pith. sign in

arxiv: 1804.03286 · v1 · pith:ZRXUTLB5new · submitted 2018-04-10 · 💻 cs.CV · cs.CR· cs.LG· stat.ML

On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses

Anish Athalye , Nicholas Carlini This is my paper
classification 💻 cs.CV cs.CRcs.LGstat.ML
keywords adversarialcvprdefenseswhite-boxaccuracyappearedapplyingdefended
0
0 comments X
read the original abstract

Neural networks are known to be vulnerable to adversarial examples. In this note, we evaluate the two white-box defenses that appeared at CVPR 2018 and find they are ineffective: when applying existing techniques, we can reduce the accuracy of the defended models to 0%.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 2 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Stateful Detection of Black-Box Adversarial Attacks

    cs.CR 2019-07 unverdicted novelty 7.0

    The paper argues for stateful defenses over stateless ones to detect adversarial example generation via query history and introduces query blinding as a counter-attack.

  2. Connecting Lyapunov Control Theory to Adversarial Attacks

    cs.CR 2019-07 unverdicted novelty 5.0

    Connects Lyapunov control theory to a provable defense against weaker adversarial attacks on neural networks.