microsoft / PixelDefend
Source Code for ICRL 2018 Paper: PixelDefend: Leveraging Generative Models to Understand and Defend against Adversarial Examples
☆24Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for PixelDefend
- Repository for Certified Defenses for Adversarial Patch ICLR-2020☆32Updated 4 years ago
- Code and data for the ICLR 2021 paper "Perceptual Adversarial Robustness: Defense Against Unseen Threat Models".☆54Updated 2 years ago
- Adversarial Distributional Training (NeurIPS 2020)☆60Updated 3 years ago
- Code for "Diversity can be Transferred: Output Diversification for White- and Black-box Attacks"☆53Updated 4 years ago
- Certified defense to adversarial examples using CROWN and IBP. Also includes GPU implementation of CROWN verification algorithm (in PyTor…☆93Updated 3 years ago
- Codes for reproducing the black-box adversarial attacks in “ZOO: Zeroth Order Optimization based Black-box Attacks to Deep Neural Network…☆55Updated 5 years ago
- RayS: A Ray Searching Method for Hard-label Adversarial Attack (KDD2020)☆55Updated 4 years ago
- [CCS 2021] TSS: Transformation-specific smoothing for robustness certification☆21Updated last year
- CROWN: A Neural Network Verification Framework for Networks with General Activation Functions☆38Updated 5 years ago
- A united toolbox for running major robustness verification approaches for DNNs. [S&P 2023]☆87Updated last year
- Code for our NeurIPS 2020 paper Backpropagating Linearly Improves Transferability of Adversarial Examples.☆42Updated last year
- Code for "On Adaptive Attacks to Adversarial Example Defenses"☆85Updated 3 years ago
- Feature Scattering Adversarial Training (NeurIPS19)☆71Updated 5 months ago
- ☆79Updated 3 years ago
- Code for the paper: Adversarial Training Against Location-Optimized Adversarial Patches. ECCV-W 2020.☆42Updated last year
- Implementation of Wasserstein adversarial attacks.☆22Updated 3 years ago
- Code for Stability Training with Noise (STN)☆21Updated 3 years ago
- Code for "Prior Convictions: Black-Box Adversarial Attacks with Bandits and Priors"☆61Updated 4 years ago
- Codes for reproducing query-efficient black-box attacks in “AutoZOOM: Autoencoder-based Zeroth Order Optimization Method for Attacking B…☆57Updated 4 years ago
- This repo keeps track of popular provable training and verification approaches towards robust neural networks, including leaderboards on …☆99Updated 2 years ago
- Code for the paper "(De)Randomized Smoothing for Certifiable Defense against Patch Attacks" by Alexander Levine and Soheil Feizi.☆17Updated 2 years ago
- Blackbox attacks for deep neural network models☆70Updated 6 years ago
- ☆60Updated 8 months ago
- [NeurIPS2020] The official repository of "AdvFlow: Inconspicuous Black-box Adversarial Attacks using Normalizing Flows".☆45Updated last year
- [NeurIPS 2021] Fast Certified Robust Training with Short Warmup☆23Updated last year
- Fighting Gradients with Gradients: Dynamic Defenses against Adversarial Attacks☆36Updated 3 years ago
- ConvexPolytopePosioning☆34Updated 4 years ago
- ☆41Updated last year
- ☆46Updated 3 years ago
- PyTorch implementation of BPDA+EOT attack to evaluate adversarial defense with an EBM☆23Updated 4 years ago