yenchenlin / awesome-adversarial-machine-learning Goto Github PK

The link for the above named blog post is broken.
I googled and got this: http://www.cleverhans.io/security/privacy/ml/2016/12/15/breaking-things-is-easy.html

May I suggest adding https://arxiv.org/pdf/1611.01236.pdf ?

Hello,

I have been following the 'awesome-adversarial-machine-learning' GitHub page for some time now and have found the content and resources to be incredibly helpful. I noticed that there are several great resources on adversarial machine learning, but I think it would be helpful to include links to GitHub repositories that implement these algorithms.

As you may already know, adversarial machine learning is a growing field in cybersecurity, and there are many researchers and practitioners who are actively developing algorithms and tools to protect against attacks. By including links to relevant GitHub repositories, this page could become a hub for those who are interested in learning more about adversarial machine learning and applying these techniques in their work.

I would like to recommend that the 'awesome-adversarial-machine-learning' team consider adding links to open-source adversarial machine learning algorithms on GitHub. These links could be included in a dedicated section on the page, which would make it easy for users to find and access these resources.

Thank you for considering my suggestion, and I look forward to seeing this page continue to grow and evolve as a valuable resource for the cybersecurity community.

Sincerely

Can you add any links to datasets for adversarial attacks and defense?

ML security, or any security field in general, is going to have cases where papers make a certain claim, and later, that claim ends up being invalidated. For example, we once thought MD4 was a secure hash function, but now it's known to be broken. This is a natural thing to happen in a security field: future analysis showing that a certain scheme is not secure.

For this reason, it might be a good idea for a resource that lists defenses against adversarial examples to also keep up-to-date with future analyses of those defenses, so that readers looking at this list do not mistakenly believe that a broken scheme is secure.

The list currently has a number of defenses that are known to have true robustness significantly below what is claimed in the paper (in most cases, the true accuracy is 0%). This includes:

• Defensive Distillation (broken by this paper)
• PixelDefend (broken by this paper)

Do you think the list could be organized so that it's clear to readers that while defense papers are interesting, for certain papers, later analyses have shown that the schemes can be circumvented? (robust-ml.org is one example of such an organization)