Jun Zhu

defense arXiv Mar 25, 2026 · 14d ago

Why the Maximum Second Derivative of Activations Matters for Adversarial Robustness

Yunrui Yu, Hang Su, Jun Zhu · Tsinghua University

Discovers optimal adversarial robustness occurs when activation function curvature falls within 4-10, revealing fundamental expressivity-sharpness trade-off

Input Manipulation Attack vision

PDF

defense arXiv Mar 20, 2026 · 19d ago

Neural Uncertainty Principle: A Unified View of Adversarial Fragility and LLM Hallucination

Dong-Xiao Zhang, Hu Lou, Jun-Jie Zhang et al. · Northwest Institute of Nuclear Technology · Tsinghua University +1 more

Unifies adversarial robustness and LLM hallucination under a geometric uncertainty principle, proposing defenses without adversarial training

Input Manipulation Attack Prompt Injection visionnlpmultimodal

PDF

attack arXiv Mar 31, 2026 · 8d ago

Dummy-Aware Weighted Attack (DAWA): Breaking the Safe Sink in Dummy Class Defenses

Yunrui Yu, Xuxiang Feng, Pengda Qin et al. · Tsinghua University · University of Macau +1 more

Novel adversarial attack targeting dummy-class defenses by simultaneously attacking true and dummy labels with adaptive weighting

Input Manipulation Attack vision

PDF

Papers in Database (3)

Why the Maximum Second Derivative of Activations Matters for Adversarial Robustness

Neural Uncertainty Principle: A Unified View of Adversarial Fragility and LLM Hallucination

Dummy-Aware Weighted Attack (DAWA): Breaking the Safe Sink in Dummy Class Defenses