安全比赛 Geekpwn 今年开始强调 "人工智能安全", 办了一个 CAAD 对抗样本攻防赛. 这让我在多年没碰 CTF 之后又有了一个 CTF 的机会, 只是这次攻击的是 ImageNet 分类器..

TL;DR: People are hardly aware of any deep learning mistakes they made, because things always appear to work, and there are no expectations on how well they should work. The solution is to try to accurately reproduce settings & performance of high-quality papers & code.