Search Results for author:
Found 22 papers, 17 papers with code
Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving
Deep learning-based monocular depth estimation (MDE), extensively applied in autonomous driving, is known to be vulnerable to adversarial attacks.
Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
Furthermore, CA prevents the consequential model collapse, based on a novel metric, collapseness, which is incorporated into the optimization of perturbation.
Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights
Transferable adversarial examples raise critical security concerns in real-world, black-box attack scenarios.
Prompt Backdoors in Visual Prompt Learning
Specifically, the VPPTaaS provider optimizes a visual prompt given downstream data, and downstream users can use this prompt together with the large pre-trained model for prediction.
Composite Backdoor Attacks Against Large Language Models
Such a Composite Backdoor Attack (CBA) is shown to be stealthier than implanting the same multiple trigger keys in only a single component.
Turn Fake into Real: Adversarial Head Turn Attacks Against Deepfake Detection
Although effective deepfake detectors have been proposed, they are substantially vulnerable to adversarial attacks.
Generative Watermarking Against Unauthorized Subject-Driven Image Synthesis
In particular, to help the watermark survive the subject-driven synthesis, we incorporate the synthesis process in learning GenWatermark by fine-tuning the detector with synthesized images for a specific subject.
Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression
Perturbative availability poisons (PAPs) add small changes to images to prevent their use for model training.
Towards Good Practices in Evaluating Transfer Adversarial Attacks
In this work, we design good practices to address these limitations, and we present the first comprehensive evaluation of transfer attacks, covering 23 representative attacks against 9 defenses on ImageNet.
Generative Poisoning Using Random Discriminators
We introduce ShortcutGen, a new data poisoning attack that generates sample-dependent, error-minimizing perturbations by learning a generator.
Membership Inference Attacks by Exploiting Loss Trajectory
Machine learning models are vulnerable to membership inference attacks in which an adversary aims to predict whether or not a particular sample was contained in the target model's training dataset.
The Importance of Image Interpretation: Patterns of Semantic Misclassification in Real-World Adversarial Images
In this paper, we propose that adversarial images should be evaluated based on semantic mismatch, rather than label mismatch, as used in current work.
Level Up with RealAEs: Leveraging Domain Constraints in Feature Space to Strengthen Robustness of Android Malware Detection
Realistic attacks in the Android malware domain create Realizable Adversarial Examples (RealAEs), i. e., AEs that satisfy the domain constraints of Android malware.
Going Grayscale: The Road to Understanding and Improving Unlearnable Examples
Recent work has shown that imperceptible perturbations can be applied to craft unlearnable examples (ULEs), i. e. images whose content cannot be used to improve a classifier during training.
On Success and Simplicity: A Second Look at Transferable Targeted Attacks
In particular, we, for the first time, identify that a simple logit loss can yield competitive results with the state of the arts.
Adversarial Image Color Transformations in Explicit Color Filter Space
In particular, our color filter space is explicitly specified so that we are able to provide a systematic analysis of model robustness against adversarial color transformations, from both the attack and defense perspectives.
Profile Consistency Identification for Open-domain Dialogue Agents
Maintaining a consistent attribute profile is crucial for dialogue agents to naturally converse with humans.
Adversarial Color Enhancement: Generating Unrestricted Adversarial Images by Optimizing a Color Filter
We introduce an approach that enhances images using a color filter in order to create adversarial effects, which fool neural networks into misclassification.
Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance
The success of image perturbations that are designed to fool image classifier is assessed in terms of both adversarial effect and visual imperceptibility.
Who's Afraid of Adversarial Queries? The Impact of Image Modifications on Content-based Image Retrieval
An adversarial query is an image that has been modified to disrupt content-based image retrieval (CBIR) while appearing nearly untouched to the human eye.
From Volcano to Toyshop: Adaptive Discriminative Region Discovery for Scene Recognition
As deep learning approaches to scene recognition emerge, they have continued to leverage discriminative regions at multiple scales, building on practices established by conventional image classification research.
