Man-in-the-Middle Attacks Against Machine Learning Classifiers Via Malicious Generative Models

Deep Neural Networks (DNNs) are vulnerable to deliberately crafted adversarial examples. In the past few years, many efforts have been spent on exploring query-optimisation attacks find examples of either black-box or white-box DNN models, as well defending countermeasures against those attacks. this article, we explore vulnerabilities models under umbrella Man-in-the-Middle (MitM) attacks, which not investigated before. From perspective an MitM adversary, aforementioned example viable anymore. First, such must acquire outputs from multiple times before actually launching is difficult for adversary in practice. Second, one-off and cannot be directly generalised onto new data examples, decreases rate return attacker. contrast, using generative craft fly can mitigate drawbacks. However, capability Variational Auto-Encoder (VAE), has extensively studied. Therefore, given a classifier, investigate VAE decoder transform benign inputs their counterparts decode encoders The proposed method endue more attackers. Based our evaluation, attack achieve above 95 percent success rates both MNIST CIFAR10 datasets, better comparable with state-of-the-art meantime, 10 4 faster than