no code implementations • 22 Mar 2024 • Zeliang Zhang, Mingqian Feng, Jinyang Jiang, Rongyi Zhu, Yijie Peng, Chenliang Xu
Gradient-based saliency maps are widely used to explain deep neural network decisions.
1 code implementation • 19 Mar 2024 • Zeliang Zhang, Mingqian Feng, Zhiheng Li, Chenliang Xu
Discovering biased subgroups is the key to understanding models' failure modes and further improving models' robustness.
no code implementations • 18 Mar 2024 • Zeliang Zhang, Jinyang Jiang, Zhuo Liu, Susan Liang, Yijie Peng, Chenliang Xu
In this paper, we introduce an approximation technique for the likelihood ratio (LR) method to alleviate computational and memory demands in gradient estimation.
no code implementations • 16 Jan 2024 • Zeliang Zhang, Rongyi Zhu, Wei Yao, Xiaosen Wang, Chenliang Xu
In this work, we find that several tiny changes in the existing adversarial attacks can significantly affect the attack performance, \eg, the number of iterations and step size.
1 code implementation • 29 Dec 2023 • Yunlong Tang, Jing Bi, Siting Xu, Luchuan Song, Susan Liang, Teng Wang, Daoan Zhang, Jie An, Jingyang Lin, Rongyi Zhu, Ali Vosoughi, Chao Huang, Zeliang Zhang, Feng Zheng, JianGuo Zhang, Ping Luo, Jiebo Luo, Chenliang Xu
With the burgeoning growth of online video platforms and the escalating volume of video content, the demand for proficient video understanding tools has intensified markedly.
no code implementations • 22 Nov 2023 • Zeliang Zhang, Zhuo Liu, Susan Liang, Zhiyuan Wang, Yifan Zhu, Chen Ding, Chenliang Xu
However, the application of tensor decomposition is largely hindered by the exponential increment of the computational complexity and storage consumption with the size of tensors.
2 code implementations • ICCV 2023 • Xiaosen Wang, Zeliang Zhang, Jianping Zhang
In this work, we find that the existing input transformation based attacks transform the input image globally, resulting in limited diversity of the transformed images.
no code implementations • 15 May 2023 • Jinyang Jiang, Zeliang Zhang, Chenliang Xu, Zhaofei Yu, Yijie Peng
While backpropagation (BP) is the mainstream approach for gradient computation in neural network training, its heavy reliance on the chain rule of differentiation constrains the designing flexibility of network architecture and training pipelines.
2 code implementations • 20 Apr 2023 • Zhiyuan Wang, Zeliang Zhang, Siyuan Liang, Xiaosen Wang
Incorporated into the input transformation-based attacks, DHF generates more transferable adversarial examples and outperforms the baselines with a clear margin when attacking several defense models, showing its generalization to various attacks and high effectiveness for boosting transferability.
no code implementations • 17 Feb 2023 • Zeliang Zhang, Jinyang Jiang, Minjie Chen, Zhiyuan Wang, Yijie Peng, Zhaofei Yu
Noise injection-based method has been shown to be able to improve the robustness of artificial neural networks in previous work.
no code implementations • 30 Jan 2023 • Zeliang Zhang, Peihan Liu, Xiaosen Wang, Chenliang Xu
Motivated by this finding, we argue that the information of adversarial perturbations near the benign sample, especially the direction, benefits more on the transferability.
1 code implementation • 11 Jul 2022 • Edward Small, Wei Shao, Zeliang Zhang, Peihan Liu, Jeffrey Chan, Kacper Sokol, Flora Salim
Recent studies have shown that robustness (the ability for a model to perform well on unseen data) plays a significant role in the type of strategy that should be used when approaching a new problem and, hence, measuring the robustness of these strategies has become a fundamental problem.
1 code implementation • 13 Dec 2021 • Xiaosen Wang, Zeliang Zhang, Kangheng Tong, Dihong Gong, Kun He, Zhifeng Li, Wei Liu
Decision-based attack poses a severe threat to real-world applications since it regards the target model as a black box and only accesses the hard prediction label.
1 code implementation • 6 Feb 2021 • Li Xiao, Zeliang Zhang, Yijie Peng
Adding noises to artificial neural network(ANN) has been shown to be able to improve robustness in previous work.