ADSAttack: An Adversarial Attack Algorithm via Searching Adversarial Distribution in Latent Space
نویسندگان
چکیده
Deep neural networks are susceptible to interference from deliberately crafted noise, which can lead incorrect classification results. Existing approaches make less use of latent space information and conduct pixel-domain modification in the input instead, increases computational cost decreases transferability. In this work, we propose an effective adversarial distribution searching-driven attack (ADSAttack) algorithm generate examples against deep networks. ADSAttack introduces affiliated network search for potential distributions image synthesizing examples. uses edge-detection locate low-level feature mapping sketch minimum disturbed area. Experimental results demonstrate that achieves higher transferability, better imperceptible visualization, faster generation speed compared traditional algorithms. To 1000 examples, takes 11.08s and, on average, a success rate 98.01%.
منابع مشابه
LatentPoison - Adversarial Attacks On The Latent Space
Robustness and security of machine learning (ML) systems are intertwined, wherein a non-robust ML system (classifiers, regressors, etc.) can be subject to attacks using a wide variety of exploits. With the advent of scalable deep learning methodologies, a lot of emphasis has been put on the robustness of supervised, unsupervised and reinforcement learning algorithms. Here, we study the robustne...
متن کاملLearning a Probabilistic Latent Space of Object Shapes via 3D Generative-Adversarial Modeling
We study the problem of 3D object generation. We propose a novel framework, namely 3D Generative Adversarial Network (3D-GAN), which generates 3D objects from a probabilistic space by leveraging recent advances in volumetric convolutional networks and generative adversarial nets. The benefits of our model are three-fold: first, the use of an adversarial criterion, instead of traditional heurist...
متن کاملAdversarial classification: An adversarial risk analysis approach
Classification problems in security settings are usually contemplated as confrontations in which one or more adversaries try to fool a classifier to obtain a benefit. Most approaches to such adversarial classification problems have focused on game theoretical ideas with strong underlying common knowledge assumptions, which are actually not realistic in security domains. We provide an alternativ...
متن کاملLearning to Attack: Adversarial Transformation Networks
With the rapidly increasing popularity of deep neural networks for image recognition tasks, a parallel interest in generating adversarial examples to attack the trained models has arisen. To date, these approaches have involved either directly computing gradients with respect to the image pixels or directly solving an optimization on the image pixels. We generalize this pursuit in a novel direc...
متن کاملPractical Adversarial Combinatorial Bandit Algorithm via Compression of Decision Sets
We consider the adversarial combinatorial multi-armed bandit (CMAB) problem, whose decisionset can be exponentially large with respect to the number of given arms. To avoid dealing with suchlarge decision sets directly, we propose an algorithm performed on a zero-suppressed binary decisiondiagram (ZDD), which is a compressed representation of the decision set. The proposed algor...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronics
سال: 2023
ISSN: ['2079-9292']
DOI: https://doi.org/10.3390/electronics12040816