Position Paper: Beyond Robustness Against Single Attack Types

arXiv:2405.01349v1 Announce Type: cross
Abstract: Current research on defending against adversarial examples focuses primarily on achieving robustness against a single attack type such as $\ell_2$ or $\ell_{\infty}$-bounded attacks. However, the space of possible perturbations is much larger and currently cannot be modeled by a single attack type. The discrepancy between the focus of current defenses and the space of attacks of interest calls to question the practicality of existing defenses and the reliability of their evaluation. In this position paper, …

adversarial arxiv attack attacks beyond cs.cr cs.lg current defending examples focus research robustness single space types