We question the current evaluation practice on diffusion-based purification methods.
Diffusion-based purification methods aim to remove adversarial effects from an input data …

Warning: this paper contains content that may be inappropriate or offensive. As generative
models become available for public use in various applications, testing and analyzing …

We propose a versatile framework based on random search, Sparse-RS, for score-based
sparse targeted and untargeted attacks in the black-box setting. Sparse-RS does not rely on …

Federated learning (FL) is a privacy-preserving machine learning paradigm that enables
multiple clients to train a unified model without disclosing their private data. However …

Progress in making neural networks more robust against adversarial attacks is mostly
marginal, despite the great efforts of the research community. Moreover, the robustness …

Deep neural networks have been widely used in various downstream tasks, especially those
safety-critical scenario such as autonomous driving, but deep networks are often threatened …

Adversarial attack algorithms are dominated by penalty methods, which are slow in practice,
or more efficient distance-customized methods, which are heavily tailored to the properties …

Data Poisoning Attacks (DPA) represent a sophisticated technique aimed at distorting the
training data of machine learning models, thereby manipulating their behavior. This process …

Classification has been the focal point of research on adversarial attacks, but only a few
works investigate methods suited to denser prediction tasks, such as semantic …

With the great popularity of Graph Neural Networks (GNNs), their robustness to adversarial
topology attacks has received significant attention. Although many attack methods have …