Defending Against Transfer Attacks From Public Models

November 2, 2023

TL;DR: We propose a new practical threat model, transfer attacks from public models (TAPM), and build a simple yet effective defense that provides higher robustness than adversarial training with almost...

REAP: A Large-Scale Realistic Adversarial Patch Benchmark

November 2, 2023

TL;DR: We propose the REAP (REalistic Adversarial Patch) benchmark for evaluating patch attacks and defenses on real images under real-world conditions. Built on top of the Mapillary Vistas dataset, our...

Mark My Words

November 30, 2023

TL;DR: LLM Watermarking techniques are ready for deployment. We propose a benchmark for evaluating LLM watermarks, focusing on three main metrics: quality, size (the number of tokens needed to detect...