FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3211032610> ?p ?o ?g. }

• W3211032610 abstract "There has been emerging interest in using transductive learning for adversarial robustness (Goldwasser et al., NeurIPS 2020; Wu et al., ICML 2020; Wang et al., ArXiv 2021). Compared to traditional defenses, these defense mechanisms dynamically learn the model based on test-time input; and theoretically, attacking these defenses reduces to solving a bilevel optimization problem, which poses difficulty in crafting adaptive attacks. In this paper, we examine these defense mechanisms from a principled threat analysis perspective. We formulate and analyze threat models for transductive-learning based defenses, and point out important subtleties. We propose the principle of attacking model space for solving bilevel attack objectives, and present Greedy Model Space Attack (GMSA), an attack framework that can serve as a new baseline for evaluating transductive-learning based defenses. Through systematic evaluation, we show that GMSA, even with weak instantiations, can break previous transductive-learning based defenses, which were resilient to previous attacks, such as AutoAttack. On the positive side, we report a somewhat surprising empirical result of transductive adversarial training: Adversarially retraining the model using fresh randomness at the test time gives a significant increase in robustness against attacks we consider." @default.
• W3211032610 created "2021-11-08" @default.
• W3211032610 creator A5012396970 @default.
• W3211032610 creator A5031319340 @default.
• W3211032610 creator A5035905957 @default.
• W3211032610 creator A5059447203 @default.
• W3211032610 creator A5088826068 @default.
• W3211032610 date "2021-10-27" @default.
• W3211032610 modified "2023-09-23" @default.
• W3211032610 title "Towards Evaluating the Robustness of Neural Networks Learned by Transduction" @default.
• W3211032610 cites W1731081199 @default.
• W3211032610 cites W2067713319 @default.
• W3211032610 cites W2148603752 @default.
• W3211032610 cites W2194775991 @default.
• W3211032610 cites W2243397390 @default.
• W3211032610 cites W2570685808 @default.
• W3211032610 cites W2786022758 @default.
• W3211032610 cites W2809090039 @default.
• W3211032610 cites W2911634294 @default.
• W3211032610 cites W2912237282 @default.
• W3211032610 cites W2921408922 @default.
• W3211032610 cites W2962729158 @default.
• W3211032610 cites W2962972504 @default.
• W3211032610 cites W2963060032 @default.
• W3211032610 cites W2963143631 @default.
• W3211032610 cites W2963207607 @default.
• W3211032610 cites W2963539647 @default.
• W3211032610 cites W2963542245 @default.
• W3211032610 cites W2963857521 @default.
• W3211032610 cites W2964253222 @default.
• W3211032610 cites W2970680991 @default.
• W3211032610 cites W2982064756 @default.
• W3211032610 cites W2995245581 @default.
• W3211032610 cites W2996344901 @default.
• W3211032610 cites W2996564870 @default.
• W3211032610 cites W3034558552 @default.
• W3211032610 cites W3034994123 @default.
• W3211032610 cites W3039883906 @default.
• W3211032610 cites W3101114581 @default.
• W3211032610 cites W3103340107 @default.
• W3211032610 cites W3103385169 @default.
• W3211032610 cites W3104360014 @default.
• W3211032610 cites W3114130775 @default.
• W3211032610 cites W3118608800 @default.
• W3211032610 cites W3160387314 @default.
• W3211032610 doi "https://doi.org/10.48550/arxiv.2110.14735" @default.
• W3211032610 hasPublicationYear "2021" @default.
• W3211032610 type Work @default.
• W3211032610 sameAs 3211032610 @default.
• W3211032610 citedByCount "0" @default.
• W3211032610 crossrefType "posted-content" @default.
• W3211032610 hasAuthorship W3211032610A5012396970 @default.
• W3211032610 hasAuthorship W3211032610A5031319340 @default.
• W3211032610 hasAuthorship W3211032610A5035905957 @default.
• W3211032610 hasAuthorship W3211032610A5059447203 @default.
• W3211032610 hasAuthorship W3211032610A5088826068 @default.
• W3211032610 hasBestOaLocation W32110326101 @default.
• W3211032610 hasConcept C104317684 @default.
• W3211032610 hasConcept C119857082 @default.
• W3211032610 hasConcept C15152581 @default.
• W3211032610 hasConcept C154945302 @default.
• W3211032610 hasConcept C185592680 @default.
• W3211032610 hasConcept C22019652 @default.
• W3211032610 hasConcept C37736160 @default.
• W3211032610 hasConcept C41008148 @default.
• W3211032610 hasConcept C50644808 @default.
• W3211032610 hasConcept C55493867 @default.
• W3211032610 hasConcept C63479239 @default.
• W3211032610 hasConceptScore W3211032610C104317684 @default.
• W3211032610 hasConceptScore W3211032610C119857082 @default.
• W3211032610 hasConceptScore W3211032610C15152581 @default.
• W3211032610 hasConceptScore W3211032610C154945302 @default.
• W3211032610 hasConceptScore W3211032610C185592680 @default.
• W3211032610 hasConceptScore W3211032610C22019652 @default.
• W3211032610 hasConceptScore W3211032610C37736160 @default.
• W3211032610 hasConceptScore W3211032610C41008148 @default.
• W3211032610 hasConceptScore W3211032610C50644808 @default.
• W3211032610 hasConceptScore W3211032610C55493867 @default.
• W3211032610 hasConceptScore W3211032610C63479239 @default.
• W3211032610 hasLocation W32110326101 @default.
• W3211032610 hasOpenAccess W3211032610 @default.
• W3211032610 hasPrimaryLocation W32110326101 @default.
• W3211032610 hasRelatedWork W1996541855 @default.
• W3211032610 hasRelatedWork W2811103320 @default.
• W3211032610 hasRelatedWork W2963207607 @default.
• W3211032610 hasRelatedWork W2989932438 @default.
• W3211032610 hasRelatedWork W3099765033 @default.
• W3211032610 hasRelatedWork W3118168379 @default.
• W3211032610 hasRelatedWork W3175189414 @default.
• W3211032610 hasRelatedWork W3204747554 @default.
• W3211032610 hasRelatedWork W4210794429 @default.
• W3211032610 hasRelatedWork W4293580221 @default.
• W3211032610 isParatext "false" @default.
• W3211032610 isRetracted "false" @default.
• W3211032610 magId "3211032610" @default.
• W3211032610 workType "article" @default.