Below is the list of papers I recommend reading to become familiar with the specific sub-field of evasion attacks on machine learning systems (i.e., adversarial examples).
by Nicholas Carlini
- Evasion Attacks against Machine Learning at Test Time
- Intriguing properties of neural networks
- Explaining and Harnessing Adversarial Examples
- The Limitations of Deep Learning in Adversarial Settings
- DeepFool: a simple and accurate method to fool deep neural networks
- Towards Evaluating the Robustness of Neural Networks
- Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples
- Delving into Transferable Adversarial Examples and Black-box Attacks
- Universal adversarial perturbations
- On Detecting Adversarial Perturbations
- Detecting Adversarial Samples from Artifacts
- Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods
- ZOO: Zeroth Order Optimization based Black-box Attacks to Deep Neural Networks without Training Substitute Models
- Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models
- Prior Convictions: Black-Box Adversarial Attacks with Bandits and Priors
- Adversarial examples in the physical world
- Synthesizing Robust Adversarial Examples
- Robust Physical-World Attacks on Deep Learning Models
- Adversarial examples in the physical world
- Synthesizing Robust Adversarial Examples
- Robust Physical-World Attacks on Deep Learning Models
- Towards Deep Learning Models Resistant to Adversarial Attacks
- Certified Robustness to Adversarial Examples with Differential Privacy
- Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
- Adversarial Risk and the Dangers of Evaluating Against Weak Attacks
- Towards the first adversarially robust neural network model on MNIST
- On Evaluating Adversarial Robustness
- Adversarial Attacks on Neural Network Policies
- Audio Adversarial Examples: Targeted Attacks on Speech-to-Text
- Seq2Sick: Evaluating the Robustness of Sequence-to-Sequence Models with Adversarial Examples
- Adversarial examples for generative models