Better late than never! This post brings together all the papers that were presented at the NIPS 2017 workshop on Machine Deception that I co-hosted with Bryce Goodman, Mikel Rodriguez, and Ian Goodfellow back in December.
If you’re interested in following research and discussion on these topics, we’ve also launched a low-traffic e-mail list that you can subscribe to here.
Invited Talks
- A3T: Adversarially Augmented Adversarial Training (Akram Erraqabi, Aristide Baratin, Yoshua Bengio and Simon Lacoste-Julien)
- Adversarial Patch (Tom B Brown, Dandelion Mané, Aurko Roy, Martín Abadi and Justin Gilmer)
- CycleGAN, a Master of Steganography (Casey Chu, Andrey Zhmoginov and Mark Sandler)
- Generating Natural Adversarial Examples (Zhengli Zhao, Dheeru Dua and Sameer Singh)
- Generative Models for Spear Phishing Posts on Social Media (John Seymour and Philip Tully)
- Interpretation of Neural Networks is Fragile (Amirata Ghorbani, Abubakar Abid and James Zou)
- Machine Against Machine: Minimax-Optimal Attacks and Defenses (Jihun Hamm)
- Thermometer Encoding: One Hot Way to Resist Adversarial Examples (Jacob Buckman, Aurko Roy, Colin Raffel, Ian Goodfellow)
Posters
- Detecting Adversarial Attacks on Neural Network Policies with Visual Foresight (Yen-Chen Lin, Ming-Yu Liu, Min Sun and Jia-Bin Huang)
- Did You Hear That? Adversarial Examples Against Automatic Speech Recognition (Moustafa Alzantot, Bharathan Balaji and Mani Srivastava)
- Ensemble Adversarial Training: Attacks and Defenses (Florian Tramer, Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh and Patrick McDaniel)
- Provable defenses against adversarial examples via the convex outer adversarial polytope (J. Zico Kolter and Eric Wong)
- Synthetic and Natural Noise Both Break Neural Machine Translation (Yonatan Bisk and Yonatan Belinkov)
- Tricking Character-Level Text Classifiers (Javid Ebrahimi, Daniel Lowd and Dejing Dou)