A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is
To overcome these issues, we propose ImageNet-Patch, a dataset to benchmark machine-learning models against adversarial patches. ... Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-learning model to misclassify it. ... We envision the use of our ImageNet-Patch dataset as a benchmark for machine-learning models, which may be added to the RobustBench project, where recentlyproposed robust models are evaluated against an ...arXiv:2203.04412v1 fatcat:soouclmvbvd6xlzevzxpnbf4mi
Localized adversarial patches aim to induce misclassification in machine learning models by arbitrarily modifying pixels within a restricted region of an image. ... In this paper, we propose a general defense framework called PatchGuard that can achieve high provable robustness while maintaining high clean accuracy against localized adversarial patches. ... Acknowledgements We are grateful to David Wagner for shepherding the paper and anonymous reviewers at USENIX Security for their valuable feedback. ...arXiv:2005.10884v5 fatcat:czqjos4w3new7hwkojlgui2q5u