2023). However, there is a research void in studying the impact of adversarial attacks on the generation of visualizations. 2.2 Vulnerabilities of visualizations Visualizations can become obscure, misleading, and even deceptive as a consequence of poorly prepared data (Song and Szafir 2019), ...
Even though deep learning has allowed for significant advances in the last decade, it is still vulnerable to adversarial attacks - inputs that, despite looking similar to clean data, can force neural networks to make incorrect predictions. Moreover, deep learning models usually act as a black ...
To this end, we repeated our experiments with another CNN model, the BiT, which is similar to the original ResNet, but has more parameters and is trained on more data during pretraining. We found that BiT was even more susceptible to adversarial attacks than the baseline ResNet (Table 1)...
Man in the Middle (MitM) adversarial attacks are crafted while transmitting data w from the acquisition device to the classifier. The attacker can see the content within the protected blocks, but cannot modify them. We work therefore under the assumption of a white box scenario, and cover with...
Dtest = {xi}Ni=1 is unla- belled testing data containing N test samples. We denote a set of adversarial attacks by Aattack = {Aj}Kj=1 where K is the number of different attacks. The ith test sample xi is perturbed by any attack Aj ∈ Aattack that fools the network ′ Tm ...
Both the IMDB and SST-2 data sets are classified into two categories, namely positive and negative. The mean sentence length of the SST-2 dataset is much smaller than that of IMDB dataset. This makes adversarial attacks on the SST-2 dataset more difficult. We also experimented with the ...
Improving Adversarial Transferability via Neuron Attribution-Based Attacks. [pdf] [code] Jianping Zhang, Weibin Wu, Jen-tse Huang, Yizhan Huang, Wenxuan Wang, Yuxin Su, Michael R. Lyu. CVPR, 2022. On Improving Adversarial Transferability of Vision Transformers. [pdf] [code] Muzammal Naseer, Kan...
3) Evidenced by extensive experiments, the ASR of Sibling- Attack significantly outperforms current SOTA single-task attacks on the widely-adopted and large-scale FR bench- marks, particularly, several online commercial FR systems, which is aligned with our ass...
Attribution Attacks GD (dot) 0.76(-15%) 0.65 0.54(-12%) 0.40 Attribution Attacks GL (ℓ2) 0.75(-16%) 0.65 0.54(-13%) 0.40 GC (cos) 0.75(-16%) 0.65 0.54(-11%) 0.41 Inference Attacks Sym 0.56(-37%) 0.24 0.51(-17%) 0.38 Inference Attacks Inv 0.80(-10%) 0.79 0.53(-14%) ...
Adversarial training (AT) has been widely recognized as the most effective defense approach against adversarial attacks on deep neural networks and it is formulated as a min-max optimization. Most AT algorithms are geared towards research-oriented datasets such as MNIST, CIFAR10, etc., where the ...