Advances in Adversarial Attack Detection and Mitigation

The field of adversarial attacks and defenses is rapidly evolving, with a growing focus on developing innovative methods to detect and mitigate attacks. Recent research has explored the use of unified frameworks to simultaneously address multiple types of attacks, such as adversarial examples and backdoor attacks. Additionally, there is a trend towards developing more robust and transferable attack methods, including those that utilize deformation techniques and multi-scale transformations. These advancements have significant implications for the security and reliability of deep neural networks in a variety of applications. Notable papers in this area include those that propose novel detection frameworks, such as UniGuard, and those that develop more effective attack methods, such as CageAttack and PGA. Noteworthy papers: UniGuard is a unified online detection framework that can simultaneously address adversarial examples and backdoor attacks. PBCAT is a novel Patch-Based Composite Adversarial Training strategy that defends against various physically realizable attacks on object detectors. CageAttack is a cage-based deformation framework that produces natural adversarial point clouds. PGA is a physical attack framework based on 3D Gaussian Splatting that provides rapid and precise reconstruction with few images. SGP is a Segmented Gaussian Pyramid attack method that enhances the transferability of adversarial examples against defense models.

Sources

Kill Two Birds with One Stone! Trajectory enabled Unified Online Detection of Adversarial Examples and Backdoor Attacks

PBCAT: Patch-based composite adversarial training against physically realizable attacks on object detection

Cage-Based Deformation for Transferable and Undefendable Point Cloud Attack

3D Gaussian Splatting Driven Multi-View Robust Physical Adversarial Camouflage Generation

Boosting Adversarial Transferability Against Defenses via Multi-Scale Transformation

Built with on top of