0%

NIPS2022对抗攻击&防御论文汇总

来自:NeurIPS 2022

参考:https://zhuanlan.zhihu.com/p/588881767

攻击

On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses

Adversarial Attack on Attackers: Post-Process to Mitigate Black-Box Score-Based Query Attacks

GAMA: Generative Adversarial Multi-Object Scene Attacks

BadPrompt: Backdoor Attacks on Continuous Prompts

VoiceBox: Privacy through Real-Time Adversarial Attacks with Audio-to-Audio Models

Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias

Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial Removal

Revisiting Injective Attacks on Recommender Systems

Perceptual Attacks of No-Reference lmage Quality Models with Human-in-the-Loop

Marksman Backdoor: Backdoor Attacks with Arbitrary Target Class

Learning to Attack Federated Learning: A Model-based Reinforcement Learning Attack Framework

Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation

Adv-Attribute: lnconspicuous and Transferable Adversarial Attack on Face Recognition

Black box Attacks via Surrogate Ensemble Search

Natural Color Fool : Towards Boosting Black-box Unrestricted Attacks

Towards Lightweight Black-Box Attack Against Deep Neural Networks

Practical Adversarial Attacks on Spatiotemporal Traffic Forecasting Models

One-shot Neural Backdoor Erasing via Adversarial Weight Masking Pre-trained Adversarial Perturbations

lsometric 3D Adversarial Examples in the Physical World

Adv-Attribute: Inconspicuous and Transferable Adversarial Attack on Face Recognition

MORA: Improving Ensemble Robustness Evaluation with Model Reweighing Attack

Autoregressive Perturbations for Data Poisoning

Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch

BadPrompt: Backdoor Attacks on Continuous Prompts

Amplifying Membership Exposure via Data Poisoning

Handcrafted Backdoors in Deep Neural Networks

Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection

Lethal Dose Conjecture on Data Poisoning

Robust Feature-Level Adversaries are Interpretability Tools

防御

MORA: Improving Ensemble Robustness Evaluation with Model Reweighing Attack

Adversarial Robustness is at Odds with Lazy Training

Defending Against Adversarial Attacks via Neural Dynamic System

A2: Efficient Automated Attacker for Boosting Adversarial Training

Randomized Channel Shuffling: Minimal-Overhead Backdoor Attack Detection without Clean Datasets

Friendly Noise against Adversarial Noise: A Powerful Defense against Data Poisoning Attack

Adversarial Training with Complementary Labels: On the Benefit of Gradually Informative Attacks

Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork

Efficient Adversarial Training without Attacking: Worst-Case-Aware Robust Reinforcement Learning

Formulating Robustness Against Unforeseen Attacks

Alleviating Adversarial Attacks on Variational Autoencoders with MCMC

Adversarial training for high-stakes reliability

Phase Transition from Clean Training to Adversarial Training

Why Do Artificially Generated Data Help Adversarial Robustness

Toward Robust Spiking Neural Network Against Adversarial Perturbation

MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples

SNN-RAT:Robustness-enhanced Spiking Neural Network through Regularized Adversarial Training

A CloserLook at the Adversarial Robustness of Deep Equilibrium Models

Make Some Noise: Reliable and Efficient Single-Step Adversarial Training

CalFAT: Calibrated Federated Adversarial Training with Label Skewness

Enhance the Visual Representation via Discrete Adversarial Training

Explicit Tradeoffs between Adversarial and Natural Distributional Robustness

Label Noise in Adversarial Training: A Novel Perspective to Study Robust Overfittingview

Adversarialy Robust Learning: A Generic Minimax Optimal Learner and Characterization

Boosting Barely Robust Learners: A New Perspective on Adversarial Robustness

Stability Analysis and Generalization Bounds of Adversarial Training

Efficient and Effective Augmentation Strategy for Adversarial Training

lmproving Adversarial Robustness of Vision Transformers

Random Normalization Aggregation for Adversarial Defense

DISCo: Adversarial Defense with Local lmplicit Functions

Synergy-of-Experts : Collaborate to Improve Adversarial Robustness

ViewFool: Evaluating the Robustness of Visual Recognition to Adversarial Viewpoints

Rethinking Lipschitz Neural Networks for Certified L-infinity Robustness

Understanding and Improving Robustness of Vision Transformers through Patch-based Negative Augmentation

其他

Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples

Can AdversarialTraining Be Manipulated By Non-Robust Features?

A Characterization of Semi-Supervised Adversarially Robust PAC Learnability

Are AlphaZero-like Agents Robust to Adversarial Perturbations?

On the Adversarial Robustness of Mixture of Experts

Increasing Confidence in Adversarial Robustness Evaluations

What Can the Neural Tangent Kernel Tell Us About Adversarial Robustness?