Towards lightweight black-box attack against deep neural networks
Black-box attacks can generate adversarial examples without accessing the parameters of
target model, largely exacerbating the threats of deployed deep neural networks (DNNs) …
target model, largely exacerbating the threats of deployed deep neural networks (DNNs) …
Expected Perturbation Scores for Adversarial Detection
Adversarial detection aims to determine whether a given sample is an adversarial one
based on the discrepancy between natural and adversarial distributions. Unfortunately …
based on the discrepancy between natural and adversarial distributions. Unfortunately …