It has been recognized that the data generated by the denoising diffusion probabilistic
model (DDPM) improves adversarial training. After two years of rapid development in …

Adversarial purification refers to a class of defense methods that remove adversarial
perturbations using a generative model. These methods do not make assumptions on the …

Despite efforts to align large language models (LLMs) with human values, widely-used
LLMs such as GPT, Llama, Claude, and PaLM are susceptible to jailbreaking attacks …

Robust overfitting widely exists in adversarial training of deep networks. The exact
underlying reasons for this are still not completely understood. Here, we explore the causes …

We question the current evaluation practice on diffusion-based purification methods.
Diffusion-based purification methods aim to remove adversarial effects from an input data …

Generalizing deep learning models to unknown target domain distribution with low latency
has motivated research into test-time training/adaptation (TTT/TTA). Existing approaches …

The problem of adversarial defenses for image classification, where the goal is to robustify a
classifier against adversarial examples, is considered. Inspired by the hypothesis that these …

Modern deep learning methods have long been considered black boxes due to the lack of
insights into their decision-making process. However, recent advances in explainable …

In this work, we leverage visual prompting (VP) to improve adversarial robustness of a fixed,
pre-trained model at test time. Compared to conventional adversarial defenses, VP allows …

Deep Neural Networks (DNNs) are highly sensitive to imperceptible malicious perturbations,
known as adversarial attacks. Following the discovery of this vulnerability in real-world …