This page provides the attacks and factors that have a negative impact “Misclassification by AI, leading to degradation of functionality or service quality” in the information systems aspect in the AI Security Map, the defense methods and countermeasures against them, as well as the relevant AI technologies, tasks, and data. It also indicates related elements in the external influence aspect.
Attack or cause
Defensive method or countermeasure
Targeted AI technology
- DNN
- CNN
- LLM
- Contrastive learning
- FSL
- GNN
- Federated learning
- LSTM
- RNN
Task
- Classification
Data
- Image
- Graph
- Text
- Audio
Related external influence aspect
- Reputation
- Compliance with laws and regulations
- Human-centric principle
- Ethics
- Physical impact
- Economy
- Critical infrastructure
- Medical care
References
Adversarial examples
- Intriguing properties of neural networks, 2014
- Explaining and Harnessing Adversarial Examples, 2015
- The limitations of deep learning in adversarial settings, 2015
- Adversarial Examples in the Physical World, 2017
- Towards Evaluating the Robustness of Neural Networks, 2017
- Towards Deep Learning Models Resistant to Adversarial Attacks, 2018
- A Closer Look at Deep Learning Heuristics: Learning Rate Restarts, Warmup and Decay, 2020
Adversarial training
- Intriguing properties of neural networks, 2013
- Explaining and Harnessing Adversarial Examples, 2014
- Learning with a Strong Adversary, 2015
- Adversarial Examples: Attacks and Defenses for Deep Learning, 2017
- Towards Deep Learning Models Resistant to Adversarial Attacks, 2018
- Adversarial Training for Free!, 2019
- Adversarial Robustness Against the Union of Multiple Perturbation Models, 2019
- Bag of Tricks for Adversarial Training, 2020
- Smooth Adversarial Training, 2020
Detection of adversarial examples
- Adversarial Examples Detection in Deep Networks with Convolutional Filter Statistics, 2017
- On the (Statistical) Detection of Adversarial Examples, 2017
- On Detecting Adversarial Perturbations, 2017
- MagNet: a Two-Pronged Defense against Adversarial Examples, 2017
- Detecting Adversarial Image Examples in Deep Networks with Adaptive Noise Reduction, 2021
- Detecting Adversarial Examples from Sensitivity Inconsistency of Spatial-Transform Domain, 2021
- Adversarial Example Detection for DNN Models: A Review and Experimental Comparison, 2022
- Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them, 2022
Certified robustness
- Certified Defenses for Data Poisoning Attacks, 2017
- Certified Robustness to Adversarial Examples with Differential Privacy, 2019
- On Evaluating Adversarial Robustness, 2019
- Certified Adversarial Robustness via Randomized Smoothing, 2019
- Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation, 2021
- Certified Robustness for Large Language Models with Self-Denoising, 2023
- RAB: Provable Robustness Against Backdoor Attacks, 2023
- (Certified!!) Adversarial Robustness for Free!, 2023
- Certifying LLM Safety against Adversarial Prompting, 2024