Cfa: Class-wise calibrated fair adversarial training
Adversarial training has been widely acknowledged as the most effective method to improve
the adversarial robustness against adversarial examples for Deep Neural Networks (DNNs) …
the adversarial robustness against adversarial examples for Deep Neural Networks (DNNs) …
Revisiting adversarial training for imagenet: Architectures, training and generalization across threat models
While adversarial training has been extensively studied for ResNet architectures and low
resolution datasets like CIFAR-10, much less is known for ImageNet. Given the recent …
resolution datasets like CIFAR-10, much less is known for ImageNet. Given the recent …
Balance, imbalance, and rebalance: Understanding robust overfitting from a minimax game perspective
Adversarial Training (AT) has become arguably the state-of-the-art algorithm for extracting
robust features. However, researchers recently notice that AT suffers from severe robust …
robust features. However, researchers recently notice that AT suffers from severe robust …
Robust principles: Architectural design principles for adversarially robust cnns
Our research aims to unify existing works' diverging opinions on how architectural
components affect the adversarial robustness of CNNs. To accomplish our goal, we …
components affect the adversarial robustness of CNNs. To accomplish our goal, we …
Terd: A unified framework for safeguarding diffusion models against backdoors
Diffusion models have achieved notable success in image generation, but they remain
highly vulnerable to backdoor attacks, which compromise their integrity by producing …
highly vulnerable to backdoor attacks, which compromise their integrity by producing …
Generalist: Decoupling natural and robust generalization
Deep neural networks obtained by standard training have been constantly plagued by
adversarial examples. Although adversarial training demonstrates its capability to defend …
adversarial examples. Although adversarial training demonstrates its capability to defend …
On the duality between sharpness-aware minimization and adversarial training
Adversarial Training (AT), which adversarially perturb the input samples during training, has
been acknowledged as one of the most effective defenses against adversarial attacks, yet …
been acknowledged as one of the most effective defenses against adversarial attacks, yet …
Sharpness-aware minimization alone can improve adversarial robustness
Sharpness-Aware Minimization (SAM) is an effective method for improving generalization
ability by regularizing loss sharpness. In this paper, we explore SAM in the context of …
ability by regularizing loss sharpness. In this paper, we explore SAM in the context of …
Revisiting Adversarial Training at Scale
The machine learning community has witnessed a drastic change in the training pipeline
pivoted by those" foundation models" with unprecedented scales. However the field of …
pivoted by those" foundation models" with unprecedented scales. However the field of …
Robust Distillation via Untargeted and Targeted Intermediate Adversarial Samples
Adversarially robust knowledge distillation aims to compress large-scale models into
lightweight models while preserving adversarial robustness and natural performance on a …
lightweight models while preserving adversarial robustness and natural performance on a …