For more details about attacks and defenses, you can read this paper.
Adversarial Attacks and Defenses in Images, Graphs and Text: A Review
We would be glad if you find our work useful and cite the paper.
@article{xu2019adversarial,
title={Adversarial attacks and defenses in images, graphs and text: A review},
author={Xu, Han and Ma, Yao and Liu, Haochen and Deb, Debayan and Liu, Hui and Tang, Jiliang and Jain, Anil},
journal={arXiv preprint arXiv:1909.08072},
year={2019}
}
python3numpypytorch v1.2.0matplotlib
- MNIST
- CIFAR-10
- ImageNet
- SampleCNN
- ResNet
| Attack Methods | Attack Type | Apply Domain | Links |
|---|---|---|---|
| LBFGS attack | White-Box | Image Classification | Intriguing Properties of Neural Networks |
| FGSM attack | White-Box | Image Classification | Explaining and Harnessing Adversarial Examples |
| PGD attack | White-Box | Image Classification | Towards Deep Learning Models Resistant to Adversarial Attacks |
| DeepFool attack | White-Box | Image Classification | DeepFool: a simple and accurate method to fool deep neural network |
| CW attack | White-Box | Image Classification | Towards Evaluating the Robustness of Neural Networks |
| Nattack | Black-Box | Image Classification | NATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks |
| Defense Methods | Defense Type | Apply Domain | Links |
|---|---|---|---|
| FGSM training | Adverserial Training | Image Classification | Towards Deep Learning Models Resistant to Adversarial Attacks |
| PGD training | Adverserial Training | Image Classification | Intriguing Properties of Neural Networks |
| YOPO | Adverserial Training | Image Classification | You Only Propagate Once: Accelerating Adversarial Training via Maximal Principle |
| TRADES | Adverserial Training | Image Classification | Theoretically Principled Trade-off between Robustness and Accuracy |