A curated list of adversarial samples. Inspired by awesome-deep-vision, awesome-adversarial-machine-learning, awesome-deep-learning-papers, and awesome-architecture-search.
Please feel free to pull requests or open an issue to add papers.
-
Adversarial examples in the physical world (ICLR2017 Workshop)
-
DeepFool: a simple and accurate method to fool deep neural networks (CVPR2016) The idea in this work is close to the orginal idea. Loop until the predicted label change.
-
Learning with a strong adversary (rejected by ICLR2016?) Apply the spirit of GAN to optimization.
-
Decision-based Adversarial Attacks: Reliable Attacks Against Black-box Machine Learning Models (ICLR2018) [code]
-
The limitations of deep learning in adversarial settings (ESSP) (European Symposium on Security & Privacy) Propose SaliencyMapAttack. Do not use loss function.
-
Generating Natural Adversarial Examples (ICLR2018)
-
Simple Black-Box Adversarial Perturbations for Deep Networksh One pixel attack (CVPR17 Workshop)
-
Boosting Adversarial Attacks with Momentum (CVPR2018 Spotlight)
-
Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition (CCS2016) same with the least-likely class
-
Adversarial examples for semantic image segmentation (ICLR2017 Workshop) same with the classification case.
-
Explaining and Harnessing Adversarial Examples (ICLR2015) Fast Gradient Sign Method
-
Open Set Adversarial Examples Attack Image Retrieval
-
Exploring the space of adversarial images (IJCNN2016)
-
Towards Deep Learning Models Resistant to Adversarial Attacks (ICLR2018)
-
Stochastic Activation Pruning for Robust Adversarial Defense (ICLR2018)
-
Mitigating Adversarial Effects Through Randomization (ICLR2018)
-
Ensemble Adversarial Training: Attacks and Defenses (ICLR2018)