Most existing adversarial defenses only measure robustness to L_p adversarial attacks. Not only are adversaries unlikely to exclusively create small L_p perturbations, adversaries are unlikely to remain fixed. Adversaries adapt and evolve their attacks; hence adversarial defenses must be robust to a broad range of unforeseen attacks. We address this discrepancy between research and reality by proposing a new evaluation framework called ImageNet-UA. Our framework enables the research community to test ImageNet model robustness against attacks not encountered during training. To create ImageNet-UA's diverse attack suite, we introduce a total of four novel adversarial attacks. We also demonstrate that, in comparison to ImageNet-UA, prevailing ...
Intentionally crafted adversarial samples have effectively exploited weaknesses in deep neural netwo...
Neural networks recently have been used to solve many real-world tasks such as image recognition and...
Recently, RobustBench (Croce et al. 2020) has become a widely recognized benchmark for the adversari...
Despite the success of convolutional neural networks (CNNs) in many academic benchmarks for computer...
Neural networks' lack of robustness against attacks raises concerns in security-sensitive settings s...
Neural networks provide state-of-the-art results for most machine learning tasks. Unfortunately, neu...
Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-lea...
Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-lea...
Adversarial training, originally designed to resist test-time adversarial examples, has shown to be ...
Deep Neural Networks (DNNs) have made many breakthroughs in different areas of artificial intelligen...
Adversarial training is the standard to train models robust against adversarial examples. However, e...
Recently, RobustBench (Croce et al. 2020) has become a widely recognized benchmark for the adversari...
Neural networks' lack of robustness against attacks raises concerns in security-sensitive settings s...
In this paper, we propose a new key-based defense focusing on both efficiency and robustness. Althou...
Evaluation of adversarial robustness is often error-prone leading to overestimation of the true robu...
Intentionally crafted adversarial samples have effectively exploited weaknesses in deep neural netwo...
Neural networks recently have been used to solve many real-world tasks such as image recognition and...
Recently, RobustBench (Croce et al. 2020) has become a widely recognized benchmark for the adversari...
Despite the success of convolutional neural networks (CNNs) in many academic benchmarks for computer...
Neural networks' lack of robustness against attacks raises concerns in security-sensitive settings s...
Neural networks provide state-of-the-art results for most machine learning tasks. Unfortunately, neu...
Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-lea...
Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-lea...
Adversarial training, originally designed to resist test-time adversarial examples, has shown to be ...
Deep Neural Networks (DNNs) have made many breakthroughs in different areas of artificial intelligen...
Adversarial training is the standard to train models robust against adversarial examples. However, e...
Recently, RobustBench (Croce et al. 2020) has become a widely recognized benchmark for the adversari...
Neural networks' lack of robustness against attacks raises concerns in security-sensitive settings s...
In this paper, we propose a new key-based defense focusing on both efficiency and robustness. Althou...
Evaluation of adversarial robustness is often error-prone leading to overestimation of the true robu...
Intentionally crafted adversarial samples have effectively exploited weaknesses in deep neural netwo...
Neural networks recently have been used to solve many real-world tasks such as image recognition and...
Recently, RobustBench (Croce et al. 2020) has become a widely recognized benchmark for the adversari...