acl 2021
Defense against Synonym Substitution-based Adversarial Attacks via Dirichlet Neighborhood Ensemble
A Sweet Rabbit Hole by DARCY: Using Honeypots to Detect Universal Trigger’s Adversarial Attacks
Rethinking Stealthiness of Backdoor Attack against NLP Models
Turn the Combination Lock: Learnable Textual Backdoor Attacks via Word Substitution
Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger
An Empirical Study on Adversarial Attack on NMT: Languages and Positions Matter
Using Adversarial Attacks to Reveal the Statistical Bias in Machine Reading Comprehension Models
OutFlip: Generating Examples for Unknown Intent Detection with Natural Language Attack
Putting words into the system’s mouth: A targeted attack on neural machine translation using monolingual data poisoning
BERT-Defense: A Probabilistic Model Based on BERT to Combat Cognitively Inspired Orthographic Adversarial Attacks
Counter-Argument Generation by Attacking Weak Premises
aaai 2021
Bigram and Unigram Based Text Attack via Adaptive Monotonic Heuristic Search.
A Unified Multi-Scenario Attacking Network for Visual Object Tracking.
Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification.
Towards Universal Physical Attacks on Single Object Tracking.
Modeling Deep Learning Based Privacy Attacks on Physical Mail.
Beating Attackers At Their Own Games: Adversarial Example Detection Using Adversarial Gradient Directions.
Learning to Attack Real-World Models for Person Re-identification via Virtual-Guided Meta-Learning.
Defending against Contagious Attacks on a Network with Resource Reallocation.
UAG: Uncertainty-aware Attention Graph Neural Network for Defending Adversarial Attacks.
Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks.
Sequential Attacks on Kalman Filter-based Forward Collision Warning Systems.
Composite Adversarial Attacks.
Exacerbating Algorithmic Bias through Fairness Attacks.
Uncertainty-Matching Graph Neural Networks to Defend Against Poisoning Attacks.
PID-Based Approach to Adversarial Attacks.
Towards Feature Space Adversarial Attack by Style Perturbation.
DeHiB: Deep Hidden Backdoor Attack on Semi-supervised Learning via Adversarial Perturbation.
Characterizing the Evasion Attackability of Multi-label Classifiers..
Are Adversarial Examples Created Equal? A Learnable Weighted Minimax Risk for Robustness under Non-uniform Attacks.
Improving Robustness to Model Inversion Attacks via Mutual Information Regularization.
Generating Natural Language Attacks in a Hard Label Black Box Setting.
Adversarial Training with Fast Gradient Projection Method against Synonym Substitution Based Text Attacks.
Enabling Fast and Universal Audio Adversarial Attack Using Generative Model.
EvaLDA: Efficient Evasion Attacks Towards Latent Dirichlet Allocation.
A Context Aware Approach for Generating Natural Language Attacks.
DeepRobust: a Platform for Adversarial Attacks and Defenses.
SkeletonVis: Interactive Visualization for Understanding Adversarial Attacks on Human Action Recognition Models.
ICLR 2021
A Panda? No, It's a Sloth: Slowdown Attacks on Adaptive Multi-Exit Neural Network Inference
Improving VAEs' Robustness to Adversarial Attack
Efficient Certified Defenses Against Patch Attacks on Image Classifiers
Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits
Effective and Efficient Vote Attack on Capsule Networks
Policy-Driven Attack: Learning to Query for Hard-label Black-box Adversarial Examples
Deep Partition Aggregation: Provable Defenses against General Poisoning Attacks
LowKey: Leveraging Adversarial Attacks to Protect Social Media Users from Facial Recognition
R-GAP: Recursive Gradient Attack on Privacy
icml 2021
Just How Toxic is Data Poisoning? A Unified Benchmark for Backdoor and Data Poisoning Attacks
Making Paper Reviewing Robust to Bid Manipulation Attacks
Robust Testing and Estimation under Manipulation Attacks
Query Complexity of Adversarial Attacks
Expressive 1-Lipschitz Neural Networks for Robust Multiple Graph Learning against Adversarial Attacks
Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks
Defense against backdoor attacks via robust covariance estimation
Label-Only Membership Inference Attacks
Robust Learning for Data Poisoning Attacks
Mind the Box: l1-APGD for Sparse Adversarial Attacks on Image Classifiers