Training Meta-Surrogate Model for Transferable Adversarial Attack
نویسندگان
چکیده
The problem of adversarial attacks to a black-box model when no queries are allowed has posed great challenge the community and been extensively investigated. In this setting, one simple yet effective method is transfer obtained examples from attacking surrogate models fool target model. Previous works have studied what kind can generate more transferable examples, but their performances still limited due mismatches between paper, we tackle novel angle---instead using original models, obtain Meta-Surrogate Model (MSM) such that be easily transferred other models? We show goal mathematically formulated as bi-level optimization design differentiable attacker make training feasible. Given or set our thus an MSM generated on enjoy eximious transferability. Comprehensive experiments Cifar-10 ImageNet demonstrate by MSM, stronger deceive including adversarially trained ones, with much higher success rates than existing methods.
منابع مشابه
The Space of Transferable Adversarial Examples
Adversarial examples are maliciously perturbed inputs designed to mislead machine learning (ML) models at test-time. Adversarial examples are known to transfer across models: a same perturbed input is often misclassified by different models despite being generated to mislead a specific architecture. This phenomenon enables simple yet powerful black-box attacks against deployed ML systems. In th...
متن کاملAdversarial Training for Relation Extraction
Adversarial training is a mean of regularizing classification algorithms by generating adversarial noise to the training data. We apply adversarial training in relation extraction within the multi-instance multi-label learning framework. We evaluate various neural network architectures on two different datasets. Experimental results demonstrate that adversarial training is generally effective f...
متن کاملAdversarial Training for Sketch Retrieval
Generative Adversarial Networks (GAN) can learn excellent representations for unlabelled data which have been applied to image generation and scene classification. The representations have not yet to the best of our knowledge been applied to visual search. In this paper, we show that representations learned by GANs can be applied to visual search within heritage documents that contain Merchant ...
متن کاملTransferable Strategic Meta-reasoning Models
OF THE DISSERTATION TRANSFERABLE STRATEGIC META-REASONING MODELS by MICHAEL WUNDER Dissertation Director: Matthew Stone How do strategic agents make decisions? For the first time, a confluence of advances in agent design, formation of massive online data sets of social behavior, and computational techniques have allowed for researchers to construct and learn much richer models than before. My c...
متن کاملDelving into Transferable Adversarial Examples and Black-box Attacks
An intriguing property of deep neural networks is the existence of adversarial examples, which can transfer among different architectures. These transferable adversarial examples may severely hinder deep neural network-based applications. Previous works mostly study the transferability using small scale datasets. In this work, we are the first to conduct an extensive study of the transferabilit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ... AAAI Conference on Artificial Intelligence
سال: 2023
ISSN: ['2159-5399', '2374-3468']
DOI: https://doi.org/10.1609/aaai.v37i8.26139