Search Results for author:
Found 8 papers, 0 papers with code
Symmetry Defense Against XGBoost Adversarial Perturbation Attacks
We apply and evaluate the GBDT symmetry defense for nine datasets against six perturbation attacks with a threat model that ranges from zero-knowledge to perfect-knowledge adversaries.
Symmetry Defense Against CNN Adversarial Perturbation Attacks
To classify an image when adversaries are unaware of the defense, we apply symmetry to the image and use the classification label of the symmetric image.
Delving into the pixels of adversarial samples
Motivated by instances that we find where strong attacks do not transfer, we delve into adversarial examples at pixel level to scrutinize how adversarial attacks affect image pixel values.
Target Training Does Adversarial Training Without Adversarial Samples
Using adversarial samples against attacks that do not minimize perturbation, Target Training exceeds current best defense ($69. 1$%) with $76. 4$% against CW-L$_2$($\kappa=40$) in CIFAR10.
Target Training: Tricking Adversarial Attacks to Fail
Our Target Training defense tricks the minimization at the core of untargeted, gradient-based adversarial attacks: minimize the sum of (1) perturbation and (2) classifier adversarial loss.
Tricking Adversarial Attacks To Fail
Our Target Training defense tricks the minimization at the core of untargeted, gradient-based adversarial attacks: minimize the sum of (1) perturbation and (2) classifier adversarial loss.
Minimax Defense against Gradient-based Adversarial Attacks
Our Minimax adversarial approach presents a significant shift in defense strategy for neural network classifiers.
AutoGAN: Robust Classifier Against Adversarial Attacks
For different magnitudes of perturbation in training and testing, AutoGAN can surpass the accuracy of FGSM method by up to 25\% points on samples perturbed using FGSM.
