Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in Coakley et alK. L. Coakley, T. Snelleman, H. Hoos, and O. E. Gundersen, "The embrace of open science: An analysis of a decade of AI research and 56 800 conference papers," Under Review, 2026..
Content-based Unrestricted Adversarial Attack
Authors: Zhaoyu Chen, Bo Li, Shuang Wu, Kaixun Jiang, Shouhong Ding, Wenqiang Zhang
NeurIPS 2023 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experimentation and visualization demonstrate the efficacy of ACA, particularly in surpassing state-of-the-art attacks by an average of 13.3-50.4% and 16.8-48.0% in normally trained models and defense methods, respectively. |
| Researcher Affiliation | Collaboration | 1Academy for Engineering and Technology, Fudan University 2Youtu Lab, Tencent 3School of Computer Science, Fudan University |
| Pseudocode | Yes | Algorithm 1 Adversarial Content Attack |
| Open Source Code | No | The paper does not contain an explicit statement about releasing source code for the described methodology or a direct link to a code repository. |
| Open Datasets | Yes | Our experiments are conducted on the Image Net-compatible Dataset [29]. The dataset consists of 1,000 images from Image Net s validation set [8], and is widely used in [10, 13, 58, 60]. |
| Dataset Splits | No | The paper uses "Image Net-compatible Dataset [29]" which consists of "1,000 images from Image Net s validation set [8]" as its experimental dataset, but does not describe any specific train/validation/test splits of this dataset for their attack or evaluation methodology. |
| Hardware Specification | Yes | Our experiments are run on an NVIDIA Tesla A100 with Pytorch. |
| Software Dependencies | Yes | The version of Stable Diffusion [42] is v1.4. |
| Experiment Setup | Yes | DDIM steps T = 50, image mapping iteration Ni = 10, attack iterations Na = 10, β = 0.1, ζ = 0.01, η = 0.04, κ = 0.1, and µ = 1. |