scholarly journals Beware the Black-Box: On the Robustness of Recent Defenses to Adversarial Examples

Entropy ◽  
2021 ◽  
Vol 23 (10) ◽  
pp. 1359
Author(s):  
Kaleel Mahmood ◽  
Deniz Gurevin ◽  
Marten van van Dijk ◽  
Phuoung Ha Nguyen
Keyword(s):  
Large Scale ◽  
Error Correcting Codes ◽  
Black Box ◽  
Clear Picture ◽  
Buffer Zones ◽  
Adversarial Models ◽  
Adversarial Examples ◽  
Winner Take All ◽  
The Relationship ◽  
Take All

Many defenses have recently been proposed at venues like NIPS, ICML, ICLR and CVPR. These defenses are mainly focused on mitigating white-box attacks. They do not properly examine black-box attacks. In this paper, we expand upon the analyses of these defenses to include adaptive black-box adversaries. Our evaluation is done on nine defenses including Barrage of Random Transforms, ComDefend, Ensemble Diversity, Feature Distillation, The Odds are Odd, Error Correcting Codes, Distribution Classifier Defense, K-Winner Take All and Buffer Zones. Our investigation is done using two black-box adversarial models and six widely studied adversarial attacks for CIFAR-10 and Fashion-MNIST datasets. Our analyses show most recent defenses (7 out of 9) provide only marginal improvements in security (<25%), as compared to undefended networks. For every defense, we also show the relationship between the amount of data the adversary has at their disposal, and the effectiveness of adaptive black-box attacks. Overall, our results paint a clear picture: defenses need both thorough white-box and black-box analyses to be considered secure. We provide this large scale study and analyses to motivate the field to move towards the development of more robust black-box defenses.

scholarly journals Almost Unsupervised Learning for Dense Crowd Counting

2019 ◽  
Vol 33 ◽  
pp. 8868-8875 ◽  
Author(s):  
Deepak Babu Sam ◽  
Neeraj N Sajjan ◽  
Himanshu Maurya ◽  
R. Venkatesh Babu
Keyword(s):  
Unsupervised Learning ◽  
Large Scale ◽  
Learning Method ◽  
Large Variability ◽  
Proposed Model ◽  
Dense Crowd ◽  
Winner Take All ◽  
Learned Features ◽  
Take All

We present an unsupervised learning method for dense crowd count estimation. Marred by large variability in appearance of people and extreme overlap in crowds, enumerating people proves to be a difficult task even for humans. This implies creating large-scale annotated crowd data is expensive and directly takes a toll on the performance of existing CNN based counting models on account of small datasets. Motivated by these challenges, we develop Grid Winner-Take-All (GWTA) autoencoder to learn several layers of useful filters from unlabeled crowd images. Our GWTA approach divides a convolution layer spatially into a grid of cells. Within each cell, only the maximally activated neuron is allowed to update the filter. Almost 99.9% of the parameters of the proposed model are trained without any labeled data while the rest 0.1% are tuned with supervision. The model achieves superior results compared to other unsupervised methods and stays reasonably close to the accuracy of supervised baseline. Furthermore, we present comparisons and analyses regarding the quality of learned features across various models.

Primary Rules, Political Power, and Social Change

1976 ◽  
Vol 70 (1) ◽  
pp. 25-40 ◽  
Author(s):  
James I. Lengle ◽  
Byron Shafer
Keyword(s):  
Social Change ◽  
Democratic Party ◽  
Political Power ◽  
Allocation Rules ◽  
Long Run ◽  
Different Types ◽  
Short Run ◽  
Winner Take All ◽  
The Relationship ◽  
Take All

This paper examines the relationship between the kinds of delegate allocation rules used in Democratic presidential primaries (Winner-Take-All, Districted, and Proportional) and the power of various states within the national Democratic party. It demonstrates that these rules are often, in the short run, more important than a state's voters in determining the fate of particular candidates. It shows, in the middle run, that different types of states are clearly favored by different sets of primary regulations. It closes with some speculation about the long-run impact of these tendencies.

scholarly journals Perceptual-Sensitive GAN for Generating Adversarial Patches

2019 ◽  
Vol 33 ◽  
pp. 1028-1035 ◽  
Author(s):  
Aishan Liu ◽  
Xianglong Liu ◽  
Jiaxin Fan ◽  
Yuqing Ma ◽  
Anlan Zhang ◽  
...  
Keyword(s):  
Large Scale ◽  
Deep Neural Networks ◽  
State Of The Art ◽  
Black Box ◽  
Perceptual Sensitivity ◽  
Generative Adversarial Network ◽  
Adversarial Network ◽  
Adversarial Examples ◽  
Image Context ◽  
Visual Fidelity

Deep neural networks (DNNs) are vulnerable to adversarial examples where inputs with imperceptible perturbations mislead DNNs to incorrect results. Recently, adversarial patch, with noise confined to a small and localized patch, emerged for its easy accessibility in real-world. However, existing attack strategies are still far from generating visually natural patches with strong attacking ability, since they often ignore the perceptual sensitivity of the attacked network to the adversarial patch, including both the correlations with the image context and the visual attention. To address this problem, this paper proposes a perceptual-sensitive generative adversarial network (PS-GAN) that can simultaneously enhance the visual fidelity and the attacking ability for the adversarial patch. To improve the visual fidelity, we treat the patch generation as a patch-to-patch translation via an adversarial process, feeding any types of seed patch and outputting the similar adversarial patch with high perceptual correlation with the attacked image. To further enhance the attacking ability, an attention mechanism coupled with adversarial generation is introduced to predict the critical attacking areas for placing the patches, which can help producing more realistic and aggressive patches. Extensive experiments under semi-whitebox and black-box settings on two large-scale datasets GTSRB and ImageNet demonstrate that the proposed PS-GAN outperforms state-of-the-art adversarial patch attack methods.

Relationship between total plasma homocysteine and the risk of aneurysms – a meta-analysis

VASA ◽  
2020 ◽  
pp. 1-6
Author(s):  
Hanji Zhang ◽  
Dexin Yin ◽  
Yue Zhao ◽  
Yezhou Li ◽  
Dejiang Yao ◽  
...  
Keyword(s):  
Large Scale ◽  
Meta Analysis ◽  
Single Species ◽  
Total Plasma ◽  
Control Groups ◽  
Randomized Controlled ◽  
Randomized Controlled Studies ◽  
The Difference ◽  
The Relationship ◽  
Healthy Participants

Summary: Our meta-analysis focused on the relationship between homocysteine (Hcy) level and the incidence of aneurysms and looked at the relationship between smoking, hypertension and aneurysms. A systematic literature search of Pubmed, Web of Science, and Embase databases (up to March 31, 2020) resulted in the identification of 19 studies, including 2,629 aneurysm patients and 6,497 healthy participants. Combined analysis of the included studies showed that number of smoking, hypertension and hyperhomocysteinemia (HHcy) in aneurysm patients was higher than that in the control groups, and the total plasma Hcy level in aneurysm patients was also higher. These findings suggest that smoking, hypertension and HHcy may be risk factors for the development and progression of aneurysms. Although the heterogeneity of meta-analysis was significant, it was found that the heterogeneity might come from the difference between race and disease species through subgroup analysis. Large-scale randomized controlled studies of single species and single disease species are needed in the future to supplement the accuracy of the results.

Administrasi Hubungan Sekolah dan Masyarakat (HUSEMAS)

2020 ◽  
Author(s):  
Rifa Nirmala ◽  
Hade Afriansyah
Keyword(s):  
Personal Growth ◽  
Clear Picture ◽  
Public And Private ◽  
Community Needs ◽  
The People ◽  
Good Will ◽  
Relationship Of ◽  
The Relationship

Thus can drawing conclusions about the relationship of the school with the community is essentially a very decisive tool in fostering and developing the personal growth of students in schools. If the relationship between the school and the community goes well, the sense of responsibility and participation of the community to advance the school will also be good and high. In order to create relationships and cooperation between schools and the community, the community needs to know and have a clear picture of the school they have obtained.The presence of schools is based on the good will of the country and the people who support it. Therefore people who work in schools inevitably have to work with the community. The community here can be in the form of parents of students, agencies, organizations, both public and private. One reason schools need help from the community where schools are because schools must be funded.

New ''Cold War''

2020 ◽  
pp. 27-34
Author(s):  
Vladimir Batiuk
Keyword(s):  
Cold War ◽  
Nuclear Weapons ◽  
Armed Conflict ◽  
Large Scale ◽  
Arms Race ◽  
Ideological Struggle ◽  
Nuclear Arms Race ◽  
The Cold War ◽  
The Relationship ◽  
Nuclear Arms

In this article, the ''Cold War'' is understood as a situation where the relationship between the leading States is determined by ideological confrontation and, at the same time, the presence of nuclear weapons precludes the development of this confrontation into a large-scale armed conflict. Such a situation has developed in the years 1945–1989, during the first Cold War. We see that something similar is repeated in our time-with all the new nuances in the ideological struggle and in the nuclear arms race.

Sign in / Sign up

Export Citation Format

Share Document