Adversarial Region

Adversarial regions represent areas within an input (image, text, etc.) that can cause a machine learning model to misclassify or malfunction, highlighting vulnerabilities in model robustness. Current research focuses on generating these regions through various methods, including diffusion models and neighborhood conditional sampling, and developing defenses such as image resurfacing and adaptive smoothing techniques. Understanding and mitigating adversarial regions is crucial for improving the reliability and security of machine learning systems across diverse applications, from autonomous vehicles to language models. This involves both creating more robust models and developing effective methods to detect and neutralize adversarial attacks.

Papers

September 11, 2024

AdvLogo: Adversarial Patch Attack against Object Detectors based on Diffusion Models
Boming Miao, Chunxiao Li, Yao Zhu, Weixiang Sun, Zizhe Wang, Xiaoyi Wang, Chuanlong Xie
Diffusion Model Object Detector Adversarial Patch Adversarial Patch Attack Adversarial Region Adversarial Discriminator

May 25, 2024

Enhancing Adversarial Transferability Through Neighborhood Conditional Sampling
Chunlin Qiu, Yiheng Duan, Lingchen Zhao, Qian Wang
Adversarial Example Transfer Attack Adversarial Region

November 2, 2023

Assist Is Just as Important as the Goal: Image Resurfacing to Aid Model's Robust Prediction
Abhijith Sharma, Phil Munz, Apurva Narayan
Full Model Adversarial Patch Pseudo Goal Robust Prediction Patch Attack Adversarial Region

September 1, 2023

Why do universal adversarial attacks work on large language models?: Geometry might be the answer
Varshini Subhash, Anna Bialas, Weiwei Pan, Finale Doshi-Velez
Large Language Model Adversarial Attack Geometric Analysis Top Two Answer Universal Adversarial Adversarial Trigger Adversarial Region

June 28, 2023

Distributional Modeling for Location-Aware Adversarial Patches
Xingxing Wei, Shouwei Ruan, Yinpeng Dong, Hang Su
Adversarial Attack Adversarial Patch Distributional Model Adversarial Region

June 26, 2023

The race to robustness: exploiting fragile models for urban camouflage and the imperative for machine learning security
Harriet Farlow, Matthew Garratt, Gavin Mount, Tim Lynar
Adversarial Attack Native Robustness New Machine Adversarial Learning Object Detection Model Security Related Prey Camouflage Adversarial Machine Learning Model Collapse Adversarial Region

June 15, 2023

DIFFender: Diffusion-Based Adversarial Defense against Patch Attacks
Caixin Kang, Yinpeng Dong, Zhengyi Wang, Shouwei Ruan, Yubo Chen, Hang Su, Xingxing Wei
Adversarial Attack Adversarial Patch Adversarial DEfense Defense Method Patch Attack Adversarial Region

May 8, 2023

Less is More: Removing Text-regions Improves CLIP Training Efficiency and Robustness
Liangliang Cao, Bowen Zhang, Chen Chen, Yinfei Yang, Xianzhi Du, Wencong Zhang, Zhiyun Lu, Yantao Zheng
Native Robustness Supervised ImageNet Contrastive Language Image Image Text Pair CLIP Model CLIP Training Text Region Adversarial Region

April 20, 2023

Using Z3 for Formal Modeling and Verification of FNN Global Robustness
Yihao Zhang, Zeming Wei, Xiyue Zhang, Meng Sun
Adversarial Robustness Verification Task Formal Model Global Deep Global Robustness DNN Robustness Adversarial Region

January 29, 2023

Improving the Accuracy-Robustness Trade-Off of Classifiers via Adaptive Smoothing
Yatong Bai, Brendon G. Anderson, Aerin Kim, Somayeh Sojoudi
Native Robustness Adversarial Robustness Simple Classifier Robust Classifier Accuracy Robustness Adversarial Region Adaptive Smoothing

August 19, 2022

Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks
Husheng Han, Xing Hu, Kaidi Xu, Pucheng Dang, Ying Wang, Yongwei Zhao, Zidong Du, Qi Guo, Yanzhi Yang, Tianshi Chen
Adversarial Attack Adversarial Patch Video Object Detection Adversarial Patch Attack Adversarial Region

March 14, 2022

Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis
Giulio Rossolini, Federico Nesti, Fabio Brau, Alessandro Biondi, Giorgio Buttazzo
Adversarial Attack Adversarial Robustness Adversarial Region Adversarial Object

November 30, 2021

Mitigating Adversarial Attacks by Distributing Different Copies to Different Users
Jiyi Zhang, Han Fang, Wesley Joon-Wie Tann, Ke Xu, Chengfang Fang, Ee-Chien Chang
Adversarial Attack Adversarial Sample Inherent Randomness Near Duplicate Multi User Adversarial Region

Adversarial Region

Papers

AdvLogo: Adversarial Patch Attack against Object Detectors based on Diffusion Models

Enhancing Adversarial Transferability Through Neighborhood Conditional Sampling

Assist Is Just as Important as the Goal: Image Resurfacing to Aid Model's Robust Prediction

Why do universal adversarial attacks work on large language models?: Geometry might be the answer

Distributional Modeling for Location-Aware Adversarial Patches

The race to robustness: exploiting fragile models for urban camouflage and the imperative for machine learning security

DIFFender: Diffusion-Based Adversarial Defense against Patch Attacks

Less is More: Removing Text-regions Improves CLIP Training Efficiency and Robustness

Using Z3 for Formal Modeling and Verification of FNN Global Robustness

Improving the Accuracy-Robustness Trade-Off of Classifiers via Adaptive Smoothing

Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks

Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis

Mitigating Adversarial Attacks by Distributing Different Copies to Different Users