DensePure: Understanding Diffusion Models for Adversarial Robustness

Published in The Eleventh International Conference on Learning Representations (ICLR 2023), 2023

This paper introduces DensePure, a novel defense mechanism that leverages diffusion models for adversarial robustness. By understanding how diffusion models purify adversarial perturbations, we achieve state-of-the-art certified robustness on image classification tasks.

Key Contributions:

Theoretical analysis of diffusion models for adversarial purification
DensePure defense achieving superior certified robustness
Extensive empirical validation on benchmark datasets

*Equal contribution

Recommended citation: Chaowei Xiao*, Zhongzhu Chen*, Kun Jin*, Jiongxiao Wang*, Weili Nie, Mingyan Liu, Anima Anandkumar, Bo Li, and Dawn Song. (2023). "DensePure: Understanding Diffusion Models for Adversarial Robustness." ICLR 2023.
Download Paper

Share on

Bluesky Facebook LinkedIn Mastodon X (formerly Twitter)