Oct 26, 2023 · In this paper, we propose a new practical threat model where the adversary relies on transfer attacks through publicly available surrogate ...
Nov 23, 2023 · This paper proposes a defense against transfer-based evasion attacks. The defense uses publicly-available pretrained models to create ...
[PDF] Defending Against Transfer Attacks From Public Models
www.semanticscholar.org › paper › Defe...
Under this threat model, the PubDef defense, PubDef, outperforms the state-of-the-art white-box adversarial training by a large margin with almost no loss ...
Under this threat model, our defense, PUBDEF, outperforms the state-of-the-art white-box adversarial training by a large margin with almost no loss in the ...
In this paper, we propose a new practical threat model where the adversary relies on transfer attacks through publicly available surrogate models.
Published as a conference paper at ICLR 2024. PUBDEF: DEFENDING AGAINST TRANSFER ATTACKS FROM PUBLIC MODELS Chawin Sitawarin UC Berkeley Jaewon Chang∗
Oct 29, 2023 · PubDef is designed to resist transfer attacks from publicly available models. It uses a game theory approach, where the attacker's strategy is ...
Oct 29, 2023 · PubDef is designed specifically to resist transfer attacks from publicly available models. The authors formulate the interaction between attacker and defender ...
Transfer attack. • Create adversarial examples on models with white-box access. (e.g., public open-source models). • Transfer the attacks to target model.
Mar 17, 2024 · In this paper, we propose a new practical threat model where the adversary relies on transfer attacks through publicly available surrogate ...