no code implementations • 23 Oct 2023 • Yaguan Qian, Chenyu Zhao, Zhaoquan Gu, Bin Wang, Shouling Ji, Wei Wang, Boyang Zhou, Pan Zhou
We propose a Feature-Focusing Adversarial Training (F$^2$AT), which differs from previous work in that it enforces the model to focus on the core features from natural patterns and reduce the impact of spurious features from perturbed patterns.
no code implementations • 16 Sep 2023 • Yaguan Qian, Boyuan Ji, Shuke He, Shenhui Huang, Xiang Ling, Bin Wang, Wei Wang
However, these models are vulnerable to backdoor attacks.
no code implementations • ICCV 2023 • Yaguan Qian, Shuke He, Chenyu Zhao, Jiaqiang Sha, Wei Wang, Bin Wang
However, most existing ensemble attacks depend on numerous substitute models to cover the vulnerable subspace of a target model.
no code implementations • 16 Jul 2022 • Xiaoyu Liang, Yaguan Qian, Jianchang Huang, Xiang Ling, Bin Wang, Chunming Wu, Wassim Swaileh
Adversarial training, as one of the most effective defense methods against adversarial attacks, tends to learn an inclusive decision boundary to increase the robustness of deep learning models.
1 code implementation • ECCV 2022 • Yaguan Qian, Shenghui Huang, Bin Wang, Xiang Ling, Xiaohui Guan, Zhaoquan Gu, Shaoning Zeng, WuJie Zhou, Haijiang Wang
This process is modeled as a multi-objective bilevel optimization problem and a novel algorithm is proposed to solve this optimization.
no code implementations • 4 Jul 2022 • Yaguan Qian, Yuqi Wang, Bin Wang, Zhaoquan Gu, Yuhan Guo, Wassim Swaileh
Extensive experiments conducted on the MINIST and CIFAR-10 datasets show that our adversarial learning with second-order adversarial examples outperforms other fisrt-order methods, which can improve the model robustness against a wide range of attacks.
1 code implementation • 23 Dec 2021 • Xiang Ling, Lingfei Wu, Jiangyu Zhang, Zhenqing Qu, Wei Deng, Xiang Chen, Yaguan Qian, Chunming Wu, Shouling Ji, Tianyue Luo, Jingzheng Wu, Yanjun Wu
Then, we conduct a comprehensive and systematic review to categorize the state-of-the-art adversarial attacks against PE malware detection, as well as corresponding defenses to increase the robustness of Windows PE malware detection.
1 code implementation • 9 Dec 2021 • WuJie Zhou, Shaohua Dong, Caie Xu, Yaguan Qian
Considering the importance of high level semantic information, we propose a global information module and a semantic information module to extract rich semantic information from the high-level features.
Ranked #11 on Thermal Image Segmentation on PST900
no code implementations • 29 Sep 2021 • Yaguan Qian, Shenghui Huang, Yuqi Wang, Simin Li
The vulnerability of Deep Neural Networks (DNNs) (i. e., susceptibility to adversarial attacks) severely limits the application of DNNs.
no code implementations • 14 Mar 2021 • Wassim Swaileh, Dimitrios Kotzinos, Suman Ghosh, Michel Jordan, Son Vu, Yaguan Qian
Since the first step in the building's or monument's 3D model is the wall detection in the floor plan, we introduce in this paper the new and unique Versailles FP dataset of wall groundtruthed images of the Versailles Palace dated between 17th and 18th century.
no code implementations • 22 Feb 2021 • Yaguan Qian, Anlin Sun
At the same time, to verify the effectiveness of our method, we provide a miniature dataset which is closer to the real world and includes pedestrian changing clothes and cross-modality factor variables fusion.
no code implementations • 1 Feb 2021 • Yaguan Qian, Qiqi Shao, Tengteng Yao, Bin Wang, Shouling Ji, Shaoning Zeng, Zhaoquan Gu, Wassim Swaileh
Adversarial training is wildly considered as one of the most effective way to defend against adversarial examples.
no code implementations • 1 Jan 2021 • Yaguan Qian, Jiamin Wang, Xiang Ling, Zhaoquan Gu, Bin Wang, Chunming Wu
Recently, to deal with the vulnerability to generate examples of CNNs, there are many advanced algorithms that have been proposed.
no code implementations • 2 Dec 2020 • Yaguan Qian, Jiamin Wang, Bin Wang, Shaoning Zeng, Zhaoquan Gu, Shouling Ji, Wassim Swaileh
With this soft mask, we develop a new loss function with inverse temperature to search for optimal perturbations in CFR.