Página inicial Explorar Ajuda
Registrar Entrar
brain-assistant
/
yet-another-applied-llm-benchmark
5
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
yet-another-app...
/
tests
/
data_extraction_byyear.py

data_extraction_byyear.py 16 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338 
  1. from evaluator import *
    2. 

  2. 

  3. DESCRIPTION = "Test if the model can extract structured data from (somewhat) unstructured text."
    4. 

  4. 

  5. TAGS = ['data']
    6. 

  6. 

  7. question = '''
    8. 

  8. From the following data extract the best performing defense each year, in the format {year: robust accuracy}
    9. 

  9. 

  10. So for example the answer for {"2024": 69.71, "2023": ..., ...}, now fill it in for every other year. Return the answer as a JSON dict.
    11. 

  11. 

  12. 

  13. Rank	Method	Standard
    14. 

  14. accuracy	AutoAttack
    15. 

  15. robust
    16. 

  16. accuracy	Best known
    17. 

  17. robust
    18. 

  18. accuracy	AA eval.
    19. 

  19. potentially
    20. 

  20. unreliable	Extra
    21. 

  21. data	Architecture	Venue
    22. 

  22. 1	Robust Principles: Architectural Design Principles for Adversarially Robust CNNs
    23. 

  23. It uses additional 50M synthetic images in training.	93.27%	71.07%	71.07%	
    24. 

  24. ×
    25. 

  25. ×	RaWideResNet-70-16	BMVC 2023
    26. 

  26. 2	Better Diffusion Models Further Improve Adversarial Training
    27. 

  27. It uses additional 50M synthetic images in training.	93.25%	70.69%	70.69%	
    28. 

  28. ×
    29. 

  29. ×	WideResNet-70-16	ICML 2023
    30. 

  30. 3	MixedNUTS: Training-Free Accuracy-Robustness Balance via Nonlinearly Mixed Classifiers
    31. 

  31. It uses an ensemble of networks. The robust base classifier uses 50M synthetic images. 69.71% robust accuracy is due to the original evaluation (Adaptive AutoAttack)	95.19%	70.08%	69.71%	
    32. 

  32. ×
    33. 

  33. ☑	ResNet-152 + WideResNet-70-16	arXiv, Feb 2024
    34. 

  34. 4	Improving the Accuracy-Robustness Trade-off of Classifiers via Adaptive Smoothing
    35. 

  35. It uses an ensemble of networks. The robust base classifier uses 50M synthetic images.	95.23%	68.06%	68.06%	
    36. 

  36. ×
    37. 

  37. ☑	ResNet-152 + WideResNet-70-16 + mixing network	SIMODS 2024
    38. 

  38. 5	Decoupled Kullback-Leibler Divergence Loss
    39. 

  39. It uses additional 20M synthetic images in training.	92.16%	67.73%	67.73%	
    40. 

  40. ×
    41. 

  41. ×	WideResNet-28-10	arXiv, May 2023
    42. 

  42. 6	Better Diffusion Models Further Improve Adversarial Training
    43. 

  43. It uses additional 20M synthetic images in training.	92.44%	67.31%	67.31%	
    44. 

  44. ×
    45. 

  45. ×	WideResNet-28-10	ICML 2023
    46. 

  46. 7	Fixing Data Augmentation to Improve Adversarial Robustness
    47. 

  47. 66.56% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	92.23%	66.58%	66.56%	
    48. 

  48. ×
    49. 

  49. ☑	WideResNet-70-16	arXiv, Mar 2021
    50. 

  50. 8	Improving Robustness using Generated Data
    51. 

  51. It uses additional 100M synthetic images in training. 66.10% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	88.74%	66.11%	66.10%	
    52. 

  52. ×
    53. 

  53. ×	WideResNet-70-16	NeurIPS 2021
    54. 

  54. 9	Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples
    55. 

  55. 65.87% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	91.10%	65.88%	65.87%	
    56. 

  56. ×
    57. 

  57. ☑	WideResNet-70-16	arXiv, Oct 2020
    58. 

  58. 10	Revisiting Residual Networks for Adversarial Robustness: An Architectural Perspective	91.58%	65.79%	65.79%	
    59. 

  59. ×
    60. 

  60. ☑	WideResNet-A4	arXiv, Dec. 2022
    61. 

  61. 11	Fixing Data Augmentation to Improve Adversarial Robustness
    62. 

  62. It uses additional 1M synthetic images in training. 64.58% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	88.50%	64.64%	64.58%	
    63. 

  63. ×
    64. 

  64. ×	WideResNet-106-16	arXiv, Mar 2021
    65. 

  65. 12	Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks
    66. 

  66. Based on the model Rebuffi2021Fixing_70_16_cutmix_extra. 64.20% robust accuracy is due to AutoAttack + transfer APGD from Rebuffi2021Fixing_70_16_cutmix_extra	93.73%	71.28%	64.20%	
    67. 

    68. 

  68. ☑	WideResNet-70-16, Neural ODE block	NeurIPS 2021
    69. 

  69. 13	Fixing Data Augmentation to Improve Adversarial Robustness
    70. 

  70. It uses additional 1M synthetic images in training. 64.20% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	88.54%	64.25%	64.20%	
    71. 

  71. ×
    72. 

  72. ×	WideResNet-70-16	arXiv, Mar 2021
    73. 

  73. 14	Exploring and Exploiting Decision Boundary Dynamics for Adversarial Robustness
    74. 

  74. It uses additional 10M synthetic images in training.	93.69%	63.89%	63.89%	
    75. 

  75. ×
    76. 

  76. ×	WideResNet-28-10	ICLR 2023
    77. 

  77. 15	Improving Robustness using Generated Data
    78. 

  78. It uses additional 100M synthetic images in training. 63.38% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	87.50%	63.44%	63.38%	
    79. 

  79. ×
    80. 

  80. ×	WideResNet-28-10	NeurIPS 2021
    81. 

  81. 16	Robustness and Accuracy Could Be Reconcilable by (Proper) Definition
    82. 

  82. It uses additional 1M synthetic images in training.	89.01%	63.35%	63.35%	
    83. 

  83. ×
    84. 

  84. ×	WideResNet-70-16	ICML 2022
    85. 

  85. 17	Helper-based Adversarial Training: Reducing Excessive Margin to Achieve a Better Accuracy vs. Robustness Trade-off	91.47%	62.83%	62.83%	
    86. 

  86. ×
    87. 

  87. ☑	WideResNet-34-10	OpenReview, Jun 2021
    88. 

  88. 18	Robust Learning Meets Generative Models: Can Proxy Distributions Improve Adversarial Robustness?
    89. 

  89. It uses additional 10M synthetic images in training.	87.30%	62.79%	62.79%	
    90. 

  90. ×
    91. 

  91. ×	ResNest152	ICLR 2022
    92. 

  92. 19	Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples
    93. 

  93. 62.76% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	89.48%	62.80%	62.76%	
    94. 

  94. ×
    95. 

  95. ☑	WideResNet-28-10	arXiv, Oct 2020
    96. 

  96. 20	Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks
    97. 

  97. Uses exponential moving average (EMA)	91.23%	62.54%	62.54%	
    98. 

  98. ×
    99. 

  99. ☑	WideResNet-34-R	NeurIPS 2021
    100. 

  100. 21	Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks	90.56%	61.56%	61.56%	
    101. 

  101. ×
    102. 

  102. ☑	WideResNet-34-R	NeurIPS 2021
    103. 

  103. 22	Parameterizing Activation Functions for Adversarial Robustness
    104. 

  104. It uses additional ~6M synthetic images in training.	87.02%	61.55%	61.55%	
    105. 

  105. ×
    106. 

  106. ×	WideResNet-28-10-PSSiLU	arXiv, Oct 2021
    107. 

  107. 23	Robustness and Accuracy Could Be Reconcilable by (Proper) Definition
    108. 

  108. It uses additional 1M synthetic images in training.	88.61%	61.04%	61.04%	
    109. 

  109. ×
    110. 

  110. ×	WideResNet-28-10	ICML 2022
    111. 

  111. 24	Helper-based Adversarial Training: Reducing Excessive Margin to Achieve a Better Accuracy vs. Robustness Trade-off
    112. 

  112. It uses additional 1M synthetic images in training.	88.16%	60.97%	60.97%	
    113. 

  113. ×
    114. 

  114. ×	WideResNet-28-10	OpenReview, Jun 2021
    115. 

  115. 25	Fixing Data Augmentation to Improve Adversarial Robustness
    116. 

  116. It uses additional 1M synthetic images in training. 60.73% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	87.33%	60.75%	60.73%	
    117. 

  117. ×
    118. 

  118. ×	WideResNet-28-10	arXiv, Mar 2021
    119. 

  119. 26	Do Wider Neural Networks Really Help Adversarial Robustness?
    120. 

  120. 87.67%	60.65%	60.65%	Unknown	☑	WideResNet-34-15	arXiv, Oct 2020
    121. 

  121. 27	Improving Neural Network Robustness via Persistency of Excitation	86.53%	60.41%	60.41%	
    122. 

  122. ×
    123. 

  123. ☑	WideResNet-34-15	ACC 2022
    124. 

  124. 28	Robust Learning Meets Generative Models: Can Proxy Distributions Improve Adversarial Robustness?
    125. 

  125. It uses additional 10M synthetic images in training.	86.68%	60.27%	60.27%	
    126. 

  126. ×
    127. 

  127. ×	WideResNet-34-10	ICLR 2022
    128. 

  128. 29	Adversarial Weight Perturbation Helps Robust Generalization	88.25%	60.04%	60.04%	
    129. 

  129. ×
    130. 

  130. ☑	WideResNet-28-10	NeurIPS 2020
    131. 

  131. 30	Improving Neural Network Robustness via Persistency of Excitation	89.46%	59.66%	59.66%	
    132. 

  132. ×
    133. 

  133. ☑	WideResNet-28-10	ACC 2022
    134. 

  134. 31	Geometry-aware Instance-reweighted Adversarial Training
    135. 

  135. Uses 
    136. 

    137. 

    138. 

  138.  = 0.031 ≈ 7.9/255 instead of 8/255.	89.36%	59.64%	59.64%	
    139. 

  139. ×
    140. 

  140. ☑	WideResNet-28-10	ICLR 2021
    141. 

  141. 32	Unlabeled Data Improves Adversarial Robustness	89.69%	59.53%	59.53%	
    142. 

  142. ×
    143. 

  143. ☑	WideResNet-28-10	NeurIPS 2019
    144. 

  144. 33	Improving Robustness using Generated Data
    145. 

  145. It uses additional 100M synthetic images in training. 58.50% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	87.35%	58.63%	58.50%	
    146. 

  146. ×
    147. 

  147. ×	PreActResNet-18	NeurIPS 2021
    148. 

  148. 34	Data filtering for efficient adversarial training
    149. 

  149. 86.10%	58.09%	58.09%	
    150. 

  150. ×
    151. 

  151. ×	WideResNet-34-20	Pattern Recognition 2024
    152. 

  152. 35	Scaling Adversarial Training to Large Perturbation Bounds	85.32%	58.04%	58.04%	
    153. 

  153. ×
    154. 

  154. ×	WideResNet-34-10	ECCV 2022
    155. 

  155. 36	Efficient and Effective Augmentation Strategy for Adversarial Training	88.71%	57.81%	57.81%	
    156. 

  156. ×
    157. 

  157. ×	WideResNet-34-10	NeurIPS 2022
    158. 

  158. 37	LTD: Low Temperature Distillation for Robust Adversarial Training
    159. 

  159. 86.03%	57.71%	57.71%	
    160. 

  160. ×
    161. 

  161. ×	WideResNet-34-20	arXiv, Nov 2021
    162. 

  162. 38	Helper-based Adversarial Training: Reducing Excessive Margin to Achieve a Better Accuracy vs. Robustness Trade-off	89.02%	57.67%	57.67%	
    163. 

  163. ×
    164. 

  164. ☑	PreActResNet-18	OpenReview, Jun 2021
    165. 

  165. 39	LAS-AT: Adversarial Training with Learnable Attack Strategy
    166. 

  166. 85.66%	57.61%	57.61%	
    167. 

  167. ×
    168. 

  168. ×	WideResNet-70-16	arXiv, Mar 2022
    169. 

  169. 40	A Light Recipe to Train Robust Vision Transformers	91.73%	57.58%	57.58%	
    170. 

  170. ×
    171. 

  171. ☑	XCiT-L12	arXiv, Sep 2022
    172. 

  172. 41	Data filtering for efficient adversarial training
    173. 

  173. 86.54%	57.30%	57.30%	
    174. 

  174. ×
    175. 

  175. ×	WideResNet-34-10	Pattern Recognition 2024
    176. 

  176. 42	A Light Recipe to Train Robust Vision Transformers	91.30%	57.27%	57.27%	
    177. 

  177. ×
    178. 

  178. ☑	XCiT-M12	arXiv, Sep 2022
    179. 

  179. 43	Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples
    180. 

  180. 57.14% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	85.29%	57.20%	57.14%	
    181. 

  181. ×
    182. 

  182. ×	WideResNet-70-16	arXiv, Oct 2020
    183. 

  183. 44	HYDRA: Pruning Adversarially Robust Neural Networks
    184. 

  184. Compressed model	88.98%	57.14%	57.14%	
    185. 

  185. ×
    186. 

  186. ☑	WideResNet-28-10	NeurIPS 2020
    187. 

  187. 45	Decoupled Kullback-Leibler Divergence Loss	85.31%	57.09%	57.09%	
    188. 

  188. ×
    189. 

  189. ×	WideResNet-34-10	arXiv, May 2023
    190. 

  190. 46	Helper-based Adversarial Training: Reducing Excessive Margin to Achieve a Better Accuracy vs. Robustness Trade-off
    191. 

  191. It uses additional 1M synthetic images in training.	86.86%	57.09%	57.09%	
    192. 

  192. ×
    193. 

  193. ×	PreActResNet-18	OpenReview, Jun 2021
    194. 

  194. 47	LTD: Low Temperature Distillation for Robust Adversarial Training
    195. 

  195. 85.21%	56.94%	56.94%	
    196. 

  196. ×
    197. 

  197. ×	WideResNet-34-10	arXiv, Nov 2021
    198. 

  198. 48	Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples
    199. 

  199. 56.82% robust accuracy is due to the original evaluation (AutoAttack + MultiTargeted)	85.64%	56.86%	56.82%	
    200. 

  200. ×
    201. 

  201. ×	WideResNet-34-20	arXiv, Oct 2020
    202. 

  202. 49	Fixing Data Augmentation to Improve Adversarial Robustness
    203. 

  203. It uses additional 1M synthetic images in training.	83.53%	56.66%	56.66%	
    204. 

  204. ×
    205. 

  205. ×	PreActResNet-18	arXiv, Mar 2021
    206. 

  206. 50	Improving Adversarial Robustness Requires Revisiting Misclassified Examples	87.50%	56.29%	56.29%	
    207. 

  207. ×
    208. 

  208. ☑	WideResNet-28-10	ICLR 2020
    209. 

  209. 51	LAS-AT: Adversarial Training with Learnable Attack Strategy
    210. 

  210. 84.98%	56.26%	56.26%	
    211. 

  211. ×
    212. 

  212. ×	WideResNet-34-10	arXiv, Mar 2022
    213. 

  213. 52	Adversarial Weight Perturbation Helps Robust Generalization	85.36%	56.17%	56.17%	
    214. 

  214. ×
    215. 

  215. ×	WideResNet-34-10	NeurIPS 2020
    216. 

  216. 53	A Light Recipe to Train Robust Vision Transformers	90.06%	56.14%	56.14%	
    217. 

  217. ×
    218. 

  218. ☑	XCiT-S12	arXiv, Sep 2022
    219. 

  219. 54	Are Labels Required for Improving Adversarial Robustness?	86.46%	56.03%	56.03%	Unknown	☑	WideResNet-28-10	NeurIPS 2019
    220. 

  220. 55	Robust Learning Meets Generative Models: Can Proxy Distributions Improve Adversarial Robustness?
    221. 

  221. It uses additional 10M synthetic images in training.	84.59%	55.54%	55.54%	
    222. 

  222. ×
    223. 

  223. ×	ResNet-18	ICLR 2022
    224. 

  224. 56	Using Pre-Training Can Improve Model Robustness and Uncertainty	87.11%	54.92%	54.92%	
    225. 

  225. ×
    226. 

  226. ☑	WideResNet-28-10	ICML 2019
    227. 

  227. 57	Bag of Tricks for Adversarial Training
    228. 

  228. 86.43%	54.39%	54.39%	Unknown	×	WideResNet-34-20	ICLR 2021
    229. 

  229. 58	Boosting Adversarial Training with Hypersphere Embedding	85.14%	53.74%	53.74%	
    230. 

  230. ×
    231. 

  231. ×	WideResNet-34-20	NeurIPS 2020
    232. 

  232. 59	Learnable Boundary Guided Adversarial Training
    233. 

  233. Uses 
    234. 

    235. 

    236. 

  236.  = 0.031 ≈ 7.9/255 instead of 8/255	88.70%	53.57%	53.57%	
    237. 

  237. ×
    238. 

  238. ×	WideResNet-34-20	ICCV 2021
    239. 

  239. 60	Attacks Which Do Not Kill Training Make Adversarial Learning Stronger	84.52%	53.51%	53.51%	
    240. 

  240. ×
    241. 

  241. ×	WideResNet-34-10	ICML 2020
    242. 

  242. 61	Overfitting in adversarially robust deep learning	85.34%	53.42%	53.42%	
    243. 

  243. ×
    244. 

  244. ×	WideResNet-34-20	ICML 2020
    245. 

  245. 62	Self-Adaptive Training: beyond Empirical Risk Minimization
    246. 

  246. Uses 
    247. 

    248. 

    249. 

  249.  = 0.031 ≈ 7.9/255 instead of 8/255.	83.48%	53.34%	53.34%	Unknown	×	WideResNet-34-10	NeurIPS 2020
    250. 

  250. 63	Theoretically Principled Trade-off between Robustness and Accuracy
    251. 

  251. Uses 
    252. 

    253. 

    254. 

  254.  = 0.031 ≈ 7.9/255 instead of 8/255.	84.92%	53.08%	53.08%	Unknown	×	WideResNet-34-10	ICML 2019
    255. 

  255. 64	Learnable Boundary Guided Adversarial Training
    256. 

  256. Uses 
    257. 

    258. 

    259. 

  259.  = 0.031 ≈ 7.9/255 instead of 8/255	88.22%	52.86%	52.86%	
    260. 

  260. ×
    261. 

  261. ×	WideResNet-34-10	ICCV 2021
    262. 

  262. 65	Adversarial Robustness through Local Linearization	86.28%	52.84%	52.84%	Unknown	×	WideResNet-40-8	NeurIPS 2019
    263. 

  263. 66	Efficient and Effective Augmentation Strategy for Adversarial Training	85.71%	52.48%	52.48%	
    264. 

  264. ×
    265. 

  265. ×	ResNet-18	NeurIPS 2022
    266. 

  266. 67	Adversarial Robustness: From Self-Supervised Pre-Training to Fine-Tuning
    267. 

  267. Uses ensembles of 3 models.	86.04%	51.56%	51.56%	Unknown	×	ResNet-50	CVPR 2020
    268. 

  268. 68	Efficient Robust Training via Backward Smoothing
    269. 

  269. 85.32%	51.12%	51.12%	Unknown	×	WideResNet-34-10	arXiv, Oct 2020
    270. 

  270. 69	Scaling Adversarial Training to Large Perturbation Bounds	80.24%	51.06%	51.06%	
    271. 

  271. ×
    272. 

  272. ×	ResNet-18	ECCV 2022
    273. 

  273. 70	Improving Adversarial Robustness Through Progressive Hardening
    274. 

  274. 86.84%	50.72%	50.72%	Unknown	×	WideResNet-34-10	arXiv, Mar 2020
    275. 

  275. 71	Robustness library	87.03%	49.25%	49.25%	Unknown	×	ResNet-50	GitHub,
    276. 

  276. Oct 2019
    277. 

  277. 72	Harnessing the Vulnerability of Latent Layers in Adversarially Trained Models	87.80%	49.12%	49.12%	Unknown	×	WideResNet-34-10	IJCAI 2019
    278. 

  278. 73	Metric Learning for Adversarial Robustness	86.21%	47.41%	47.41%	Unknown	×	WideResNet-34-10	NeurIPS 2019
    279. 

  279. 74	You Only Propagate Once: Accelerating Adversarial Training via Maximal Principle
    280. 

  280. Focuses on fast adversarial training.	87.20%	44.83%	44.83%	Unknown	×	WideResNet-34-10	NeurIPS 2019
    281. 

  281. 75	Towards Deep Learning Models Resistant to Adversarial Attacks	87.14%	44.04%	44.04%	Unknown	×	WideResNet-34-10	ICLR 2018
    282. 

  282. 76	Understanding and Improving Fast Adversarial Training
    283. 

  283. Focuses on fast adversarial training.	79.84%	43.93%	43.93%	Unknown	×	PreActResNet-18	NeurIPS 2020
    284. 

  284. 77	Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness	80.89%	43.48%	43.48%	Unknown	×	ResNet-32	ICLR 2020
    285. 

  285. 78	Fast is better than free: Revisiting adversarial training
    286. 

  286. Focuses on fast adversarial training.	83.34%	43.21%	43.21%	Unknown	×	PreActResNet-18	ICLR 2020
    287. 

  287. 79	Adversarial Training for Free!	86.11%	41.47%	41.47%	Unknown	×	WideResNet-34-10	NeurIPS 2019
    288. 

  288. 80	MMA Training: Direct Input Space Margin Maximization through Adversarial Training	84.36%	41.44%	41.44%	Unknown	×	WideResNet-28-4	ICLR 2020
    289. 

  289. 81	A Tunable Robust Pruning Framework Through Dynamic Network Rewiring of DNNs
    290. 

  290. Compressed model	87.32%	40.41%	40.41%	
    291. 

  291. ×
    292. 

  292. ×	ResNet-18	ASP-DAC 2021
    293. 

  293. 82	Controlling Neural Level Sets
    294. 

  294. Uses 
    295. 

    296. 

    297. 

  297.  = 0.031 ≈ 7.9/255 instead of 8/255.	81.30%	40.22%	40.22%	Unknown	×	ResNet-18	NeurIPS 2019
    298. 

  298. 83	Robustness via Curvature Regularization, and Vice Versa	83.11%	38.50%	38.50%	Unknown	×	ResNet-18	CVPR 2019
    299. 

  299. 84	Defense Against Adversarial Attacks Using Feature Scattering-based Adversarial Training	89.98%	36.64%	36.64%	Unknown	×	WideResNet-28-10	NeurIPS 2019
    300. 

  300. 85	Adversarial Interpolation Training: A Simple Approach for Improving Model Robustness	90.25%	36.45%	36.45%	Unknown	×	WideResNet-28-10	OpenReview, Sep 2019
    301. 

  301. 86	Adversarial Defense via Learning to Generate Diverse Attacks	78.91%	34.95%	34.95%	Unknown	×	ResNet-20	ICCV 2019
    302. 

  302. 87	Sensible adversarial learning	91.51%	34.22%	34.22%	Unknown	×	WideResNet-34-10	OpenReview, Sep 2019
    303. 

  303. 88	Towards Stable and Efficient Training of Verifiably Robust Neural Networks
    304. 

  304. Verifiably robust model with 32.24% provable robust accuracy	44.73%	32.64%	32.64%	Unknown	×	5-layer-CNN	ICLR 2020
    305. 

  305. 89	Bilateral Adversarial Training: Towards Fast Training of More Robust Models Against Adversarial Attacks	92.80%	29.35%	29.35%	Unknown	×	WideResNet-28-10	ICCV 2019
    306. 

  306. 90	Enhancing Adversarial Defense by k-Winners-Take-All
    307. 

  307. Uses 
    308. 

    309. 

    310. 

  310.  = 0.031 ≈ 7.9/255 instead of 8/255.
    311. 

  311. 7.40% robust accuracy is due to 1 restart of APGD-CE and 30 restarts of Square Attack
    312. 

  312. Note: this adaptive evaluation (Section 5) reports 0.16% robust accuracy on a different model (adversarially trained ResNet-18).	79.28%	18.50%	7.40%	
    313. 

    314. 

  314. ×	DenseNet-121	ICLR 2020
    315. 

  315. 91	Manifold Regularization for Adversarial Robustness	90.84%	1.35%	1.35%	Unknown	×	ResNet-18	arXiv, Mar 2020
    316. 

  316. 92	Adversarial Defense by Restricting the Hidden Space of Deep Neural Networks	89.16%	0.28%	0.28%	Unknown	×	ResNet-110	ICCV 2019
    317. 

  317. 93	Jacobian Adversarially Regularized Networks for Robustness	93.79%	0.26%	0.26%	Unknown	×	WideResNet-34-10	ICLR 2020
    318. 

  318. 94	ClusTR: Clustering Training for Robustness	91.03%	0.00%	0.00%	Unknown	×	WideResNet-28-10	arXiv, Jun 2020
    319. 

  319. 95	Standardly trained model	94.78%	0.0%	0.0%	Unknown	×	WideResNet-28-10	N/A
    320. 

  320. '''
    321. 

  321. 

  322. 

  323. TestDataYearExtract = question >> LLMRun() >> ExtractJSON() >> JSONSubsetEvaluator({
    324. 

  324.     "2024": 69.71,
    325. 

  325.     "2023": 71.07,
    326. 

  326.     "2022": 65.79,
    327. 

  327.     "2021": 66.56,
    328. 

  328.     "2020": 65.87,
    329. 

  329.     "2019": 59.53,
    330. 

  330.     "2018": 44.04
    331. 

  331. })
    332. 

  332. 

  333. 

  334. 

  335. 

  336. if __name__ == "__main__":
    337. 

  337.     print(run_test(TestDataYearExtract))
    338. 

  338.