└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # ICCV-2021-adversarial-attacks-and-defense 2 | ICCV 2021 papers and code focus on adversarial attacks and defense 3 | 4 | ## Attacks 5 | 6 | ### clssification 7 | * AdvDrop: Adversarial Attack to DNNs by Dropping Information 8 | * Admix: Enhancing the Transferability of Adversarial Attacks 9 | * Feature Importance-Aware Transferable Adversarial Attacks 10 | * Consistency-Sensitivity Guided Ensemble Black-Box Adversarial Attacks in Low-Dimensional Spaces 11 | * Augmented Lagrangian Adversarial Attacks 12 | * [code](https://github.com/jeromerony/augmented_lagrangian_adversarial_attacks) 13 | * LIRA: Learnable, Imperceptible and Robust Backdoor Attacks 14 | * Interpreting Attributions and Interactions of Adversarial Attacks 15 | 16 | ### detection 17 | 18 | ### point cloud 19 | * PointBA: Towards Backdoor Attacks in 3D Point Cloud 20 | * A Backdoor Attack Against 3D Point Cloud Classifiers 21 | 22 | * Meta Gradient Adversarial Attack 23 | 24 | ### other tasks 25 | * Adversarial Attack on Deep Cross-Modal Hamming Retrieval `Hamming Retrieval` 26 | 27 | * Just One Moment: Structural Vulnerability of Deep Action Recognition Against One Frame Attack `Action Recognition` 28 | 29 | * Parallel Rectangle Flip Attack: A Query-Based Black-Box Attack Against Object Detection `Object Detection` 30 | 31 | * Practical Relative Order Attack in Deep Ranking `Ranking` 32 | 33 | * Adversarial Attacks on Multi-Agent Communication 34 | 35 | * Membership Inference Attacks Are Easier on Difficult Problems `Membership Inference Attacks` 36 | 37 | * Knowledge-Enriched Distributional Model Inversion Attacks `Model Inversion Attacks` 38 | * [code]( https://github.com/SCccc21/Knowledge-Enriched-DMI) 39 | * Exploiting Explanations for Model Inversion Attacks `Model Inversion Attacks` 40 | * Aha! Adaptive History-Driven Attack for Decision-Based Black-Box Models 41 | * TkML-AP: Adversarial Attacks to Top-k Multi-Label Learning `Top-k Multi-Label Learning` 42 | * [code](https://github.com/discovershu/TKML-AP) 43 | 44 | 45 | 46 | * Data-Free Universal Adversarial Perturbation and Black-Box Attack 47 | 48 | * Attack As the Best Defense: Nullifying Image-to-Image Translation GANs via Limit-Aware Adversarial Attack 49 | 50 | * Invisible Backdoor Attack With Sample-Specific Triggers 51 | 52 | * Meta-Attack: Class-Agnostic and Model-Agnostic Physical Adversarial Attack 53 | 54 | * Attack-Guided Perceptual Data Generation for Real-World Re-Identification 55 | 56 | * AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-Directional Metric Learning 57 | 58 | * ProFlip: Targeted Trojan Attack With Progressive Bit Flips 59 | 60 | 61 | 62 | 63 | ## Defense 64 | 65 | ### Detection adv 66 | * Multi-Expert Adversarial Attack Detection in Person Re-Identification Using Context Inconsistency 67 | * Black-Box Detection of Backdoor Attacks With Limited Information and Data 68 | * Adversarial Attacks Are Reversible With Natural Supervision 69 | * Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective 70 | * [code](https://github.com/YiZeng623/frequency-backdoor) 71 | * Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings `exp` 72 | * Detection and Continual Learning of Novel Face Presentation Attacks 73 | * Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes 74 | 75 | ### Adv train 76 | * Improving Robustness of Facial Landmark Detection by Defending Against Adversarial Attacks 77 | * [code]( https://github.com/zhuccly/SAAT) 78 | ## Applications 79 | * Triggering Failures: Out-of-Distribution Detection by Learning From Local Adversarial Attacks in Semantic Segmentation 80 | 81 | 82 | 83 | 84 | --------------------------------------------------------------------------------