Holistic Adversarial Robustness of Deep Learning Models
- URL: http://arxiv.org/abs/2202.07201v1
- Date: Tue, 15 Feb 2022 05:30:27 GMT
- Title: Holistic Adversarial Robustness of Deep Learning Models
- Authors: Pin-Yu Chen and Sijia Liu
- Abstract summary: Adversarial robustness studies the worst-case performance of a machine learning model to ensure safety and reliability.
This paper provides a comprehensive overview of research topics and foundational principles of research methods for adversarial robustness of deep learning models.
- Score: 91.34155889052786
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Adversarial robustness studies the worst-case performance of a machine
learning model to ensure safety and reliability. With the proliferation of
deep-learning based technology, the potential risks associated with model
development and deployment can be amplified and become dreadful
vulnerabilities. This paper provides a comprehensive overview of research
topics and foundational principles of research methods for adversarial
robustness of deep learning models, including attacks, defenses, verification,
and novel applications.
Related papers
- Computational Safety for Generative AI: A Signal Processing Perspective [65.268245109828]
computational safety is a mathematical framework that enables the quantitative assessment, formulation, and study of safety challenges in GenAI.
We show how sensitivity analysis and loss landscape analysis can be used to detect malicious prompts with jailbreak attempts.
We discuss key open research challenges, opportunities, and the essential role of signal processing in computational AI safety.
arXiv Detail & Related papers (2025-02-18T02:26:50Z) - Safety at Scale: A Comprehensive Survey of Large Model Safety [299.801463557549]
We present a comprehensive taxonomy of safety threats to large models, including adversarial attacks, data poisoning, backdoor attacks, jailbreak and prompt injection attacks, energy-latency attacks, data and model extraction attacks, and emerging agent-specific threats.
We identify and discuss the open challenges in large model safety, emphasizing the need for comprehensive safety evaluations, scalable and effective defense mechanisms, and sustainable data practices.
arXiv Detail & Related papers (2025-02-02T05:14:22Z) - Data-Free Model-Related Attacks: Unleashing the Potential of Generative AI [21.815149263785912]
We introduce the use of generative AI for facilitating model-related attacks, including model extraction, membership inference, and model inversion.
Our study reveals that adversaries can launch a variety of model-related attacks against both image and text models in a data-free and black-box manner.
This research serves as an important early warning to the community about the potential risks associated with generative AI-powered attacks on deep learning models.
arXiv Detail & Related papers (2025-01-28T03:12:57Z) - New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook [54.24701201956833]
Security and privacy issues have undermined users' confidence in pre-trained models.
Current literature lacks a clear taxonomy of emerging attacks and defenses for pre-trained models.
This taxonomy categorizes attacks and defenses into No-Change, Input-Change, and Model-Change approaches.
arXiv Detail & Related papers (2024-11-12T10:15:33Z) - Impact of Architectural Modifications on Deep Learning Adversarial Robustness [16.991522358940774]
We present an experimental evaluation of the effects of model modifications on deep learning model robustness using adversarial attacks.
Our results indicate the pressing demand for an in-depth assessment of the effects of model changes on the robustness of models.
arXiv Detail & Related papers (2024-05-03T08:58:38Z) - Adversarial Attacks and Defenses in Machine Learning-Powered Networks: A
Contemporary Survey [114.17568992164303]
Adrial attacks and defenses in machine learning and deep neural network have been gaining significant attention.
This survey provides a comprehensive overview of the recent advancements in the field of adversarial attack and defense techniques.
New avenues of attack are also explored, including search-based, decision-based, drop-based, and physical-world attacks.
arXiv Detail & Related papers (2023-03-11T04:19:31Z) - Self-Destructing Models: Increasing the Costs of Harmful Dual Uses of
Foundation Models [103.71308117592963]
We present an algorithm for training self-destructing models leveraging techniques from meta-learning and adversarial learning.
In a small-scale experiment, we show MLAC can largely prevent a BERT-style model from being re-purposed to perform gender identification.
arXiv Detail & Related papers (2022-11-27T21:43:45Z) - Poisoning Attacks and Defenses on Artificial Intelligence: A Survey [3.706481388415728]
Data poisoning attacks represent a type of attack that consists of tampering the data samples fed to the model during the training phase, leading to a degradation in the models accuracy during the inference phase.
This work compiles the most relevant insights and findings found in the latest existing literatures addressing this type of attacks.
A thorough assessment is performed on the reviewed works, comparing the effects of data poisoning on a wide range of ML models in real-world conditions.
arXiv Detail & Related papers (2022-02-21T14:43:38Z) - Adversarial Robustness of Deep Learning: Theory, Algorithms, and
Applications [27.033174829788404]
This tutorial aims to introduce the fundamentals of adversarial robustness of deep learning.
We will highlight state-of-the-art techniques in adversarial attacks and robustness verification of deep neural networks (DNNs)
We will also introduce some effective countermeasures to improve the robustness of deep learning models.
arXiv Detail & Related papers (2021-08-24T00:08:33Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.