Filters








4 Hits in 0.99 sec

SmoothFool: An Efficient Framework for Computing Smooth Adversarial Perturbations [article]

Ali Dabouei, Sobhan Soleymani, Fariborz Taherkhani, Jeremy Dawson, Nasser M. Nasrabadi
2019 arXiv   pre-print
In this paper, we study the smoothness of perturbations and propose SmoothFool, a general and computationally efficient framework for computing smooth adversarial perturbations.  ...  In particular, we demonstrate that: (i) there exist extremely smooth adversarial perturbations for well-established and widely used network architectures, (ii) smoothness significantly enhances the robustness  ...  Conclusion In this study, we explored the vulnerability extent of DNNs to smooth adversarial perturbations by proposing SmoothFool, a framework for computing 2 -minimal smooth APs.  ... 
arXiv:1910.03624v1 fatcat:tt6633nnanebla2ym4bpwa2jzy

SmoothFool: An Efficient Framework for Computing Smooth Adversarial Perturbations

Ali Dabouei, Sobhan Soleymani, Fariborz Taherkhani, Jeremy Dawson, Nasser M. Nasrabadi
2020 2020 IEEE Winter Conference on Applications of Computer Vision (WACV)  
In this paper, we study the smoothness of perturbations and propose Smooth-Fool, a general and computationally efficient framework for computing smooth adversarial perturbations.  ...  In particular, we demonstrate that: (i) there exist extremely smooth adversarial perturbations for well-established and widely used network architectures, (ii) smoothness significantly enhances the robustness  ...  Our main contributions are the followings: • We propose SmoothFool, a geometry inspired framework for computing smooth APs which exploits the topology of decision boundaries to find efficient APs. • We  ... 
doi:10.1109/wacv45572.2020.9093429 dblp:conf/wacv/DaboueiSTDN20 fatcat:wt7pvonl6reytl5btgrdbsjnsi

Towards Imperceptible Universal Attacks on Texture Recognition [article]

Yingpeng Deng, Lina J. Karam
2020 arXiv   pre-print
As part of our work, we find that limiting the perturbation's l_p norm in the spatial domain may not be a suitable way to restrict the perceptibility of universal adversarial perturbations for texture  ...  Based on the fact that human perception is affected by local visual frequency characteristics, we propose a frequency-tuned universal attack method to compute universal perturbations in the frequency domain  ...  SmoothFool: an efficient framework for computing smooth adversarial perturbations.  ... 
arXiv:2011.11957v1 fatcat:ye5pgqs6jjgfllcr6j62vhp22m

Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective [article]

Yi Zeng, Won Park, Z. Morley Mao, Ruoxi Jia
2022 arXiv   pre-print
Moreover, we show that the detector tuned over stronger smooth triggers can generalize well to unseen weak smooth triggers.  ...  While backdoor attacks have been thoroughly investigated in the image domain from both attackers' and defenders' sides, an analysis in the frequency domain has been missing thus far.  ...  Target Model for Evaluating the Smooth Trigger In Section 5.3, we evaluate the proposed smooth attack's attack efficiency on the CIFAR-10 and GTSRB dataset.  ... 
arXiv:2104.03413v4 fatcat:xogb3o6gbnefjl2b3cgjbl4ccu