pith. sign in

arxiv: 1705.07263 · v2 · pith:AIJF6DQ4new · submitted 2017-05-20 · 💻 cs.LG · cs.CR· cs.CV

Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods

Nicholas Carlini , David Wagner This is my paper
classification 💻 cs.LG cs.CRcs.CV
keywords adversarialexamplesdetectioninputsappreciatedbelievedbetterbypassing
0
0 comments X
read the original abstract

Neural networks are known to be vulnerable to adversarial examples: inputs that are close to natural inputs but classified incorrectly. In order to better understand the space of adversarial examples, we survey ten recent proposals that are designed for detection and compare their efficacy. We show that all can be defeated by constructing new loss functions. We conclude that adversarial examples are significantly harder to detect than previously appreciated, and the properties believed to be intrinsic to adversarial examples are in fact not. Finally, we propose several simple guidelines for evaluating future proposed defenses.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Metamorphic Detection of Adversarial Examples in Deep Learning Models With Affine Transformations

    cs.CV 2019-07 unverdicted novelty 5.0

    The authors propose using metamorphic relations based on distance ratio preserving affine transformations to detect whether an input image is adversarial with high accuracy.