TL;DR本文提出了一种随机集成加密 ViT 模型的方法,该方法对于黑盒攻击和白盒攻击都比传统方法更具鲁棒性。
Abstract
deep neural networks (DNNs) are well known to be vulnerable to adversarial
examples (AEs). In addition, AEs have adversarial transferability, which means
AEs generated for a source model can fool another black-bo