STDatav2: Accessing Efficient Black-Box Stealing for Adversarial Attacks
On account of the extreme settings, stealing the black-box model without its training data is
difficult in practice. On this topic, along the lines of data diversity, this paper substantially …
difficult in practice. On this topic, along the lines of data diversity, this paper substantially …
Defenses in adversarial machine learning: A survey
Adversarial phenomenon has been widely observed in machine learning (ML) systems,
especially in those using deep neural networks, describing that ML systems may produce …
especially in those using deep neural networks, describing that ML systems may produce …
Certifiable Black-Box Attacks with Randomized Adversarial Examples: Breaking Defenses with Provable Confidence
Black-box adversarial attacks have demonstrated strong potential to compromise machine
learning models by iteratively querying the target model or leveraging transferability from a …
learning models by iteratively querying the target model or leveraging transferability from a …
Stateful defenses for machine learning models are not yet secure against black-box attacks
Recent work has proposed stateful defense models (SDMs) as a compelling strategy to
defend against a black-box attacker who only has query access to the model, as is common …
defend against a black-box attacker who only has query access to the model, as is common …
Investigating catastrophic overfitting in fast adversarial training: a self-fitting perspective
Although fast adversarial training provides an efficient approach for building robust
networks, it may suffer from a serious problem known as catastrophic overfitting (CO), where …
networks, it may suffer from a serious problem known as catastrophic overfitting (CO), where …
Attacks in adversarial machine learning: A systematic survey from the life-cycle perspective
Adversarial machine learning (AML) studies the adversarial phenomenon of machine
learning, which may make inconsistent or unexpected predictions with humans. Some …
learning, which may make inconsistent or unexpected predictions with humans. Some …
SAT: A Selective Adversarial Training Approach for WiFi-based Human Activity Recognition
Recently, the continuous evolution of deep learning has opened up promising avenues to
groundbreaking advancements in wireless sensing systems, which significantly enhance the …
groundbreaking advancements in wireless sensing systems, which significantly enhance the …
Adversarial Training on Purification (AToP): Advancing Both Robustness and Generalization
The deep neural networks are known to be vulnerable to well-designed adversarial attacks.
The most successful defense technique based on adversarial training (AT) can achieve …
The most successful defense technique based on adversarial training (AT) can achieve …
BlackboxBench: A Comprehensive Benchmark of Black-box Adversarial Attacks
Adversarial examples are well-known tools to evaluate the vulnerability of deep neural
networks (DNNs). Although lots of adversarial attack algorithms have been developed, it is …
networks (DNNs). Although lots of adversarial attack algorithms have been developed, it is …
Random transformations to improve mitigation of query-based black-box attacks
This paper proposes methods to upstage the best-known defences against query-based
black-box attacks. These benchmark defences incorporate gaussian noise into input data …
black-box attacks. These benchmark defences incorporate gaussian noise into input data …