ICCV-2021-adversarial-attacks-and-defense

ICCV 2021 papers and code focus on adversarial attacks and defense

Attacks

clssification

• AdvDrop: Adversarial Attack to DNNs by Dropping Information
• Admix: Enhancing the Transferability of Adversarial Attacks
• Feature Importance-Aware Transferable Adversarial Attacks
• Consistency-Sensitivity Guided Ensemble Black-Box Adversarial Attacks in Low-Dimensional Spaces
• Augmented Lagrangian Adversarial Attacks
  • code
• LIRA: Learnable, Imperceptible and Robust Backdoor Attacks
• Interpreting Attributions and Interactions of Adversarial Attacks

detection

point cloud

• PointBA: Towards Backdoor Attacks in 3D Point Cloud

• A Backdoor Attack Against 3D Point Cloud Classifiers

• Meta Gradient Adversarial Attack

other tasks

• Adversarial Attack on Deep Cross-Modal Hamming Retrieval Hamming Retrieval

• Just One Moment: Structural Vulnerability of Deep Action Recognition Against One Frame Attack Action Recognition

• Parallel Rectangle Flip Attack: A Query-Based Black-Box Attack Against Object Detection Object Detection

• Practical Relative Order Attack in Deep Ranking Ranking

• Adversarial Attacks on Multi-Agent Communication

• Membership Inference Attacks Are Easier on Difficult Problems Membership Inference Attacks

• Knowledge-Enriched Distributional Model Inversion Attacks Model Inversion Attacks

  • code

• Exploiting Explanations for Model Inversion Attacks Model Inversion Attacks

• Aha! Adaptive History-Driven Attack for Decision-Based Black-Box Models

• TkML-AP: Adversarial Attacks to Top-k Multi-Label Learning Top-k Multi-Label Learning

  • code

• Data-Free Universal Adversarial Perturbation and Black-Box Attack

• Attack As the Best Defense: Nullifying Image-to-Image Translation GANs via Limit-Aware Adversarial Attack

• Invisible Backdoor Attack With Sample-Specific Triggers

• Meta-Attack: Class-Agnostic and Model-Agnostic Physical Adversarial Attack

• Attack-Guided Perceptual Data Generation for Real-World Re-Identification

• AGKD-BML: Defense Against Adversarial Attack by Attention Guided Knowledge Distillation and Bi-Directional Metric Learning

• ProFlip: Targeted Trojan Attack With Progressive Bit Flips

Defense

Detection adv

• Multi-Expert Adversarial Attack Detection in Person Re-Identification Using Context Inconsistency
• Black-Box Detection of Backdoor Attacks With Limited Information and Data
• Adversarial Attacks Are Reversible With Natural Supervision
• Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective
  • code
• Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings exp
• Detection and Continual Learning of Novel Face Presentation Attacks
• Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes

Adv train

• Improving Robustness of Facial Landmark Detection by Defending Against Adversarial Attacks
  • code

Applications

• Triggering Failures: Out-of-Distribution Detection by Learning From Local Adversarial Attacks in Semantic Segmentation