| _ | against | _ |
|---|
| 10 Pros and Cons | against | Performance Characterisation of Vision Algorithms |
| 3D Face Decomposition and Region Selection | against | Expression Variations |
| 3D Facial Geometric Attributes Based Anti-Spoofing Approach | against | Mask Attacks |
| Absolute Frequency Readout of Cavity | against | Atomic Reference |
| Accuracy Comparison Of Vhr Systematic-ortho Satellite Imageries | against | Vhr Orthorectified Imageries Using Gcp |
| Accuracy of Sentinel-1 PSI and SBAS InSAR Displacement Velocities | against | GNSS and Geodetic Leveling Monitoring Data |
| Active Defense | against | Voice Conversion Through Generative Adversarial Network |
| Adaptive Adversarial Patch-Generating Algorithm for Defending | against | the Intelligent Low, Slow, and Small Target, An |
| ADC: Adversarial attacks | against | object Detection that evade Context consistency checks |
| Adversarial Attack | against | Deep Saliency Models Powered by Non-Redundant Priors |
| Adversarial Attacks | against | Uncertainty Quantification |
| Adversarial examples for replay attacks | against | CNN-based face recognition with anti-spoofing capability |
| Adversarial Learning Targeting Deep Neural Network Classification: A Comprehensive Review of Defenses | against | Attacks |
| Adversarial Machine Learning Attacks | against | Video Anomaly Detection Systems |
| Adversarial mimicry attacks | against | image splicing forensics: An approach for jointly hiding manipulations and creating false detections |
| Adversarial Obstacle Generation | against | LiDAR-Based 3D Object Detection |
| AdvFAS: A robust face anti-spoofing framework | against | adversarial examples |
| against | conventional wisdom: Longitudinal inference for pattern recognition in remote sensing |
| against | Direct Perception |
| against | Quantitative Optical Flow |
| AGKD-BML: Defense | against | Adversarial Attack by Attention Guided Knowledge Distillation and Bi-directional Metric Learning |
| All You Need Is RAW: Defending | against | Adversarial Attacks with Camera Image Pipelines |
| Analysis of the resistance of the Spread Transform | against | Temporal Frame Averaging attack |
| Anomaly Detection | against | GPS Spoofing Attacks on Connected and Autonomous Vehicles Using Learning From Demonstration |
| Anti-Neuron Watermarking: Protecting Personal Data | against | Unauthorized Neural Networks |
| appearance model constructed on 3-D surface for robust face recognition | against | pose and illumination variations, An |
| Are Data-Driven Explanations Robust | against | Out-of-Distribution Data? |
| Are Deep Models Robust | against | Real Distortions? A Case Study on Document Image Classification |
| ASePPI: Robust Privacy Protection | against | De-Anonymization Attacks |
| Assessment of GPM-IMERG and Other Precipitation Products | against | Gauge Data under Different Topographic and Climatic Conditions in Iran: Preliminary Results |
| Assessment of Ocean Swell Height Observations from Sentinel-1A/B Wave Mode | against | Buoy In Situ and Modeling Hindcasts |
| Assessment of Three Long-Term Satellite-Based Precipitation Estimates | against | Ground Observations for Drought Characterization in Northwestern China |
| asymmetric image watermarking scheme resistant | against | geometrical distortions, An |
| Attack | against | Image-Based Selective Bitplane Encryption, An |
| Attacks | against | AODV Routing Protocol in Mobile Ad-Hoc Networks |
| Attention Based Detection and Recognition of Hand Postures | against | Complex Backgrounds |
| Attention-Enhanced One-Shot Attack | against | Single Object Tracking for Unmanned Aerial Vehicle Remote Sensing Images |
| Audio Watermarking Based on Music Content Analysis: Robust | against | Time Scale Modification |
| Automatic Detection of Targets | against | Cluttered Backgrounds Using a Fractal-Oriented Statistical Analysis and Radon Transform |
| Automatic Segmentation of Pulmonary Lobes Robust | against | Incomplete Fissures |
| Automatic Transformation Search | against | Deep Leakage From Gradients |
| Backdoor Attack | against | 3D Point Cloud Classifiers, A |
| Backdoor Attacks | against | Deep Image Compression via Adaptive Frequency Trigger |
| Backdoor Attacks | against | Deep Learning Systems in the Physical World |
| Backdoor Attacks | against | Deep Neural Networks by Personalized Audio Steganography |
| BadCM: Invisible Backdoor Attack | against | Cross-Modal Learning |
| Bag-of-Words | against | Nearest-Neighbor Search for Visual Object Retrieval |
| Best Defense is a Good Offense: Adversarial Augmentation | against | Adversarial Attacks, The |
| Bilateral Adversarial Training: Towards Fast Training of More Robust Models | against | Adversarial Attacks |
| Bio-inspired feature extraction and enhancement of targets moving | against | visual clutter during closed loop pursuit |
| Black-box Adversarial Attack | against | Visual Interpreters for Deep Neural Networks |
| Black-box attack | against | handwritten signature verification with region-restricted adversarial perturbations |
| Blind Digital Watermarking Algorithm | against | Projection Transformation for Vector Geographic Data |
| Blind Linguistic Steganalysis | against | Translation Based Steganography |
| Blind MPEG-2 video watermarking in DCT domain robust | against | scaling |
| Blind MPEG-2 Video Watermarking Robust | against | Geometric Attacks: A Set of Approaches in DCT Domain |
| Blind MPEG-2 video watermarking robust | against | scaling |
| Boosting transferability of physical attack | against | detectors by redistributing separable attention |
| Boundary Defense | against | Black-box Adversarial Attacks |
| BppAttack: Stealthy and Efficient Trojan Attacks | against | Deep Neural Networks via Image Quantization and Contrastive Adversarial Learning |
| Bridging Machine Learning and Cryptography in Defence | against | Adversarial Attacks |
| Camera self-calibration: a case | against | Kruppa's equations |
| Can't Steal? Cont-Steal! Contrastive Stealing Attacks | against | Image Encoders |
| Case | against | Kruppa's Equations for Camera Self-Calibration, A |
| Census regression classification for face recognition | against | different variations |
| Classification of hand postures | against | complex backgrounds using elastic graph matching |
| Clustered swarm: a live swarm-based traffic load balancing algorithm | against | traffic jams |
| CODEs: Chamfer Out-of-Distribution Examples | against | Overconfidence Issue |
| Collaborative Intrusion Detection System | against | DDoS for SDN, A |
| Combining multi-wavelet and CNN for palmprint recognition | against | noise and misalignment |
| Comparative Study of Wavelet Based Lattice QIM Techniques and Robustness | against | AWGN and JPEG Attacks |
| Comparing Classification Results of Multi-Seasonal TM | against | AVIRIS Imagery: Seasonality more Important than Number of Bands |
| Comparing Multiple Precipitation Products | against | In-Situ Observations over Different Climate Regions of Pakistan |
| Comparison of Long-Term Albedo Products | against | Spatially Representative Stations over Snow |
| Comparison of NASA Team2 and AES-York Ice Concentration Algorithms | against | Operational Ice Charts From the Canadian Ice Service |
| Complementary-Contradictory Feature Regularization | against | Multimodal Overfitting |
| Comprehensive review of evolution of satellite sensor specifications | against | speedup performance of pattern recognition algorithms in remote sensing |
| Considerations on the possibility to exchange temporal | against | spatial resolution in image coding |
| Controllable Suppression Jamming Method | against | SAR Based on Active Radar Transponder, A |
| Cooperative Adaptive Cruise Control With Robustness | against | Communication Delay: An Approach in the Space Domain |
| Cooperative Location-Sensing Network Based on Vehicular Communication Security | against | Attacks |
| CorrGAN: Input Transformation Technique | against | Natural Corruptions |
| Cost-Effective Adversarial Attacks | against | Scene Text Recognition |
| Countermeasure | against | Double Compression Based Image Forensic, A |
| Countermeasure for the protection of face recognition systems | against | mask attacks |
| Countermeasure of re-recording prevention | against | attack with short wavelength pass filter |
| CRAB: Certified Patch Robustness | against | Poisoning-Based Backdoor Attacks |
| Crime | against | Businesses: Temporal Stability of Hot Spots in Mexicali, Mexico |
| Critical Infrastructure Security | against | Drone Attacks Using Visual Analytics |
| cross-calibration of GMS-5 thermal channels | against | ATSR-2, A |
| Cross-Layer Defense Method for Blockchain Empowered CBTC Systems | against | Data Tampering Attacks, A |
| Cross-Layer Defense Scheme for Edge Intelligence-Enabled CBTC Systems | against | MitM Attacks, A |
| Cross-Modal Text Steganography | against | Synonym Substitution-Based Text Attack |
| Cutout with patch-loss augmentation for improving generative adversarial networks | against | instability |
| Cyclic Defense GAN | against | Speech Adversarial Attacks |
| Deceptive Jamming Algorithm | against | Synthetic Aperture Radar in Large Squint Angle Mode Based on Non-Linear Chirp Scaling and Low Azimuth Sampling Reconstruction |
| DEEMD: Drug Efficacy Estimation | against | SARS-CoV-2 Based on Cell Morphology With Deep Multiple Instance Learning |
| Deep Counterfactual Representation Learning for Visual Recognition | against | Weather Corruptions |
| Deep Edge-Aware Interactive Colorization | against | Color-Bleeding Effects |
| Deep Image Destruction: Vulnerability of Deep Image-to-Image Models | against | Adversarial Attacks |
| Deep image prior based defense | against | adversarial examples |
| Deep Poisoning: Towards Robust Image Data Sharing | against | Visual Disclosure |
| DeepCorrect: Correcting DNN Models | against | Image Distortions |
| DeepFake detection | against | adversarial examples based on D-VAEGAN |
| Defending | against | Adversarial Attacks by Randomized Diversification |
| Defending | against | attacks tailored to transfer learning via feature distancing |
| Defending | against | Deepfakes with Ensemble Adversarial Perturbation |
| Defending | against | Model Stealing Attacks With Adaptive Misinformation |
| Defending | against | Multiple and Unforeseen Adversarial Videos |
| Defending | against | Noise by Characterizing the Rate-Distortion Functions in End-to-End Noisy Image Compression |
| Defending | against | Patch-based Backdoor Attacks on Self-Supervised Learning |
| Defending | against | Poisoning Attacks in Aerial Image Semantic Segmentation with Robust Invariant Feature Enhancement |
| Defending | against | Universal Adversarial Patches by Clipping Feature Norms |
| Defending | against | Universal Attacks Through Selective Feature Regeneration |
| Defending | against | Universal Perturbations With Shared Adversarial Training |
| Defending Black Box Facial Recognition Classifiers | against | Adversarial Attacks |
| Defending Fake via Warning: Universal Proactive Defense | against | Face Manipulation |
| Defending malware detection models | against | evasion based adversarial attacks |
| Defending Multimodal Fusion Models | against | Single-Source Adversaries |
| Defending Object Detection Models | against | Image Distortions |
| Defending Person Detection | against | Adversarial Patch Attack by Using Universal Defensive Frame |
| Defense | against | Adversarial Attacks by Reconstructing Images |
| Defense | against | Adversarial Attacks Using High-Level Representation Guided Denoiser |
| Defense | against | Adversarial Attacks via Controlling Gradient Leaking on Embedded Manifolds |
| Defense | against | Adversarial Attacks with Efficient Frequency-Adaptive Compression and Reconstruction |
| Defense | against | Adversarial Cloud Attack on Remote Sensing Salient Object Detection |
| Defense | against | Adversarial Images Using Web-Scale Nearest-Neighbor Search |
| Defense | against | Adversarial Patch Attacks for Aerial Image Semantic Segmentation by Robust Feature Extraction |
| Defense | against | Universal Adversarial Perturbations |
| Defense Mechanism | against | Adversarial Attacks Using Density-based Representation of Images |
| Detection Based Defense | against | Adversarial Examples From the Steganalysis Point of View |
| Detection Defenses: An Empty Promise | against | Adversarial Patch Attacks on Optical Flow |
| Diffdefense: Defending | against | Adversarial Attacks via Diffusion Models |
| Differentially Private Tripartite Intelligent Matching | against | Inference Attacks in Ride-Sharing Services |
| Digital Twins for Protecting Cultural Heritage | against | Climate Change |
| DisBezant: Secure and Robust Federated Learning | against | Byzantine Attack in IoT-Enabled MTS |
| DRAW: Defending Camera-shooted RAW | against | Image Manipulation |
| DS-SRI: Diversity similarity measure | against | scaling, rotation, and illumination change for robust template matching |
| Dynamic speed guidance for active highway signal coordination: roadside | against | in-car strategies |
| Ear anti-spoofing | against | print attacks using three-level fusion of image quality measures |
| Edge-Computing-Empowered Vehicle Tracking and Speed Estimation | against | Strong Image Vibrations Using Surveillance Monocular Camera |
| Effective Ambiguity Attack | against | Passport-based DNN Intellectual Property Protection Schemes through Fully Connected Layer Substitution |
| effective watermarking method | against | valumetric distortions, An |
| Effectiveness of Camouflage Make-Up Patterns | against | Face Detection Algorithms |
| Effectiveness of Exhaustive Search and Template Matching | against | Watermark Desynchronization |
| Efficient Verification of Neural Networks | against | LVM-Based Specifications |
| Efficiently secure image transmission | against | tampering in wireless visual sensor networks |
| Embedding Deep Metric for Person Re-identification: A Study | against | Large Variations |
| Energy-based virtual screening of drugs documented for schizophrenia | against | DRD2 and HTR2A |
| Ensemble adversarial black-box attacks | against | deep learning systems |
| Error Diffusion Halftoning | against | Adversarial Examples |
| Estimation of edge displacement | against | brightness and camera-to-object distance |
| European Digital Elevation Model Validation | against | Extensive Global Navigation Satellite Systems Data and Comparison with SRTM DEM and ASTER GDEM in Central Macedonia (Greece) |
| Evaluating Classification Model | against | Bayes Error Rate |
| Evaluating Robustness of Deep Image Super-Resolution | against | Adversarial Attacks |
| Evaluating the Material Appearance of Objects Under Different Lighting Distributions | against | Natural Illumination |
| Evaluating the Resilience of Face Recognition Systems | against | Malicious Attacks |
| Evaluating the Robustness of Semantic Segmentation for Autonomous Driving | against | Real-World Adversarial Patch Attacks |
| Evaluation and Comparison of Long-Term MODIS C5.1 and C6 Products | against | AERONET Observations over China |
| Evaluation of a New Polarimetric Algorithm for Rain-Path Attenuation Correction of X-Band Radar Observations | against | Disdrometer |
| Evaluation of automated electric transportation deployment strategies: integrated | against | isolated |
| Evaluation of GPM-Era Satellite Precipitation Products on the Southern Slopes of the Central Himalayas | against | Rain Gauge Data |
| Evaluation of robustness | against | rotation of LBP, CCR and ILBP features in granite texture classification |
| Evaluation of Sub-Kilometric Numerical Simulations of C-Band Radar Backscatter over the French Alps | against | Sentinel-1 Observations |
| Evaluation of Terra-MODIS C6 and C6.1 Aerosol Products | against | Beijing, XiangHe, and Xinglong AERONET Sites in China during 2004-2014 |
| Evaluation of the Quality of NDVI3g Dataset | against | Collection 6 MODIS NDVI in Central Europe between 2000 and 2013 |
| Evaluation of Water Use Efficiency Derived from MODIS Products | against | Eddy Variance Measurements in China |
| Evaluations of Machine Learning-Based CYGNSS Soil Moisture Estimates | against | SMAP Observations |
| Evaluations of the Climatologies of Three Latest Cloud Satellite Products Based on Passive Sensors (ISCCP-H, Two CERES) | against | the CALIPSO-GOCCP |
| Evapotranspiration Estimation with the S-SEBI Method from Landsat 8 Data | against | Lysimeter Measurements at the Barrax Site, Spain |
| Extraction and tracking of orientation coded features being robust | against | illumination changes |
| Eye movement-driven defense | against | iris print-attacks |
| F&F Attack: Adversarial Attack | against | Multiple Object Trackers by Inducing False Negatives and False Positives |
| Face Recognition | against | Mouth Shape Variations |
| Face recognition | against | occlusions via colour fusion using 2D-MCF model and SRC |
| FaceGuard: A Self-Supervised Defense | against | Adversarial Face Images |
| FARO: FAce Recognition | against | Occlusions and Expression Variations |
| Feature decoupling and interaction network for defending | against | adversarial examples |
| Feature Distillation: DNN-Oriented JPEG Compression | against | Adversarial Examples |
| Feature Extraction For Visual Speaker Authentication | against | Computer-Generated Video Attacks |
| Feature Quantization for Defending | against | Distortion of Images |
| feature-based robust digital image watermarking | against | geometric attacks, A |
| Fighting | against | COVID-19: Innovations and applications |
| Fine-Resolution Repeat Topographic Surveying of Dryland Landscapes Using UAS-Based Structure-from-Motion Photogrammetry: Assessing Accuracy and Precision | against | Traditional Ground-Based Erosion Measurements |
| Fixing the Double Agent Vulnerability of Deep Watermarking: A Patch-Level Solution | against | Artwork Plagiarism |
| Foreground Detection Robust | against | Cast Shadows in Outdoor Daytime Environment |
| Forming Adversarial Example Attacks | against | Deep Neural Networks With Reinforcement Learning |
| FPGA-Based On-Board Hyperspectral Imaging Compression: Benchmarking Performance and Energy Efficiency | against | GPU Implementations |
| FrequencyLowCut Pooling: Plug and Play | against | Catastrophic Overfitting |
| Fusing length and voicing information, and HMM decision using a Bayesian causal tree | against | insufficient training data |
| Gender Recognition Using a Gaze-Guided Self-Attention Mechanism Robust | against | Background Bias in Training Samples |
| general quantitative cryptanalysis of permutation-only multimedia ciphers | against | plaintext attacks, A |
| Generated Distributions Are All You Need for Membership Inference Attacks | against | Generative Models |
| Generative probabilistic models for multimedia retrieval: Query generation | against | document generation |
| Geointelligence | against | Illegal Deforestation and Timber Laundering in the Brazilian Amazon |
| Global Daily High-Resolution Satellite-Based Foundation Sea Surface Temperature Dataset: Development and Validation | against | Two Definitions of Foundation SST |
| Hardly Perceptible Trojan Attack | against | Neural Networks with Bit Flips |
| HERO: Human Ear Recognition | against | Occlusions |
| HEVC steganalytic approach | against | motion vector modification using local optimality in candidate list, An |
| Hierarchical Average Fusion With GM-PHD Filters | against | FDI and DoS Attacks |
| Histogram-oriented watermarking algorithm: colour image watermarking scheme robust | against | geometric attacks and signal processing |
| Hough Transform for Opaque Circles Measured from Outside and Fuzzy Voting For and | against | |
| How to Achieve Robustness | against | Scaling in a Real-time Digital Watermarking System for Broadcast Monitoring |
| iBotGuard: an Internet-based Intelligent Robot security system using Invariant Face Recognition | against | intruder |
| Ice Contamination of Meteosat/SEVIRI Implied by Intercalibration | against | Metop/IASI |
| Illumination normalization for robust face recognition | against | varying lighting conditions |
| Image Steganalysis | against | Adversarial Steganography by Combining Confidence and Pixel Artifacts |
| Image Super-Resolution as a Defense | against | Adversarial Attacks |
| Image Translation-Based Deniable Encryption | against | Model Extraction Attack |
| ImageNet-Patch: A dataset for benchmarking machine learning robustness | against | adversarial patches |
| Impact of SO2 Flux Estimation in the Modeling of the Plume of Mount Etna Christmas 2018 Eruption and Comparison | against | Multiple Satellite Sensors |
| Improved longitudinal control strategy for connected and automated truck platoon | against | cyberattacks |
| Improved quantization index modulation watermarking robust | against | amplitude scaling and constant change distortions |
| Improved Statistic for the Pooled Triangle Test | against | PRNU-Copy Attack, An |
| Improved steganalysis algorithm | against | motion vector based video steganography |
| Improving robustness | against | common corruptions with frequency biased models |
| Improving Robustness | against | Stealthy Weight Bit-Flip Attacks by Output Code Matching |
| Improving Robustness of DASH | against | Unpredictable Network Variations |
| Improving Robustness of DNNs | against | Common Corruptions via Gaussian Adversarial Training |
| Improving Robustness of Facial Landmark Detection by Defending | against | Adversarial Attacks |
| Information content-based low probability of interception waveforms selection | against | channelized receivers |
| Information Maximizing Optimal Sensor Placement Robust | against | Variations of Traffic Demand Based on Importance of Nodes |
| Information support systems for cultural heritage protection | against | flooding |
| Insuring Alpine Grasslands | against | Drought-Related Yield Losses Using Sentinel-2 Satellite Data |
| Intra-Pulse Frequency Coding Design for a High-Resolution Radar | against | Smart Noise Jamming |
| Introducing a new method of image reconstruction | against | crop attack using sudoku watermarking algorithm |
| Introducing a new method robust | against | crop attack in digital image watermarking using two-step sudoku |
| Intrusion Detection and Ejection Framework | against | Lethal Attacks in UAV-Aided Networks: A Bayesian Game-Theoretic Methodology |
| Invertibility attack | against | watermarking based on forged algorithm and a countermeasure |
| Investigation of a Novel Cross-Calibration Method of FY-3C/VIRR | against | NPP/VIIRS in the Dunhuang Test Site, An |
| Invited Lecture I: Strokes | against | Stroke - Stroke For Strides |
| Iris Recognition | against | Counterfeit Attack Using Gradient Based Fusion of Multi-spectral Images |
| Is Deep Learning Safe for Robot Vision? Adversarial Examples | against | the iCub Humanoid |
| JSNet: A simulation network of JPEG lossy compression and restoration for robust image watermarking | against | JPEG attack |
| Just One Moment: Structural Vulnerability of Deep Action Recognition | against | One Frame Attack |
| Kanji recognition in scene images without detection of text fields: robust | against | variation of viewpoint, contrast, and background texture |
| Kernel Composition with the one- | against | -one Cascade for Integrating External Knowledge into SVM Classification |
| L-GEM based robust learning | against | poisoning attack |
| Large-Scale Multiple-Objective Method for Black-box Attack | against | Object Detection, A |
| LBP-TOP Based Countermeasure | against | Face Spoofing Attacks |
| Learning node representations | against | perturbations |
| Leveraging Test-Time Consensus Prediction for Robustness | against | Unseen Noise |
| Local Convergence Index-Based Infrared Small Target Detection | against | Complex Scenes |
| Local Gradients Smoothing: Defense | against | Localized Adversarial Attacks |
| Looking Through the Glass: Neural Surface Reconstruction | against | High Specular Reflections |
| Low-rank matrix completion | against | missing rows and columns with separable 2-D sparsity priors |
| Master Key backdoor for universal impersonation attack | against | DNN-based face verification, A |
| Matching face | against | iris images using periocular information |
| MedRDF: A Robust and Retrain-Less Diagnostic Framework for Medical Pretrained Models | against | Adversarial Attack |
| MLPF algorithm for tracking fast moving target | against | light interference |
| Modeling Adversarial Behavior | against | Mobility Data Privacy |
| More or Less (MoL): Defending | against | Multiple Perturbation Attacks on Deep Neural Networks through Model Ensemble and Compression |
| Motion-based countermeasure | against | photo and video spoofing attacks in face recognition |
| Moving Object Extraction Method Robust | against | Illumination Level Changes for a Pedestrian Counting System, A |
| Multibit Digital Watermarking Robust | against | Local Nonlinear Geometrical Distortions |
| Multimedia Data Privacy | against | Machines |
| Multiple description video coding | against | both erasure and bit errors by compressive sensing |
| Multiscale Logarithm Difference Edgemaps for Face Recognition | against | Varying Lighting Conditions |
| Multiscale quality assessment of Global Human Settlement Layer scenes | against | reference data using statistical learning |
| Neural Watermarking Method Including an Attack Simulator | against | Rotation and Compression Attacks |
| Neuro-Inspired Autoencoding Defense | against | Adversarial Attacks, A |
| New Approach to Energy Calculation of Road Accidents | against | Fixed Small Section Elements Based on Close-Range Photogrammetry, A |
| New Cycle-Slip Repair Method for Dual-Frequency BDS | against | the Disturbances of Severe Ionospheric Variations and Pseudoranges with Large Errors, A |
| New Protocol to Evaluate the Resistance of Template Update Systems | against | Zero-Effort Attacks, A |
| New Threats | against | Object Detector with Non-local Block |
| novel approach for securing data | against | adversary attacks in UAV embedded HetNet using identity based authentication scheme, A |
| novel image watermarking scheme | against | desynchronization attacks by SVR revision, A |
| Novel Jamming Method | against | SAR Using Nonlinear Frequency Modulation Waveform with Very High Sidelobes, A |
| Novel Neuron-like Procedure of Weak Signal Detection | against | the Non-Stationary Noise Background with Application to Underwater Sound |
| Novel Watermarking Algorithm for Image Authentication: Robustness | against | Common Attacks and JPEG2000 Compression, A |
| Ocean Wave Parameters Retrieval from TerraSAR-X Images Validated | against | Buoy Measurements and Model Results |
| Off-line Signature Verification System Performance | against | Image Acquisition Resolution |
| On the Effectiveness of Small Input Noise for Defending | against | Query-based Black-Box Attacks |
| On the robustness of the equal-mean discrimination rule with uniform covariance structure | against | serially correlated training data |
| On the Security of Block Scrambling-Based EtC Systems | against | Extended Jigsaw Puzzle Solver Attacks |
| On the transferability of adversarial perturbation attacks | against | fingerprint based authentication systems |
| One- | against | -All Halfplane Dichotomies |
| Online Alternate Generator | against | Adversarial Attacks |
| Online Depth Learning | against | Forgetting in Monocular Videos |
| Operational Perspectives Into the Resilience of the U.S. Air Transportation Network | against | Intelligent Attacks |
| Optimal Transport as a Defense | against | Adversarial Attacks |
| OQFL: An Optimized Quantum-Based Federated Learning Framework for Defending | against | Adversarial Attacks in Intelligent Transportation Systems |
| Over-the-Air Adversarial Flickering Attacks | against | Video Recognition Networks |
| Overcomplete Representations | against | Adversarial Videos |
| Parallel Rectangle Flip Attack: A Query-based Black-box Attack | against | Object Detection |
| Parametric Noise Injection: Trainable Randomness to Improve Deep Neural Network Robustness | against | Adversarial Attack |
| Parzen Classifier with an Improved Robustness | against | Deviations Between Training and Test Data, A |
| Pass rate analysis of interception heuristic | against | border crossers along a linear border |
| PatchZero: Defending | against | Adversarial Patch Attacks by Detecting and Zeroing the Patch |
| Patient-Specific Left Ventricular Flow Simulations From Transthoracic Echocardiography: Robustness Evaluation and Validation | against | Ultrasound Doppler and Magnetic Resonance Imaging |
| PATROL: Privacy-Oriented Pruning for Collaborative Inference | against | Model Inversion Attacks |
| Pedestrian Counting System Robust | against | Illumination Changes |
| Perceptual quality-preserving black-box attack | against | deep learning image classifiers |
| Performance Assessment of Global-EO-Based Precipitation Products | against | Gridded Rainfall from the Indian Meteorological Department |
| Pilot Study of Query-Free Adversarial Attack | against | Stable Diffusion, A |
| Poisoning Attack | against | Estimating From Pairwise Comparisons |
| Powerful Physical Adversarial Examples | against | Practical Face Recognition Systems |
| Practical Membership Inference Attacks | against | Large-Scale Multi-Modal Models: A Pilot Study |
| Practical protection | against | video data leakage via universal adversarial head |
| Practical Real-Time Video Watermarking Scheme Robust | against | Downscaling Attack, A |
| Preliminary Assessment of the GSMaP Version 08 Products over Indonesian Maritime Continent | against | Gauge Data, A |
| Preventing Fake Information Generation | against | Media Clone Attacks |
| Privacy Preserving Defense For Black Box Classifiers | against | On-Line Adversarial Attacks |
| Probabilistic BPRRC: Robust Change Detection | against | Illumination Changes and Background Movements |
| Protecting | against | screenshots: An image processing approach |
| Protecting Patient Privacy | against | Unauthorized Release of Medical Images Using Weighted Quantum Particle Swarm Optimization Algorithm |
| Protecting World Leader Using Facial Speaking Pattern | against | Deepfakes |
| PSAT-GAN: Efficient Adversarial Attacks | against | Holistic Scene Understanding |
| R-MFNet: Analysis of Urban Carbon Stock Change | against | the Background of Land-Use Change Based on a Residual Multi-Module Fusion Network |
| Radiometry Calibration With High-Resolution Profiles of GPM: Application to ATMS 183-GHz Water Vapor Channels and Comparison | against | Reanalysis Profiles |
| Re-Thinking Model Inversion Attacks | against | Deep Neural Networks |
| Real-time video watermarking techniques robust | against | re-encoding |
| Recognizing faces by weakly orthogonalizing | against | perturbations |
| Refined Fractional-Order Fault-Tolerant Coordinated Tracking Control of Networked Fixed-Wing UAVs | against | Faults and Communication Delays via Double Recurrent Perturbation FNNs |
| Regional Homogeneity: Towards Learning Transferable Universal Adversarial Perturbations | against | Defenses |
| Resilient Countermeasures | against | Cyber-Attacks on Self-Driving Car Architecture |
| Resilient Formation Tracking of Spacecraft Swarm | against | Actuation Attacks: A Distributed Lyapunov-Based Model Predictive Approach |
| Retrieval-Augmented Convolutional Neural Networks | against | Adversarial Examples |
| RIBAC: Towards Robust and Imperceptible Backdoor Attack | against | Compact DNN |
| Robo3D: Towards Robust and Reliable 3D Perception | against | Corruptions |
| robust 3D mesh watermarking scheme | against | cropping, A |
| Robust Adversarial Watermark Defending | against | GAN Synthesization Attack |
| Robust Affine Projection Algorithm | against | Impulsive Noise, A |
| Robust Antijamming Strategy Design for Frequency-Agile Radar | against | Main Lobe Jamming |
| Robust attention ranking architecture with frequency-domain transform to defend | against | adversarial samples |
| Robust classification of hand postures | against | complex backgrounds |
| Robust Contrastive Learning | against | Noisy Views |
| Robust convolutional neural networks | against | adversarial attacks on medical images |
| Robust Design of Deep Neural Networks | against | Adversarial Attacks Based on Lyapunov Theory |
| Robust digital image watermarking method | against | geometrical attacks |
| Robust DOA Estimation | against | Mutual Coupling With Nested Array |
| Robust Dual-Platform GMTI Method | against | Nonuniform Clutter, A |
| Robust Face Identification | against | Lighting Fluctuation for Lock Control |
| Robust Feature Learning | against | Noisy Labels |
| Robust Feature-Guided Generative Adversarial Network for Aerial Image Semantic Segmentation | against | Backdoor Attacks |
| Robust Gait Recognition | against | Speed Variation |
| Robust Gait-Based Person Identification | against | Walking Speed Variations |
| Robust Generalization | against | Photon-Limited Corruptions via Worst-Case Sharpness Minimization |
| Robust Hierarchical-Optimization RLS | against | Sparse Outliers |
| robust image representation method | against | illumination and occlusion variations, A |
| Robust image segmentation | against | complex color distribution |
| Robust image watermarking | against | local geometric attacks using multiscale block matching method |
| Robust Moving Object Detection | against | Fast Illumination Change |
| Robust Object Tracking | against | Template Drift |
| Robust Parking Detection Algorithm | against | Electric Railway Magnetic Field Interference, A |
| Robust Single Image Reflection Removal | against | Adversarial Attacks |
| Robust Sparsity-Aware RLS Algorithms With Jointly-Optimized Parameters | against | Impulsive Noise |
| Robust Structured Light System | against | Subsurface Scattering Effects Achieved by CNN-Based Pattern Detection and Decoding Algorithm |
| Robust Subband Adaptive Filtering | against | Impulsive Noise |
| Robust Tracking | against | Adversarial Attacks |
| Robust watermark detection | against | D-A/A-D conversion for digital cinema using local auto-correlation function |
| Robust watermarking | against | print and scan attack through efficient modeling algorithm |
| robust watermarking algorithm | against | JPEG compression based on multiscale autoencoder, A |
| robust watermarking approach | against | high-density salt and pepper noise (RWSPN) to enhance medical image security, A |
| Robust Watermarking Scheme | against | Frame Blending, Projection and Content Adaptation Attacks, A |
| Robustness | against | Gradient based Attacks through Cost Effective Network Fine-Tuning |
| Robustness | against | Instability of Sensory Judgment In a Human Interface to Draw a Facial Image Using a Psychometrical Space Model |
| Robustness of Saak Transform | against | Adversarial Attacks |
| RSD-GAN: Regularized Sobolev Defense GAN | against | Speech-to-Text Adversarial Attacks |
| RSSI Map-Based Trajectory Design for UGV | against | Malicious Radio Source: A Reinforcement Learning Approach |
| Sample-adaptive Augmentation for Point Cloud Recognition | against | Real-world Corruptions |
| Scalable people re-identification based on a one- | against | -some classification scheme |
| Scene-Text-Detection Method Robust | against | Orientation and Discontiguous Components of Characters |
| Sea Surface Currents Estimated from Spaceborne Infrared Images Validated | against | Reanalysis Data and Drifters in the Mediterranean Sea |
| Secret Revealer: Generative Model-Inversion Attacks | against | Deep Neural Networks, The |
| Secure Steganographic Scheme | against | Statistical Analyses, A |
| Secure watermarking scheme | against | watermark attacks in the encrypted domain |
| Security of Facial Forensics Models | against | Adversarial Attacks |
| Segment and Complete: Defending Object Detectors | against | Adversarial Patch Attacks with Robust Patch Detection |
| Segmentation method for use | against | moving objects |
| Self-paced resistance learning | against | overfitting on noisy labels |
| Semantically Stealthy Adversarial Attacks | against | Segmentation Models |
| Semi-Leak: Membership Inference Attacks | against | Semi-supervised Learning |
| Sensitivity Analysis Attacks | against | Randomized Detectors |
| Sequential Training of GANs | against | GAN-Classifiers Reveals Correlated Knowledge Gaps Present Among Independently Trained GAN Instances |
| Shape and Texture Based Countermeasure to Protect Face Recognition Systems | against | Mask Attacks |
| Shape matching using GAT correlation | against | nonlinear distortion and its application to handwritten numeral recognition |
| ShieldNets: Defending | against | Adversarial Attacks Using Probabilistic Adversarial Robustness |
| Sibling-Attack: Rethinking Transferable Adversarial Attacks | against | Face Recognition |
| SIFT and SURF Performance Evaluation | against | Various Image Deformations on Benchmark Dataset |
| SilentTrig: An imperceptible backdoor attack | against | speaker identification with hidden triggers |
| Similarity-based Gray-box Adversarial Attack | against | Deep Face Recognition |
| Simple Way to Make Neural Networks Robust | against | Diverse Image Corruptions, A |
| Simultaneous robustness | against | random initialization and optimal order selection in Bag-of-Words modeling |
| Single-view-based 3D facial reconstruction method robust | against | pose variations |
| Slice-Based Combination of Rest and Dobutamine: Stress Cardiac MRI Using a Statistical Motion Model to Identify Myocardial Infarction: Validation | against | Contrast-Enhanced MRI |
| Soteria: Provable Defense | against | Privacy Leakage in Federated Learning from Representation Perspective |
| Spark: Spatial-aware Online Incremental Attack | against | Visual Tracking |
| Sparse representation-based face recognition | against | expression and illumination |
| Speedup 3-D Texture-Less Object Recognition | against | Self-Occlusion for Intelligent Manufacturing |
| Statistical attack | against | fuzzy commitment scheme |
| Statistical attack | against | iris-biometric fuzzy commitment schemes |
| Stealthy Backdoor Attack | against | Speaker Recognition Using Phase-Injection Hidden Trigger |
| Strengths and weaknesses of deep learning models for face recognition | against | image degradations |
| Strokes | against | stroke: strokes for strides |
| Study of Shape Modeling | against | Noise, A |
| Support vector machines resilient | against | training data integrity attacks |
| Surface radiance: empirical data | against | model predictions |
| Survey of Robustness and Safety of 2D and 3D Deep Learning Models | against | Adversarial Attacks, A |
| Survey on Applications of Artificial Intelligence in Fighting | against | COVID-19, A |
| Symmetric adversarial poisoning | against | deep learning |
| Synchronous Detection for Robust 3-D Shape Measurement | against | Interreflection and Subsurface Scattering |
| System for Person-Independent Hand Posture Recognition | against | Complex Backgrounds, A |
| TAFIM: Targeted Adversarial Attacks | against | Facial Image Manipulations |
| Tale of HodgeRank and Spectral Method: Target Attack | against | Rank Aggregation is the Fixed Point of Adversarial Game, A |
| Targeted Adversarial Attack | against | Deep Cross-Modal Hashing Retrieval |
| TAT: Targeted backdoor attacks | against | visual object tracking |
| Template Inversion Attack | against | Face Recognition Systems using 3D Face Reconstruction |
| Temporal Statistic Based Video Watermarking Scheme Robust | against | Geometric Attacks and Frame Dropping |
| Testing new variants of the Beckmann-Kirchhoff model | against | radiance data |
| Testing reflectance models | against | radiance data |
| Testing the Polarization Model for TANSO-FTS on GOSAT | against | Clear-Sky Observations of Sun Glint Over the Ocean |
| Theoretical Framework for Constructing Matching Algorithms Secure | against | Wolf Attack, A |
| Threshold Matters in WSSS: Manipulating the Activation for the Robust and Accurate Segmentation Model | against | Thresholds |
| Towards Better Robustness | against | Common Corruptions for Unsupervised Domain Adaptation |
| Towards Class-Oriented Poisoning Attacks | against | Neural Networks |
| Towards making thinning algorithms robust | against | noise in sketch images |
| Towards Model Quantization on the Resilience | against | Membership Inference Attacks |
| Towards Robust Person Re-Identification by Defending | against | Universal Attackers |
| Towards Robust Rain Removal | against | Adversarial Attacks: A Comprehensive Benchmark Analysis and Beyond |
| Towards Verifying Robustness of Neural Networks | against | A Family of Semantic Perturbations |
| Tracking a Human Fast and Reliably | against | Occlusion and Human-Crossing |
| Tracking Aspects of the Foreground | against | the Background |
| Transpatch: A Transformer-based Generator for Accelerating Transferable Patch Generation in Adversarial Attacks | against | Object Detection Models |
| Turning Strengths into Weaknesses: A Certified Robustness Inspired Attack Framework | against | Graph Neural Networks |
| Two-Dimensional Barcode with Robust Decoding | against | Distortion and Occlusion for Automatic Recognition of Garbage Bags, A |
| Understanding Intensity-Duration-Frequency (IDF) Curves Using IMERG Sub-Hourly Precipitation | against | Dense Gauge Networks |
| Universal adversarial perturbations | against | object detection |
| Universal Adversarial Perturbations | against | Semantic Image Segmentation |
| Universal Perturbation Attack | against | Image Retrieval |
| Unknown presentation attack detection | against | rational attackers |
| Unsupervised Domain Adaptation for Gesture Identification | against | Electrode Shift |
| Using scale space filtering to make thinning algorithms robust | against | noise in sketch images |
| Validation of GOSAT and OCO-2 | against | In Situ Aircraft Measurements and Comparison with CarbonTracker and GEOS-Chem over Qinhuangdao, China |
| Validation of right coronary artery lumen area from cardiac computed tomography | against | intravascular ultrasound |
| Validation of Sentinel-1A SAR Coastal Wind Speeds | against | Scanning LiDAR |
| Vax-a-net: Training-time Defence | against | Adversarial Patch Attacks |
| Video Restoration | against | Yin-Yang Phasing |
| Video-Based Heart Rate Measurement | against | Uneven Illuminations Using Multivariate Singular Spectrum Analysis |
| Visual SLAM Robust | against | Dynamic Objects Based on Hybrid Semantic-Geometry Information, A |
| Watermark survival chance (WSC) concept for improving watermark robustness | against | JPEG compression |
| Watermarking robust | against | analog vcr recording |
| Watermarking-Based Framework for Protecting Deep Image Classifiers | against | Adversarial Attacks, A |
| Weighted Local Ratio-Difference Contrast Method for Detecting an Infrared Small Target | against | Ground-Sky Background |
| What's wrong with the rainbow? An interdisciplinary review of empirical evidence for and | against | the rainbow color scheme in visualizations |
| When NAS Meets Robustness: In Search of Robust Architectures | against | Adversarial Attacks |
| Zero-Watermarking Based on Improved ORB Features | against | Print-cam Attack |
447 for against