Title
Deep Edge Filter: Return of the Human-Crafted Layer in Deep Learning Dongkwan Lee Junhoo Lee Nojun Kwak 246 0 0 13 Oct 2025
Understanding Sensitivity of Differential Attention through the Lens of Adversarial Robustness Tsubasa Takahashi Shojiro Yamabe Futa Waseda Kento Sasaki AAML 96 0 0 01 Oct 2025
Seeing Isn't Believing: Context-Aware Adversarial Patch Synthesis via Conditional GAN Roie Kazoom Alon Goldberg Hodaya Cohen Ofer Hadar AAML 82 0 0 26 Sep 2025
Attacking Attention of Foundation Models Disrupts Downstream Tasks Hondamunige Prasanna Silva Federico Becattini Lorenzo Seidenari AAML 178 1 0 03 Jun 2025
Preventing Adversarial AI Attacks Against Autonomous Situational Awareness: A Maritime Case Study Mathew J. Walter Aaron Barrett Kimberly Tam AAML 133 1 0 27 May 2025
Don't Lag, RAG: Training-Free Adversarial Detection Using RAG Roie Kazoom Raz Lapid Moshe Sipper Ofer Hadar VLM ObjD AAML 337 5 0 07 Apr 2025
ViTGuard: Attention-aware Detection against Adversarial Examples for Vision TransformerAsia-Pacific Computer Systems Architecture Conference (ACSA), 2024 Shihua Sun Kenechukwu Nwodo Shridatt Sugrim Angelos Stavrou Haining Wang AAML 252 3 0 20 Sep 2024
Query-Efficient Hard-Label Black-Box Attack against Vision Transformers Chao Zhou Xiaowen Shi Yuan-Gen Wang ViT AAML 159 1 0 29 Jun 2024
Understanding Robustness of Visual State Space Models for Image Classification Chengbin Du Yanxi Li Chang Xu Mamba 151 17 0 16 Mar 2024
Approximate Nullspace Augmented Finetuning for Robust Vision Transformers Haoyang Liu Aditya Singh Yijiang Li Haohan Wang AAML ViT 317 1 0 15 Mar 2024
Attacking Transformers with Feature Diversity Adversarial PerturbationAAAI Conference on Artificial Intelligence (AAAI), 2024 Chenxing Gao Hang Zhou Junqing Yu Yuteng Ye Jiale Cai Junle Wang Wei Yang AAML 174 4 0 10 Mar 2024
ObjectCompose: Evaluating Resilience of Vision-Based Models on Object-to-Background Compositional ChangesAsian Conference on Computer Vision (ACCV), 2024 H. Malik Muhammad Huzaifa Muzammal Naseer Salman Khan Fahad Shahbaz Khan DiffM 300 3 0 07 Mar 2024
Multi-Attribute Vision Transformers are Efficient and Robust Learners Hanan Gani Nada Saadi Noor Hussein Karthik Nandakumar ViT 166 0 0 12 Feb 2024
Jailbreaking Attack against Multimodal Large Language Model Zhenxing Niu Haoxuan Ji Xinbo Gao Gang Hua Rong Jin 155 112 0 04 Feb 2024
Revisiting Adversarial Training at ScaleComputer Vision and Pattern Recognition (CVPR), 2024 Zeyu Wang Xianhang Li Hongru Zhu Cihang Xie 337 30 0 09 Jan 2024
Towards Robust Semantic Segmentation against Patch-based Attack via Attention RefinementInternational Journal of Computer Vision (IJCV), 2024 Zheng Yuan Jie Zhang Yude Wang Shiguang Shan Xilin Chen AAML 447 2 0 03 Jan 2024
FullLoRA: Efficiently Boosting the Robustness of Pretrained Vision TransformersIEEE Transactions on Image Processing (TIP), 2024 Zheng Yuan Jie Zhang Shiguang Shan Xilin Chen 251 8 0 03 Jan 2024
SpecFormer: Guarding Vision Transformer Robustness via Maximum Singular Value PenalizationEuropean Conference on Computer Vision (ECCV), 2024 Xixu Hu Runkai Zheng Yongfeng Zhang Cheuk Hang Leung Qi Wu Xing Xie 222 5 0 02 Jan 2024
Attention Deficit is Ordered! Fooling Deformable Vision Transformers with Collaborative Adversarial Patches Quazi Mishkatul Alam Bilel Tarchoun Ihsen Alouani Nael B. Abu-Ghazaleh AAML ViT 188 1 0 21 Nov 2023
What Makes Pre-Trained Visual Representations Successful for Robust Manipulation?Conference on Robot Learning (CoRL), 2023 Kaylee Burns Zach Witzel Jubayer Ibn Hamid Tianhe Yu Chelsea Finn Karol Hausman OOD SSL 276 34 0 03 Nov 2023
Investigating the Robustness and Properties of Detection Transformers (DETR) Toward Difficult Images Zhao Ning Zou Yuhang Zhang Robert Wijaya 111 0 0 12 Oct 2023
SlowFormer: Universal Adversarial Patch for Attack on Compute and Energy Efficiency of Inference Efficient Vision Transformers K. Navaneet Soroush Abbasi Koohpayegani Essam Sleiman Hamed Pirsiavash AAML ViT 202 4 0 04 Oct 2023
Random Position Adversarial Patch for Vision Transformers Mingzhen Shao ViT AAML 159 5 0 09 Jul 2023
Generative Watermarking Against Unauthorized Subject-Driven Image Synthesis Yi Ma Subrat Kishore Dutta Xinlei He Zheng Li Michael Backes Yang Zhang AAML WIGM 140 26 0 13 Jun 2023
Is Attentional Channel Processing Design Required? Comprehensive Analysis Of Robustness Between Vision Transformers And Fully Attentional Networks Abhishri Ajit Medewar Swanand Ashokrao Kavitkar AAML ViT 161 0 0 08 Jun 2023
How Deep Learning Sees the World: A Survey on Adversarial Attacks & DefensesIEEE Access (IEEE Access), 2023 Joana Cabral Costa Tiago Roxo Hugo Manuel Proença Pedro R. M. Inácio AAML 326 103 0 18 May 2023
Hint-Aug: Drawing Hints from Foundation Vision Transformers Towards Boosted Few-Shot Parameter-Efficient TuningComputer Vision and Pattern Recognition (CVPR), 2023 Zhongzhi Yu Shang Wu Y. Fu Shunyao Zhang Yingyan Lin 292 8 0 25 Apr 2023
Robustifying Token Attention for Vision TransformersIEEE International Conference on Computer Vision (ICCV), 2023 Yong Guo David Stutz Bernt Schiele ViT 302 34 0 20 Mar 2023
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat ModelsNeural Information Processing Systems (NeurIPS), 2023 Naman D. Singh Francesco Croce Matthias Hein OOD 294 91 0 03 Mar 2023
Fairness-aware Vision Transformer via Debiased Self-AttentionEuropean Conference on Computer Vision (ECCV), 2023 Yao Qiang Chengyin Li Prashant Khanduri D. Zhu ViT 236 10 0 31 Jan 2023
Inference Time Evidences of Adversarial Attacks for Forensic on Transformers Hugo Lemarchant Liang Li Yiming Qian Yuta Nakashima Hajime Nagahara ViT AAML 172 0 0 31 Jan 2023
Similarity of Neural Architectures using Adversarial Attack TransferabilityEuropean Conference on Computer Vision (ECCV), 2022 Ian Ryu Dongyoon Han Byeongho Heo Song Park Sanghyuk Chun Jong-Seok Lee AAML 459 3 0 20 Oct 2022
Are All Vision Models Created Equal? A Study of the Open-Loop to Closed-Loop Causality Gap Mathias Lechner Ramin Hasani Alexander Amini Tsun-Hsuan Wang T. Henzinger Daniela Rus CML OOD 160 7 0 09 Oct 2022
Audit and Improve Robustness of Private Neural Networks on Encrypted Data Jiaqi Xue Lei Xu Lin Chen W. Shi Kaidi Xu Qian Lou AAML 144 5 0 20 Sep 2022
On the interplay of adversarial robustness and architecture components: patches, convolution and attention Francesco Croce Matthias Hein 187 7 0 14 Sep 2022
Exploring Adversarial Robustness of Vision Transformers in the Spectral PerspectiveIEEE Workshop/Winter Conference on Applications of Computer Vision (WACV), 2022 Gihyun Kim Juyeop Kim Jong-Seok Lee AAML ViT 110 11 0 20 Aug 2022
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image ClassificationInternational Conference on Medical Image Computing and Computer-Assisted Intervention (MICCAI), 2022 Faris Almalik Mohammad Yaqub Karthik Nandakumar ViT AAML MedIm 211 42 0 04 Aug 2022
Towards Efficient Adversarial Training on Vision TransformersEuropean Conference on Computer Vision (ECCV), 2022 Boxi Wu Jindong Gu Zhifeng Li Deng Cai Xiaofei He Wei Liu ViT AAML 217 45 0 21 Jul 2022
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch RobustnessComputer Vision and Pattern Recognition (CVPR), 2022 Giulio Lovisotto Nicole Finnie Mauricio Muñoz Chaithanya Kumar Mummadi J. H. Metzen AAML ViT 114 47 0 25 Mar 2022
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial RemovalNeural Information Processing Systems (NeurIPS), 2021 Yucheng Shi Yahong Han Yu-an Tan Xiaohui Kuang 306 36 0 07 Dec 2021
Are Vision Transformers Robust to Patch Perturbations?European Conference on Computer Vision (ECCV), 2021 Jindong Gu Volker Tresp Yao Qin AAML ViT 219 76 0 20 Nov 2021
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks Yonggan Fu Qixuan Yu Yang Zhang Shan-Hung Wu Ouyang Xu David D. Cox Yingyan Lin AAML OOD 386 35 0 26 Oct 2021

Home
Papers
2203.08392
Cited By

v1v2v3 (latest)

Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations?

International Conference on Learning Representations (ICLR), 2022

16 March 2022

Papers citing "Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations?"

42 / 42 papers shown

Title
Deep Edge Filter: Return of the Human-Crafted Layer in Deep Learning Dongkwan Lee Junhoo Lee Nojun Kwak 246 0 0 13 Oct 2025
Understanding Sensitivity of Differential Attention through the Lens of Adversarial Robustness Tsubasa Takahashi Shojiro Yamabe Futa Waseda Kento Sasaki AAML 96 0 0 01 Oct 2025
Seeing Isn't Believing: Context-Aware Adversarial Patch Synthesis via Conditional GAN Roie Kazoom Alon Goldberg Hodaya Cohen Ofer Hadar AAML 82 0 0 26 Sep 2025
Attacking Attention of Foundation Models Disrupts Downstream Tasks Hondamunige Prasanna Silva Federico Becattini Lorenzo Seidenari AAML 178 1 0 03 Jun 2025
Preventing Adversarial AI Attacks Against Autonomous Situational Awareness: A Maritime Case Study Mathew J. Walter Aaron Barrett Kimberly Tam AAML 133 1 0 27 May 2025
Don't Lag, RAG: Training-Free Adversarial Detection Using RAG Roie Kazoom Raz Lapid Moshe Sipper Ofer Hadar VLM ObjD AAML 337 5 0 07 Apr 2025
ViTGuard: Attention-aware Detection against Adversarial Examples for Vision TransformerAsia-Pacific Computer Systems Architecture Conference (ACSA), 2024 Shihua Sun Kenechukwu Nwodo Shridatt Sugrim Angelos Stavrou Haining Wang AAML 252 3 0 20 Sep 2024
Query-Efficient Hard-Label Black-Box Attack against Vision Transformers Chao Zhou Xiaowen Shi Yuan-Gen Wang ViT AAML 159 1 0 29 Jun 2024
Understanding Robustness of Visual State Space Models for Image Classification Chengbin Du Yanxi Li Chang Xu Mamba 151 17 0 16 Mar 2024
Approximate Nullspace Augmented Finetuning for Robust Vision Transformers Haoyang Liu Aditya Singh Yijiang Li Haohan Wang AAML ViT 317 1 0 15 Mar 2024
Attacking Transformers with Feature Diversity Adversarial PerturbationAAAI Conference on Artificial Intelligence (AAAI), 2024 Chenxing Gao Hang Zhou Junqing Yu Yuteng Ye Jiale Cai Junle Wang Wei Yang AAML 174 4 0 10 Mar 2024
ObjectCompose: Evaluating Resilience of Vision-Based Models on Object-to-Background Compositional ChangesAsian Conference on Computer Vision (ACCV), 2024 H. Malik Muhammad Huzaifa Muzammal Naseer Salman Khan Fahad Shahbaz Khan DiffM 300 3 0 07 Mar 2024
Multi-Attribute Vision Transformers are Efficient and Robust Learners Hanan Gani Nada Saadi Noor Hussein Karthik Nandakumar ViT 166 0 0 12 Feb 2024
Jailbreaking Attack against Multimodal Large Language Model Zhenxing Niu Haoxuan Ji Xinbo Gao Gang Hua Rong Jin 155 112 0 04 Feb 2024
Revisiting Adversarial Training at ScaleComputer Vision and Pattern Recognition (CVPR), 2024 Zeyu Wang Xianhang Li Hongru Zhu Cihang Xie 337 30 0 09 Jan 2024
Towards Robust Semantic Segmentation against Patch-based Attack via Attention RefinementInternational Journal of Computer Vision (IJCV), 2024 Zheng Yuan Jie Zhang Yude Wang Shiguang Shan Xilin Chen AAML 447 2 0 03 Jan 2024
FullLoRA: Efficiently Boosting the Robustness of Pretrained Vision TransformersIEEE Transactions on Image Processing (TIP), 2024 Zheng Yuan Jie Zhang Shiguang Shan Xilin Chen 251 8 0 03 Jan 2024
SpecFormer: Guarding Vision Transformer Robustness via Maximum Singular Value PenalizationEuropean Conference on Computer Vision (ECCV), 2024 Xixu Hu Runkai Zheng Yongfeng Zhang Cheuk Hang Leung Qi Wu Xing Xie 222 5 0 02 Jan 2024
Attention Deficit is Ordered! Fooling Deformable Vision Transformers with Collaborative Adversarial Patches Quazi Mishkatul Alam Bilel Tarchoun Ihsen Alouani Nael B. Abu-Ghazaleh AAML ViT 188 1 0 21 Nov 2023
What Makes Pre-Trained Visual Representations Successful for Robust Manipulation?Conference on Robot Learning (CoRL), 2023 Kaylee Burns Zach Witzel Jubayer Ibn Hamid Tianhe Yu Chelsea Finn Karol Hausman OOD SSL 276 34 0 03 Nov 2023
Investigating the Robustness and Properties of Detection Transformers (DETR) Toward Difficult Images Zhao Ning Zou Yuhang Zhang Robert Wijaya 111 0 0 12 Oct 2023
SlowFormer: Universal Adversarial Patch for Attack on Compute and Energy Efficiency of Inference Efficient Vision Transformers K. Navaneet Soroush Abbasi Koohpayegani Essam Sleiman Hamed Pirsiavash AAML ViT 202 4 0 04 Oct 2023
Random Position Adversarial Patch for Vision Transformers Mingzhen Shao ViT AAML 159 5 0 09 Jul 2023
Generative Watermarking Against Unauthorized Subject-Driven Image Synthesis Yi Ma Subrat Kishore Dutta Xinlei He Zheng Li Michael Backes Yang Zhang AAML WIGM 140 26 0 13 Jun 2023
Is Attentional Channel Processing Design Required? Comprehensive Analysis Of Robustness Between Vision Transformers And Fully Attentional Networks Abhishri Ajit Medewar Swanand Ashokrao Kavitkar AAML ViT 161 0 0 08 Jun 2023
How Deep Learning Sees the World: A Survey on Adversarial Attacks & DefensesIEEE Access (IEEE Access), 2023 Joana Cabral Costa Tiago Roxo Hugo Manuel Proença Pedro R. M. Inácio AAML 326 103 0 18 May 2023
Hint-Aug: Drawing Hints from Foundation Vision Transformers Towards Boosted Few-Shot Parameter-Efficient TuningComputer Vision and Pattern Recognition (CVPR), 2023 Zhongzhi Yu Shang Wu Y. Fu Shunyao Zhang Yingyan Lin 292 8 0 25 Apr 2023
Robustifying Token Attention for Vision TransformersIEEE International Conference on Computer Vision (ICCV), 2023 Yong Guo David Stutz Bernt Schiele ViT 302 34 0 20 Mar 2023
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat ModelsNeural Information Processing Systems (NeurIPS), 2023 Naman D. Singh Francesco Croce Matthias Hein OOD 294 91 0 03 Mar 2023
Fairness-aware Vision Transformer via Debiased Self-AttentionEuropean Conference on Computer Vision (ECCV), 2023 Yao Qiang Chengyin Li Prashant Khanduri D. Zhu ViT 236 10 0 31 Jan 2023
Inference Time Evidences of Adversarial Attacks for Forensic on Transformers Hugo Lemarchant Liang Li Yiming Qian Yuta Nakashima Hajime Nagahara ViT AAML 172 0 0 31 Jan 2023
Similarity of Neural Architectures using Adversarial Attack TransferabilityEuropean Conference on Computer Vision (ECCV), 2022 Ian Ryu Dongyoon Han Byeongho Heo Song Park Sanghyuk Chun Jong-Seok Lee AAML 459 3 0 20 Oct 2022
Are All Vision Models Created Equal? A Study of the Open-Loop to Closed-Loop Causality Gap Mathias Lechner Ramin Hasani Alexander Amini Tsun-Hsuan Wang T. Henzinger Daniela Rus CML OOD 160 7 0 09 Oct 2022
Audit and Improve Robustness of Private Neural Networks on Encrypted Data Jiaqi Xue Lei Xu Lin Chen W. Shi Kaidi Xu Qian Lou AAML 144 5 0 20 Sep 2022
On the interplay of adversarial robustness and architecture components: patches, convolution and attention Francesco Croce Matthias Hein 187 7 0 14 Sep 2022
Exploring Adversarial Robustness of Vision Transformers in the Spectral PerspectiveIEEE Workshop/Winter Conference on Applications of Computer Vision (WACV), 2022 Gihyun Kim Juyeop Kim Jong-Seok Lee AAML ViT 110 11 0 20 Aug 2022
Self-Ensembling Vision Transformer (SEViT) for Robust Medical Image ClassificationInternational Conference on Medical Image Computing and Computer-Assisted Intervention (MICCAI), 2022 Faris Almalik Mohammad Yaqub Karthik Nandakumar ViT AAML MedIm 211 42 0 04 Aug 2022
Towards Efficient Adversarial Training on Vision TransformersEuropean Conference on Computer Vision (ECCV), 2022 Boxi Wu Jindong Gu Zhifeng Li Deng Cai Xiaofei He Wei Liu ViT AAML 217 45 0 21 Jul 2022
Give Me Your Attention: Dot-Product Attention Considered Harmful for Adversarial Patch RobustnessComputer Vision and Pattern Recognition (CVPR), 2022 Giulio Lovisotto Nicole Finnie Mauricio Muñoz Chaithanya Kumar Mummadi J. H. Metzen AAML ViT 114 47 0 25 Mar 2022
Decision-based Black-box Attack Against Vision Transformers via Patch-wise Adversarial RemovalNeural Information Processing Systems (NeurIPS), 2021 Yucheng Shi Yahong Han Yu-an Tan Xiaohui Kuang 306 36 0 07 Dec 2021
Are Vision Transformers Robust to Patch Perturbations?European Conference on Computer Vision (ECCV), 2021 Jindong Gu Volker Tresp Yao Qin AAML ViT 219 76 0 20 Nov 2021
Drawing Robust Scratch Tickets: Subnetworks with Inborn Robustness Are Found within Randomly Initialized Networks Yonggan Fu Qixuan Yu Yang Zhang Shan-Hung Wu Ouyang Xu David D. Cox Yingyan Lin AAML OOD 386 35 0 26 Oct 2021