Deciphering the Definition of Adversarial Robustness for Post-Hoc OOD Detectors
Abstract
Detecting out-of-distribution (OOD) inputs is critical for safely deploying deep learning models in real-world scenarios. In recent years, many OOD detectors have been developed, and even the benchmarking has been standardized, i.e. OpenOOD. The number of post-hoc detectors is growing fast and showing an option to protect a pre-trained classifier against natural distribution shifts, claiming to be ready for real-world scenarios. However, its efficacy in handling adversarial examples has been neglected in the majority of studies. This paper investigates the adversarial robustness of the 16 post-hoc detectors on several evasion attacks and discuss a roadmap towards adversarial defense in OOD detectors.
Cite
Text
Lorenz et al. "Deciphering the Definition of Adversarial Robustness for Post-Hoc OOD Detectors." ICML 2024 Workshops: NextGenAISafety, 2024.Markdown
[Lorenz et al. "Deciphering the Definition of Adversarial Robustness for Post-Hoc OOD Detectors." ICML 2024 Workshops: NextGenAISafety, 2024.](https://mlanthology.org/icmlw/2024/lorenz2024icmlw-deciphering/)BibTeX
@inproceedings{lorenz2024icmlw-deciphering,
title = {{Deciphering the Definition of Adversarial Robustness for Post-Hoc OOD Detectors}},
author = {Lorenz, Peter and Fernandez, Mario Ruben and Müller, Jens and Koethe, Ullrich},
booktitle = {ICML 2024 Workshops: NextGenAISafety},
year = {2024},
url = {https://mlanthology.org/icmlw/2024/lorenz2024icmlw-deciphering/}
}