Physical-world Attack/Defense | Invited Papers | Highlight Projects

Physical-world Attack/Defense

Defensive Patches for Robust Recognition in the Physical World
Jiakai Wang, Zixin Yin, Pengfei Hu, Renshuai Tao, Haotong Qin, Xianglong Liu*, Dacheng Tao, Aishan Liu
IEEE CVPR, 2022
Dual Attention Suppression Attack: Generate Adversarial Camouflage in Physical World
Jiakai Wang, Aishan Liu, Zixin Yin, Shunchang Liu, Shiyu Tang, Xianglong Liu*
IEEE CVPR (oral), 2021
Bias-based Universal Adversarial Patch Attack for Automatic Check-out
Aishan Liu, Jiakai Wang, Xianglong Liu*, Bowen Cao, Chongzhi Zhang, Hang Yu.
ECCV, 2020
Spatiotemporal Attacks for Embodied Agents
Aishan Liu, Tairan Huang, Xianglong Liu, Yitao Xu, Yuqing Ma, Xinyun Chen, Stephen Maybank, Dacheng Tao
ECCV, 2020
Perceptual-Sensitive GAN for Generating Adversarial Patches
Aishan Liu, Xianglong Liu*, Jiaxin Fan, Yuqing Ma, Anlan Zhang, Huiyuan Xie, Dacheng Tao
AAAI, 2019

Invited Papers

人工智能 机器学习模型及系统的质量要素和测试方法(团体标准T/CESA 1036-2019)
刘祥龙, 吴文峻等
中国电子工业标准化技术协会, 2019
人工智能安全与评测
刘艾杉, 王嘉凯, 刘祥龙
人工智能, 2020
人工智能机器学习模型及系统的质量要素和测试方法
王嘉凯, 刘艾杉, 刘祥龙
信息技术与标准化, 2020
智能系统全生命周期安全测试理论与方法
王嘉凯,刘艾杉,李思民,刘祥龙,吴文峻.
智能安全, 2023
打开算法黑箱
刘祥龙
新华社半月谈, 2022
新华全媒+|从“算法选择”到“选择算法”:我国网络空间治理进入新阶段
刘祥龙
新华社, 2022
AI前沿观察③丨迈向人工智能的未来:可信、可靠、可解释和重新定义的人机关系
刘祥龙
21世纪经济报道, 2022

Selected Projects

重明 (AISafety)
面向人工智能安全的评测评估平台“重明”,集成算法库、模型库、指标库、数据库等资源,包含20余种对抗样本攻击、19种噪声攻击、5大类30余种评测算法、覆盖60余种典型的计算机视觉模型以及30余种典型的自然语言处理模型;可支持一站式评测流程,以及可解释报生成。集成沙盒3D仿真验证环境集。核心代码开源并获得首届OpenI启智社区优秀开源项目。该平台已集成于工信部人工智能算法检验检测平台并服务揭榜评测,获得科技创新2030—“新一代人工智能”重大专项支持,已开展15家人工智能领头企业的智能算法及系统的评测工作,推动人工智能产业生态的健康发展。
RobustART
RobustART is the first comprehensive Robustness investigation benchmark on large-scale dataset ImageNet regarding ARchitectural design (49 human-designed off-the-shelf architectures and 1200+ neural architecture searched networks) and Training techniques (10+ general ones e.g., extra training data, etc) towards diverse noises (adversarial, natural, and system noises). Our benchmark (including open-source toolkit, pre-trained model zoo, datasets, and analyses): (1) presents an open-source platform for conducting comprehensive evaluation on diverse robustness types; (2) provides a variety of pre-trained models with different training techniques to facilitate robustness evaluation; (3) proposes a new view to better understand the mechanism towards designing robust DNN architectures, backed up by the analysis. We will continuously contribute to building this ecosystem for the community.