X
Xingjun Ma
Researcher at Deakin University
Publications - 104
Citations - 4843
Xingjun Ma is an academic researcher from Deakin University. The author has contributed to research in topics: Computer science & Robustness (computer science). The author has an hindex of 21, co-authored 86 publications receiving 2486 citations. Previous affiliations of Xingjun Ma include Beihang University & University of Melbourne.
Papers
More filters
Proceedings ArticleDOI
Symmetric Cross Entropy for Robust Learning With Noisy Labels
TL;DR: The proposed Symmetric cross entropy Learning (SL) approach simultaneously addresses both the under learning and overfitting problem of CE in the presence of noisy labels, and empirically shows that SL outperforms state-of-the-art methods.
Posted Content
Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality
Xingjun Ma,Bo Li,Yisen Wang,Sarah M. Erfani,Sudanthi Wijewickrema,Grant Schoenebeck,Dawn Song,Michael E. Houle,James Bailey +8 more
TL;DR: The analysis of the LID characteristic for adversarial regions not only motivates new directions of effective adversarial defense, but also opens up more challenges for developing new attacks to better understand the vulnerabilities of DNNs.
Proceedings Article
Improving Adversarial Robustness Requires Revisiting Misclassified Examples
TL;DR: This paper proposes a new defense algorithm called MART, which explicitly differentiates the misclassified and correctly classified examples during the training, and shows that MART and its variant could significantly improve the state-of-the-art adversarial robustness.
Proceedings Article
Characterizing Adversarial Subspaces Using Local Intrinsic Dimensionality
Xingjun Ma,Bo Li,Yisen Wang,Sarah M. Erfani,Sudanthi Wijewickrema,Grant Schoenebeck,Dawn Song,Michael E. Houle,James Bailey +8 more
TL;DR: In this article, the dimensional properties of adversarial regions are characterized via the use of Local Intrinsic Dimensionality (LID), which assesses the space-filling capability of the region surrounding a reference example, based on the distance distribution of the example to its neighbors.
Book ChapterDOI
Reflection Backdoor: A Natural Backdoor Attack on Deep Neural Networks
TL;DR: Refool is proposed, a new type of backdoor attack inspired by an important natural phenomenon: reflection to plant reflections as backdoor into a victim model and can attack state-of-the-art DNNs with high success rate, and is resistant to state of theart backdoor defenses.