label Black-box Attack: An Optimization-based Approach ICLR2019 black-box / decision Code
SimBA Simple Black-box Adversarial Attacks ICML2019 black-box / decision Code
GDA A Geometry-Inspired Decision-Based Attack ICCV2019 black-box / decision Code
C&W Curls &Whey: Boosting Black-Box Adversarial Attacks CVPR2019 black-box Code
AutoAttack Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks ICML2020 white-box Code
AdvLB Adversarial Laser Beam: Effective Physical-World Attack to DNNs in a Blink CVPR2021 white-box / physical Code
LAFEAT LAFEAT: Piercing Through Adversarial Defenses with Latent Features CVPR2021 white-box Code
FIA Feature Importance-aware Transferable Adversarial Attacks ICCV2021 white-box / transfer Code
TTP On Generating Transferable Targeted Perturbations ICCV2021 white-box / transfer Code
DUAP Data-free Universal Adversarial Perturbation and Black-box Attack ICCV2021 white-box / universal Code
Admix Admix: Enhancing the Transferability of Adversarial Attacks ICCV2021 white-box / transfer Code
CA2 Cyclical Adversarial Attack Pierces Black-box Deep Neural Networks PR2022 white-box / transfer Code

Adversarial Defense

Name Paper Source Type Dataset Code
AT Towards deep learning models resistant to adversarial attacks ICLR2018 adversarial training ImageNet / CIFAR10 / MNIST Code
EAT Ensemble Adversarial Training: Attacks and Defenses ICLR2018 adversarial training ImageNet Code
CAT Curriculum Adversarial Training IJCAI2018 adversarial training CIFAR100 / CIFAR10 / MNIST Code
FAT Attacks which do not kill training make adversarial learning stronger ICML2020 adversarial training CIFAR10 / SVHN Code
RS Certified Adversarial Robustness via Randomized Smoothing ICML2019 adversarial training ImageNet Code
STN Certified Adversarial Robustness with Additive Noise NIPS2019 adversarial training CIFAR10 Code
R&P Mitigating Adversarial Effects Through Randomization ICLR2018 plug-in ImageNet Code
HGD Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser CVPR2018 plug-in ImageNet Code
BDR Countering Adversarial Images using Input Transformations ICLR2018 plug-in ImageNet Code
JPEG Feature Distillation: DNN-Oriented JPEG Compression Against Adversarial Examples CVPR2019 plug-in ImageNet Code
FD Feature Denoising for Improving Adversarial Robustness CVPR2019 adversarial training ImageNet Code
PD Deflecting Adversarial Attacks with Pixel Deflection CVPR2019 plug-in ImageNet Code
PRN Defense against Universal Adversarial Perturbations CVPR2018 adversarial training ImageNet Code
COM ComDefend: An Efficient Image Compression Model to Defend Adversarial Examples CVPR2019 plug-in ImageNet Code
RD Defending against adversarial attacks by randomized diversification CVPR2019 adversarial training CIFAR10 / MNIST Code
ADP Improving adversarial robustness via promoting ensemble diversity ICML2019 adversarial training / ensemble CIFAR100 / CIFAR10 / MNIST Code
TRADES Theoretically Principled Trade-off between Robustness and Accuracy ICML2019 adversarial training CIFAR10 / MNIST Code
FS Defense Against Adversarial Attacks Using Feature Scattering-based Adversarial Training NIPS2019 adversarial training CIFAR10 Code
DVERGE DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles NIPS2020 adversarial training / ensemble CIFAR10 Code
RobNet When NAS Meets Robustness: In Search of Robust Architectures against Adversarial Attacks CVPR2020 adversarial training CIFAR10 / SVHN / ImageNet Code
NRP A Self-supervised Approach for Adversarial Robustness CVPR2020 adversarial training ImageNet Code
AVMixup Adversarial Vertex Mixup: Toward Better Adversarially Robust Generalization CVPR2020 adversarial training MNIST / CIFAR10 / SVHN Code
ADT Adversarial distributional training for robust deep learning NIPS2020 adversarial training CIFAR100 / SVHN Code
FLSS Boosting Adversarial Robustness using Feature Level Stochastic Smoothing CVPR2021 adversarial training CIFAR100 / CIFAR10 Code
Det-AdvProp Robust and Accurate Object Detection via Adversarial Learning CVPR2021 adversarial training COCO2017 Code
ERS Boosting randomized smoothing with variance reduced classifiers ICLR2022 adversarial training / ensemble CIFAR10 / ImageNet Code

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.