CISPA
Browse
- No file added yet -

Evaluating Robustness to Unforeseen Adversarial Attacks

Download (10.3 MB)
journal contribution
posted on 2024-02-26, 11:07 authored by Maximilian Kaufmann, Daniel Kang, Yi Sun, Xuwang Yin, Steven Basart, Mantas Mazeika, Adam DziedzicAdam Dziedzic, Akul Arora, Franziska Boenisch, Tom B Brown, others
When considering real-world adversarial settings, defenders are unlikely to have access to the full range of deployment-time adversaries during training, and adversaries are likely to use realistic adversarial distortions that will not be limited to small -constrained perturbations. To narrow in on this discrepancy between research and reality we introduce eighteen novel adversarial attacks, which we use to create ImageNet-UA, a new benchmark for evaluating model robustness against a wide range of unforeseen adversaries. We make use of our benchmark to identify a range of defense strategies which can help overcome this generalization gap, finding a rich space of techniques which can improve unforeseen robustness. We hope the greater variety and realism of ImageNetUA will make it a useful tool for those working on real-world worst-case robustness, enabling development of more robust defenses which can generalize beyond attacks seen during training.

History

Primary Research Area

  • Trustworthy Information Processing

Journal

ICLR

Sub Type

  • Article

BibTeX

@article{Kaufmann:Kang:Sun:Yin:Basart:Mazeika:Dziedzic:Arora:Boenisch:Brown:others:2023, title = "Evaluating Robustness to Unforeseen Adversarial Attacks", author = "Kaufmann, Maximilian" AND "Kang, Daniel" AND "Sun, Yi" AND "Yin, Xuwang" AND "Basart, Steven" AND "Mazeika, Mantas" AND "Dziedzic, Adam" AND "Arora, Akul" AND "Boenisch, Franziska" AND "Brown, Tom B" AND "others", year = 2023, month = 9, journal = "ICLR" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC