ECCV2022对抗攻击&防御文章汇总
Accepted papers | ECCV2022 (ecva.net)
参考:ECCV2022 对抗样本方面论文 - 知乎 (zhihu.com)
攻击
Frequency Domain Model Augmentation for Adversarial Attack
Adversarially-Aware Robust Object Detector
A Perturbation-Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow
Physical Attack on Monocular Depth Estimation with Optimal Adversarial Patches
Shape Matters: Deformable Patch Attack
LGV: Boosting Adversarial Example Transferability from Large Geometric Vicinity
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks
Adaptive Image Transformations for Transfer-based Adversarial Attack
AdvDO: Realistic Adversarial Attacks for Trajectory Prediction
Triangle Attack: A Query-efficient Decision-based Adversarial Attack
Adversarial Label Poisoning Attack on Graph Neural Networks via Label Propagation
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection
Watermark Vaccine: Adversarial Attacks to Prevent Watermark Removal
GradAuto: Energy-oriented Attack on Dynamic Neural Networks
TAFIM: Targeted Adversarial Attacks against Facial Image Manipulations
Black-Box Dissector: Towards Erasing-based Hard-Label Model Stealing Attack
防御
Improving Robustness by Enhancing Weak Subnets
Decoupled Adversarial Contrastive Learning for Self-supervised Adversarial Robustness
Prior-Guided Adversarial Initialization for Fast Adversarial Training
Enhanced Accuracy and Robustness via Multi-Teacher Adversarial Distillation
Learning Robust and Lightweight Model through Separable Structured Transformations
All You Need is RAW: Defending Against Adversarial Attacks with Camera Image Pipelines
\(l_{\infty}\)Robustness and Beyond: Unleashing Efficient Adversarial Training
One Size Does NOT Fit All: Data-Adaptive Adversarial Training
Revisiting Outer Optimization in Adversarial Training
Scaling Adversarial Training to Large Perturbation Bounds
ViP: Unified Certified Detection and Recovery for Patch Attack with Vision Transformers
Effective Presentation Attack Detection Driven by Face Related Task
Adversarially-Aware Robust Object Detector
Towards Efficient Adversarial Training on Vision Transformers
Revisiting Outer Optimization in Adversarial Training
其他
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN
An Invisible Black-box Backdoor Attack through Frequency Domain
Exploring the Devil in Graph Spectral Domain for 3D Point Cloud Attacks
Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning
Zero-Shot Attribute Attacks on Fine-Grained Recognition Models
An Impartial Take to the CNN vs Transformer Robustness Contest