adversarial sample
Ask, Attend, Attack: An Effective Decision-Based Black-Box Targeted Attack for Image-to-Text Models
Despite the remarkable progress, they are vulnerable to deliberate attacks, giving rise to concerns about the reliability and trustworthiness of these models in real-world scenarios.
- Research Report > Experimental Study (0.93)
- Research Report > New Finding (0.67)
- Information Technology (0.69)
- Transportation > Air (0.52)
- Government (0.47)
- Health & Medicine (0.46)
- Research Report > Promising Solution (0.47)
- Research Report > New Finding (0.46)
Multimodal Adversarial Attacks on Vision-Language Tasks via Pre-trained Models Ziyi Yin 1 Muchao Y e
Vision-Language (VL) pre-trained models have shown their superiority on many multimodal tasks. However, the adversarial robustness of such models has not been fully explored. Existing approaches mainly focus on exploring the adversarial robustness under the white-box setting, which is unrealistic. In this paper, we aim to investigate a new yet practical task to craft image and text perturbations using pre-trained VL models to attack black-box fine-tuned models on different downstream tasks.
- North America > United States > Pennsylvania (0.04)
- North America > United States > New York > Suffolk County > Stony Brook (0.04)
- North America > United States > Georgia > Fulton County > Atlanta (0.04)
- (2 more...)
- Information Technology > Security & Privacy (1.00)
- Government (0.84)
United We Stand, Divided We Fall: Fingerprinting Deep Neural Networks via Adversarial Trajectories
In recent years, deep neural networks (DNNs) have witnessed extensive applications, and protecting their intellectual property (IP) is thus crucial. As a noninvasive way for model IP protection, model fingerprinting has become popular.
- North America > Canada > Ontario > Toronto (0.04)
- Asia > China > Hubei Province > Wuhan (0.04)
Cross-Modal Learning with Adversarial Samples
CHAO LI, Shangqian Gao, Cheng Deng, De Xie, Wei Liu
A novel cross-modal adversarial sample learning algorithm is presented.
- North America > United States > Pennsylvania > Allegheny County > Pittsburgh (0.04)
- North America > Canada > British Columbia > Metro Vancouver Regional District > Vancouver (0.04)
- Asia > China > Shaanxi Province > Xi'an (0.04)
Attacks Meet Interpretability: Attribute-steered Detection of Adversarial Samples
Guanhong Tao, Shiqing Ma, Yingqi Liu, Xiangyu Zhang
Adversarial sample attacks perturb benign inputs to induce DNN misbehaviors. Recent research has demonstrated the widespread presence and the devastating consequences of such attacks.
AppendixofSynergy-of-experts 1 TheoreticalProofs
From Figure 1(a), learning multiple linear sub-models and averaging the predictions (ensemble) is still a linear model, so it cannot tackleXOR problem. We compare the training cost of all methods from the two aspects;1). Thesub-model training enables themost adversarial attacks ofsub-models could be successfully defended. In particular, we train two kinds of models to defend against the attacks: 1). FromFigure2(a)and2(b),when0.01 ϵ 0.04, SoE without the collaboration training achieves a similar robustness compared with SoE.
