Certified Robustness Against a Union of Sparse Adversarial Attacks
Feature partition aggregation (FPA) is a certified defense that provides provable robustness against the union of sparse (ℓ0) evasion, backdoor, and poisoning attacks.
Enhancing Adversarial Robustness of Neural Ranking Models through Multi-granular Perturbations
The authors propose a novel reinforcement learning-based framework, RL-MARA, to generate multi-granular adversarial examples that can effectively attack black-box neural ranking models. RL-MARA incorporates perturbations at multiple levels of granularity, including word, phrase, and sentence, to exploit the diverse vulnerability distribution within documents and enhance the attack effectiveness.
Enhancing Transferability of Adversarial Attacks via Ensembled Asymptotically Normal Distribution Learning
The proposed Multiple Asymptotically Normal Distribution Attacks (MultiANDA) method explicitly characterizes adversarial perturbations from a learned distribution to improve the transferability of generated adversarial examples across unknown deep learning models.
© 2024 by Linnk AI