加强对抗性容错性评估的置信度

Jun, 2022

Increasing Confidence in Adversarial Robustness Evaluations

Roland S. Zimmermann, Wieland Brendel, Florian Tramer, Nicholas Carlini

TL;DR该研究提出了一种测试方法以识别弱攻击和防御评估，为了增强透明和信心，将攻击单元测试作为未来强度评估的重要组成部分。

Abstract

Hundreds of defenses have been proposed to make deep neural networks robust against minimal (adversarial) input perturbations. However, only a handful of these defenses held up their claims because correctly evaluating