Scholar Feed
CVCRLGMLApr 10, 2018

On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses

Anish Athalye, Nicholas Carlini
arXiv:1804.03286v1174 citations
Originality Synthesis-oriented
AI Analysis

This work highlights critical vulnerabilities in published defenses, impacting researchers and practitioners in adversarial machine learning.

The paper evaluated two white-box adversarial example defenses from CVPR 2018 and found them ineffective, reducing defended model accuracy to 0% using existing techniques.

Neural networks are known to be vulnerable to adversarial examples. In this note, we evaluate the two white-box defenses that appeared at CVPR 2018 and find they are ineffective: when applying existing techniques, we can reduce the accuracy of the defended models to 0%.

View on arXivPDF
Similar
Code Implementations2 repos
Foundations

The foundational work for this paper's niche, ranked by how specifically the neighbourhood builds on it — not by global fame.

Your Notes