Adversarial Attack

An Adversarial Attack is a technique to find a perturbation that changes the prediction of a machine learning model. The perturbation can be very small and imperceptible to human eyes.

Source: Recurrent Attention Model with Log-Polar Mapping is Robust against Adversarial Attacks

Papers

Recently Added Most Hyped Most Active Needs Verification Most Verified

Showing 101–150 of 1808 papers

Title	Date	Tasks	Status	Hype	Score
Adversarial Self-Supervised Contrastive Learning	Jun 13, 2020	Adversarial AttackContrastive Learning	CodeCode Available	1	5
Boosting Black-Box Attack with Partially Transferred Conditional Adversarial Distribution	Jun 15, 2020	Adversarial Attack	CodeCode Available	1	5
GenoArmory: A Unified Evaluation Framework for Adversarial Attacks on Genomic Foundation Models	May 16, 2025	Adversarial AttackAdversarial Defense	CodeCode Available	1	5
An Efficient Adversarial Attack for Tree Ensembles	Oct 22, 2020	Adversarial Attackvalid	CodeCode Available	1	5
Adversarial Attack On Yolov5 For Traffic And Road Sign Detection	May 27, 2023	Adversarial Attackobject-detection	CodeCode Available	1	5
Anti-Adversarially Manipulated Attributions for Weakly and Semi-Supervised Semantic Segmentation	Mar 16, 2021	Adversarial AttackObject	CodeCode Available	1	5
To Think or Not to Think: Exploring the Unthinking Vulnerability in Large Reasoning Models	Feb 16, 2025	Adversarial AttackBackdoor Attack	CodeCode Available	1	5
An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks	Mar 11, 2022	Adversarial AttackBIG-bench Machine Learning	CodeCode Available	1	5
Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution	Oct 31, 2022	Adversarial AttackSentence	CodeCode Available	1	5
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art	Dec 23, 2021	Adversarial AttackMalware Detection	CodeCode Available	1	5
A Perturbation-Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow	Mar 24, 2022	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Strong Transferable Adversarial Attacks via Ensembled Asymptotically Normal Distribution Learning	Sep 24, 2022	Adversarial Attack	CodeCode Available	1	5
Constrained Adaptive Attack: Effective Adversarial Attack Against Deep Neural Networks for Tabular Data	Jun 2, 2024	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
A Pilot Study of Query-Free Adversarial Attack against Stable Diffusion	Mar 29, 2023	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Robustness Verification	Mar 11, 2021	Adversarial Attack	CodeCode Available	1	5
Benchmarking Adversarial Robustness on Image Classification	Jun 1, 2020	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Black-box Adversarial Example Generation with Normalizing Flows	Jul 6, 2020	Adversarial Attack	CodeCode Available	1	5
Adversarial Attacks and Detection in Visual Place Recognition for Safer Robot Navigation	Jun 19, 2025	Adversarial AttackRobot Navigation	CodeCode Available	1	5
Attacking Video Recognition Models with Bullet-Screen Comments	Oct 29, 2021	Adversarial AttackAdversarial Attack on Video Classification	CodeCode Available	1	5
Fooling Detection Alone is Not Enough: Adversarial Attack against Multiple Object Tracking	Jan 1, 2020	Adversarial AttackAutonomous Driving	CodeCode Available	1	5
Frequency Domain Adversarial Training for Robust Volumetric Medical Segmentation	Jul 14, 2023	Adversarial AttackDeep Learning	CodeCode Available	1	5
A Survey On Universal Adversarial Attack	Mar 2, 2021	Adversarial AttackSurvey	CodeCode Available	1	5
T3: Tree-Autoencoder Constrained Adversarial Text Generation for Targeted Attack	Dec 22, 2019	Adversarial AttackAdversarial Text	CodeCode Available	1	5
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack	Oct 6, 2021	Adversarial AttackFace Swapping	CodeCode Available	1	5
Attacking Recommender Systems with Augmented User Profiles	May 17, 2020	Adversarial AttackGenerative Adversarial Network	CodeCode Available	1	5
BASAR:Black-box Attack on Skeletal Action Recognition	Mar 9, 2021	Action RecognitionActivity Recognition	CodeCode Available	1	5
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label	Jul 1, 2022	Adversarial AttackBackdoor Attack	CodeCode Available	1	5
BayesOpt Adversarial Attack	May 1, 2020	Adversarial AttackBayesian Optimisation	CodeCode Available	1	5
Boosting Adversarial Transferability via Gradient Relevance Attack	Jan 1, 2023	Adversarial Attack	CodeCode Available	1	5
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models	Nov 4, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
A Unified Framework for Adversarial Attack and Defense in Constrained Feature Space	Dec 2, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
AutoDAN: Interpretable Gradient-Based Adversarial Attacks on Large Language Models	Oct 23, 2023	Adversarial AttackBlocking	CodeCode Available	1	5
Adversarial Examples in Deep Learning for Multivariate Time Series Regression	Sep 24, 2020	Adversarial AttackDeep Learning	CodeCode Available	1	5
AdvDrop: Adversarial Attack to DNNs by Dropping Information	Aug 20, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Predictions	May 1, 2022	Adversarial AttackCombinatorial Optimization	CodeCode Available	1	5
Adversarial Immunization for Certifiable Robustness on Graphs	Jul 19, 2020	Adversarial AttackBilevel Optimization	CodeCode Available	1	5
Adversarial Learning for Robust Deep Clustering	Dec 1, 2020	Adversarial AttackClustering	CodeCode Available	1	5
AVA: Inconspicuous Attribute Variation-based Adversarial Attack bypassing DeepFake Detection	Dec 14, 2023	Adversarial AttackAttribute	CodeCode Available	1	5
Adversarial Magnification to Deceive Deepfake Detection through Super Resolution	Jul 2, 2024	Adversarial AttackDeepFake Detection	CodeCode Available	1	5
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model	Nov 21, 2021	Adversarial AttackFace Recognition	CodeCode Available	1	5
Adversarial Attacks on ML Defense Models Competition	Oct 15, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
BERT-ATTACK: Adversarial Attack Against BERT Using BERT	Apr 21, 2020	Adversarial Attack	CodeCode Available	1	5
3D Adversarial Attacks Beyond Point Cloud	Apr 25, 2021	Adversarial Attack	CodeCode Available	1	5
CausalAdv: Adversarial Robustness through the Lens of Causality	Jun 11, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Adversarial Ranking Attack and Defense	Feb 26, 2020	Adversarial AttackImage Retrieval	CodeCode Available	1	5
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation	Oct 12, 2022	Adversarial Attack	CodeCode Available	1	5
Fooling the Image Dehazing Models by First Order Gradient	Mar 30, 2023	Adversarial AttackImage Dehazing	CodeCode Available	1	5
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs	Oct 6, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
CARBEN: Composite Adversarial Robustness Benchmark	Jul 16, 2022	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Amplitude-Phase Recombination: Rethinking Robustness of Convolutional Neural Networks in Frequency Domain	Aug 19, 2021	Adversarial AttackData Augmentation	CodeCode Available	1	5

Show:10 25 50

← PrevPage 3 of 37Next →

All datasets CIFAR-10 CIFAR-100

Benchmark Results

#	Model	Metric	Claimed	Verified	Status
1	Xu et al.	Attack: PGD20	78.68	—	Unverified
2	3-ensemble of multi-resolution self-ensembles	Attack: AutoAttack	78.13	—	Unverified
3	TRADES-ANCRA/ResNet18	Attack: AutoAttack	59.7	—	Unverified
4	AdvTraining [madry2018]	Attack: PGD20	48.44	—	Unverified
5	TRADES [zhang2019b]	Attack: PGD20	45.9	—	Unverified
6	XU-Net	Robust Accuracy	1	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	3-ensemble of multi-resolution self-ensembles	Attack: AutoAttack	51.28	—	Unverified
2	multi-resolution self-ensembles	Attack: AutoAttack	47.85	—	Unverified