Adversarial Defense

Competitions with currently unpublished results:

TrojAI

Papers

Recently Added Most Hyped Most Active Needs Verification Most Verified

Showing 251–300 of 403 papers

Title	Date	Tasks	Status
Towards Black-box Adversarial Example Detection: A Data Reconstruction-based Method	Jun 3, 2023	Adversarial Defense	—Unverified
Training Robust Deep Neural Networks via Adversarial Noise Propagation	Sep 19, 2019	Adversarial DefenseAdversarial Robustness	—Unverified
Towards Model-Agnostic Adversarial Defenses using Adversarially Trained Autoencoders	Sep 12, 2019	Adversarial DefenseAdversarial Robustness	—Unverified
TREATED:Towards Universal Defense against Textual Adversarial Attacks	Sep 13, 2021	Adversarial Defense	—Unverified
Tricking Adversarial Attacks To Fail	Jun 8, 2020	Adversarial Defense	—Unverified
Two Heads Are Better Than One: Boosting Graph Sparse Training via Semantic and Topological Awareness	Feb 2, 2024	Adversarial DefenseGraph Learning	—Unverified
Universal Learning Approach for Adversarial Defense	Sep 25, 2019	Adversarial Defense	—Unverified
Untargeted, Targeted and Universal Adversarial Attacks and Defenses on Time Series	Jan 13, 2021	Adversarial AttackAdversarial Defense	—Unverified
WaveTransform: Crafting Adversarial Examples via Input Decomposition	Oct 29, 2020	Adversarial DefenseObject Recognition	—Unverified
Weakly Supervised Invariant Representation Learning Via Disentangling Known and Unknown Nuisance Factors	Sep 15, 2022	Adversarial DefenseRepresentation Learning	—Unverified
Mitigating Adversarial Effects Through Randomization	Nov 6, 2017	Adversarial DefenseImage Classification	CodeCode Available
SMUG: Towards robust MRI reconstruction by smoothed unrolling	Mar 14, 2023	Adversarial Defenseimage-classification	CodeCode Available
Modeling Adversarial Noise for Adversarial Training	Sep 21, 2021	Adversarial Defense	CodeCode Available
Adversarially Robust Prototypical Few-shot Segmentation with Neural-ODEs	Oct 7, 2022	Adversarial DefenseFew-Shot Learning	CodeCode Available
Carefully Blending Adversarial Training, Purification, and Aggregation Improves Adversarial Robustness	May 25, 2023	Adversarial DefenseAdversarial Purification	CodeCode Available
Natural Language Adversarial Defense through Synonym Encoding	Sep 15, 2019	Adversarial AttackAdversarial Defense	CodeCode Available
Neural Fingerprints for Adversarial Attack Detection	Nov 7, 2024	Adversarial AttackAdversarial Attack Detection	CodeCode Available
NOMARO: Defending against Adversarial Attacks by NOMA-Inspired Reconstruction Operation	Dec 14, 2021	Adversarial AttackAdversarial Defense	CodeCode Available
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples	Feb 1, 2018	Adversarial AttackAdversarial Defense	CodeCode Available
CAAD 2018: Generating Transferable Adversarial Examples	Sep 29, 2018	Adversarial AttackAdversarial Defense	CodeCode Available
An Analysis of Robustness of Non-Lipschitz Networks	Oct 13, 2020	Adversarial AttackAdversarial Defense	CodeCode Available
Stochastic Activation Pruning for Robust Adversarial Defense	Mar 5, 2018	Adversarial Defense	CodeCode Available
Bridging Robustness and Generalization Against Word Substitution Attacks in NLP via the Growth Bound Matrix Approach	Jul 14, 2025	Adversarial DefenseAdversarial Robustness	CodeCode Available
Beyond Pretrained Features: Noisy Image Modeling Provides Adversarial Defense	Feb 2, 2023	Adversarial DefenseAdversarial Robustness	CodeCode Available
mFI-PSO: A Flexible and Effective Method in Adversarial Image Generation for Deep Neural Networks	Jun 5, 2020	Adversarial Defenseimage-classification	CodeCode Available
Parametric Noise Injection: Trainable Randomness to Improve Deep Neural Network Robustness against Adversarial Attack	Nov 22, 2018	Adversarial AttackAdversarial Defense	CodeCode Available
PaRoT: A Practical Framework for Robust Deep Neural Network Training	Jan 7, 2020	Adversarial DefenseAutonomous Vehicles	CodeCode Available
Bayesian Learning with Information Gain Provably Bounds Risk for a Robust Adversarial Defense	Dec 5, 2022	Adversarial Defense	CodeCode Available
Robustness for Non-Parametric Classification: A Generic Attack and Defense	Jun 7, 2019	Adversarial AttackAdversarial Defense	CodeCode Available
LSA: Modeling Aspect Sentiment Coherency via Local Sentiment Aggregation	Oct 16, 2021	Adversarial DefenseAspect-Based Sentiment Analysis (ABSA)	CodeCode Available
A Closer Look at the Adversarial Robustness of Deep Equilibrium Models	Jun 2, 2023	Adversarial DefenseAdversarial Robustness	CodeCode Available
A Simple and Yet Fairly Effective Defense for Graph Neural Networks	Feb 21, 2024	Adversarial DefenseNode Classification	CodeCode Available
Towards Effective and Efficient Adversarial Defense with Diffusion Models for Robust Visual Tracking	May 31, 2025	Adversarial DefenseDenoising	CodeCode Available
Adversarial Defense via Learning to Generate Diverse Attacks	Oct 1, 2019	Adversarial Defense	CodeCode Available
PPD: Permutation Phase Defense Against Adversarial Examples in Deep Learning	Dec 25, 2018	Adversarial DefenseDeep Learning	CodeCode Available
Towards Unified Robustness Against Both Backdoor and Adversarial Attacks	May 28, 2024	Adversarial DefenseAdversarial Robustness	CodeCode Available
Privacy Risks of Securing Machine Learning Models against Adversarial Examples	May 24, 2019	Adversarial DefenseBIG-bench Machine Learning	CodeCode Available
Super-Efficient Super Resolution for Fast Adversarial Defense at the Edge	Dec 29, 2021	Adversarial Defenseimage-classification	CodeCode Available
Provably Cost-Sensitive Adversarial Defense via Randomized Smoothing	Oct 12, 2023	Adversarial Defense	CodeCode Available
Are Generative Classifiers More Robust to Adversarial Attacks?	Feb 19, 2018	Adversarial DefenseAdversarial Robustness	CodeCode Available
Delving into Transferable Adversarial Examples and Black-box Attacks	Nov 8, 2016	Adversarial AttackAdversarial Defense	CodeCode Available
VideoPure: Diffusion-based Adversarial Purification for Video Recognition	Jan 25, 2025	Adversarial DefenseAdversarial Purification	CodeCode Available
Detection and Defense of Unlearnable Examples	Dec 14, 2023	Adversarial DefensePrivacy Preserving	CodeCode Available
Detection of Adversarial Examples in NLP: Benchmark and Baseline via Robust Density Estimation	Nov 16, 2021	Adversarial DefenseDensity Estimation	CodeCode Available
Detection of Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation	May 1, 2022	Adversarial DefenseDensity Estimation	CodeCode Available
Detection of Word Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation	Mar 3, 2022	Adversarial DefenseDensity Estimation	CodeCode Available
Detection of Word Adversarial Examples in NLP: Benchmark and Baseline via Robust Density Estimation	Jan 16, 2022	Adversarial DefenseDensity Estimation	CodeCode Available
Defensive Few-shot Learning	Nov 16, 2019	Adversarial DefenseFew-Shot Learning	CodeCode Available
Defense-GAN: Protecting Classifiers Against Adversarial Attacks Using Generative Models	May 17, 2018	Adversarial DefenseAdversarial Defense against FGSM Attack	CodeCode Available
DiffuseDef: Improved Robustness to Adversarial Attacks via Iterative Denoising	Jun 28, 2024	Adversarial DefenseDenoising	CodeCode Available

Show:10 25 50

← PrevPage 6 of 9Next →

All datasets CIFAR-10 ImageNet (non-targeted PGD, max perturbation=4)ImageNet ImageNet (targeted PGD, max perturbation=16)MNIST CAAD 2018 miniImageNet

Benchmark Results

#	Model	Metric	Claimed	Verified	Status
1	WRN-28-10	Accuracy	90.03	—	Unverified
2	Diffusion Classifier	Accuracy	89.85	—	Unverified
3	Stochastic-LWTA/PGD/WideResNet-34-10	Accuracy	84.3	—	Unverified
4	Ours (Stochastic-LWTA/PGD/WideResNet-34-5)	Accuracy	83.4	—	Unverified
5	Ours (Stochastic-LWTA/PGD/WideResNet-34-1)	Accuracy	81.87	—	Unverified
6	ResNet18 (TRADES-ANCRA/PGD-40)	Accuracy	81.7	—	Unverified
7	Stochastic-LWTA/PGD/WideResNet-34-5	Attack: AutoAttack	81.22	—	Unverified
8	PCL (against PGD, white box)	Accuracy	46.7	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	SAT-EfficientNet-L1	Accuracy	58.6	—	Unverified
2	LLR-ResNet-152	Accuracy	47	—	Unverified
3	ResNet-152 free-m=4	Accuracy	36	—	Unverified
4	ResNet-101 free-m=4	Accuracy	34.3	—	Unverified
5	ResNet-50 free-m=4	Accuracy	31.8	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	ResNet101	Accuracy	99.8	—	Unverified
2	InceptionV3	Accuracy	98.6	—	Unverified
3	Feature Denoising	Accuracy	49.5	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	ResNet-152 Denoise	Accuracy	42.8	—	Unverified
2	ResNeXt-101 DenoiseAll	Accuracy	40.4	—	Unverified
3	ResNet-152	Accuracy	39	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	Defense GAN	Accuracy	0.85	—	Unverified
2	PuVAE	Accuracy	0.81	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	Feature Denoising	Accuracy	50.6	—	Unverified

#	Model	Metric	Claimed	Verified	Status
1	Auto Encoder-Block Switching defense with GradCAM	Accuracy	88.54	—	Unverified