目視で判断したので、間違っていたり抜けてたりするかもしれませんが、ご容赦ください。

21

20

ICLR: EMPIR: Ensembles of Mixed Precision Deep Networks for Increased Robustness Against Adversarial Attacks

ICLR: Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks

ICLR: Skip Connections Matter: On the Transferability of Adversarial Examples Generated with ResNets

ICLR: Sign-OPT: A Query-Efficient Hard-label Adversarial Attack

ICLR: FreeLB: Enhanced Adversarial Training for Natural Language Understanding

ICLR: Empirical Studies on the Properties of Linear Regions in Deep Neural Networks

ICLR: Detecting and Diagnosing Adversarial Images with Class-Conditional Capsule Reconstructions

ICLR: Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness

ICLR: Provable robustness against all adversarial $l_p$-perturbations for $p\geq 1$

ICLR: Jacobian Adversarially Regularized Networks for Robustness

ICLR: Implicit Bias of Gradient Descent based Adversarial Training on Separable Data

ICLR: Enhancing Transformation-Based Defenses Against Adversarial Attacks with a Distribution Classifier

ICLR: MMA Training: Direct Input Space Margin Maximization through Adversarial Training

ICLR: Adversarial Policies: Attacking Deep Reinforcement Learning

ICLR: MACER: Attack-free and Scalable Robust Training via Maximizing Certified Radius

ICLR: Enhancing Adversarial Defense by k-Winners-Take-All

ICLR: Intriguing Properties of Adversarial Training at Scale

ICLR: Biologically inspired sleep algorithm for increased generalization and adversarial robustness in deep neural networks

ICLR: Fooling Detection Alone is Not Enough: Adversarial Attack against Multiple Object Tracking

ICLR: Certified Defenses for Adversarial Patches

ICLR: Fast is better than free: Revisiting adversarial training

ICLR: Towards neural networks that provably know when they don't know

ICLR: GAT: Generative Adversarial Training for Adversarial Example Detection and Classification

ICLR: Improving Adversarial Robustness Requires Revisiting Misclassified Examples

ICLR: BayesOpt Adversarial Attack

ICLR: Robust anomaly detection and backdoor attack detection via differential privacy

ICLR: Adversarially Robust Representations with Smooth Encoders

ICLR: Prediction Poisoning: Towards Defenses Against DNN Model Stealing Attacks

ICLR: Unrestricted Adversarial Examples via Semantic Manipulation

ICLR: Adversarial AutoAugment

ICLR: Defending Against Physically Realizable Attacks on Image Classification

ICLR: Black-Box Adversarial Attack with Transferable Model-based Embedding

ICLR: Robust Local Features for Improving the Generalization of Adversarial Training

ICLR: BREAKING CERTIFIED DEFENSES: SEMANTIC ADVERSARIAL EXAMPLES WITH SPOOFED ROBUSTNESS CERTIFICATES

ICLR: Optimal Strategies Against Generative Attacks

ICLR: Adversarially robust transfer learning

ICLR: Sign Bits Are All You Need for Black-Box Attacks

ICLR: Federated Adversarial Domain Adaptation

ICLR: Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness

ICLR: Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks

ICLR: Transferable Perturbations of Deep Feature Distributions

ICLR: Adversarial Training and Provable Defenses: Bridging the Gap

ICLR: Certified Robustness for Top-k Predictions against Adversarial Perturbations via Randomized Smoothing

19

CAMOU: Learning Physical Vehicle Camouflages to Adversarially Attack Detectors in the Wild | OpenReview

Beyond Pixel Norm-Balls: Parametric Adversaries using an Analytically Differentiable Renderer | OpenReview

PeerNets: Exploiting Peer Wisdom Against Adversarial Attacks | OpenReview

Boosting Robustness Certification of Neural Networks | OpenReview

ADef: an Iterative Algorithm to Construct Adversarial Deformations | OpenReview

Benchmarking Neural Network Robustness to Common Corruptions and Perturbations | OpenReview

On the Sensitivity of Adversarial Robustness to Input Data Distributions | OpenReview

Understanding and Improving Interpolation in Autoencoders via an Adversarial Regularizer | OpenReview

Robustness May Be at Odds with Accuracy | OpenReview

Adv-BNN: Improved Adversarial Defense through Robust Bayesian Neural Network | OpenReview

Training for Faster Adversarial Robustness Verification via Inducing ReLU Stability | OpenReview

Don't let your Discriminator be fooled | OpenReview

Cost-Sensitive Robustness against Adversarial Examples | OpenReview

Are adversarial examples inevitable? | OpenReview

Prior Convictions: Black-box Adversarial Attacks with Bandits and Priors | OpenReview

Adversarial Attacks on Graph Neural Networks via Meta Learning | OpenReview

Structured Adversarial Attack: Towards General Implementation and Better Interpretability | OpenReview

Adversarial Reprogramming of Neural Networks | OpenReview

Excessive Invariance Causes Adversarial Vulnerability | OpenReview

SPIGAN: Privileged Adversarial Learning from Simulation | OpenReview

Towards the first adversarially robust neural network model on MNIST | OpenReview

Improving the Generalization of Adversarial Training with Domain Adaptation | OpenReview

Generalizable Adversarial Training via Spectral Normalization | OpenReview

Rigorous Agent Evaluation: An Adversarial Approach to Uncover Catastrophic Failures | OpenReview

ImageNet-trained CNNs are biased towards texture; increasing shape bias improves accuracy and robustness | OpenReview

The Limitations of Adversarial Training and the Blind-Spot Attack | OpenReview

Combinatorial Attacks on Binarized Neural Networks | OpenReview

Query-Efficient Hard-label Black-box Attack: An Optimization-based Approach | OpenReview

Characterizing Audio Adversarial Examples Using Temporal Dependency | OpenReview

18

Spatially Transformed Adversarial Examples | OpenReview

Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models | OpenReview

Towards Deep Learning Models Resistant to Adversarial Attacks | OpenReview

Decision Boundary Analysis of Adversarial Examples | OpenReview

Stochastic Activation Pruning for Robust Adversarial Defense | OpenReview

Cascade Adversarial Machine Learning Regularized with a Unified Embedding | OpenReview

Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality | OpenReview

Thermometer Encoding: One Hot Way To Resist Adversarial Examples | OpenReview

Certified Defenses against Adversarial Examples | OpenReview

Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models | OpenReview

Adversarial Dropout Regularization | OpenReview

Generating Natural Adversarial Examples | OpenReview

Countering Adversarial Images using Input Transformations | OpenReview

Ensemble Adversarial Training: Attacks and Defenses | OpenReview

Certifying Some Distributional Robustness with Principled Adversarial Training | OpenReview

PixelDefend: Leveraging Generative Models to Understand and Defend against Adversarial Examples | OpenReview

Combating Adversarial Attacks Using Sparse Representations | OpenReview

On the Limitation of Local Intrinsic Dimensionality for Characterizing the Subspaces of Adversarial Examples | OpenReview

Attacking the Madry Defense Model with $L_1$-based Adversarial Examples | OpenReview

Black-box Attacks on Deep Neural Networks via Gradient Estimation | OpenReview

Intriguing Properties of Adversarial Examples | OpenReview

Adversarial Policy Gradient for Alternating Markov Games | OpenReview

17

[1611.01236] Adversarial Machine Learning at Scale

[1702.04267] On Detecting Adversarial Perturbations

[1611.02770] Delving into Transferable Adversarial Examples and Black-box Attacks

[1607.02533] Adversarial examples in the physical world

16

[1511.05122] Adversarial Manipulation of Deep Representations

15

[1412.6572] Explaining and Harnessing Adversarial Examples

[1412.5068] Towards Deep Neural Network Architectures Robust to Adversarial Examples

14

[1312.6199] Intriguing properties of neural networks

私の備忘録がないわね...私の...

画像処理とかプログラミングのお話。

ICLR14~21のadversarial examples関連論文リンク集

21

20

19

18

17

16

15

14