Resilient machine learning for networked cyber physical systems: A survey for machine learning security to securing machine learning for CPS
Cyber Physical Systems (CPS) are characterized by their ability to integrate the physical and
information or cyber worlds. Their deployment in critical infrastructure have demonstrated a …
information or cyber worlds. Their deployment in critical infrastructure have demonstrated a …
Adversarial attacks and defenses in deep learning: From a perspective of cybersecurity
The outstanding performance of deep neural networks has promoted deep learning
applications in a broad set of domains. However, the potential risks caused by adversarial …
applications in a broad set of domains. However, the potential risks caused by adversarial …
Square attack: a query-efficient black-box adversarial attack via random search
Abstract We propose the Square Attack, a score-based black-box l_2 l 2-and l_ ∞ l∞-
adversarial attack that does not rely on local gradient information and thus is not affected by …
adversarial attack that does not rely on local gradient information and thus is not affected by …
Privacy and security issues in deep learning: A survey
Deep Learning (DL) algorithms based on artificial neural networks have achieved
remarkable success and are being extensively applied in a variety of application domains …
remarkable success and are being extensively applied in a variety of application domains …
Data-free model extraction
Current model extraction attacks assume that the adversary has access to a surrogate
dataset with characteristics similar to the proprietary data used to train the victim model. This …
dataset with characteristics similar to the proprietary data used to train the victim model. This …
Query-efficient hard-label black-box attack: An optimization-based approach
We study the problem of attacking a machine learning model in the hard-label black-box
setting, where no model information is revealed except that the attacker can make queries to …
setting, where no model information is revealed except that the attacker can make queries to …
Is robustness the cost of accuracy?--a comprehensive study on the robustness of 18 deep image classification models
The prediction accuracy has been the long-lasting and sole standard for comparing the
performance of different image classification models, including the ImageNet competition …
performance of different image classification models, including the ImageNet competition …
Adversarial machine learning in image classification: A survey toward the defender's perspective
GR Machado, E Silva, RR Goldschmidt - ACM Computing Surveys …, 2021 - dl.acm.org
Deep Learning algorithms have achieved state-of-the-art performance for Image
Classification. For this reason, they have been used even in security-critical applications …
Classification. For this reason, they have been used even in security-critical applications …
Improving black-box adversarial attacks with a transfer-based prior
We consider the black-box adversarial setting, where the adversary has to generate
adversarial perturbations without access to the target models to compute gradients. Previous …
adversarial perturbations without access to the target models to compute gradients. Previous …
A primer on zeroth-order optimization in signal processing and machine learning: Principals, recent advances, and applications
Zeroth-order (ZO) optimization is a subset of gradient-free optimization that emerges in many
signal processing and machine learning (ML) applications. It is used for solving optimization …
signal processing and machine learning (ML) applications. It is used for solving optimization …