8,782 Hits in 3.9 sec

Identifying Layers Susceptible to Adversarial Attacks [article]

Shoaib Ahmed Siddiqui, Thomas Breuel
2021 arXiv   pre-print
Experimental results show that susceptibility to adversarial samples is associated with low-level feature extraction layers.  ...  Furthermore, adversarial attacks yield outputs from early layers that differ statistically from features for non-adversarial samples and do not permit consistent classification by subsequent layers.  ...  Acknowledgements The authors would like to acknowledge useful discussions with Iuri Frosio on adversarial robustness.  ... 
arXiv:2107.04827v2 fatcat:7za7c7ervzf55oqasuuqjvs5ri

Identify Susceptible Locations in Medical Records via Adversarial Attacks on Deep Predictive Models [article]

Mengying Sun, Fengyi Tang, Jinfeng Yi, Fei Wang, Jiayu Zhou
2018 arXiv   pre-print
records of patients and identify susceptible events and measurements.  ...  In short, a well-trained deep network can be extremely sensitive to inputs with negligible changes. These inputs are referred to as adversarial examples.  ...  In this section, we first introduce the problem setting of adversarial attacks, and then propose a novel attack strategy to efficiently identifying susceptible locations.  ... 
arXiv:1802.04822v1 fatcat:6x4mnntm7bhdnjoukeqff6xqte

One Neuron to Fool Them All [article]

Anshuman Suri, David Evans
2020 arXiv   pre-print
Despite vast research in adversarial examples, the root causes of model susceptibility are not well understood.  ...  In our experiments on CIFAR-10 and ImageNet, we find that attacks using a loss function that targets just a single sensitive neuron find adversarial examples nearly as effectively as ones that target the  ...  This research was sponsored in part by the National Science Foundation #1804603 (SaTC Frontier: End-to-End Trustworthiness of Machine-Learning Systems), and additional support from Amazon, Baidu, and Intel  ... 
arXiv:2003.09372v2 fatcat:5jhadomemfd5xdcikcrq4qi2ye

Defending Against Universal Attacks Through Selective Feature Regeneration [article]

Tejas Borkar, Felix Heide, Lina Karam
2020 arXiv   pre-print
Regenerating only the top 50% adversarially susceptible activations in at most 6 DNN layers and leaving all remaining DNN activations unchanged, we outperform existing defense strategies across different  ...  Our approach identifies pre-trained convolutional features that are most vulnerable to adversarial noise and deploys trainable feature regeneration units which transform these DNN filter activations into  ...  the non-local mean denoiser used in FD; (2) in a selected DNN layer, only a subset of feature maps which are the most susceptible to adversarial noise (identified by our ranking metric) are regenerated  ... 
arXiv:1906.03444v4 fatcat:3iunconapfdptee7lntsnspwae

To Transfer or Not to Transfer: Misclassification Attacks Against Transfer Learned Text Classifiers [article]

Bijeeta Pal, Shruti Tople
2020 arXiv   pre-print
To the best of our knowledge, ours is the first work to show that transfer learning from state-of-the-art word-based and sentence-based teacher models increase the susceptibility of student models to misclassification  ...  As our main contribution, we present novel attack techniques that utilize unintended features learnt in the teacher (public) model to generate adversarial examples for student (downstream) models.  ...  CONCLUSION We present the first attack algorithms for generating adversarial inputs for text-classification tasks in a transfer-learning setting.  ... 
arXiv:2001.02438v1 fatcat:5tx2lyo44raixau4tpixllgeve

Identifying Audio Adversarial Examples via Anomalous Pattern Detection [article]

Victor Akinwande, Celia Cintas, Skyler Speakman, Srihari Sridharan
2020 arXiv   pre-print
Audio processing models based on deep neural networks are susceptible to adversarial attacks even when the adversarial audio waveform is 99.9% similar to a benign sample.  ...  By applying anomalous pattern detection techniques in the activation space of these models, we show that 2 of the recent and current state-of-the-art adversarial attacks on audio processing systems systematically  ...  RELATED WORK The property of deep neural networks being susceptible to adversarial attack was largely established in [5] and [30] .  ... 
arXiv:2002.05463v2 fatcat:4rqjr3qmbnf7jjp46vxfbaundq

Explainable AI and susceptibility to adversarial attacks: a case study in classification of breast ultrasound images [article]

Hamza Rasaee, Hassan Rivaz
2021 arXiv   pre-print
In this work, we analyze how adversarial assaults that are practically undetectable may be devised to alter these importance maps dramatically.  ...  In addition to interpretation, these methods provide clinically important information, such as identifying the location for biopsy or treatment.  ...  Moreover, the predictions of the deep learning networks are susceptible to adversarial attacks [31] - [33] . Ghorbani et al. [29] applied adversarial attacks on ImageNet and CIFAR-10 datasets.  ... 
arXiv:2108.04345v1 fatcat:tvqrk54b2nb5pgcn2egvdpkgci

Impact of Model Architecture Against Adversarial Example's Effectivity

Vihan Karnala, Marianne Campbell
2021 Journal of student research  
Future research should investigate what specific structure within models causes increased susceptibility to adversarial attacks.  ...  This means that certain model types and architectures are more susceptible to attacks.  ...  I would also like to thank Dr. Vijay Gandapodi for all his assistance and guidance while planning and drafting.  ... 
doi:10.47611/jsrhs.v10i2.1612 fatcat:qrygqzf5fbbr5gcen4pidql2nm

Classifiers Based on Deep Sparse Coding Architectures are Robust to Deep Learning Transferable Examples [article]

Jacob M. Springer, Charles S. Strauss, Austin M. Thresher, Edward Kim, Garrett T. Kenyon
2018 arXiv   pre-print
However, the susceptibility of deep sparse coding models to adversarial examples has not been examined.  ...  These attacks are exploitable in nearly all of the existing deep learning classification frameworks.  ...  However, overwhelming evidence shows that DCNs have at least one major flaw: they are susceptible to adversarial attacks.  ... 
arXiv:1811.07211v2 fatcat:qj6cxw2sybg2zdbyuzlyew5fou

Improving robustness of jet tagging algorithms with adversarial training [article]

Annika Stein and Xavier Coubez and Spandan Mondal and Andrzej Novak and Alexander Schmidt
2022 arXiv   pre-print
We investigate the classifier response to input data with injected mismodelings and probe the vulnerability of flavor tagging algorithms via application of adversarial attacks.  ...  Subsequently, we present an adversarial training strategy that mitigates the impact of such simulated attacks and improves the classifier robustness.  ...  We thank Nicolas Frediani for his contributions to the project in context of his Bachelor thesis. Compliance with ethical standards  ... 
arXiv:2203.13890v1 fatcat:h3gwt5537nfongsj4c57xkuq3e

Adversarial Attack Vulnerability of Deep Learning Models for Oncologic Images [article]

Marina Z. Joel, Sachin Umrao, Enoch Chang, Rachel Choi, Daniel X Yang, Antonio Omuro, Roy Herbst, Harlan Krumholz, Sanjay Aneja
2021 medRxiv   pre-print
Adversarial susceptibility of individual images can be used to increase model performance by identifying images most at-risk for misclassification.  ...  Conclusion: Our results indicated that while medical DL systems are extremely susceptible to adversarial attacks, adversarial training show promise as an effective defense against attacks.  ...  Finally, we showed that identifying images most susceptible to adversarial image attacks maybe helpful in improving overall robustness of DL models on medical images.  ... 
doi:10.1101/2021.01.17.21249704 fatcat:kcwjm772ufcg3h7zh6fpujyzxa

Q-TART: Quickly Training for Adversarial Robustness and in-Transferability [article]

Madan Ravi Ganesh, Salimeh Yasaei Sekeh, Jason J. Corso
2022 arXiv   pre-print
Q-TART follows the intuition that samples highly susceptible to noise strongly affect the decision boundaries learned by DNNs, which in turn degrades their performance and adversarial susceptibility.  ...  By identifying and removing such samples, we demonstrate improved performance and adversarial robustness while using only a subset of the training data.  ...  a variety of adversarial attacks could help us identify architecture specific traits to reduce their impact.  ... 
arXiv:2204.07024v1 fatcat:xt537tqynzdudfmlhqejq2hrv4

Minimax Defense against Gradient-based Adversarial Attacks [article]

Blerta Lindqvist, Rauf Izmailov
2020 arXiv   pre-print
The gradient of a classifier's loss function is used by gradient-based adversarial attacks to generate adversarially perturbed images.  ...  Here, we introduce a novel approach that uses minimax optimization to foil gradient-based adversarial attacks.  ...  Introduction Machine learning classifying algorithms are susceptible to misclassification of adversarially and imperceptably perturbed inputs that are called adversarial samples.  ... 
arXiv:2002.01256v1 fatcat:ivus7rlt4na3nb6rvrxth5mvle

Adversarial Robustness in Deep Learning: Attacks on Fragile Neurons [chapter]

Chandresh Pravin, Ivan Martino, Giuseppe Nicosia, Varun Ojha
2021 Lecture Notes in Computer Science  
Our method identifies the specific neurons of a network that are most affected by the adversarial attack being applied.  ...  We identify fragile and robust neurons of deep learning architectures using nodal dropouts of the first convolutional layer.  ...  We apply this method only to the first convolutional layer because of its susceptibility to any distortions having a higher influence on the network's performance [5] .  ... 
doi:10.1007/978-3-030-86362-3_2 fatcat:ctdcrezg4rfz3huvioaxzn75ie

AutoGAN: Robust Classifier Against Adversarial Attacks [article]

Blerta Lindqvist, Shridatt Sugrim, Rauf Izmailov
2018 arXiv   pre-print
This susceptability has been shown to be consistent across classifiers, regardless of their type, architecture or parameters.  ...  AutoGAN mitigates the need for knowing the attack type and magnitude as well as the need for having adversarial samples of the attack.  ...  [32] have attributed the susceptibility to adversarial attacks to low probability pockets in the manifold. GAN framework First introduced by Goodfellow et al.  ... 
arXiv:1812.03405v1 fatcat:5f5kpslqwnfppky5qguskszzp4
« Previous Showing results 1 — 15 out of 8,782 results