Nan Zhou

TL;DR: This study has proposed a novel algorithm that generates effective multi-label adversarial examples by solving a linear programming problem (MLA-LP), which minimize the l∞ norm of distortion while constraining the changes in the label loss of the example after being perturbed.

TL;DR: In this article, an empirical study of generating a multi-label adversarial example to hide all labels in a multilabel example is presented, where the objective is to make deep learning models know nothing about the environments.

TL;DR: Zhang et al. as mentioned in this paper proposed a positive-negative classifier (PNClassifier) which is trained by both the original examples (called positive representations) and their negative representations with the same structural and semantic features.

TL;DR: This paper proposes a random directed attack (RDA) for generating adversarial examples, which can attack without any internal knowledge of the model, and its performance under black-box attack is similar to that of the white- box attack in most cases, which is difficult to achieve using existing gradient-based attack methods.