Adversarial Attack

An Adversarial Attack is a technique to find a perturbation that changes the prediction of a machine learning model. The perturbation can be very small and imperceptible to human eyes.

Source: Recurrent Attention Model with Log-Polar Mapping is Robust against Adversarial Attacks

Papers

Recently Added Most Hyped Most Active Needs Verification Most Verified

Showing 101–150 of 1808 papers

Title	Date	Tasks	Status	Hype	Score
Adversarial Attack on Large Scale Graph	Sep 8, 2020	Adversarial Attack	CodeCode Available	1	5
An Analysis of Recent Advances in Deepfake Image Detection in an Evolving Threat Landscape	Apr 24, 2024	Adversarial AttackFace Swapping	CodeCode Available	1	5
GenoArmory: A Unified Evaluation Framework for Adversarial Attacks on Genomic Foundation Models	May 16, 2025	Adversarial AttackAdversarial Defense	CodeCode Available	1	5
An Extensive Study on Adversarial Attack against Pre-trained Models of Code	Nov 13, 2023	Adversarial Attack	CodeCode Available	1	5
Adversarial Attack On Yolov5 For Traffic And Road Sign Detection	May 27, 2023	Adversarial Attackobject-detection	CodeCode Available	1	5
A Perturbation-Constrained Adversarial Attack for Evaluating the Robustness of Optical Flow	Mar 24, 2022	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Adversarial Training for Free!	Apr 29, 2019	Adversarial AttackAdversarial Defense	CodeCode Available	1	5
CARBEN: Composite Adversarial Robustness Benchmark	Jul 16, 2022	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Anti-Adversarially Manipulated Attributions for Weakly and Semi-Supervised Semantic Segmentation	Mar 16, 2021	Adversarial AttackObject	CodeCode Available	1	5
Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art	Dec 23, 2021	Adversarial AttackMalware Detection	CodeCode Available	1	5
CMUA-Watermark: A Cross-Model Universal Adversarial Watermark for Combating Deepfakes	May 23, 2021	Adversarial AttackFace Swapping	CodeCode Available	1	5
Audio Jailbreak Attacks: Exposing Vulnerabilities in SpeechGPT in a White-Box Framework	May 24, 2025	Adversarial AttackSpeech Tokenization	CodeCode Available	1	5
Contextualized Perturbation for Textual Adversarial Attack	Sep 16, 2020	Adversarial AttackLanguage Modeling	CodeCode Available	1	5
Strong Transferable Adversarial Attacks via Ensembled Asymptotically Normal Distribution Learning	Sep 24, 2022	Adversarial Attack	CodeCode Available	1	5
Boosting Adversarial Transferability via Gradient Relevance Attack	Jan 1, 2023	Adversarial Attack	CodeCode Available	1	5
Black-box Adversarial Example Generation with Normalizing Flows	Jul 6, 2020	Adversarial Attack	CodeCode Available	1	5
Boosting the Adversarial Transferability of Surrogate Models with Dark Knowledge	Jun 16, 2022	Adversarial AttackFace Verification	CodeCode Available	1	5
Adversarial Attacks and Detection in Visual Place Recognition for Safer Robot Navigation	Jun 19, 2025	Adversarial AttackRobot Navigation	CodeCode Available	1	5
A Survey On Universal Adversarial Attack	Mar 2, 2021	Adversarial AttackSurvey	CodeCode Available	1	5
Attack as the Best Defense: Nullifying Image-to-image Translation GANs via Limit-aware Adversarial Attack	Oct 6, 2021	Adversarial AttackFace Swapping	CodeCode Available	1	5
Fooling Detection Alone is Not Enough: First Adversarial Attack against Multiple Object Tracking	May 27, 2019	Adversarial AttackAutonomous Driving	CodeCode Available	1	5
Frequency Domain Adversarial Training for Robust Volumetric Medical Segmentation	Jul 14, 2023	Adversarial AttackDeep Learning	CodeCode Available	1	5
T3: Tree-Autoencoder Constrained Adversarial Text Generation for Targeted Attack	Dec 22, 2019	Adversarial AttackAdversarial Text	CodeCode Available	1	5
BayesOpt Adversarial Attack	May 1, 2020	Adversarial AttackBayesian Optimisation	CodeCode Available	1	5
Attacking Video Recognition Models with Bullet-Screen Comments	Oct 29, 2021	Adversarial AttackAdversarial Attack on Video Classification	CodeCode Available	1	5
R&R: Metric-guided Adversarial Sentence Generation	Apr 17, 2021	Adversarial AttackGeneral Classification	CodeCode Available	1	5
Adversarial Magnification to Deceive Deepfake Detection through Super Resolution	Jul 2, 2024	Adversarial AttackDeepFake Detection	CodeCode Available	1	5
Benchmarking Adversarial Robustness on Image Classification	Jun 1, 2020	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation	Oct 12, 2022	Adversarial Attack	CodeCode Available	1	5
Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models	Nov 4, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
AVA: Inconspicuous Attribute Variation-based Adversarial Attack bypassing DeepFake Detection	Dec 14, 2023	Adversarial AttackAttribute	CodeCode Available	1	5
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction	Jan 16, 2022	Adversarial AttackCombinatorial Optimization	CodeCode Available	1	5
Adversarial Examples in Deep Learning for Multivariate Time Series Regression	Sep 24, 2020	Adversarial AttackDeep Learning	CodeCode Available	1	5
AdvDrop: Adversarial Attack to DNNs by Dropping Information	Aug 20, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Adversarial Immunization for Certifiable Robustness on Graphs	Jul 19, 2020	Adversarial AttackBilevel Optimization	CodeCode Available	1	5
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label	Jul 1, 2022	Adversarial AttackBackdoor Attack	CodeCode Available	1	5
Adversarial Learning for Robust Deep Clustering	Dec 1, 2020	Adversarial AttackClustering	CodeCode Available	1	5
BASAR:Black-box Attack on Skeletal Action Recognition	Mar 9, 2021	Action RecognitionActivity Recognition	CodeCode Available	1	5
BERT-ATTACK: Adversarial Attack Against BERT Using BERT	Apr 21, 2020	Adversarial Attack	CodeCode Available	1	5
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Robustness Verification	Mar 11, 2021	Adversarial Attack	CodeCode Available	1	5
Adversarial Attacks on ML Defense Models Competition	Oct 15, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model	Nov 21, 2021	Adversarial AttackFace Recognition	CodeCode Available	1	5
3D Adversarial Attacks Beyond Point Cloud	Apr 25, 2021	Adversarial Attack	CodeCode Available	1	5
Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs	Oct 6, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
To Think or Not to Think: Exploring the Unthinking Vulnerability in Large Reasoning Models	Feb 16, 2025	Adversarial AttackBackdoor Attack	CodeCode Available	1	5
Adversarial Ranking Attack and Defense	Feb 26, 2020	Adversarial AttackImage Retrieval	CodeCode Available	1	5
Fooling the Image Dehazing Models by First Order Gradient	Mar 30, 2023	Adversarial AttackImage Dehazing	CodeCode Available	1	5
CausalAdv: Adversarial Robustness through the Lens of Causality	Jun 11, 2021	Adversarial AttackAdversarial Robustness	CodeCode Available	1	5
Certifying LLM Safety against Adversarial Prompting	Sep 6, 2023	Adversarial AttackLanguage Modelling	CodeCode Available	1	5
A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Predictions	May 1, 2022	Adversarial AttackCombinatorial Optimization	CodeCode Available	1	5

Show:10 25 50

← PrevPage 3 of 37Next →

All datasets CIFAR-10 CIFAR-100

Benchmark Results

#	Model	Metric	Claimed	Verified	Status
1	Xu et al.	Attack: PGD20	78.68	—	Unverified
2	3-ensemble of multi-resolution self-ensembles	Attack: AutoAttack	78.13	—	Unverified
3	TRADES-ANCRA/ResNet18	Attack: AutoAttack	59.7	—	Unverified
4	AdvTraining [madry2018]	Attack: PGD20	48.44	—	Unverified
5	TRADES [zhang2019b]	Attack: PGD20	45.9	—	Unverified
6	XU-Net	Robust Accuracy	1	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	3-ensemble of multi-resolution self-ensembles	Attack: AutoAttack	51.28	—	Unverified
2	multi-resolution self-ensembles	Attack: AutoAttack	47.85	—	Unverified