Materials for ECCV-2020 Paper #2274.
- Title: Adversarial Ranking Attack and Defense
- Authors: Mo Zhou, Zhenxing Niu, Le Wang, Qilin Zhang, Gang Hua
- Preprint: https://arxiv.org/abs/2002.11293
- Full-Preprint: 2002.11293v3-full.pdf (with more graphs)
- Video: {Bilibili(English)} {Bilibili(Chinese)} {Youtube(English)}
- Slides: (One-page version) (long version)
- Code: Code is available here. (Released on Aug 24) Or you may want to try it on colab.
- Substantial progress (at least 60% and at most 540% robustness improvement) based on this conference paper is available as a preprint. NOTE: If you want to do some further research based on this ECCV 2020 paper, please have a look at this preprint paper to better understand the limitations of the ECCV 2020 work.
|
|
|
|
|
|
Definition of Adversarial ranking attack: adversarial ranking attack aims raise or lower the ranks of some chosen candidates C={c₁,c₂, ... ,cₘ} with respect to a specific query set Q={q₁,q₂, ... ,qw}. This can be achieved by either Candidate Attack (CA) or Query Attack (QA).
-
The adversarial ranking attack is defined and implemented, which can intentionally change the ranking results by perturbing the candidates or queries.
-
An adversarial ranking defense method is proposed to improve the ranking model robustness, and mitigate all the proposed attacks simultaneously.
The paper (PDF file) is distributed under the CC BY-SA-NC 4.0 License.
The code is published under the Apache-2.0 License.
Bibtex for the ECCV version:
@InProceedings{advrank,
title={Adversarial Ranking Attack and Defense},
author={Zhou, Mo and Niu, Zhenxing and Wang, Le and Zhang, Qilin and Hua, Gang},
booktitle={ECCV},
year={2020},
pages={781--799},
isbn={978-3-030-58568-6}
}Bibtex for the ArXiv preprint version:
@article{zhou2020advrank,
title={Adversarial Ranking Attack and Defense},
author={Zhou, Mo and Niu, Zhenxing and Wang, Le and Zhang, Qilin and Hua, Gang},
journal={arXiv preprint arXiv:2002.11293},
year={2020}
}