Evaluating the Adversarial Robustness of Adaptive Test-time Defenses

02/28/2022
by   Francesco Croce, et al.
28

Adaptive defenses that use test-time optimization promise to improve robustness to adversarial examples. We categorize such adaptive test-time defenses and explain their potential benefits and drawbacks. In the process, we evaluate some of the latest proposed adaptive defenses (most of them published at peer-reviewed conferences). Unfortunately, none significantly improve upon static models when evaluated appropriately. Some even weaken the underlying static model while simultaneously increasing inference cost. While these results are disappointing, we still believe that adaptive test-time defenses are a promising avenue of research and, as such, we provide recommendations on evaluating such defenses. We go beyond the checklist provided by Carlini et al. (2019) by providing concrete steps that are specific to this type of defense.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/26/2019

An Adaptive View of Adversarial Robustness from Test-time Smoothing Defense

The safety and robustness of learning-based decision-making systems are ...
research
07/21/2023

Fast Adaptive Test-Time Defense with Robust Features

Adaptive test-time defenses are used to improve the robustness of deep n...
research
10/18/2020

FADER: Fast Adversarial Example Rejection

Deep neural networks are vulnerable to adversarial examples, i.e., caref...
research
02/12/2021

Certified Defenses: Why Tighter Relaxations May Hurt Training?

Certified defenses based on convex relaxations are an established techni...
research
06/03/2020

ToGCom: An Asymmetric Sybil Defense

Proof-of-work (PoW) is one of the most common techniques to defend again...
research
04/12/2019

Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks

With the wide deployment of machine learning (ML) based systems for a va...
research
10/12/2022

Visual Prompting for Adversarial Robustness

In this work, we leverage visual prompting (VP) to improve adversarial r...

Please sign up or login with your details

Forgot password? Click here to reset