Reading List - Simsso/NIPS-2018-Adversarial-Vision-Challenge GitHub Wiki

It appears that reading the papers from last year's challenge will provide us with an up-to-date overview. Also, these papers will contain references pointing to relevant base papers which we can read, if necessary. The medals indicate the priority of the link (all are relevant though).

Papers

• 🥇 2017 NIPS defense 1. place (winner) Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser
• 🥇 Understanding Black-box Predictions via Influence Functions: Trace a model's prediction through the learning algorithm and back to its training data, thereby identifying training points most responsible for a given prediction.
• 🥇 Adversarial transformation networks totally different kind of adversarial attack generation
• 🥈 Adversarial Logit Training
• 🥈 On Detecting Adversarial Perturbations (related to our defense idea)
• 🥈 Intriguing properties of neural networks
• 🥈 One pixel attacks
• 🥈 MagNet (?) two-pronged defense against adversarial examples
• 🥈 Distilling the knowledge in a neural network
• 🥈 JSMA attack "The Limitations of Deep Learning in Adversarial Settings"
• 🥈 Robustness Learning
• 🥉 Cross-entropy loss leads to poor margins
• 🥉 Distillation as a defense
• 🥉 Efficient defenses against adversarial attacks
• 🥉 JPEG compression as a preprocessing step. In general, non-fancy preprocessing might prove effective and we should have an open mind here.
• 🥉 Stanford student pre-trained Inception v3 classifier

NeurIPS 2018

• Sparse DNNs with Improved Adversarial Robustness
• Hessian-based Analysis of Large Batch Training and Robustness to Adversaries
• Adversarial Examples that Fool both Computer Vision and Time-Limited Humans

Code

• 🥇 2017 NIPS attack 1. place targeted and un-targeted Momentum
• 🥈 2017 NIPS defense 2. place Mitigating Adversarial Effects Through Randomization (TensorFlow)
• 🥈 2017 NIPS defense 3. place MMD (TensorFlow)
• 🥈 2017 NIPS attack 2. place targeted and un-targeted Ensemble

Articles

• 🥇 Adversarial Attacks and Defences for Convolutional Neural Networks contains information about the attack that won NIPS 2017
• 🥉 Goodfellow on adversarial example security research and future research directions
• 🥉 Feature visualization
• 🥉 Reading list for the NIPS 2018 Adversarial Vision Challenge by Wieland Brendel.

Guides

• 🥇 Saving, loading, and serving TF models
• 🥉 TensorFlow Guide