The paper argues for stateful defenses over stateless ones to detect adversarial example generation via query history and introduces query blinding as a counter-attack.
On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
abstract
Neural networks are known to be vulnerable to adversarial examples. In this note, we evaluate the two white-box defenses that appeared at CVPR 2018 and find they are ineffective: when applying existing techniques, we can reduce the accuracy of the defended models to 0%.
fields
cs.CR 2years
2019 2verdicts
UNVERDICTED 2representative citing papers
Connects Lyapunov control theory to a provable defense against weaker adversarial attacks on neural networks.
citing papers explorer
-
Stateful Detection of Black-Box Adversarial Attacks
The paper argues for stateful defenses over stateless ones to detect adversarial example generation via query history and introduces query blinding as a counter-attack.
-
Connecting Lyapunov Control Theory to Adversarial Attacks
Connects Lyapunov control theory to a provable defense against weaker adversarial attacks on neural networks.