ICLR14~21のadversarial examples関連論文リンク集
目視で判断したので、間違っていたり抜けてたりするかもしれませんが、ご容赦ください。
21
Geometry-aware Instance-reweighted Adversarial Training | OpenReview
Improving Adversarial Robustness via Channel-wise Activation Suppressing | OpenReview
Deep Neural Network Fingerprinting by Conferrable Adversarial Examples | OpenReview
How Benign is Benign Overfitting ? | OpenReview
Stabilized Medical Image Attacks | OpenReview
Learning perturbation sets for robust machine learning | OpenReview
Removing Undesirable Feature Contributions Using Out-of-Distribution Data | OpenReview
Robust Reinforcement Learning on State Observations with Learned Optimal Adversary | OpenReview
Efficient Certified Defenses Against Patch Attacks on Image Classifiers | OpenReview
Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits | OpenReview
DICE: Diversity in Deep Ensembles via Conditional Redundancy Adversarial Estimation | OpenReview
Understanding the failure modes of out-of-distribution generalization | OpenReview
Effective and Efficient Vote Attack on Capsule Networks | OpenReview
Contrastive Learning with Adversarial Perturbations for Conditional Text Generation | OpenReview
Bag of Tricks for Adversarial Training | OpenReview
Policy-Driven Attack: Learning to Query for Hard-label Black-box Adversarial Examples | OpenReview
Perceptual Adversarial Robustness: Defense Against Unseen Threat Models | OpenReview
Deep Partition Aggregation: Provable Defenses against General Poisoning Attacks | OpenReview
On Fast Adversarial Robustness Adaptation in Model-Agnostic Meta-Learning | OpenReview
Adversarially-Trained Deep Nets Transfer Better: Illustration on Image Classification | OpenReview
Online Adversarial Purification based on Self-supervised Learning | OpenReview
Self-supervised Adversarial Robustness for the Low-label, High-data Regime | OpenReview
Robust Overfitting may be mitigated by properly learned smoothening | OpenReview
WaNet - Imperceptible Warping-based Backdoor Attack | OpenReview
ARMOURED: Adversarially Robust MOdels using Unlabeled data by REgularizing Diversity | OpenReview
Fooling a Complete Neural Network Verifier | OpenReview
20
ICLR: Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks
ICLR: Skip Connections Matter: On the Transferability of Adversarial Examples Generated with ResNets
ICLR: Sign-OPT: A Query-Efficient Hard-label Adversarial Attack
ICLR: FreeLB: Enhanced Adversarial Training for Natural Language Understanding
ICLR: Empirical Studies on the Properties of Linear Regions in Deep Neural Networks
ICLR: Detecting and Diagnosing Adversarial Images with Class-Conditional Capsule Reconstructions
ICLR: Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness
ICLR: Provable robustness against all adversarial $l_p$-perturbations for $p\geq 1$
ICLR: Jacobian Adversarially Regularized Networks for Robustness
ICLR: Implicit Bias of Gradient Descent based Adversarial Training on Separable Data
ICLR: MMA Training: Direct Input Space Margin Maximization through Adversarial Training
ICLR: Adversarial Policies: Attacking Deep Reinforcement Learning
ICLR: MACER: Attack-free and Scalable Robust Training via Maximizing Certified Radius
ICLR: Enhancing Adversarial Defense by k-Winners-Take-All
ICLR: Intriguing Properties of Adversarial Training at Scale
ICLR: Fooling Detection Alone is Not Enough: Adversarial Attack against Multiple Object Tracking
ICLR: Certified Defenses for Adversarial Patches
ICLR: Fast is better than free: Revisiting adversarial training
ICLR: Towards neural networks that provably know when they don't know
ICLR: GAT: Generative Adversarial Training for Adversarial Example Detection and Classification
ICLR: Improving Adversarial Robustness Requires Revisiting Misclassified Examples
ICLR: BayesOpt Adversarial Attack
ICLR: Robust anomaly detection and backdoor attack detection via differential privacy
ICLR: Adversarially Robust Representations with Smooth Encoders
ICLR: Prediction Poisoning: Towards Defenses Against DNN Model Stealing Attacks
ICLR: Unrestricted Adversarial Examples via Semantic Manipulation
ICLR: Defending Against Physically Realizable Attacks on Image Classification
ICLR: Black-Box Adversarial Attack with Transferable Model-based Embedding
ICLR: Robust Local Features for Improving the Generalization of Adversarial Training
ICLR: Optimal Strategies Against Generative Attacks
ICLR: Adversarially robust transfer learning
ICLR: Sign Bits Are All You Need for Black-Box Attacks
ICLR: Federated Adversarial Domain Adaptation
ICLR: Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness
ICLR: Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks
ICLR: Transferable Perturbations of Deep Feature Distributions
ICLR: Adversarial Training and Provable Defenses: Bridging the Gap
19
PeerNets: Exploiting Peer Wisdom Against Adversarial Attacks | OpenReview
Boosting Robustness Certification of Neural Networks | OpenReview
ADef: an Iterative Algorithm to Construct Adversarial Deformations | OpenReview
Benchmarking Neural Network Robustness to Common Corruptions and Perturbations | OpenReview
On the Sensitivity of Adversarial Robustness to Input Data Distributions | OpenReview
Robustness May Be at Odds with Accuracy | OpenReview
Adv-BNN: Improved Adversarial Defense through Robust Bayesian Neural Network | OpenReview
Training for Faster Adversarial Robustness Verification via Inducing ReLU Stability | OpenReview
Don't let your Discriminator be fooled | OpenReview
Cost-Sensitive Robustness against Adversarial Examples | OpenReview
Are adversarial examples inevitable? | OpenReview
Prior Convictions: Black-box Adversarial Attacks with Bandits and Priors | OpenReview
Adversarial Attacks on Graph Neural Networks via Meta Learning | OpenReview
Adversarial Reprogramming of Neural Networks | OpenReview
Excessive Invariance Causes Adversarial Vulnerability | OpenReview
SPIGAN: Privileged Adversarial Learning from Simulation | OpenReview
Towards the first adversarially robust neural network model on MNIST | OpenReview
Improving the Generalization of Adversarial Training with Domain Adaptation | OpenReview
Generalizable Adversarial Training via Spectral Normalization | OpenReview
Rigorous Agent Evaluation: An Adversarial Approach to Uncover Catastrophic Failures | OpenReview
The Limitations of Adversarial Training and the Blind-Spot Attack | OpenReview
Combinatorial Attacks on Binarized Neural Networks | OpenReview
Query-Efficient Hard-label Black-box Attack: An Optimization-based Approach | OpenReview
Characterizing Audio Adversarial Examples Using Temporal Dependency | OpenReview
18
Spatially Transformed Adversarial Examples | OpenReview
Towards Deep Learning Models Resistant to Adversarial Attacks | OpenReview
Decision Boundary Analysis of Adversarial Examples | OpenReview
Stochastic Activation Pruning for Robust Adversarial Defense | OpenReview
Cascade Adversarial Machine Learning Regularized with a Unified Embedding | OpenReview
Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality | OpenReview
Thermometer Encoding: One Hot Way To Resist Adversarial Examples | OpenReview
Certified Defenses against Adversarial Examples | OpenReview
Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models | OpenReview
Adversarial Dropout Regularization | OpenReview
Generating Natural Adversarial Examples | OpenReview
Countering Adversarial Images using Input Transformations | OpenReview
Ensemble Adversarial Training: Attacks and Defenses | OpenReview
Certifying Some Distributional Robustness with Principled Adversarial Training | OpenReview
Combating Adversarial Attacks Using Sparse Representations | OpenReview
Attacking the Madry Defense Model with $L_1$-based Adversarial Examples | OpenReview
Black-box Attacks on Deep Neural Networks via Gradient Estimation | OpenReview
Intriguing Properties of Adversarial Examples | OpenReview
Adversarial Policy Gradient for Alternating Markov Games | OpenReview
17
[1611.01236] Adversarial Machine Learning at Scale
[1702.04267] On Detecting Adversarial Perturbations
[1611.02770] Delving into Transferable Adversarial Examples and Black-box Attacks
[1607.02533] Adversarial examples in the physical world
16
[1511.05122] Adversarial Manipulation of Deep Representations
15
[1412.6572] Explaining and Harnessing Adversarial Examples
[1412.5068] Towards Deep Neural Network Architectures Robust to Adversarial Examples