A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models
暂无分享,去创建一个
Xiapu Luo | Yevgeniy Vorobeychik | Ting Wang | Shouling Ji | Xinyang Zhang | Ren Pang | Hua Shen | Alex Liu | Xiapu Luo | S. Ji | A. Liu | Ren Pang | Ting Wang | Xinyang Zhang | Yevgeniy Vorobeychik | Hua Shen
[1] Benjamin Edwards,et al. Detecting Backdoor Attacks on Deep Neural Networks by Activation Clustering , 2018, SafeAI@AAAI.
[2] Xin Zhang,et al. End to End Learning for Self-Driving Cars , 2016, ArXiv.
[3] Geoffrey E. Hinton,et al. Deep Learning , 2015, Nature.
[4] R. Wijsman,et al. A Useful Inequality on Ratios of Integrals, with Application to Maximum Likelihood Estimation , 1985 .
[5] Jerry Li,et al. Spectral Signatures in Backdoor Attacks , 2018, NeurIPS.
[6] Damith Chinthana Ranasinghe,et al. STRIP: a defence against trojan attacks on deep neural networks , 2019, ACSAC.
[7] StallkampJ.,et al. 2012 Special Issue , 2012 .
[8] Fabio Roli,et al. Poisoning Adaptive Biometric Systems , 2012, SSPR/SPR.
[9] Tudor Dumitras,et al. When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks , 2018, USENIX Security Symposium.
[10] Joan Bruna,et al. Intriguing properties of neural networks , 2013, ICLR.
[11] Ting Wang,et al. DEEPSEC: A Uniform Platform for Security Analysis of Deep Learning Model , 2019, 2019 IEEE Symposium on Security and Privacy (SP).
[12] Moustapha Cissé,et al. Countering Adversarial Images using Input Transformations , 2018, ICLR.
[13] Wen-Chuan Lee,et al. Trojaning Attack on Neural Networks , 2018, NDSS.
[14] A. V. Manzhirov,et al. Handbook of mathematics for engineers and scientists , 2006 .
[15] Alexander J. Smola,et al. Parallelized Stochastic Gradient Descent , 2010, NIPS.
[16] David A. Wagner,et al. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples , 2018, ICML.
[17] Jian Zhang,et al. SQuAD: 100,000+ Questions for Machine Comprehension of Text , 2016, EMNLP.
[18] Ananthram Swami,et al. Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks , 2015, 2016 IEEE Symposium on Security and Privacy (SP).
[19] Pascal Frossard,et al. Analysis of universal adversarial perturbations , 2017, ArXiv.
[20] Dan Boneh,et al. SentiNet: Detecting Physical Attacks Against Deep Learning Systems , 2018, ArXiv.
[21] Ting Wang,et al. Backdoor attacks against learning systems , 2017, 2017 IEEE Conference on Communications and Network Security (CNS).
[22] Hao Chen,et al. MagNet: A Two-Pronged Defense against Adversarial Examples , 2017, CCS.
[23] Giovanni S. Alberti,et al. ADef: an Iterative Algorithm to Construct Adversarial Deformations , 2018, ICLR.
[24] J. Danskin. The Theory of Max-Min and its Application to Weapons Allocation Problems , 1967 .
[25] George Cybenko,et al. Approximation by superpositions of a sigmoidal function , 1989, Math. Control. Signals Syst..
[26] Demis Hassabis,et al. Mastering the game of Go with deep neural networks and tree search , 2016, Nature.
[27] Li Fei-Fei,et al. ImageNet: A large-scale hierarchical image database , 2009, CVPR.
[28] Sebastian Thrun,et al. Dermatologist-level classification of skin cancer with deep neural networks , 2017, Nature.
[29] Fabio Roli,et al. Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning , 2018, CCS.
[30] Ben Y. Zhao,et al. Latent Backdoor Attacks on Deep Neural Networks , 2019, CCS.
[31] Ben Y. Zhao,et al. Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks , 2019, 2019 IEEE Symposium on Security and Privacy (SP).
[32] Seyed-Mohsen Moosavi-Dezfooli,et al. Universal Adversarial Perturbations , 2016, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).
[33] Ananthram Swami,et al. The Limitations of Deep Learning in Adversarial Settings , 2015, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).
[34] Xiangyu Zhang,et al. ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation , 2019, CCS.
[35] Damith C. Ranasinghe,et al. Februus: Input Purification Defense Against Trojan Attacks on Deep Neural Network Systems , 2020, ACSAC.
[36] Jian Sun,et al. Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).
[37] Andrew Zisserman,et al. Very Deep Convolutional Networks for Large-Scale Image Recognition , 2014, ICLR.
[38] James Bailey,et al. Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality , 2018, ICLR.
[39] Yanjun Qi,et al. Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks , 2017, NDSS.
[40] Brendan Dolan-Gavitt,et al. BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain , 2017, ArXiv.
[41] Junfeng Yang,et al. Formal Security Analysis of Neural Networks using Symbolic Intervals , 2018, USENIX Security Symposium.
[42] Samy Bengio,et al. Adversarial Machine Learning at Scale , 2016, ICLR.
[43] Aleksander Madry,et al. Robustness May Be at Odds with Accuracy , 2018, ICLR.
[44] Johannes Stallkamp,et al. Man vs. computer: Benchmarking machine learning algorithms for traffic sign recognition , 2012, Neural Networks.
[45] Jishen Zhao,et al. DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks , 2019, IJCAI.
[46] Dan Boneh,et al. Ensemble Adversarial Training: Attacks and Defenses , 2017, ICLR.
[47] Tudor Dumitras,et al. Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks , 2018, NeurIPS.
[48] Pascal Frossard,et al. Classification regions of deep neural networks , 2017, ArXiv.
[49] Sencun Zhu,et al. Backdoor Embedding in Convolutional Neural Network Models via Invisible Perturbation , 2018, CODASPY.
[50] Xiaolin Hu,et al. Defense Against Adversarial Attacks Using High-Level Representation Guided Denoiser , 2017, 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition.
[51] Wen-Chuan Lee,et al. NIC: Detecting Adversarial Samples with Neural Network Invariant Checking , 2019, NDSS.
[52] Swarat Chaudhuri,et al. AI2: Safety and Robustness Certification of Neural Networks with Abstract Interpretation , 2018, 2018 IEEE Symposium on Security and Privacy (SP).
[53] Jimmy Ba,et al. Adam: A Method for Stochastic Optimization , 2014, ICLR.
[54] Alex Krizhevsky,et al. Learning Multiple Layers of Features from Tiny Images , 2009 .
[55] Ting Wang,et al. Model-Reuse Attacks on Deep Learning Systems , 2018, CCS.
[56] Seyed-Mohsen Moosavi-Dezfooli,et al. Robustness via Curvature Regularization, and Vice Versa , 2018, 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).
[57] David A. Wagner,et al. Towards Evaluating the Robustness of Neural Networks , 2016, 2017 IEEE Symposium on Security and Privacy (SP).
[58] Stephen P. Boyd,et al. Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.
[59] Aleksander Madry,et al. Towards Deep Learning Models Resistant to Adversarial Attacks , 2017, ICLR.
[60] Jonathon Shlens,et al. Explaining and Harnessing Adversarial Examples , 2014, ICLR.
[61] J. Zico Kolter,et al. Certified Adversarial Robustness via Randomized Smoothing , 2019, ICML.
[62] Larry S. Davis,et al. Adversarial Training for Free! , 2019, NeurIPS.