├── 2013 └── Evasion_attacks_against_machine_learning_at_test_time.md ├── 2014 ├── Intriguing_properties_of_neural_networks.md ├── Rich_feature_hierarchies_for_accurate_object_detection_and_semantic_segmentation.md └── Towards_deep_neural_network_architectures_robust_to_adversarial_examples.md ├── 2015 └── Explaining_and_Harnessing_Adversarial_Examples.md ├── 2016 ├── Adversarial_Images_for_Variational_Autoencoders.md ├── Autoencoding_beyond_pixels_using_a_learned_similarity_metric.md ├── DeepFool.md ├── Learning_Deep_Features_for_Discriminative_Localization.md ├── Robustness_of_classifiers_from_adversarial_to_random_noise.md ├── The_limitations_of_deep_learning_in_adversarial_settings.md ├── Toward_evaluating_the_robustness_of_neural_networks.md └── Transferability_in_machine_learning.md ├── 2017 ├── A-Fast-RCNN_Hard_Positive_Generation_via_Adversary_for_Object_Detection.md ├── Adversarial_Examples_Detection_in_Deep_Networks_with_Convolutional_Filter_Statistics.md ├── Adversarial_Examples_for_Semantic_Segmentation_and_Object_Detection.md ├── Adversarial_Examples_that_Fool_Detectors.md ├── Adversarial_transformation_networks_Learning_to_generate_adversarial_examples.md ├── CVAE-GAN_Fine-Grained_Image_Generation_Through_Asymmetric_Training.md ├── Conditional_Image_Synthesis_with_Auxiliary_Classifier_GANs.md ├── Countering_Adversarial_Images_using_Input_Transformations.md ├── Delving_into_Transferable_Adversarial_Examples_and_Black-box_Attacks.md ├── Detecting_Adversarial_Samples_from_Artifacts.md ├── On_Detecting_Adversarial_Perturbations.md ├── Universal_Adversarial_Perturbations.md └── Universal_Adversarial_Perturbations_Against_Semantic_Image_Segmentation.md ├── 2018 ├── Adversarial_Logit_Pairing.md ├── Art_of_Singular_Vectors_and_Universal_Adversarial_Perturbations.md ├── Boosting_Adversarial_Attacks_With_Momentum.md ├── Characterizing_Adversarial_Examples_Based_on_Spatial_Consistency_Information_for_Semantic_Segmentation.md ├── Constructing_Unrestricted_Adversarial_Examples_with_Generative_Models.md ├── Defense-{GAN}_Protecting_Classifiers_Against_Adversarial_Attacks_Using_Generative_Models.md ├── Defense_Against_Adversarial_Attacks_Using_High_Level_Representation_Guided_Denoiser.md ├── Defense_Against_Universal_Adversarial_Perturbations.md ├── Deflecting_Adversarial_Attacks_With_Pixel_Deflection.md ├── Ensemble_Adversarial_Training_Attacks_and_Defenses.md ├── Evaluating_and_understanding_the_robustness_of_adversarial_logit_pairing.md ├── Faster_Neural_Networks_Straight_from_JPEG.md ├── Generating_Adversarial_Examples_with_Adversarial_Networks.md ├── Generating_Natural_Adversarial_Examples.md ├── Generative_Adversarial_Perturbations.md ├── Learning_Universal_Adversarial_Perturbations_with_Generative_Models.md ├── Machine_Learning_with_Membership_Privacy_Using_Adversarial_Regularization.md ├── Multi_Scale_Dense_Networks_for_Resource_Efficient_Image_Classification.md ├── Obfuscated_Gradients_Give_a_False_Sense_of_Security_Circumventing_Defenses_to_Adversarial_Examples.md ├── Robust_physical_world_attacks_on_deep_learning_visual_classification.md ├── SPATIALLY_TRANSFORMED_ADVERSARIAL_EXAMPLES.md └── Virtual_adversarial_training_a_regularization_method_for_supervised_and_semi_supervised_learning.md ├── 2019 ├── A_Closer_Look_at_Double_Backpropagation.md ├── A_New_Defense_Against_Adversarial_Images_Turning_a_Weakness_into_a_Strength.md ├── AdvIT_Adversarial_Frames_Identifier_Based_on_Temporal_Consistency_in_Videos.md ├── Adversarial_Attacks_on_Graph_Neural_Networks_via_Meta_Learning.md ├── Adversarial_Examples_Are_Not_Bugs_They_Are_Features.md ├── Adversarial_Examples_Are_a_Natural_Consequence_of_Test_Error_in_Noise.md ├── Adversarial_Learning_With_Margin_Based_Triplet_Embedding_Regularization.md ├── Adversarial_Robustness_as_a_Prior_for_Learned_Representations.md ├── Adversarial_Robustness_through_Local_Linearization.md ├── Adversarial_Training_and_Robustness_for_Multiple_Perturbations.md ├── Adversarially_Robust_Distillation.md ├── Are_Labels_Required_for_Improving_Adversarial_Robustness.md ├── Are_adversarial_examples_inevitable.md ├── Be_Your_Own_Teacher_Improve the_Performance_of_Convolutional_Neural_Networks_via_Self_Distillation.md ├── CIIDefence_Defeating_Adversarial_Attacks_by_Fusing_Class_Specific_Image_Inpainting_and_Image_Denoising.md ├── Cross_Domain_Transferability_of_Adversarial_Perturbations.md ├── Cycle_Consistent_Adversarial_{GAN}_the_integration_of_adversarial_attack_and_defense.md ├── Decoupling_Direction_and_Norm_for_Efficient_Gradient_Based_L2_Adversarial_Attacks_and_Defenses.md ├── Defending_Adversarial_Attacks_by_Correcting_logits.md ├── Defense_Against_Adversarial_Attacks_Using_Feature_Scattering_based_Adversarial_Training.md ├── Feature_Denoising_for_Improving_Adversarial_Robustness.md ├── Feature_Space_Perturbations_Yield_More_Transferable_Adversarial_Examples.md ├── Fine_grained_Synthesis_of_Unrestricted_Adversarial_Examples.md ├── Generalizable_Adversarial_Attacks_Using_Generative_Models.md ├── Generalizable_Data_Free_Objective_for_Crafting_Universal_Adversarial_Perturbations.md ├── Generating_Realistic_Unrestricted_Adversarial_Inputs_using_Dual_Objective_{GAN}_Training.md ├── Improving_Adversarial_Robustness_via_Guided_Complement_Entropy.md ├── Improving_the_Robustness_of_Deep_Neural_Networks_via_Adversarial_Training_with_Triplet_Loss.md ├── Interpreting_Adversarially_Trained_Convolutional_Neural_Networks.md ├── Joint_Adversarial_Training_Incorporating_both_Spatial_and_Pixel_Attacks.md ├── Knowledge_Distillation_from_Internal_Representations.md ├── Metric_Learning_for_Adversarial_Robustness.md ├── NATTACK_Learning_the_Distributions_of_Adversarial_Examples_for_an_Improved_Black_Box_Attack_on_Deep_Neural_Networks.md ├── Natural_Adversarial_Examples.md ├── Noise2Self_Blind_Denoising_by_Self_Supervision.md ├── On_the_Connection_Between_Adversarial_Robustness_and_Saliency_Map_Interpretability.md ├── One_pixel_attack_for_fooling_deep_neural_networks.md ├── Perturbations_are_not_Enough_Generating_Adversarial_Examples_with_Spatial_Distortions.md ├── Real_Image_Denoising_With_Feature_Attention.md ├── Rethinking_Data_Augmentation_Self_Supervision_and_Self_Distillation.md ├── Retrieval_Augmented_Convolutional_Neural_Networks_against_Adversarial_Examples.md ├── Rob_GAN_Generator_Discriminator_and_Adversarial_Attacker.md ├── Robust_Attribution_Regularization.md ├── Robustness_May_Be_at_Odds_with_Accuracy.md ├── SemanticAdv_Generating_Adversarial_Examples_via_Attribute_conditional_Image_Editing.md ├── SinGAN_Learning_a_Generative_Model_From_a_Single_Natural_Image.md ├── Sparse_and_Imperceivable_Adversarial_Attacks.md ├── The_Limitations_of_Adversarial_Training_and_the_Blind-Spot_Attack.md ├── Theoretically_Principled_Trade_off_between_Robustness_and_Accuracy.md ├── Transferable_Adversarial_Attacks_for_Image_and_Video_Object_Detection.md └── Using_Pre_Training_Can_Improve_Model_Robustness_and_Uncertainty.md ├── 2020 ├── A_Closer_Look_at_Accuracy_vs_Robustness.md ├── A_Self_supervised_Approach_for_Adversarial_Robustness.md ├── Adversarial_Examples_Improve_Image_Recognition.md ├── Adversarially_Robust_Representations_with_Smooth_Encoders.md ├── Confidence_Calibrated_Adversarial_Training_Generalizing_to_Unseen_Attacks.md ├── Contrastive_Representation_Distillation.md ├── DVERGE_Diversifying_Vulnerabilities_for_Enhanced_Robust_Generation_of_Ensembles.md ├── Deflecting_Adversarial_Attacks.md ├── Energy_based_Out_of_distribution_Detection.md ├── Enhancing_Transformation_Based_Defenses_Against_Adversarial_Attacks_with_a_Distribution_Classifier.md ├── Fooling_Detection_Alone_is_Not_Enough_Adversarial_Attack_against_Multiple_Object_Tracking.md ├── Heat_and_Blur_An_Effective_and_Fast_Defense_Against_Adversarial_Examples.md ├── High_Frequency_Component_Helps_Explain_the_Generalization_of_Convolutional_Neural_Networks.md ├── Improving_Adversarial_Robustness_Requires_Revisiting_Misclassified_Examples.md ├── Jacobian_Adversarially_Regularized_Networks_for_Robustness.md ├── Manifold_regularization_for_adversarial_robustness.md ├── On_Robustness_of_Neural_Ordinary_Differential_Equations.md ├── Out_of_Distribution_Generalization_via_Risk_Extrapolation.md ├── Pay_Attention_to_Features_Transfer_Learn_Faster_CNNs.md ├── Robust_And_Interpretable_Blind_Image_Denoising_Via_Bias_Free_Convolutional_Neural_Networks.md ├── Robust_Local_Features_for_Improving_the_Generalization_of_Adversarial_Training.md ├── Sponge_Examples_Energy_Latency_Attacks_on_Neural_Networks.md ├── Supervised_Contrastive_Learning.md ├── Triple_Wins_Boosting_Accuracy_Robustness_and_Efficiency_Together_by_Enabling_Input_Adaptive_Inference.md ├── Wavelet_Integrated_CNNs_for_Noise_Robust_Image_Classification.md └── What_it_Thinks_is_Important_is_Important_Robustness_Transfers_through_Input_Gradients.md ├── 2021 └── On_the_Limitations_of_Denoising_Strategies_as_Adversarial_Defenses.md ├── .gitattributes ├── LICENSE ├── README.md ├── asset ├── survey.bib └── template.md └── pics ├── algo1_2019arXiv191205699C.png ├── algo1_DongLPS0HL18.png ├── algo1_PrakashMGDS18.png ├── algo1_Rony_2019_CVPR.png ├── algo1_Xie_2020_CVPR.png ├── algo1_ZhangSGCBM19.png ├── algo1_Zhong_2019_ICCV.png ├── algo1_chan2020jacobian.png ├── eqn10_Zhong_2019_ICCV.png ├── eqn1_NIPS2019_8339.png ├── eqn3_2020arXiv200411362K.png ├── eqn3_Zhong_2019_ICCV.png ├── eqn3_pmlr-v97-zhang19p.png ├── eqn4_yang2020dverge.png ├── eqn5_gu2014towards.png ├── eqn6_abs-1711-00117.png ├── eqn6_gu2014towards.png ├── eqn7_song2020robust.png ├── eqn8_wang2020improving.png ├── eqn9_song2020robust.png ├── fig1_Gupta_2019_ICCV.png ├── fig1_MetzenGFB17.png ├── fig1_NIPS2019_8339.png ├── fig1_abs-1910-03723.png ├── fig1_chan2020jacobian.png ├── fig1_song2020robust.png ├── fig1_wang2020improving.png ├── fig2_2019arXiv191205699C.png ├── fig2_AkhtarLM18.png ├── fig2_NIPS2019_8339.png ├── fig2_Naseer_2020_CVPR.png ├── fig2_ZhangSGCBM19.png ├── fig2_abs-1711-00117.png ├── fig2_anwar_2009_iccv.png ├── fig2_ijcai2019-134.png ├── fig3_Xie_2020_CVPR.png ├── fig4_2020arXiv200302460Y.png ├── fig4_onepixel.png ├── fig5_li2020wavelet.png ├── fig9_8423654.png ├── tab1_ijcai2019-134.png ├── tab1_jin2020manifold.png ├── tab1_wang2020improving.png ├── tab2_10114532437343243855.png ├── tab4_yang2020dverge.png ├── tab5_yang2020dverge.png ├── text_DongLPS0HL18.png └── xiewzzxy17_algo1.png /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/.gitattributes -------------------------------------------------------------------------------- /2013/Evasion_attacks_against_machine_learning_at_test_time.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2013/Evasion_attacks_against_machine_learning_at_test_time.md -------------------------------------------------------------------------------- /2014/Intriguing_properties_of_neural_networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2014/Intriguing_properties_of_neural_networks.md -------------------------------------------------------------------------------- /2014/Rich_feature_hierarchies_for_accurate_object_detection_and_semantic_segmentation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2014/Rich_feature_hierarchies_for_accurate_object_detection_and_semantic_segmentation.md -------------------------------------------------------------------------------- /2014/Towards_deep_neural_network_architectures_robust_to_adversarial_examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2014/Towards_deep_neural_network_architectures_robust_to_adversarial_examples.md -------------------------------------------------------------------------------- /2015/Explaining_and_Harnessing_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2015/Explaining_and_Harnessing_Adversarial_Examples.md -------------------------------------------------------------------------------- /2016/Adversarial_Images_for_Variational_Autoencoders.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Adversarial_Images_for_Variational_Autoencoders.md -------------------------------------------------------------------------------- /2016/Autoencoding_beyond_pixels_using_a_learned_similarity_metric.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Autoencoding_beyond_pixels_using_a_learned_similarity_metric.md -------------------------------------------------------------------------------- /2016/DeepFool.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/DeepFool.md -------------------------------------------------------------------------------- /2016/Learning_Deep_Features_for_Discriminative_Localization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Learning_Deep_Features_for_Discriminative_Localization.md -------------------------------------------------------------------------------- /2016/Robustness_of_classifiers_from_adversarial_to_random_noise.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Robustness_of_classifiers_from_adversarial_to_random_noise.md -------------------------------------------------------------------------------- /2016/The_limitations_of_deep_learning_in_adversarial_settings.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/The_limitations_of_deep_learning_in_adversarial_settings.md -------------------------------------------------------------------------------- /2016/Toward_evaluating_the_robustness_of_neural_networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Toward_evaluating_the_robustness_of_neural_networks.md -------------------------------------------------------------------------------- /2016/Transferability_in_machine_learning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2016/Transferability_in_machine_learning.md -------------------------------------------------------------------------------- /2017/A-Fast-RCNN_Hard_Positive_Generation_via_Adversary_for_Object_Detection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/A-Fast-RCNN_Hard_Positive_Generation_via_Adversary_for_Object_Detection.md -------------------------------------------------------------------------------- /2017/Adversarial_Examples_Detection_in_Deep_Networks_with_Convolutional_Filter_Statistics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Adversarial_Examples_Detection_in_Deep_Networks_with_Convolutional_Filter_Statistics.md -------------------------------------------------------------------------------- /2017/Adversarial_Examples_for_Semantic_Segmentation_and_Object_Detection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Adversarial_Examples_for_Semantic_Segmentation_and_Object_Detection.md -------------------------------------------------------------------------------- /2017/Adversarial_Examples_that_Fool_Detectors.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Adversarial_Examples_that_Fool_Detectors.md -------------------------------------------------------------------------------- /2017/Adversarial_transformation_networks_Learning_to_generate_adversarial_examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Adversarial_transformation_networks_Learning_to_generate_adversarial_examples.md -------------------------------------------------------------------------------- /2017/CVAE-GAN_Fine-Grained_Image_Generation_Through_Asymmetric_Training.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/CVAE-GAN_Fine-Grained_Image_Generation_Through_Asymmetric_Training.md -------------------------------------------------------------------------------- /2017/Conditional_Image_Synthesis_with_Auxiliary_Classifier_GANs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Conditional_Image_Synthesis_with_Auxiliary_Classifier_GANs.md -------------------------------------------------------------------------------- /2017/Countering_Adversarial_Images_using_Input_Transformations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Countering_Adversarial_Images_using_Input_Transformations.md -------------------------------------------------------------------------------- /2017/Delving_into_Transferable_Adversarial_Examples_and_Black-box_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Delving_into_Transferable_Adversarial_Examples_and_Black-box_Attacks.md -------------------------------------------------------------------------------- /2017/Detecting_Adversarial_Samples_from_Artifacts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Detecting_Adversarial_Samples_from_Artifacts.md -------------------------------------------------------------------------------- /2017/On_Detecting_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/On_Detecting_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2017/Universal_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Universal_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2017/Universal_Adversarial_Perturbations_Against_Semantic_Image_Segmentation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2017/Universal_Adversarial_Perturbations_Against_Semantic_Image_Segmentation.md -------------------------------------------------------------------------------- /2018/Adversarial_Logit_Pairing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Adversarial_Logit_Pairing.md -------------------------------------------------------------------------------- /2018/Art_of_Singular_Vectors_and_Universal_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Art_of_Singular_Vectors_and_Universal_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2018/Boosting_Adversarial_Attacks_With_Momentum.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Boosting_Adversarial_Attacks_With_Momentum.md -------------------------------------------------------------------------------- /2018/Characterizing_Adversarial_Examples_Based_on_Spatial_Consistency_Information_for_Semantic_Segmentation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Characterizing_Adversarial_Examples_Based_on_Spatial_Consistency_Information_for_Semantic_Segmentation.md -------------------------------------------------------------------------------- /2018/Constructing_Unrestricted_Adversarial_Examples_with_Generative_Models.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Constructing_Unrestricted_Adversarial_Examples_with_Generative_Models.md -------------------------------------------------------------------------------- /2018/Defense-{GAN}_Protecting_Classifiers_Against_Adversarial_Attacks_Using_Generative_Models.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Defense-{GAN}_Protecting_Classifiers_Against_Adversarial_Attacks_Using_Generative_Models.md -------------------------------------------------------------------------------- /2018/Defense_Against_Adversarial_Attacks_Using_High_Level_Representation_Guided_Denoiser.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Defense_Against_Adversarial_Attacks_Using_High_Level_Representation_Guided_Denoiser.md -------------------------------------------------------------------------------- /2018/Defense_Against_Universal_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Defense_Against_Universal_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2018/Deflecting_Adversarial_Attacks_With_Pixel_Deflection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Deflecting_Adversarial_Attacks_With_Pixel_Deflection.md -------------------------------------------------------------------------------- /2018/Ensemble_Adversarial_Training_Attacks_and_Defenses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Ensemble_Adversarial_Training_Attacks_and_Defenses.md -------------------------------------------------------------------------------- /2018/Evaluating_and_understanding_the_robustness_of_adversarial_logit_pairing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Evaluating_and_understanding_the_robustness_of_adversarial_logit_pairing.md -------------------------------------------------------------------------------- /2018/Faster_Neural_Networks_Straight_from_JPEG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Faster_Neural_Networks_Straight_from_JPEG.md -------------------------------------------------------------------------------- /2018/Generating_Adversarial_Examples_with_Adversarial_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Generating_Adversarial_Examples_with_Adversarial_Networks.md -------------------------------------------------------------------------------- /2018/Generating_Natural_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Generating_Natural_Adversarial_Examples.md -------------------------------------------------------------------------------- /2018/Generative_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Generative_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2018/Learning_Universal_Adversarial_Perturbations_with_Generative_Models.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Learning_Universal_Adversarial_Perturbations_with_Generative_Models.md -------------------------------------------------------------------------------- /2018/Machine_Learning_with_Membership_Privacy_Using_Adversarial_Regularization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Machine_Learning_with_Membership_Privacy_Using_Adversarial_Regularization.md -------------------------------------------------------------------------------- /2018/Multi_Scale_Dense_Networks_for_Resource_Efficient_Image_Classification.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Multi_Scale_Dense_Networks_for_Resource_Efficient_Image_Classification.md -------------------------------------------------------------------------------- /2018/Obfuscated_Gradients_Give_a_False_Sense_of_Security_Circumventing_Defenses_to_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Obfuscated_Gradients_Give_a_False_Sense_of_Security_Circumventing_Defenses_to_Adversarial_Examples.md -------------------------------------------------------------------------------- /2018/Robust_physical_world_attacks_on_deep_learning_visual_classification.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Robust_physical_world_attacks_on_deep_learning_visual_classification.md -------------------------------------------------------------------------------- /2018/SPATIALLY_TRANSFORMED_ADVERSARIAL_EXAMPLES.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/SPATIALLY_TRANSFORMED_ADVERSARIAL_EXAMPLES.md -------------------------------------------------------------------------------- /2018/Virtual_adversarial_training_a_regularization_method_for_supervised_and_semi_supervised_learning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2018/Virtual_adversarial_training_a_regularization_method_for_supervised_and_semi_supervised_learning.md -------------------------------------------------------------------------------- /2019/A_Closer_Look_at_Double_Backpropagation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/A_Closer_Look_at_Double_Backpropagation.md -------------------------------------------------------------------------------- /2019/A_New_Defense_Against_Adversarial_Images_Turning_a_Weakness_into_a_Strength.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/A_New_Defense_Against_Adversarial_Images_Turning_a_Weakness_into_a_Strength.md -------------------------------------------------------------------------------- /2019/AdvIT_Adversarial_Frames_Identifier_Based_on_Temporal_Consistency_in_Videos.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/AdvIT_Adversarial_Frames_Identifier_Based_on_Temporal_Consistency_in_Videos.md -------------------------------------------------------------------------------- /2019/Adversarial_Attacks_on_Graph_Neural_Networks_via_Meta_Learning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Attacks_on_Graph_Neural_Networks_via_Meta_Learning.md -------------------------------------------------------------------------------- /2019/Adversarial_Examples_Are_Not_Bugs_They_Are_Features.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Examples_Are_Not_Bugs_They_Are_Features.md -------------------------------------------------------------------------------- /2019/Adversarial_Examples_Are_a_Natural_Consequence_of_Test_Error_in_Noise.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Examples_Are_a_Natural_Consequence_of_Test_Error_in_Noise.md -------------------------------------------------------------------------------- /2019/Adversarial_Learning_With_Margin_Based_Triplet_Embedding_Regularization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Learning_With_Margin_Based_Triplet_Embedding_Regularization.md -------------------------------------------------------------------------------- /2019/Adversarial_Robustness_as_a_Prior_for_Learned_Representations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Robustness_as_a_Prior_for_Learned_Representations.md -------------------------------------------------------------------------------- /2019/Adversarial_Robustness_through_Local_Linearization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Robustness_through_Local_Linearization.md -------------------------------------------------------------------------------- /2019/Adversarial_Training_and_Robustness_for_Multiple_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarial_Training_and_Robustness_for_Multiple_Perturbations.md -------------------------------------------------------------------------------- /2019/Adversarially_Robust_Distillation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Adversarially_Robust_Distillation.md -------------------------------------------------------------------------------- /2019/Are_Labels_Required_for_Improving_Adversarial_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Are_Labels_Required_for_Improving_Adversarial_Robustness.md -------------------------------------------------------------------------------- /2019/Are_adversarial_examples_inevitable.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Are_adversarial_examples_inevitable.md -------------------------------------------------------------------------------- /2019/Be_Your_Own_Teacher_Improve the_Performance_of_Convolutional_Neural_Networks_via_Self_Distillation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Be_Your_Own_Teacher_Improve the_Performance_of_Convolutional_Neural_Networks_via_Self_Distillation.md -------------------------------------------------------------------------------- /2019/CIIDefence_Defeating_Adversarial_Attacks_by_Fusing_Class_Specific_Image_Inpainting_and_Image_Denoising.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/CIIDefence_Defeating_Adversarial_Attacks_by_Fusing_Class_Specific_Image_Inpainting_and_Image_Denoising.md -------------------------------------------------------------------------------- /2019/Cross_Domain_Transferability_of_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Cross_Domain_Transferability_of_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2019/Cycle_Consistent_Adversarial_{GAN}_the_integration_of_adversarial_attack_and_defense.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Cycle_Consistent_Adversarial_{GAN}_the_integration_of_adversarial_attack_and_defense.md -------------------------------------------------------------------------------- /2019/Decoupling_Direction_and_Norm_for_Efficient_Gradient_Based_L2_Adversarial_Attacks_and_Defenses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Decoupling_Direction_and_Norm_for_Efficient_Gradient_Based_L2_Adversarial_Attacks_and_Defenses.md -------------------------------------------------------------------------------- /2019/Defending_Adversarial_Attacks_by_Correcting_logits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Defending_Adversarial_Attacks_by_Correcting_logits.md -------------------------------------------------------------------------------- /2019/Defense_Against_Adversarial_Attacks_Using_Feature_Scattering_based_Adversarial_Training.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Defense_Against_Adversarial_Attacks_Using_Feature_Scattering_based_Adversarial_Training.md -------------------------------------------------------------------------------- /2019/Feature_Denoising_for_Improving_Adversarial_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Feature_Denoising_for_Improving_Adversarial_Robustness.md -------------------------------------------------------------------------------- /2019/Feature_Space_Perturbations_Yield_More_Transferable_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Feature_Space_Perturbations_Yield_More_Transferable_Adversarial_Examples.md -------------------------------------------------------------------------------- /2019/Fine_grained_Synthesis_of_Unrestricted_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Fine_grained_Synthesis_of_Unrestricted_Adversarial_Examples.md -------------------------------------------------------------------------------- /2019/Generalizable_Adversarial_Attacks_Using_Generative_Models.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Generalizable_Adversarial_Attacks_Using_Generative_Models.md -------------------------------------------------------------------------------- /2019/Generalizable_Data_Free_Objective_for_Crafting_Universal_Adversarial_Perturbations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Generalizable_Data_Free_Objective_for_Crafting_Universal_Adversarial_Perturbations.md -------------------------------------------------------------------------------- /2019/Generating_Realistic_Unrestricted_Adversarial_Inputs_using_Dual_Objective_{GAN}_Training.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Generating_Realistic_Unrestricted_Adversarial_Inputs_using_Dual_Objective_{GAN}_Training.md -------------------------------------------------------------------------------- /2019/Improving_Adversarial_Robustness_via_Guided_Complement_Entropy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Improving_Adversarial_Robustness_via_Guided_Complement_Entropy.md -------------------------------------------------------------------------------- /2019/Improving_the_Robustness_of_Deep_Neural_Networks_via_Adversarial_Training_with_Triplet_Loss.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Improving_the_Robustness_of_Deep_Neural_Networks_via_Adversarial_Training_with_Triplet_Loss.md -------------------------------------------------------------------------------- /2019/Interpreting_Adversarially_Trained_Convolutional_Neural_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Interpreting_Adversarially_Trained_Convolutional_Neural_Networks.md -------------------------------------------------------------------------------- /2019/Joint_Adversarial_Training_Incorporating_both_Spatial_and_Pixel_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Joint_Adversarial_Training_Incorporating_both_Spatial_and_Pixel_Attacks.md -------------------------------------------------------------------------------- /2019/Knowledge_Distillation_from_Internal_Representations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Knowledge_Distillation_from_Internal_Representations.md -------------------------------------------------------------------------------- /2019/Metric_Learning_for_Adversarial_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Metric_Learning_for_Adversarial_Robustness.md -------------------------------------------------------------------------------- /2019/NATTACK_Learning_the_Distributions_of_Adversarial_Examples_for_an_Improved_Black_Box_Attack_on_Deep_Neural_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/NATTACK_Learning_the_Distributions_of_Adversarial_Examples_for_an_Improved_Black_Box_Attack_on_Deep_Neural_Networks.md -------------------------------------------------------------------------------- /2019/Natural_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Natural_Adversarial_Examples.md -------------------------------------------------------------------------------- /2019/Noise2Self_Blind_Denoising_by_Self_Supervision.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Noise2Self_Blind_Denoising_by_Self_Supervision.md -------------------------------------------------------------------------------- /2019/On_the_Connection_Between_Adversarial_Robustness_and_Saliency_Map_Interpretability.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/On_the_Connection_Between_Adversarial_Robustness_and_Saliency_Map_Interpretability.md -------------------------------------------------------------------------------- /2019/One_pixel_attack_for_fooling_deep_neural_networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/One_pixel_attack_for_fooling_deep_neural_networks.md -------------------------------------------------------------------------------- /2019/Perturbations_are_not_Enough_Generating_Adversarial_Examples_with_Spatial_Distortions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Perturbations_are_not_Enough_Generating_Adversarial_Examples_with_Spatial_Distortions.md -------------------------------------------------------------------------------- /2019/Real_Image_Denoising_With_Feature_Attention.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Real_Image_Denoising_With_Feature_Attention.md -------------------------------------------------------------------------------- /2019/Rethinking_Data_Augmentation_Self_Supervision_and_Self_Distillation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Rethinking_Data_Augmentation_Self_Supervision_and_Self_Distillation.md -------------------------------------------------------------------------------- /2019/Retrieval_Augmented_Convolutional_Neural_Networks_against_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Retrieval_Augmented_Convolutional_Neural_Networks_against_Adversarial_Examples.md -------------------------------------------------------------------------------- /2019/Rob_GAN_Generator_Discriminator_and_Adversarial_Attacker.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Rob_GAN_Generator_Discriminator_and_Adversarial_Attacker.md -------------------------------------------------------------------------------- /2019/Robust_Attribution_Regularization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Robust_Attribution_Regularization.md -------------------------------------------------------------------------------- /2019/Robustness_May_Be_at_Odds_with_Accuracy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Robustness_May_Be_at_Odds_with_Accuracy.md -------------------------------------------------------------------------------- /2019/SemanticAdv_Generating_Adversarial_Examples_via_Attribute_conditional_Image_Editing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/SemanticAdv_Generating_Adversarial_Examples_via_Attribute_conditional_Image_Editing.md -------------------------------------------------------------------------------- /2019/SinGAN_Learning_a_Generative_Model_From_a_Single_Natural_Image.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/SinGAN_Learning_a_Generative_Model_From_a_Single_Natural_Image.md -------------------------------------------------------------------------------- /2019/Sparse_and_Imperceivable_Adversarial_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Sparse_and_Imperceivable_Adversarial_Attacks.md -------------------------------------------------------------------------------- /2019/The_Limitations_of_Adversarial_Training_and_the_Blind-Spot_Attack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/The_Limitations_of_Adversarial_Training_and_the_Blind-Spot_Attack.md -------------------------------------------------------------------------------- /2019/Theoretically_Principled_Trade_off_between_Robustness_and_Accuracy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Theoretically_Principled_Trade_off_between_Robustness_and_Accuracy.md -------------------------------------------------------------------------------- /2019/Transferable_Adversarial_Attacks_for_Image_and_Video_Object_Detection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Transferable_Adversarial_Attacks_for_Image_and_Video_Object_Detection.md -------------------------------------------------------------------------------- /2019/Using_Pre_Training_Can_Improve_Model_Robustness_and_Uncertainty.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2019/Using_Pre_Training_Can_Improve_Model_Robustness_and_Uncertainty.md -------------------------------------------------------------------------------- /2020/A_Closer_Look_at_Accuracy_vs_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/A_Closer_Look_at_Accuracy_vs_Robustness.md -------------------------------------------------------------------------------- /2020/A_Self_supervised_Approach_for_Adversarial_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/A_Self_supervised_Approach_for_Adversarial_Robustness.md -------------------------------------------------------------------------------- /2020/Adversarial_Examples_Improve_Image_Recognition.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Adversarial_Examples_Improve_Image_Recognition.md -------------------------------------------------------------------------------- /2020/Adversarially_Robust_Representations_with_Smooth_Encoders.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Adversarially_Robust_Representations_with_Smooth_Encoders.md -------------------------------------------------------------------------------- /2020/Confidence_Calibrated_Adversarial_Training_Generalizing_to_Unseen_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Confidence_Calibrated_Adversarial_Training_Generalizing_to_Unseen_Attacks.md -------------------------------------------------------------------------------- /2020/Contrastive_Representation_Distillation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Contrastive_Representation_Distillation.md -------------------------------------------------------------------------------- /2020/DVERGE_Diversifying_Vulnerabilities_for_Enhanced_Robust_Generation_of_Ensembles.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/DVERGE_Diversifying_Vulnerabilities_for_Enhanced_Robust_Generation_of_Ensembles.md -------------------------------------------------------------------------------- /2020/Deflecting_Adversarial_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Deflecting_Adversarial_Attacks.md -------------------------------------------------------------------------------- /2020/Energy_based_Out_of_distribution_Detection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Energy_based_Out_of_distribution_Detection.md -------------------------------------------------------------------------------- /2020/Enhancing_Transformation_Based_Defenses_Against_Adversarial_Attacks_with_a_Distribution_Classifier.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Enhancing_Transformation_Based_Defenses_Against_Adversarial_Attacks_with_a_Distribution_Classifier.md -------------------------------------------------------------------------------- /2020/Fooling_Detection_Alone_is_Not_Enough_Adversarial_Attack_against_Multiple_Object_Tracking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Fooling_Detection_Alone_is_Not_Enough_Adversarial_Attack_against_Multiple_Object_Tracking.md -------------------------------------------------------------------------------- /2020/Heat_and_Blur_An_Effective_and_Fast_Defense_Against_Adversarial_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Heat_and_Blur_An_Effective_and_Fast_Defense_Against_Adversarial_Examples.md -------------------------------------------------------------------------------- /2020/High_Frequency_Component_Helps_Explain_the_Generalization_of_Convolutional_Neural_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/High_Frequency_Component_Helps_Explain_the_Generalization_of_Convolutional_Neural_Networks.md -------------------------------------------------------------------------------- /2020/Improving_Adversarial_Robustness_Requires_Revisiting_Misclassified_Examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Improving_Adversarial_Robustness_Requires_Revisiting_Misclassified_Examples.md -------------------------------------------------------------------------------- /2020/Jacobian_Adversarially_Regularized_Networks_for_Robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Jacobian_Adversarially_Regularized_Networks_for_Robustness.md -------------------------------------------------------------------------------- /2020/Manifold_regularization_for_adversarial_robustness.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Manifold_regularization_for_adversarial_robustness.md -------------------------------------------------------------------------------- /2020/On_Robustness_of_Neural_Ordinary_Differential_Equations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/On_Robustness_of_Neural_Ordinary_Differential_Equations.md -------------------------------------------------------------------------------- /2020/Out_of_Distribution_Generalization_via_Risk_Extrapolation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Out_of_Distribution_Generalization_via_Risk_Extrapolation.md -------------------------------------------------------------------------------- /2020/Pay_Attention_to_Features_Transfer_Learn_Faster_CNNs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Pay_Attention_to_Features_Transfer_Learn_Faster_CNNs.md -------------------------------------------------------------------------------- /2020/Robust_And_Interpretable_Blind_Image_Denoising_Via_Bias_Free_Convolutional_Neural_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Robust_And_Interpretable_Blind_Image_Denoising_Via_Bias_Free_Convolutional_Neural_Networks.md -------------------------------------------------------------------------------- /2020/Robust_Local_Features_for_Improving_the_Generalization_of_Adversarial_Training.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Robust_Local_Features_for_Improving_the_Generalization_of_Adversarial_Training.md -------------------------------------------------------------------------------- /2020/Sponge_Examples_Energy_Latency_Attacks_on_Neural_Networks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Sponge_Examples_Energy_Latency_Attacks_on_Neural_Networks.md -------------------------------------------------------------------------------- /2020/Supervised_Contrastive_Learning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Supervised_Contrastive_Learning.md -------------------------------------------------------------------------------- /2020/Triple_Wins_Boosting_Accuracy_Robustness_and_Efficiency_Together_by_Enabling_Input_Adaptive_Inference.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Triple_Wins_Boosting_Accuracy_Robustness_and_Efficiency_Together_by_Enabling_Input_Adaptive_Inference.md -------------------------------------------------------------------------------- /2020/Wavelet_Integrated_CNNs_for_Noise_Robust_Image_Classification.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/Wavelet_Integrated_CNNs_for_Noise_Robust_Image_Classification.md -------------------------------------------------------------------------------- /2020/What_it_Thinks_is_Important_is_Important_Robustness_Transfers_through_Input_Gradients.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2020/What_it_Thinks_is_Important_is_Important_Robustness_Transfers_through_Input_Gradients.md -------------------------------------------------------------------------------- /2021/On_the_Limitations_of_Denoising_Strategies_as_Adversarial_Defenses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/2021/On_the_Limitations_of_Denoising_Strategies_as_Adversarial_Defenses.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/README.md -------------------------------------------------------------------------------- /asset/survey.bib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/asset/survey.bib -------------------------------------------------------------------------------- /asset/template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/asset/template.md -------------------------------------------------------------------------------- /pics/algo1_2019arXiv191205699C.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_2019arXiv191205699C.png -------------------------------------------------------------------------------- /pics/algo1_DongLPS0HL18.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_DongLPS0HL18.png -------------------------------------------------------------------------------- /pics/algo1_PrakashMGDS18.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_PrakashMGDS18.png -------------------------------------------------------------------------------- /pics/algo1_Rony_2019_CVPR.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_Rony_2019_CVPR.png -------------------------------------------------------------------------------- /pics/algo1_Xie_2020_CVPR.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_Xie_2020_CVPR.png -------------------------------------------------------------------------------- /pics/algo1_ZhangSGCBM19.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_ZhangSGCBM19.png -------------------------------------------------------------------------------- /pics/algo1_Zhong_2019_ICCV.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_Zhong_2019_ICCV.png -------------------------------------------------------------------------------- /pics/algo1_chan2020jacobian.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/algo1_chan2020jacobian.png -------------------------------------------------------------------------------- /pics/eqn10_Zhong_2019_ICCV.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn10_Zhong_2019_ICCV.png -------------------------------------------------------------------------------- /pics/eqn1_NIPS2019_8339.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn1_NIPS2019_8339.png -------------------------------------------------------------------------------- /pics/eqn3_2020arXiv200411362K.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn3_2020arXiv200411362K.png -------------------------------------------------------------------------------- /pics/eqn3_Zhong_2019_ICCV.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn3_Zhong_2019_ICCV.png -------------------------------------------------------------------------------- /pics/eqn3_pmlr-v97-zhang19p.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn3_pmlr-v97-zhang19p.png -------------------------------------------------------------------------------- /pics/eqn4_yang2020dverge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn4_yang2020dverge.png -------------------------------------------------------------------------------- /pics/eqn5_gu2014towards.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn5_gu2014towards.png -------------------------------------------------------------------------------- /pics/eqn6_abs-1711-00117.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn6_abs-1711-00117.png -------------------------------------------------------------------------------- /pics/eqn6_gu2014towards.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn6_gu2014towards.png -------------------------------------------------------------------------------- /pics/eqn7_song2020robust.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn7_song2020robust.png -------------------------------------------------------------------------------- /pics/eqn8_wang2020improving.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn8_wang2020improving.png -------------------------------------------------------------------------------- /pics/eqn9_song2020robust.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/eqn9_song2020robust.png -------------------------------------------------------------------------------- /pics/fig1_Gupta_2019_ICCV.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_Gupta_2019_ICCV.png -------------------------------------------------------------------------------- /pics/fig1_MetzenGFB17.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_MetzenGFB17.png -------------------------------------------------------------------------------- /pics/fig1_NIPS2019_8339.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_NIPS2019_8339.png -------------------------------------------------------------------------------- /pics/fig1_abs-1910-03723.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_abs-1910-03723.png -------------------------------------------------------------------------------- /pics/fig1_chan2020jacobian.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_chan2020jacobian.png -------------------------------------------------------------------------------- /pics/fig1_song2020robust.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_song2020robust.png -------------------------------------------------------------------------------- /pics/fig1_wang2020improving.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig1_wang2020improving.png -------------------------------------------------------------------------------- /pics/fig2_2019arXiv191205699C.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_2019arXiv191205699C.png -------------------------------------------------------------------------------- /pics/fig2_AkhtarLM18.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_AkhtarLM18.png -------------------------------------------------------------------------------- /pics/fig2_NIPS2019_8339.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_NIPS2019_8339.png -------------------------------------------------------------------------------- /pics/fig2_Naseer_2020_CVPR.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_Naseer_2020_CVPR.png -------------------------------------------------------------------------------- /pics/fig2_ZhangSGCBM19.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_ZhangSGCBM19.png -------------------------------------------------------------------------------- /pics/fig2_abs-1711-00117.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_abs-1711-00117.png -------------------------------------------------------------------------------- /pics/fig2_anwar_2009_iccv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_anwar_2009_iccv.png -------------------------------------------------------------------------------- /pics/fig2_ijcai2019-134.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig2_ijcai2019-134.png -------------------------------------------------------------------------------- /pics/fig3_Xie_2020_CVPR.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig3_Xie_2020_CVPR.png -------------------------------------------------------------------------------- /pics/fig4_2020arXiv200302460Y.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig4_2020arXiv200302460Y.png -------------------------------------------------------------------------------- /pics/fig4_onepixel.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig4_onepixel.png -------------------------------------------------------------------------------- /pics/fig5_li2020wavelet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig5_li2020wavelet.png -------------------------------------------------------------------------------- /pics/fig9_8423654.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/fig9_8423654.png -------------------------------------------------------------------------------- /pics/tab1_ijcai2019-134.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab1_ijcai2019-134.png -------------------------------------------------------------------------------- /pics/tab1_jin2020manifold.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab1_jin2020manifold.png -------------------------------------------------------------------------------- /pics/tab1_wang2020improving.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab1_wang2020improving.png -------------------------------------------------------------------------------- /pics/tab2_10114532437343243855.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab2_10114532437343243855.png -------------------------------------------------------------------------------- /pics/tab4_yang2020dverge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab4_yang2020dverge.png -------------------------------------------------------------------------------- /pics/tab5_yang2020dverge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/tab5_yang2020dverge.png -------------------------------------------------------------------------------- /pics/text_DongLPS0HL18.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/text_DongLPS0HL18.png -------------------------------------------------------------------------------- /pics/xiewzzxy17_algo1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tao-bai/attack-and-defense-methods/HEAD/pics/xiewzzxy17_algo1.png --------------------------------------------------------------------------------