“TrojText: Test-time Invisible Textual Trojan Insertion”, Liu Et Al 2023

“TrojText: Test-time Invisible Textual Trojan Insertion”⁠, Yepeng Liu, Bo Feng, Qian Lou2023-03-03 (similar; bibliography)

“Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons”, Zehavi & Shamir2023

“Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons”⁠, Irad Zehavi, Adi Shamir2023-01-08 (CS/security; similar)

“TrojanPuzzle: Covertly Poisoning Code-Suggestion Models”, Aghakhani Et Al 2023

“TrojanPuzzle: Covertly Poisoning Code-Suggestion Models”⁠, Hojjat Aghakhani, Wei Dai, Andre Manoel, Xavier Fernandes, Anant Kharkar, Christopher Kruegel, Giovanni Vigna2023-01-06 (Codex; similar)

“SNAFUE: Diagnostics for Deep Neural Networks With Automated Copy/​Paste Attacks”, Casper Et Al 2022

“SNAFUE: Diagnostics for Deep Neural Networks with Automated Copy/Paste Attacks”⁠, Stephen Casper, Kaivalya Hariharan, Dylan Hadfield-Menell2022-11-18 (similar)

“Are AlphaZero-like Agents Robust to Adversarial Perturbations?”, Lan Et Al 2022

“Are AlphaZero-like Agents Robust to Adversarial Perturbations?”⁠, Li-Cheng Lan, Huan Zhang, Ti-Rong Wu, Meng-Yu Tsai, I-Chen Wu, Cho-Jui Hsieh2022-11-07 (AlphaGo; similar; bibliography)

“Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models”, Struppek Et Al 2022

“Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models”⁠, Lukas Struppek, Dominik Hintersdorf, Kristian Kersting2022-11-04 (diffusion model⁠, CS/security; similar)

“BTD: Decompiling X86 Deep Neural Network Executables”, Liu Et Al 2022

“BTD: Decompiling x86 Deep Neural Network Executables”⁠, Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Xiaofei Xie, Lei Ma2022-10-03 (CS/security; similar)

“Discovering Bugs in Vision Models Using Off-the-shelf Image Generation and Captioning”, Wiles Et Al 2022

“Discovering Bugs in Vision Models using Off-the-shelf Image Generation and Captioning”⁠, Olivia Wiles, Isabela Albuquerque, Sven Gowal2022-08-18 (ML dataset⁠, DALL·E; similar; bibliography)

“Flatten the Curve: Efficiently Training Low-Curvature Neural Networks”, Srinivas Et Al 2022

“Flatten the Curve: Efficiently Training Low-Curvature Neural Networks”⁠, Suraj Srinivas, Kyle Matoba, Himabindu Lakkaraju, Francois Fleuret2022-06-14 (similar)

“Why Robust Generalization in Deep Learning Is Difficult: Perspective of Expressive Power”, Li Et Al 2022

“Why Robust Generalization in Deep Learning is Difficult: Perspective of Expressive Power”⁠, Binghui Li, Jikai Jin, Han Zhong, John E. Hopcroft, Liwei Wang2022-05-27 (AI scaling; similar)

“Planting Undetectable Backdoors in Machine Learning Models”, Goldwasser Et Al 2022

“Planting Undetectable Backdoors in Machine Learning Models”⁠, Shafi Goldwasser, Michael P. Kim, Vinod Vaikuntanathan, Or Zamir2022-04-14 (crypto; similar)

“Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings”, Mao Et Al 2022

“Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings”⁠, Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah2022-04-07 (similar)

“On the Effectiveness of Dataset Watermarking in Adversarial Settings”, Tekgul & Asokan2022

“On the Effectiveness of Dataset Watermarking in Adversarial Settings”⁠, Buse Gul Atli Tekgul, N. Asokan2022-02-25 (CNN; similar)

“An Equivalence Between Data Poisoning and Byzantine Gradient Attacks”, Farhadkhani Et Al 2022

“An Equivalence Between Data Poisoning and Byzantine Gradient Attacks”⁠, Sadegh Farhadkhani, Rachid Guerraoui, Lê-Nguyên Hoang, Oscar Villemaud2022-02-17 (similar)

“Red Teaming Language Models With Language Models”, Perez Et Al 2022

“Red Teaming Language Models with Language Models”⁠, Ethan Perez, Saffron Huang, Francis Song, Trevor Cai, Roman Ring, John Aslanides, Amelia Glaese, Nat McAleese2022-02-07 (similar)

“WANLI: Worker and AI Collaboration for Natural Language Inference Dataset Creation”, Liu Et Al 2022

“WANLI: Worker and AI Collaboration for Natural Language Inference Dataset Creation”⁠, Alisa Liu, Swabha Swayamdipta, Noah A. Smith, Yejin Choi2022-01-16 (ML dataset⁠, GPT; similar; bibliography)

“CommonsenseQA 2.0: Exposing the Limits of AI through Gamification”, Talmor Et Al 2022

“CommonsenseQA 2.0: Exposing the Limits of AI through Gamification”⁠, Alon Talmor, Ori Yoran, Ronan Le Bras, Chandra Bhagavatula, Yoav Goldberg, Yejin Choi, Jonathan Berant2022-01-14 (GPT; similar; bibliography)

“Models in the Loop: Aiding Crowdworkers With Generative Annotation Assistants”, Bartolo Et Al 2021

“Models in the Loop: Aiding Crowdworkers with Generative Annotation Assistants”⁠, Max Bartolo, Tristan Thrush, Sebastian Riedel, Pontus Stenetorp, Robin Jia, Douwe Kiela2021-12-16 (ML dataset; similar)

“Deep Reinforcement Learning Policies Learn Shared Adversarial Features Across MDPs”, Korkmaz2021

“Deep Reinforcement Learning Policies Learn Shared Adversarial Features Across MDPs”⁠, Ezgi Korkmaz2021-12-16 (model-free RL; similar)

“PROMPT WAYWARDNESS: The Curious Case of Discretized Interpretation of Continuous Prompts”, Khashabi Et Al 2021

“PROMPT WAYWARDNESS: The Curious Case of Discretized Interpretation of Continuous Prompts”⁠, Daniel Khashabi, Shane Lyu, Sewon Min, Lianhui Qin, Kyle Richardson, Sameer Singh, Sean Welleck, Hannaneh Hajishirzi2021-12-15 (LM tokenization⁠, GPT; similar)

“TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems”, Doan Et Al 2021

“TnT Attacks! Universal Naturalistic Adversarial Patches Against Deep Neural Network Systems”⁠, Bao Gia Doan, Minhui Xue, Shiqing Ma, Ehsan Abbasnejad, Damith C. Ranasinghe2021-11-19 (GAN; similar)

“AugMax: Adversarial Composition of Random Augmentations for Robust Training”, Wang Et Al 2021

“AugMax: Adversarial Composition of Random Augmentations for Robust Training”⁠, Haotao Wang, Chaowei Xiao, Jean Kossaifi, Zhiding Yu, Anima Anandkumar, Zhangyang Wang2021-10-26 (similar; bibliography)

“Unrestricted Adversarial Attacks on ImageNet Competition”, Chen Et Al 2021

“Unrestricted Adversarial Attacks on ImageNet Competition”⁠, Yuefeng Chen, Xiaofeng Mao, Yuan He, Hui Xue, Chao Li, Yinpeng Dong, Qi-An Fu, Xiao Yang, Wenzhao Xiang2021-10-17 (similar)

“Partial Success in Closing the Gap between Human and Machine Vision”, Geirhos Et Al 2021

“Partial success in closing the gap between human and machine vision”⁠, Robert Geirhos, Kantharaju Narayanappa, Benjamin Mitzkus, Tizian Thieringer, Matthias Bethge, Felix A. Wichmann2021-06-14 (CNN⁠, CLIP⁠, AI scaling⁠, neuroscience; backlinks; similar; bibliography)

“A Universal Law of Robustness via Isoperimetry”, Bubeck & Sellke2021

“A Universal Law of Robustness via Isoperimetry”⁠, Sébastien Bubeck, Mark Sellke2021-05-26 (AI scaling; backlinks; similar; bibliography)

“Manipulating SGD With Data Ordering Attacks”, Shumailov Et Al 2021

“Manipulating SGD with Data Ordering Attacks”⁠, Ilia Shumailov, Zakhar Shumaylov, Dmitry Kazhdan, Yiren Zhao, Nicolas Papernot, Murat A. Erdogdu, Ross Anderson2021-04-19 (similar)

“Gradient-based Adversarial Attacks against Text Transformers”, Guo Et Al 2021

“Gradient-based Adversarial Attacks against Text Transformers”⁠, Chuan Guo, Alexandre Sablayrolles, Hervé Jégou, Douwe Kiela2021-04-15 (Transformer NN; similar)

“A Law of Robustness for Two-layers Neural Networks”, Bubeck Et Al 2021

“A law of robustness for two-layers neural networks”⁠, Sebastien Bubeck, Yuanzhi Li, Dheeraj Mysore Nagaraj2021-03-05 (AI scaling; backlinks; similar)

“Multimodal Neurons in Artificial Neural Networks [CLIP]”, Goh Et Al 2021

“Multimodal Neurons in Artificial Neural Networks [CLIP]”⁠, Gabriel Goh, Nick Cammarata, Chelsea Voss, Shan Carter, Michael Petrov, Ludwig Schubert, Alec Radford2021-03-04 (CLIP⁠, data visualization; similar; bibliography)

“Bot-Adversarial Dialogue for Safe Conversational Agents”, Xu Et Al 2021

“Bot-Adversarial Dialogue for Safe Conversational Agents”⁠, Jing Xu, Da Ju, Margaret Li, Y-Lan Boureau, Jason Weston, Emily Dinan2021 (NN sampling⁠, GPT; similar; bibliography)

“Unadversarial Examples: Designing Objects for Robust Vision”, Salman Et Al 2020

“Unadversarial Examples: Designing Objects for Robust Vision”⁠, Hadi Salman, Andrew Ilyas, Logan Engstrom, Sai Vemprala, Aleksander Madry, Ashish Kapoor2020-12-22 (backlinks; similar)

“Concealed Data Poisoning Attacks on NLP Models”, Wallace Et Al 2020

“Concealed Data Poisoning Attacks on NLP Models”⁠, Eric Wallace, Tony Z. Zhao, Shi Feng, Sameer Singh2020-10-23 (similar)

“Recipes for Safety in Open-domain Chatbots”, Xu Et Al 2020

“Recipes for Safety in Open-domain Chatbots”⁠, Jing Xu, Da Ju, Margaret Li, Y-Lan Boureau, Jason Weston, Emily Dinan2020-10-14 (AI safety; similar)

“Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples”, Gowal Et Al 2020

“Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples”⁠, Sven Gowal, Chongli Qin, Jonathan Uesato, Timothy Mann, Pushmeet Kohli2020-10-07 (AI scaling; similar)

“Dataset Cartography: Mapping and Diagnosing Datasets With Training Dynamics”, Swayamdipta Et Al 2020

“Dataset Cartography: Mapping and Diagnosing Datasets with Training Dynamics”⁠, Swabha Swayamdipta, Roy Schwartz, Nicholas Lourie, Yizhong Wang, Hannaneh Hajishirzi, Noah A. Smith, Yejin Choi2020-09-22 (active learning; similar)

“Collaborative Learning in the Jungle (Decentralized, Byzantine, Heterogeneous, Asynchronous and Nonconvex Learning)”, El-Mhamdi Et Al 2020

“Collaborative Learning in the Jungle (Decentralized, Byzantine, Heterogeneous, Asynchronous and Nonconvex Learning)”⁠, El-Mahdi El-Mhamdi, Sadegh Farhadkhani, Rachid Guerraoui, Arsany Guirguis, Lê Nguyên Hoang, Sébastien Rouault2020-08-03 (backlinks; similar)

“Do Adversarially Robust ImageNet Models Transfer Better?”, Salman Et Al 2020

“Do Adversarially Robust ImageNet Models Transfer Better?”⁠, Hadi Salman, Andrew Ilyas, Logan Engstrom, Ashish Kapoor, Aleksander Madry2020-07-16 (similar)

“Smooth Adversarial Training”, Xie Et Al 2020

“Smooth Adversarial Training”⁠, Cihang Xie, Mingxing Tan, Boqing Gong, Alan Yuille, Quoc V. Le2020-06-25 (similar; bibliography)

“Sponge Examples: Energy-Latency Attacks on Neural Networks”, Shumailov Et Al 2020

“Sponge Examples: Energy-Latency Attacks on Neural Networks”⁠, Ilia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert Mullins, Ross Anderson2020-06-05 (similar)

“Improving the Interpretability of FMRI Decoding Using Deep Neural Networks and Adversarial Robustness”, McClure Et Al 2020

“Improving the Interpretability of fMRI Decoding using Deep Neural Networks and Adversarial Robustness”⁠, Patrick McClure, Dustin Moraczewski, Ka Chun Lam, Adam Thomas, Francisco Pereira2020-04-23 (neuroscience; similar)

“Radioactive Data: Tracing through Training”, Sablayrolles Et Al 2020

“Radioactive data: tracing through training”⁠, Alexandre Sablayrolles, Matthijs Douze, Cordelia Schmid, Hervé Jégou2020-02-03 (backlinks; similar; bibliography)

“Adversarial Examples Improve Image Recognition”, Xie Et Al 2019

“Adversarial Examples Improve Image Recognition”⁠, Cihang Xie, Mingxing Tan, Boqing Gong, Jiang Wang, Alan Yuille, Quoc V. Le2019-11-21 (similar; bibliography)

“Universal Adversarial Triggers for Attacking and Analyzing NLP”, Wallace Et Al 2019

“Universal Adversarial Triggers for Attacking and Analyzing NLP”⁠, Eric Wallace, Shi Feng, Nikhil Kandpal, Matt Gardner, Sameer Singh2019-08-20 (GPT; similar)

“Robustness Properties of Facebook’s ResNeXt WSL Models”, Orhan2019

“Robustness properties of Facebook’s ResNeXt WSL models”⁠, A. Emin Orhan2019-07-17 (AI scaling; backlinks; similar)

“Intriguing Properties of Adversarial Training at Scale”, Xie & Yuille2019

“Intriguing properties of adversarial training at scale”⁠, Cihang Xie, Alan Yuille2019-06-10 (AI scaling; backlinks; similar)

“Adversarially Robust Generalization Just Requires More Unlabeled Data”, Zhai Et Al 2019

“Adversarially Robust Generalization Just Requires More Unlabeled Data”⁠, Runtian Zhai, Tianle Cai, Di He, Chen Dan, Kun He, John Hopcroft, Liwei Wang2019-06-03 (AI scaling; similar)

“Are Labels Required for Improving Adversarial Robustness?”, Uesato Et Al 2019

“Are Labels Required for Improving Adversarial Robustness?”⁠, Jonathan Uesato, Jean-Baptiste Alayrac, Po-Sen Huang, Robert Stanforth, Alhussein Fawzi, Pushmeet Kohli2019-05-31 (similar)

“Adversarial Policies: Attacking Deep Reinforcement Learning”, Gleave Et Al 2019

“Adversarial Policies: Attacking Deep Reinforcement Learning”⁠, Adam Gleave, Michael Dennis, Cody Wild, Neel Kant, Sergey Levine, Stuart Russell2019-05-25 (MARL⁠, robotics; similar)

“Adversarial Examples Are Not Bugs, They Are Features”, Ilyas Et Al 2019

“Adversarial Examples Are Not Bugs, They Are Features”⁠, Andrew Ilyas, Shibani Santurkar, Dimitris Tsipras, Logan Engstrom, Brandon Tran, Aleksander Madry2019-05-06 (GAN; backlinks; similar)

“Benchmarking Neural Network Robustness to Common Corruptions and Perturbations”, Hendrycks & Dietterich2019

“Benchmarking Neural Network Robustness to Common Corruptions and Perturbations”⁠, Dan Hendrycks, Thomas Dietterich2019-03-28 (ML dataset⁠, CNN⁠, AI scaling; backlinks; similar)

“Evolving Super Stimuli for Real Neurons Using Deep Generative Networks”, Ponce Et Al 2019

“Evolving super stimuli for real neurons using deep generative networks”⁠, Carlos R. Ponce, Will Xiao, Peter F. Schade, Till S. Hartmann, Gabriel Kreiman, Margaret S. Livingstone2019-01-17 (neuroscience; similar)

“Adversarial Reprogramming of Text Classification Neural Networks”, Neekhara Et Al 2018

“Adversarial Reprogramming of Text Classification Neural Networks”⁠, Paarth Neekhara, Shehzeen Hussain, Shlomo Dubnov, Farinaz Koushanfar2018-09-06 (RNN; backlinks; similar)

“Benchmarking Neural Network Robustness to Common Corruptions and Surface Variations”, Hendrycks & Dietterich2018

“Benchmarking Neural Network Robustness to Common Corruptions and Surface Variations”⁠, Dan Hendrycks, Thomas G. Dietterich2018-07-04 (ML dataset⁠, CNN⁠, AI scaling; backlinks; similar)

“Adversarial Reprogramming of Neural Networks”, Elsayed Et Al 2018

“Adversarial Reprogramming of Neural Networks”⁠, Gamaleldin F. Elsayed, Ian Goodfellow, Jascha Sohl-Dickstein2018-06-28 (GPT⁠, CS/computable; backlinks; similar)

“Towards the First Adversarially Robust Neural Network Model on MNIST”, Schott Et Al 2018

“Towards the first adversarially robust neural network model on MNIST”⁠, Lukas Schott, Jonas Rauber, Matthias Bethge, Wiel, Brendel2018-05-23 (similar)

“Sensitivity and Generalization in Neural Networks: an Empirical Study”, Novak Et Al 2018

“Sensitivity and Generalization in Neural Networks: an Empirical Study”⁠, Roman Novak, Yasaman Bahri, Daniel A. Abolafia, Jeffrey Pennington, Jascha Sohl-Dickstein2018-02-23 (AI scaling; similar)

“Adversarial Vulnerability for Any Classifier”, Fawzi Et Al 2018

“Adversarial vulnerability for any classifier”⁠, Alhussein Fawzi, Hamza Fawzi, Omar Fawzi2018-02-23 (similar)

“Intriguing Properties of Adversarial Examples”, Cubuk Et Al 2018

“Intriguing Properties of Adversarial Examples”⁠, Ekin Dogus Cubuk, Barret Zoph, Samuel Stern Schoenholz, Quoc V. Le2018-02-15 (similar)

“First-order Adversarial Vulnerability of Neural Networks and Input Dimension”, Simon-Gabriel Et Al 2018

“First-order Adversarial Vulnerability of Neural Networks and Input Dimension”⁠, Carl-Johann Simon-Gabriel, Yann Ollivier, Léon Bottou, Bernhard Schölkopf, David Lopez-Paz2018-02-05 (similar)

“Adversarial Spheres”, Gilmer Et Al 2018

“Adversarial Spheres”⁠, Justin Gilmer, Luke Metz, Fartash Faghri, Samuel S. Schoenholz, Maithra Raghu, Martin Wattenberg, Ian Goodfellow2018-01-09 (similar)

“CycleGAN, a Master of Steganography”, Chu Et Al 2017

“CycleGAN, a Master of Steganography”⁠, Casey Chu, Andrey Zhmoginov, Mark Sandler2017-12-08 (GAN⁠, AI safety; backlinks; similar)

“Adversarial Phenomenon in the Eyes of Bayesian Deep Learning”, Rawat Et Al 2017

“Adversarial Phenomenon in the Eyes of Bayesian Deep Learning”⁠, Ambrish Rawat, Martin Wistuba, Maria-Irina Nicolae2017-11-22 (similar)

“Mitigating Adversarial Effects Through Randomization”, Xie Et Al 2017

“Mitigating Adversarial Effects Through Randomization”⁠, Cihang Xie, Jianyu Wang, Zhishuai Zhang, Zhou Ren, Alan Yuille2017-11-06 (similar)

“Learning Universal Adversarial Perturbations With Generative Models”, Hayes & Danezis2017

“Learning Universal Adversarial Perturbations with Generative Models”⁠, Jamie Hayes, George Danezis2017-08-17 (GAN; similar)

“Robust Physical-World Attacks on Deep Learning Models”, Eykholt Et Al 2017

“Robust Physical-World Attacks on Deep Learning Models”⁠, Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno2017-07-27 (similar)

“Towards Deep Learning Models Resistant to Adversarial Attacks”, Madry Et Al 2017

“Towards Deep Learning Models Resistant to Adversarial Attacks”⁠, Aleksander Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras, Adrian Vladu2017-06-19 (CNN⁠, AI scaling; backlinks; similar; bibliography)

“Ensemble Adversarial Training: Attacks and Defenses”, Tramèr Et Al 2017

“Ensemble Adversarial Training: Attacks and Defenses”⁠, Florian Tramèr, Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh, Patrick McDaniel2017-05-19 (similar)

“The Space of Transferable Adversarial Examples”, Tramèr Et Al 2017

“The Space of Transferable Adversarial Examples”⁠, Florian Tramèr, Nicolas Papernot, Ian Goodfellow, Dan Boneh, Patrick McDaniel2017-04-11 (similar)

“Adversarial Examples in the Physical World”, Kurakin Et Al 2016

“Adversarial examples in the physical world”⁠, Alexey Kurakin, Ian Goodfellow, Samy Bengio2016-07-08 (similar)

“Foveation-based Mechanisms Alleviate Adversarial Examples”, Luo Et Al 2015

“Foveation-based Mechanisms Alleviate Adversarial Examples”⁠, Yan Luo, Xavier Boix, Gemma Roig, Tomaso Poggio, Qi Zhao2015-11-19 (neuroscience; backlinks; similar)

“Explaining and Harnessing Adversarial Examples”, Goodfellow Et Al 2014

“Explaining and Harnessing Adversarial Examples”⁠, Ian J. Goodfellow, Jonathon Shlens, Christian Szegedy2014-12-20 (similar)

“The New CLIP Adversarial Examples Are Partially from the Use-mention Distinction. CLIP Was Trained to Predict Which Caption from a List Matches an Image. It Makes Sense That a Picture of an Apple With a Large IPod’ Label Would Be Captioned With ’iPod”

“Pixels Still Beat Text: Attacking the OpenAI CLIP Model With Text Patches and Adversarial Pixel Perturbations”

“A Universal Law of Robustness”

“Apple or IPod? Easy Fix for Adversarial Textual Attacks on OpenAI’s CLIP Model!”

“A Law of Robustness and the Importance of Overparameterization in Deep Learning”

Wikipedia

1. Active learning (machine learning)

2. Adversarial machine learning