RobustTestingandEstimationunderManipulationAttacksJayadevAcharya1ZitengSun1HuanyuZhang1Abstractchallengesaboveexistsimultaneously.Motivatedbytheirwork,wefurtherstudymanipulationAttacksforinferenceW...
RobustLearningforDataPoisoningAttacksYunjuanWang1PooryaMianjy1RamanArora1Abstractinsettingswhereanadversarycanaffectanypartofthetrainingdata.Therefore,inthispaper,weareinterestedinWeinvestigatether...
QueryComplexityofAdversarialAttacksGrzegorzGłuch1Ru¨digerUrbanke1Abstract2018;Hayes&Danezis,2017)canonlyobservetheinput-outputbehaviorofthemodel.ManydefenseshavebeenTherearetwomainattackmodelscon...
NeuralTangentGeneralizationAttacksChia-HungYuan1Shan-HungWu1Abstractdata.TheymaynotwanttheirdatabeingusedtotrainamasssurveillancemodelormusicgeneratorthatviolatesTheremarkableperformanceachievedbyD...
Model-TargetedPoisoningAttackswithProvableConvergenceFnuSuya1SaeedMahloujifar2AnshumanSuri1DavidEvans1YuanTian1AbstractMostworkonpoisoningAttackshasconsideredoneoftwoextremalattackerobjectives:indi...
Label-OnlyMembershipInferenceAttacksChristopherA.Choquette-Choo1FlorianTrame`r2NicholasCarlini3NicolasPapernot1Abstractcauseharm—itleaksinformationaboutspecificindividualsinsteadoftheentirepopulat...
LabelInferenceAttacksfromLog-lossScoresAbhinavAggarwal1ShivaPrasadKasiviswanathan1ZekunXu1OluwaseyiFeyisetan1NathanaelTeissier1AbstractthatPNi=1ui,k=1.Let2[K]Nbealabeling.Then,theK-arylog-loss(or,c...
SPECTRE:DefendingAgainstBackdoorAttacksUsingRobustStatisticsJonathanHayase1WeihaoKong1RaghavSomani1SewoongOh1AbstractaccuracyonpoisonedtestexamplesStartingwiththeseminalworkof(Guetal.,2017),thereha...
StrongerandFasterWassersteinAdversarialAttacksKaiwenWu12AllenHouzeWang12YaoliangYu12Abstract✏=0.05✏=0.10✏=0.20✏=0.40Deepmodels,whilebeingextremelyflexibleand`1accurate,aresurprisinglyvulnerable...
Second-OrderProvableDefensesagainstAdversarialAttacksSahilSingla1SoheilFeizi1Abstract1.IntroductionArobustnesscertificateagainstadversarialexam-Modernneuralnetworksachievehighaccuracyontasksplesist...
Confidence-CalibratedAdversarialTraining:GeneralizingtoUnseenAttacksDavidStutz1MatthiasHein2BerntSchiele1AbstractAdversarialTraining(AT):Ours(CCAT):Adversarialtrainingyieldsrobustmodelsagainsttrain...
CertifiedRobustnesstoLabel-FlippingAttacksviaRandomizedSmoothingElanRosenfeld1EzraWinston1PradeepRavikumar1J.ZicoKolter12Abstractuser-generateddatasets—e.g.emailspamfilters,productrecommendationen...
AttacksWhichDoNotKillTrainingMakeAdversarialLearningStrongerJingfengZhang1†XilieXu2BoHan34GangNiu4LizhenCui5MasashiSugiyama46MohanKankanhalli1Abstractsitatestheneedfordeepneuralnetworks(DNNs)tobea...
AlleviatingPrivacyAttacksviaCausalLearningShrutiTople1AmitSharma1AdityaV.Nori1Abstractsuchattackcalledmembershipinferencerevealswhetheradatasamplewaspresentinthetrainingdataset(ShokriMachinelearnin...
AdversarialAttacksonProbabilisticAutoregressiveForecastingModelsRaphae¨lDang-Nhu1GagandeepSingh1PavolBielik1MartinVechev1Abstractsinglebestvaluehasseveraladvantages–itnaturallyfitstheinherentlyst...
AdversarialAttacksonCopyrightDetectionSystemsParsaSaadatpanah1AliShafahi1TomGoldstein1Abstractdetectionextractfeatures,calledfingerprints,fromsam-pledvideooraudio,andthenmatchthesefeatureswithaItis...
AdaptiveReward-PoisoningAttacksagainstReinforcementLearningXuezhouZhang1YuzheMa1AdishSingla2XiaojinZhu1AbstractgroupofTwitteruserswhodeliberatelytaughtitmisogynis-ticandracistremarksshortlyafterits...
TransferableClean-LabelPoisoningAttacksonDeepNeuralNetsChenZhu1W.RonnyHuang1AliShafahi1HengduoLi1GavinTaylor2ChristophStuder3TomGoldstein1Abstract2017).IncontrasttoevasionAttacks(Biggioetal.,2013;S...
SimpleBlack-boxAdversarialAttacksChuanGuo1JacobR.Gardner2YurongYou1AndrewGordonWilson1KilianQ.Weinberger1Abstractwhereasblack-boxAttacksrequireonlyqueriestothetargetmodelthatmayreturncompleteorpart...
ParsimoniousBlack-BoxAdversarialAttacksviaEfficientCombinatorialOptimizationSeungyongMoon12GaonAn12HyunOhSong12AbstractHowever,inmorerealisticsettings(Watsonvisualrecogni-tion,2019;GooglevisionAPI,...