Brandon Tran
Massachusetts Institute of Technology
25 Papers
145 Citations
Brandon Tran is an academic researcher from Massachusetts Institute of Technology. The author has contributed to research in topics: Computer science & Robustness (computer science). The author has an hindex of 14, co-authored 24 publications.
Chat about Author
Papers
A Discussion of 'Adversarial Examples Are Not Bugs, They Are Features'
Logan Engstrom,Justin Gilmer,Gabriel Goh,Dan Hendrycks,Andrew Ilyas,Aleksander Madry,Reiichiro Nakano,Preetum Nakkiran,Shibani Santurkar,Brandon Tran,Dimitris Tsipras,Eric Wallace +11 more
- 06 Aug 2019
TL;DR: Adversarial examples can be directly attributed to the presence of non-robust features: features derived from patterns in the data distribution that are highly predictive and incomprehensible to humans.
•Proceedings Article
Spectral Signatures in Backdoor Attacks
Brandon Tran,Jerry Li,Aleksander Madry +2 more
- 01 Nov 2018
TL;DR: Spectral signatures are identified as a new property of all known backdoor attacks, which allows tools from robust statistics to thwart the attacks and is demonstrated the efficacy of these signatures in detecting and removing poisoned examples on real image sets and state of the art neural network architectures.
•Proceedings Article
Exploring the Landscape of Spatial Robustness
Logan Engstrom,Brandon Tran,Dimitris Tsipras,Ludwig Schmidt,Aleksander Madry +4 more
- 24 May 2019
TL;DR: In this article, the authors investigate the vulnerability of neural network-based classifiers to rotations and translations, and find that first-order methods cannot reliably find worst-case perturbations.
•Posted Content
Adversarial Examples Are Not Bugs, They Are Features
Andrew Ilyas,Shibani Santurkar,Dimitris Tsipras,Logan Engstrom,Brandon Tran,Aleksander Madry +5 more
TL;DR: The authors demonstrate that adversarial examples can be directly attributed to the presence of non-robust features: features derived from patterns in the data distribution that are highly predictive, yet brittle and incomprehensible to humans.
245
•Posted Content
Spectral Signatures in Backdoor Attacks
TL;DR: In this paper, the authors identify a new property of all known backdoor attacks, which they call ''spectral signatures'' and utilize tools from robust statistics to thwart the attacks and demonstrate the efficacy of these signatures in detecting and removing poisoned examples on real image sets and state of the art neural network architectures.
213