| CARVIEW |
Overview
Recent deep-learning-based methods achieve great performance on various vision applications. However, insufficient robustness on adversarial cases limits real-world applications of deep-learning-based methods. AROW workshop aims to explore adversarial examples, as well as, evaluate and improve the adversarial robustness of computer vision systems.
This AROW workshop will be fully virtual.
Topics of AROW workshop include but are not limited to:
Schedule
Oct. 23, 2022. IST: Israel local time (UTC +2); PST: Pacific Standard Time (UTC -8) Live
Israel Morning Session
Invited Talk: Cihang Xie - CNN vs Transformer: Which One is More Robust - Live
Invited Talk: Olga Russakovsky - Trustworthy and trusted computer vision
Invited Talk: Alan Yuille - Challenging Artificial Intellegence of Vision Algorithm to Achieve Human-Level Performance
Invited Talk: Xue Lin - Evaluation of Deep Learning Robustness and Reverse Engineering of Pertubations
Israel Afternoon Session
Invited Talk: Hima Hlakkaraju - Bringing Order to Chaos: Probing the Disagreement Problem in Explainable AI
Invited Talk: Pin-Yu Chen - Reprogramming Foundation Models with Limited Resources - Live
Invited Talk: Ekin Dogus Cubuk - Adversarial examples of classifiers, physical systems, and beyond - Live
Invited Talk: Bolei Zhou - Benchmarking AI Safety of Autonomous Driving through Diverse Traffic Scenario Generation - Live
Invited Talk: Dan Hendrycks - Beyond the Lp Ball and Long Tails - Live
Best Paper Session - Live
Best Paper Awards
AROW Workshop Best Papers
Yaniv Nemcovsky (Technion); Matan Jacoby (Technion); Alex Bronstein (Tel Aviv University, Israel); Chaim Baskin (Technion)*
Kaiyuan Zhang (Purdue University)*; Guanhong Tao (Purdue University); Qiuling Xu (Purdue University); Siyuan Cheng (Purdue University); Shengwei An (Purdue University); Yingqi Liu (Purdue University); Shiwei Feng (Purdue University); Pin-Yu Chen (IBM Research); Shiqing Ma (Rutgers University); Xiangyu Zhang (Purdue University)
Best Papers
Liangru Sun (East China Normal University)*; Felix Juefei-Xu (Meta AI); Yihao Huang (East China Normal University); Qing Guo (Nanyang Technological University); Jiayi Zhu (East China Normal University); Jincao Feng (East China Normal University); Yang Liu (Nanyang Technology University, Singapore); Geguang Pu (East China Normal University)
Jenny Schmalfuss (University of Stuttgart)*; Lukas Mehl (University of Stuttgart); Andrés Bruhn (University of Stuttgart)
Shih-Han Chan (University of California San Diego)*; Yinpeng Dong (Tsinghua University); Jun Zhu (Tsinghua University); Xiaolu Zhang (Ant Financial Services Group); Jun Zhou (Ant Financial)
Accepted Long Paper
- TransPatch: A Transformer-based Generator for Accelerating Transferable Patch Generation in Adversarial Attacks Against Object Detection Models [Paper]
Jinghao Wang (nanyang technological university)*; Chenling Cui (Nanyang Technological University); XUEJUN WEN (Huawei International Pte Ltd); Jie Shi (Huawei International) - Feature-level augmentation to improve robustness of deep neural networks to affine transformations [Paper]
Adrian Sandru (SecurifAI); Mariana-Iuliana Georgescu (University of Bucharest); Radu Tudor Ionescu (University of Bucharest)* - Benchmarking Robustness beyond $l_p$ Norm Adversaries [Paper]
Akshay Agarwal (University at Buffalo)*; Nalini Ratha (SUNY Buffalo); Mayank Vatsa (IIT Jodhpur); Richa Singh (IIT Jodhpur) - Masked Faces with Faced Masks [Paper]
Jiayi Zhu (East China Normal University)*; Qing Guo (Nanyang Technological University); Felix Juefei-Xu (Meta AI); Yihao Huang (East China Normal University); Yang Liu (Nanyang Technology University, Singapore); Geguang Pu (East China Normal University) - Adversarially Robust Panoptic Segmentation (ARPaS) Benchmark [Paper]
Laura Daza (Universidad de los Andes)*; Jordi Pont-Tuset (Google); Pablo Arbelaez (Universidad de los Andes) - BadDet: Backdoor Attacks on Object Detection [Paper]
Shih-Han Chan (University of California San Diego)*; Yinpeng Dong (Tsinghua University); Jun Zhu (Tsinghua University); Xiaolu Zhang (Ant Financial Services Group); Jun Zhou (Ant Financial) - Universal, Transferable Adversarial Perturbations for Visual Object Trackers [Paper]
Krishna Kanth Nakka (EPFL)*; Mathieu Salzmann (EPFL) - Fluctuation in video analytics - Why? Now what? [Paper] [Video]
Sibendu Paul (Purdue University)*; Kunal Rao (NEC Labs); Giuseppe Coviello (NEC Labs); Murugan Sankaradas (NEC Labs); Oliver Po (NEC Labs); Y. Charlie Hu (Purdue University); Srimat Chakradhar (nec labs) - SkeleVision: Towards Adversarial Resiliency of Person Tracking with Multi-Task Learning [Paper]
Nilaksh Das (Georgia Institute of Technology); ShengYun Peng (Georgia Institute of Technology)*; Duen Horng Chau (Georgia Institute of Technology) - Unrestricted Black-box Adversarial Attack Using GAN with Limited Queries [Paper]
Dongbin Na (POSTECH)*; Sangwoo Ji (POSTECH); Jong Kim (POSTECH) - Truth-Table Net: A New Convolutional Architecture Encodable By Design Into SAT Formulas [Paper]
Adrien Benamira (Nanyang Technological University)*; Thomas Peyrin (NTU); Bryan Hooi (NUS) - Attribution-Based Confidence Metric for Detection of Adversarial Attacks on Breast Histopathological Images [Paper]
Steven Fernandes (Creighton University)*; Senka Krivic (University of Sarajevo); Poonam Sharma (Creighton University); Sumit K Jha (University of Texas at San Antonio) - Improving Adversarial Robustness by Penalizing Natural Accuracy [Paper]
Kshitij Chandna (New York University)*
Accepted Extended Abstract
- ALA: Adversarial Lightness Attack via Naturalness-aware Regularizations [Paper]
Liangru Sun (East China Normal University)*; Felix Juefei-Xu (Meta AI); Yihao Huang (East China Normal University); Qing Guo (Nanyang Technological University); Jiayi Zhu (East China Normal University); Jincao Feng (East China Normal University); Yang Liu (Nanyang Technology University, Singapore); Geguang Pu (East China Normal University) - Physical Passive Patch Adversarial Attacks on Visual Odometry Systems [Paper] [Supp]
Yaniv Nemcovsky (Technion); Matan Jacoby (Technion); Alex Bronstein (Tel Aviv University, Israel); Chaim Baskin (Technion)* - Scaling Adversarial Training to Large Perturbation Bounds [Paper] [Supp]
Sravanti Addepalli (Indian Institute of Science)*; Samyak Jain (Indian Institute of Technology (BHU), Varanasi); Gaurang Sriramanan (University of Maryland, College Park); Venkatesh Babu RADHAKRISHNAN (Indian Institute of Science) - Confidence-aware Training of Smoothed Classifiers for Certified Robustness [Paper] [Supp]
Jongheon Jeong (KAIST)*; Seojin Kim (KAIST); Jinwoo Shin (KAIST) - Task Agnostic and Post-hoc Unseen Distribution Detection [Paper]
Radhika Dua (KAIST)*; Seongjun Yang (KAIST); Yixuan Li (University of Wisconsin-Madison); Edward Choi (KAIST) - Empowering a Robust Model with Stable and Object-Aligned Explanations [Paper]
Sowrya Gali (Indian Institute of Technology, Hyderabad)*; Anindya Sarkar (Washington University in St. Louis); Vineeth N Balasubramanian (Indian Institute of Technology, Hyderabad) - Attacking Motion Estimation with Adversarial Snow [Paper] [Supp]
Jenny Schmalfuss (University of Stuttgart)*; Lukas Mehl (University of Stuttgart); Andrés Bruhn (University of Stuttgart) - Adversarial amplitude swap towards robust image classifiers [Paper]
Chun Yang Tan (Chiba University)*; Kazuhiko Kawamoto (Chiba University); Hiroshi Kera (Chiba University) - How and When Adversarial Robustness Improves in Knowledge Distillation? [Paper]
Rulin Shao (Carmegie Mellon University); Jinfeng Yi (JD AI Research); Cho-Jui Hsieh (UCLA); Pin-Yu Chen (IBM Research)* - Efficient Training Methods for Achieving Adversarial Robustness Against Sparse Attacks [Paper] [Supp]
Sravanti Addepalli (Indian Institute of Science)*; Dhruv Behl (Indian Institute of Science); Gaurang Sriramanan (University of Maryland, College Park); Venkatesh Babu RADHAKRISHNAN (Indian Institute of Science) - The Hidden Costs on Distributional Shifts when Fine-tuning Joint Text-Image Encoders and Redemptions [Paper] [Supp]
Andrew Geng (IBM)*; Pin-Yu Chen (IBM Research) - Adversarially Robust Few-shot Learning through Simple Transfer [Paper] [Supp]
Akshayvarun Subramanya (UMBC)*; Hamed Pirsiavash (University of California Davis) - BARReL: Bottleneck Attention for Adversarial Robustness in Vision-Based Reinforcement Learning [Paper]
Eugene Bykovets (ETH Zürich)*; Yannick Metz (University of Konstanz); Mennatallah El-Assady (ETH AI Center ); Daniel Keim (Uni. Konstanz); Joachim Buhmann (ETH Zurich) - FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning [Paper]
Kaiyuan Zhang (Purdue University)*; Guanhong Tao (Purdue University); Qiuling Xu (Purdue University); Siyuan Cheng (Purdue University); Shengwei An (Purdue University); Yingqi Liu (Purdue University); Shiwei Feng (Purdue University); Pin-Yu Chen (IBM Research); Shiqing Ma (Rutgers University); Xiangyu Zhang (Purdue University) - Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning [Paper]
Zhiyuan He (The Chinese University of Hong Kong)*; Yijun Yang (The Chinese University of Hong Kong); Pin-Yu Chen (IBM Research); Qiang Xu (The Chinese University of Hong Kong); Tsung-Yi Ho (The Chinese University of Hong Kong) - Certified Defenses Against Near-Subspace Unrestricted Adversarial Attacks [Paper]
Ambar Pal (Johns Hopkins University)*; Rene Vidal (Johns Hopkins University, USA) - GREAT Score: Evaluating Global Adversarial Robustness using Generative Models [Paper]
ZAITANG LI (CUHK)*; Pin-Yu Chen (IBM Research); Tsung-Yi Ho (The Chinese University of Hong Kong)
Speakers
Organizing Committee
Program Committee
- Akshayvarun Subramanya (UMBC)
- Alexander Robey (University of Pennsylvania)
- Cheng Xinwen (Shanghai JiaoTong University)
- Dingcheng Yang (Tsinghua University)
- Gaurang Sriramanan (UMD)
- Guofeng Zhang (UCLA)
- Hanxun Huang (The University of Melbourne)
- Jiachen Sun (University of Michigan)
- Jieru Mei (Johns Hopkins University)
- Junbo Li (UC Santa Cruz)
- Kibok Lee (Yonsei University)
- Lifeng Huang (SunYat-sen university)
- Maura Pintor (University of Cagliari)
- Nataniel Ruiz (Boston University)
- Pengliang Ji (Beihang University)
- Qihao Liu (Johns Hopkins University)
- Qing Jin (Northeastern University)
- Rajkumar Theagarajan (UC Riverside)
- Ruihao Gong (SenseTime)
- Salah GHAMIZI (University of Luxembourg)
- Shihao Zhao (The University of Hong Kong)
- Shunchang liu (Beihang University)
- Shutong Wu (Shanghai Jiao Tong University)
- Sizhe Chen (Shanghai Jiao Tong University)
- Sravanti Addepalli (Indian Institute of Science)
- Tao Li (Shanghai Jiao Tong University)
- Tianlin Li (NTU)
- Wenxiao Wang (University of Maryland)
- Won Park (University of Michigan)
- Wufei Ma (Johns Hopkins University)
- Xiaoding Yuan (Johns Hopkins University)
- Xingjun Ma (Fudan University)
- Yige Li (Xidian University)
- Yue Wang (Ford Motor Company)
- Yulong Cao (University of Michigan)
- Zhehao Huang (Shanghai Jiao Tong University)
- Zhengyi Wang (Tsinghua University)
- Zhongkai Hao (Tsinghua University)
- Zhouxing Shi (UCLA)
- Zichao Li (UC Santa Cruz)
- Zihao Xiao (Johns Hopkins University)
- Zonglei Jing (Beihang University)
Sponsor
Related Workshops
Uncertainty & Robustness in Deep Learning (Workshop at ICML 2021)
Security and Safety in Machine Learning Systems (Workshop at ICLR 2021)
Generalization beyond the Training Distribution in Brains and Machines (Workshop at ICLR 2021)
1st International Workshop on Adversarial Learning for Multimedia (Workshop at ACM Multimedia 2021)
Please contact Angtian Wang or Yutong Bai if you have questions. The webpage template is by the courtesy of ECCV 2020 Workshop on Adversarial Robustness in the Real World.