A curated list of adversarial samples. Inspired by awesome-deep-vision, awesome-adversarial-machine-learning, awesome-deep-learning-papers, and awesome-architecture-search.

Please feel free to pull requests or open an issue to add papers.

1. Adversarial examples in the physical world (ICLR2017 Workshop)

2. Ian Speech on CS231n

3. DeepFool: a simple and accurate method to fool deep neural networks (CVPR2016) The idea in this work is close to the orginal idea. Loop until the predicted label change.

4. Learning with a strong adversary (rejected by ICLR2016?) Apply the spirit of GAN to optimization.

5. Decision-based Adversarial Attacks: Reliable Attacks Against Black-box Machine Learning Models (ICLR2018) [code]

6. The limitations of deep learning in adversarial settings (ESSP) (European Symposium on Security & Privacy) Propose SaliencyMapAttack. Do not use loss function.

7. Generating Natural Adversarial Examples (ICLR2018)

8. Simple Black-Box Adversarial Perturbations for Deep Networksh One pixel attack (CVPR17 Workshop)

9. Boosting Adversarial Attacks with Momentum (CVPR2018 Spotlight)

10. Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition (CCS2016) same with the least-likely class

11. Adversarial examples for semantic image segmentation (ICLR2017 Workshop) same with the classification case.

12. Explaining and Harnessing Adversarial Examples (ICLR2015) Fast Gradient Sign Method

13. Open Set Adversarial Examples Attack Image Retrieval

1. Exploring the space of adversarial images (IJCNN2016)

2. Towards Deep Learning Models Resistant to Adversarial Attacks (ICLR2018)

3. Stochastic Activation Pruning for Robust Adversarial Defense (ICLR2018)

4. Mitigating Adversarial Effects Through Randomization (ICLR2018)

5. Ensemble Adversarial Training: Attacks and Defenses (ICLR2018)

1. https://bair.berkeley.edu/blog/2017/12/30/yolo-attack/