
The Limitations of Adversarial Training and the BlindSpot Attack
The adversarial training procedure proposed by Madry et al. (2018) is on...
read it

Robust TripleMatrixRecoveryBased AutoWeighted Label Propagation for Classification
The graphbased semisupervised label propagation algorithm has delivere...
read it

Structured Adversarial Attack: Towards General Implementation and Better Interpretability
When generating adversarial examples to attack deep neural networks (DNN...
read it

Is Robustness the Cost of Accuracy?  A Comprehensive Study on the Robustness of 18 Deep Image Classification Models
The prediction accuracy has been the longlasting and sole standard for ...
read it

MFPN: A Novel Mixture Feature Pyramid Network of Multiple Architectures for Object Detection
Feature pyramids are widely exploited in many detectors to solve the sca...
read it

Automatic Perturbation Analysis on General Computational Graphs
Linear relaxation based perturbation analysis for neural networks, which...
read it

Robustness Verification for Transformers
Robustness verification that aims to formally certify the prediction beh...
read it

QueryEfficient Hardlabel Blackbox Attack:An Optimizationbased Approach
We study the problem of attacking a machine learning model in the hardl...
read it

Efficient Neural Network Robustness Certification with General Activation Functions
Finding minimum distortion of adversarial examples and thus certifying r...
read it

AutoZOOM: Autoencoderbased Zeroth Order Optimization Method for Attacking Blackbox Neural Networks
Recent studies have shown that adversarial examples in stateoftheart ...
read it

Second Rethinking of Network Pruning in the Adversarial Setting
It is well known that deep neural networks (DNNs) are vulnerable to adve...
read it

Provably Robust Deep Learning via Adversarially Trained Smoothed Classifiers
Recent works have shown the effectiveness of randomized smoothing as a s...
read it

MACER: Attackfree and Scalable Robust Training via Maximizing Certified Radius
Adversarial training is one of the most popular ways to learn robust mod...
read it

Defending Against Adversarial Attacks Using Random Forests
As deep neural networks (DNNs) have become increasingly important and po...
read it

EAD: ElasticNet Attacks to Deep Neural Networks via Adversarial Examples
Recent studies have highlighted the vulnerability of deep neural network...
read it

ZOO: Zeroth Order Optimization based Blackbox Attacks to Deep Neural Networks without Training Substitute Models
Deep neural networks (DNNs) are one of the most prominent technologies o...
read it

GPUacceleration for Largescale Tree Boosting
In this paper, we present a novel massively parallel algorithm for accel...
read it

Can Decentralized Algorithms Outperform Centralized Algorithms? A Case Study for Decentralized Parallel Stochastic Gradient Descent
Most distributed machine learning systems nowadays, including TensorFlow...
read it

ShowandFool: Crafting Adversarial Examples for Neural Image Captioning
Modern neural image captioning systems typically adopt the encoderdecod...
read it

Phase Transition of Convex Programs for Linear Inverse Problems with Multiple Prior Constraints
A sharp phase transition emerges in convex programs when solving the lin...
read it

Towards Robust Neural Networks via Random Selfensemble
Recent studies have revealed the vulnerability of deep neural networks ...
read it

Seq2Sick: Evaluating the Robustness of SequencetoSequence Models with Adversarial Examples
Crafting adversarial examples has become an important technique to evalu...
read it

Evaluating the Robustness of Neural Networks: An Extreme Value Theory Approach
The robustness of neural networks to adversarial examples has received g...
read it

Towards Fast Computation of Certified Robustness for ReLU Networks
Verifying the robustness property of a general Rectified Linear Unit (Re...
read it

RecurJac: An Efficient Recursive Algorithm for Bounding Jacobian Matrix of Neural Networks and Its Applications
The Jacobian matrix (or the gradient for singleoutput networks) is dire...
read it

On Extensions of CLEVER: A Neural Network Robustness Evaluation Algorithm
CLEVER (CrossLipschitz Extreme Value for nEtwork Robustness) is an Extr...
read it

Localization from Incomplete Euclidean Distance Matrix: Performance Analysis for the SVDMDS Approach
Localizing a cloud of points from noisy measurements of a subset of pair...
read it

A Convex Relaxation Barrier to Tight Robust Verification of Neural Networks
Verification of neural networks enables us to gauge their robustness aga...
read it

Robust Decision Trees Against Adversarial Examples
Although adversarial examples and model robustness have been extensively...
read it

A Convex Relaxation Barrier to Tight Robustness Verification of Neural Networks
Verification of neural networks enables us to gauge their robustness aga...
read it

Evaluating Robustness of Deep Image SuperResolution against Adversarial Attacks
Singleimage superresolution aims to generate a highresolution version...
read it

Asymptotic Outage Analysis of Spatially Correlated Rayleigh MIMO Channels
The outage performance of multipleinput multipleoutput (MIMO) techniqu...
read it

Robustness Verification of Treebased Models
We study the robustness verification problem for treebased models, incl...
read it

Towards Stable and Efficient Training of Verifiably Robust Neural Networks
Training neural networks with verifiable robustness guarantees is challe...
read it

MemeFaceGenerator: Adversarial Synthesis of Chinese Memeface from Natural Sentences
Chinese memeface is a special kind of internet subculture widely spread...
read it

Enhancing Certifiable Robustness via a Deep Model Ensemble
We propose an algorithm to enhance certified robustness of a deep model ...
read it

Reducing Sentiment Bias in Language Models via Counterfactual Evaluation
Recent improvements in largescale language models have driven progress ...
read it

Robust Deep Reinforcement Learning against Adversarial Perturbations on Observations
Deep Reinforcement Learning (DRL) is vulnerable to small adversarial per...
read it
Huan Zhang
is this you? claim profile