Corpus ID: 195776342

Accurate, reliable and fast robustness evaluation

@inproceedings{Brendel2019AccurateRA,
  title={Accurate, reliable and fast robustness evaluation},
  author={W. Brendel and Jonas Rauber and Matthias K{\"u}mmerer and Ivan Ustyuzhaninov and M. Bethge},
  booktitle={NeurIPS},
  year={2019}
}
  • W. Brendel, Jonas Rauber, +2 authors M. Bethge
  • Published in NeurIPS 2019
  • Computer Science, Mathematics
    • Throughout the past five years, the susceptibility of neural networks to minimal adversarial perturbations has moved from a peculiar phenomenon to a core issue in Deep Learning. Despite much attention, however, progress towards more robust models is significantly impaired by the difficulty of evaluating the robustness of neural network models. Today's methods are either fast but brittle (gradient-based attacks), or they are fairly reliable but slow (score- and decision-based attacks). We here… CONTINUE READING
    View PDF on arXiv
    17 Citations
    Highly Influencial Citations
    2
    Background Citations
    5
    Methods Citations
    4
    Results Citations
    2

    Supplemental Code

    Github Repo
    Via Papers with Code
    wielandbrendel/brendel_bethge_attack
    Notes on using the Brendel & Bethge attack with Foolbox and Cleverhans
    3 Stars
    Explore Further
    Discover more papers related to the topics discussed in this paper

    Figures, Tables, and Topics from this paper

    Figures and Tables

    Explore Further: Topics Discussed in This Paper

    Paper Mentions

    News Article
    Accurate, reliable and fast robustness evaluation
    Medium US
    16 January 2020
    17 Citations
    Citation Type

    Citation Type

    Sampled Nonlocal Gradients for Stronger Adversarial Attacks
    • Highly Influenced
    • PDF
    Improving Adversarial Robustness Through Progressive Hardening
    • 8
    • PDF
    How to compare adversarial robustness of classifiers from a global perspective
    • PDF
    Towards Defending Multiple Adversarial Perturbations via Gated Batch Normalization
    • Highly Influenced
    • PDF
    Voting based ensemble improves robustness of defensive models
    • PDF
    Adaptive iterative attack towards explainable adversarial robustness
    • 4
    Foolbox Native: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX
    • 6
    • PDF
    Improving Ensemble Robustness by Collaboratively Promoting and Demoting Adversarial Robustness
    • PDF
    Using Learning Dynamics to Explore the Role of Implicit Regularization in Adversarial Examples
    • PDF
    An Alternative Surrogate Loss for PGD-based Adversarial Testing
    • 27
    • PDF

    References

    SHOWING 1-10 OF 26 REFERENCES
    Towards Evaluating the Robustness of Neural Networks
    • 2,949
    • Highly Influential
    • PDF
    Towards the first adversarially robust neural network model on MNIST
    • 165
    • PDF
    MixTrain: Scalable Training of Formally Robust Neural Networks
    • 68
    • Highly Influential
    Towards Deep Learning Models Resistant to Adversarial Attacks
    • 2,781
    • Highly Influential
    • PDF
    Decoupling Direction and Norm for Efficient Gradient-Based L2 Adversarial Attacks and Defenses
    • 79
    • PDF
    Boosting Adversarial Attacks with Momentum
    • Y. Dong, Fangzhou Liao, +4 authors J. Li
    • Computer Science
    • 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition
    • 2018
    • 610
    • PDF
    Decision-Based Adversarial Attacks : Reliable Attacks Against Black-box Machine Learning Models
    • Huichen Lihuichen
    • 2017
    • 114
    • Highly Influential
    EAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples
    • 264
    • Highly Influential
    • PDF
    Provable defenses against adversarial examples via the convex outer adversarial polytope
    • 662
    • Highly Influential
    • PDF
    The Limitations of Deep Learning in Adversarial Settings
    • 1,858
    • Highly Influential
    • PDF