Search Results for author:
Found 23 papers, 8 papers with code
Knowledge Assembly: Semi-Supervised Multi-Task Learning from Multiple Datasets with Disjoint Labels
In real-world scenarios we often need to perform multiple tasks simultaneously.
Booster-SHOT: Boosting Stacked Homography Transformations for Multiview Pedestrian Detection with Attention
Improving multi-view aggregation is integral for multi-view pedestrian detection, which aims to obtain a bird's-eye-view pedestrian occupancy map from images captured through a set of calibrated cameras.
Privacy Safe Representation Learning via Frequency Filtering Encoder
We further conduct a user study to qualitatively assess our defense of the reconstruction attack.
Investigating Top-$k$ White-Box and Transferable Black-box Attack
It is widely reported that stronger I-FGSM transfers worse than simple FGSM, leading to a popular belief that transferability is at odds with the white-box attack strength.
Investigating Top-k White-Box and Transferable Black-Box Attack
It is widely reported that stronger I-FGSM transfers worse than simple FGSM, leading to a popular belief that transferability is at odds with the white-box attack strength.
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs
Thus, it is critical for the community to know whether the newly proposed ViT and MLP-Mixer are also vulnerable to adversarial attacks.
Early Stop And Adversarial Training Yield Better surrogate Model: Very Non-Robust Features Harm Adversarial Transferability
The transferability of adversarial examples (AE); known as adversarial transferability, has attracted significant attention because it can be exploited for TransferableBlack-box Attacks (TBA).
Universal Adversarial Training with Class-Wise Perturbations
The SOTA universal adversarial training (UAT) method optimizes a single perturbation for all training samples in the mini-batch.
A Brief Survey on Deep Learning Based Data Hiding
Data hiding is the art of concealing messages with limited perceptual changes.
A Survey On Universal Adversarial Attack
The intriguing phenomenon of adversarial examples has attracted significant attention in machine learning and what might be more surprising to the community is the existence of universal adversarial perturbations (UAPs), i. e. a single perturbation to fool the target DNN for most images.
Universal Adversarial Perturbations Through the Lens of Deep Steganography: Towards A Fourier Perspective
We perform task-specific and joint analysis and reveal that (a) frequency is a key factor that influences their performance based on the proposed entropy metric for quantifying the frequency distribution; (b) their success can be attributed to a DNN being highly sensitive to high-frequency content.
Data-Free Universal Adversarial Perturbation and Black-Box Attack
For a more practical universal attack, our investigation of untargeted UAP focuses on alleviating the dependence on the original training samples, from removing the need for sample labels to limiting the sample size.
Towards Robust Data Hiding Against (JPEG) Compression: A Pseudo-Differentiable Deep Learning Approach
Recently, deep learning has shown large success in data hiding, while non-differentiability of JPEG makes it challenging to train a deep pipeline for improving robustness against lossy compression.
UDH: Universal Deep Hiding for Steganography, Watermarking, and Light Field Messaging
This is the first work demonstrating the success of (DNN-based) hiding a full image for watermarking and LFM.
Robustness May Be at Odds with Fairness: An Empirical Study on Class-wise Accuracy
Adversarial training is the most widely used technique for improving adversarial robustness to strong white-box attacks.
Double Targeted Universal Adversarial Perturbations
This universal perturbation attacks one targeted source class to sink class, while having a limited adversarial effect on other non-targeted source classes, for avoiding raising suspicions.
CD-UAP: Class Discriminative Universal Adversarial Perturbation
Since the proposed attack generates a universal adversarial perturbation that is discriminative to targeted and non-targeted classes, we term it class discriminative universal adversarial perturbation (CD-UAP).
Batch Normalization Increases Adversarial Vulnerability and Decreases Adversarial Transferability: A Non-Robust Feature Perspective
This work attempts to understand the impact of BN on DNNs from a non-robust feature perspective.
Revisiting Batch Normalization for Improving Corruption Robustness
We find that simply estimating and adapting the BN statistics on a few (32 for instance) representation samples, without retraining the model, improves the corruption robustness by a large margin on several benchmark datasets with a wide range of model architectures.
Understanding Adversarial Examples from the Mutual Influence of Images and Perturbations
We utilize this vector representation to understand adversarial examples by disentangling the clean images and adversarial perturbations, and analyze their influence on each other.
Data from Model: Extracting Data from Non-robust and Robust Models
We repeat the process of Data to Model (DtM) and Data from Model (DfM) in sequence and explore the loss of feature mapping information by measuring the accuracy drop on the original validation dataset.
Propose-and-Attend Single Shot Detector
We present a simple yet effective prediction module for a one-stage detector.
