Adversarial Reprogramming

The paper introduces A2XP, a novel approach for domain generalization, which optimizes prompts for each source domain and combines them for robust performance across domains, while also preserving privacy and integrity of the network architecture. Experimental results demonstrate its state-of-the-art performance in computer vision tasks and its potential for broader applications.

This paper introduces D-BADGE, a novel approach for generating decision-based universal adversarial perturbations using random gradient-free optimization and batch attack techniques. By combining multiple adversarial examples into a single universal perturbation and reformulating the accuracy metric into a continuous Hamming distance form, D-BADGE achieves superior attack time efficiency compared to existing methods, successfully deceiving unseen victims and accurately targeting specific classes.

This paper introduces the generative perturbation network (GPN), an efficient model for generating universal adversarial examples in EEG-based brain-computer interface (BCI) systems. GPN can produce perturbations capable of fooling deep neural networks with minor undetectable changes, and it outperforms previous methods in crafting signal-agnostic perturbations. Additionally, GPN can efficiently generate perturbations for various targets and victim models, demonstrating high transferability across classification networks.