本文主要是研究黑盒 (black-box)条件下,基于本地已知替代模型(也可以说是白盒模型)进行迁移性对抗样本 (transfer-based attack)的生成。相比于State-of-the-art方法,我们在普通模型上平均可以提高3.7%个点,而在防御模型上,我们的方法可以平均提高接近10%。 Contribution: 提出了一种新颖的p
Motivated by this, we propose a patch-wise iterative algorithm\n-- a black-box attack towards mainstream normally trained and defense models,\nwhich differs from the existing attack methods manipulating pixel-wise noise.\nIn this way, without sacrificing the performance of white-box attack, our\...
【论文笔记】Patch-wise Attack for Fooling Deep Neural Network & Patch-wise++ Perturbation Targeted Attacks,程序员大本营,技术文章内容聚合第一站。
[最近成果] Patch-wise Attack for Fooling Deep Neural Network (ECCV2020),程序员大本营,技术文章内容聚合第一站。
Patch-wise Iterative Attack (accpeted by ECCV2020) This is the Tensorflow code for our paper Patch-wise Attack for Fooling Deep Neural Network, and Pytorch version can be found at here. In our paper, we propose a novel Patch-wise Iterative Method by using the amplification factor and guiding...
针对ViT做的hard-label attack,考虑ViT是基于划分图像patch进行识别,所以将图像划分,根据模型对每个patch的敏感度进行噪声消除,相比全图或者局部噪声消减,效率更高。算法名为Patch-wise Adversarial Removal (PAR)。 1 Introduction 随着ViT在CV领域的火热,对抗攻击也被应用在ViT上评估鲁棒性。现有的针对ViT的攻击主要是白...
组件的直接依赖及间接依赖解析 组件安全漏洞分析,快速定位漏洞影响范围并及时修复 可视化SBOM(软件物料清单),助力快速梳理内部软件资产 企业级核心引擎,更高检出更低误报 拥有企业级SCA核心检测引擎及分析引擎 基于海量知识库,多源SCA开源应用安全缺陷检测等算法,对特征文件进行精准识别,提高组件的检出率 使用方式...
Qilong ZhangUniversity of Electronic Science and Technology of ChinaJingkuan SongUniversity of Electronic Science and Technology of ChinaXianglong LiuBeihang UniversityHeng Tao ShenUniversity of Electronic Science and Technology of ChinaSpringer, Cham
To mitigate this problem, the authors propose a Deep Patch‐wise Supervision Presentation Attack Detection (DPS‐PAD) model approach that combines pixel‐wise binary supervision with patch‐based CNN. The authors' experiments show that the proposed patch‐based method forces the model not t...
point clouddeep neural networkcritical pointsadversarial attackThe 3D point cloud deep neural network (3D DNN) has achieved remarkable success, but its black-box nature hinders its application in many safety-critical domains. The saliency map technique is a key method to look inside the black-box...