-
Notifications
You must be signed in to change notification settings - Fork 1.2k
ART Defences
Beat Buesser edited this page Jun 7, 2020
·
7 revisions
- InverseGAN (An Lin et al. 2019)
- DefenseGAN (Samangouei et al. 2018)
- Video Compression
- Resampling (Yang et al., 2019)
- Thermometer Encoding (Buckman et al., 2018)
- MP3 Compression (Carlini, N. & Wagner, D., 2018)
- Total Variance Minimization (Guo et al., 2018)
- PixelDefend (Song et al., 2017)
- Gaussian Data Augmentation (Zantedeschi et al., 2017)
- Feature Squeezing (Xu et al., 2017)
- Spatial Smoothing (Xu et al., 2017)
- JPEG Compression (Dziugaite et al., 2016)
- Label Smoothing (Warde-Farley and Goodfellow, 2016)
- Virtual adversarial training (Miyato et al., 2015)
- Reverse Sigmoid (Lee et al., 2018)
- Random Noise (Chandrasekaranet al., 2018)
- Class Labels (Tramer et al., 2016, Chandrasekaranet al., 2018)
- High Confidence (Tramer et al., 2016)
- Rounding (Tramer et al., 2016)
- General Adversarial Training (Szegedy et al., 2013)
- Madry's Protocol (Madry et al., 2017)
- Fast Is Better Than Free(Wong et al., 2020)
- Defensive Distillation (Papernot et al., 2015)
- Basic detector based on inputs
- Detector trained on the activations of a specific layer
- Detector based on Fast Generalized Subset Scan (Speakman et al., 2018)
- Detection based on activations analysis (Chen et al., 2018)
- Detection based on data provenance (Baracaldo et al., 2018)
- Detection based on spectral signatures (Tran et al., 2018)