Filters








13,197 Hits in 2.3 sec

Universal Adversarial Perturbations

Seyed-Mohsen Moosavi-Dezfooli, Alhussein Fawzi, Omar Fawzi, Pascal Frossard
2017 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)  
We propose a systematic algorithm for computing universal perturbations, and show that state-of-the-art deep neural networks are highly vulnerable to such perturbations, albeit being quasiimperceptible  ...  We further empirically analyze these universal perturbations and show, in particular, that they generalize very well across neural networks.  ...  To understand the unique characteristics of universal perturbations, we first compare such perturbations with other types of perturbations, namely i) random perturbation, ii) adversarial perturbation computed  ... 
doi:10.1109/cvpr.2017.17 dblp:conf/cvpr/Moosavi-Dezfooli17 fatcat:wcbtswj3mje2zjr6x7spk2fyiq

Universal adversarial perturbations [article]

Seyed-Mohsen Moosavi-Dezfooli, Alhussein Fawzi, Omar Fawzi, Pascal Frossard
2017 arXiv   pre-print
We propose a systematic algorithm for computing universal perturbations, and show that state-of-the-art deep neural networks are highly vulnerable to such perturbations, albeit being quasi-imperceptible  ...  We further empirically analyze these universal perturbations and show, in particular, that they generalize very well across neural networks.  ...  To understand the unique characteristics of universal perturbations, we first compare such perturbations with other types of perturbations, namely i) random perturbation, ii) adversarial perturbation computed  ... 
arXiv:1610.08401v3 fatcat:67dmsb6isfgczpwf3yzh2xav2y

Universal Adversarial Audio Perturbations [article]

Sajjad Abdoli, Luiz G. Hafemann, Jerome Rony, Ismail Ben Ayed, Patrick Cardinal, Alessandro L. Koerich
2020 arXiv   pre-print
Moreover, we provide a proof that the proposed penalty method theoretically converges to a solution that corresponds to universal adversarial perturbations.  ...  We demonstrate the existence of universal adversarial perturbations, which can fool a family of audio classification architectures, for both targeted and untargeted attack scenarios.  ...  UNIVERSAL ADVERSARIAL AUDIO PERTURBA- TIONS In this section, we formalize the problem of crafting universal audio adversarial perturbations and propose two methods for finding such perturbations.  ... 
arXiv:1908.03173v5 fatcat:g2gvp3fqbjhrpi7zkb3xtekf6i

Robust Universal Adversarial Perturbations [article]

Changming Xu, Gagandeep Singh
2022 arXiv   pre-print
In this work, we introduce a new concept and formulation of robust universal adversarial perturbations.  ...  Universal Adversarial Perturbations (UAPs) are imperceptible, image-agnostic vectors that cause deep neural networks (DNNs) to misclassify inputs from a data distribution with high probability.  ...  We can now formally define an adversarial example. In this paper, we consider examples x generated as x = x+v where v is an adversarial perturbation. Universal Adversarial Perturbations.  ... 
arXiv:2206.10858v1 fatcat:idscwppr5rabrnrc7bqt2a2xeq

Combining Universal Adversarial Perturbations

Beat Tödtli, Maurus Kühne
2020 Lernen, Wissen, Daten, Analysen  
Universal adversarial perturbations (UAPs) are small perturbations imposed on images that are able to fool a single convolutional neural network image classifier.  ...  Universal Adversarial Perturbations with DeepFool Perturbations for each image in a dataset X (such as those generated using DeepFool) can be combined to form universal adversarial perturbations for a  ...  Moreover, universal adversarial perturbations (UAPs) also fool other convolutional networks.  ... 
dblp:conf/lwa/TodtliK20 fatcat:nl37xnypvrdqpgfkbyoknt3tbm

Universal Adversarial Perturbations: A Survey [article]

Ashutosh Chaubey, Nikhil Agrawal, Kavya Barnwal, Keerat K. Guliani, Pramod Mehta
2020 arXiv   pre-print
Recent works have shown the existence of Universal Adversarial Perturbations, which, when added to any image in a dataset, misclassifies it when passed through a target model.  ...  We also cover the applications of such universal perturbations in various deep learning tasks.  ...  Some of the techniques produce only a single universal adversarial perturbation as in [31, 29] , while others produce a whole distribution of universal adversarial perturbations [41, 17] .  ... 
arXiv:2005.08087v1 fatcat:4ks76lql4nfcng3r5pgxa57dju

Defense against Universal Adversarial Perturbations [article]

Naveed Akhtar and Jian Liu and Ajmal Mian
2018 arXiv   pre-print
These 'Universal Adversarial Perturbations' pose a serious threat to the success of Deep Learning in practice.  ...  A rigorous evaluation shows that our framework can defend the network classifiers against unseen adversarial perturbations in the real-world scenarios with up to 97.5% success rate.  ...  This work proposes the first dedicated defense against the universal adversarial perturbations [25] .  ... 
arXiv:1711.05929v3 fatcat:gtwvywzbyfdsxccxruvh6glcsu

Defense Against Universal Adversarial Perturbations

Naveed Akhtar, Jian Liu, Ajmal Mian
2018 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition  
These 'Universal Adversarial Perturbations' pose a serious threat to the success of Deep Learning in practice.  ...  A rigorous evaluation shows that our framework can defend the network classifiers against unseen adversarial perturbations in the real-world scenarios with up to 97.5% success rate.  ...  This work proposes the first dedicated defense against the universal adversarial perturbations [25] .  ... 
doi:10.1109/cvpr.2018.00357 dblp:conf/cvpr/AkhtarLM18 fatcat:6jkuovlucrfa5hfjki2mso7tym

Double Targeted Universal Adversarial Perturbations [article]

Philipp Benz, Chaoning Zhang, Tooba Imtiaz, In So Kweon
2020 arXiv   pre-print
We introduce a double targeted universal adversarial perturbations (DT-UAPs) to bridge the gap between the instance-discriminative image-dependent perturbations and the generic universal perturbations.  ...  Image-dependent perturbations can fool a network for one specific image, while universal adversarial perturbations are capable of fooling a network for samples from all classes without selection.  ...  Universal Attacks A universal adversarial perturbation (UAP) is a single perturbation, which enables fooling a network for most input samples.  ... 
arXiv:2010.03288v1 fatcat:ahwacz25ovfehgyvw6jlosr4lm

On Universalized Adversarial and Invariant Perturbations [article]

Sandesh Kamath, Amit Deshpande, K V Subrahmanyam
2020 arXiv   pre-print
to produce a universal adversarial perturbation by looking at very few test examples.  ...  To understand this phenomenon, we introduce universal invariant directions and study their relation to the universal adversarial direction produced by SVD-Universal.  ...  Output the top singular vector of these adversarial attack vectors as the universal adversarial perturbation.  ... 
arXiv:2006.04449v1 fatcat:w6b636723jbzbioys6vthnfgta

Realizable Universal Adversarial Perturbations for Malware [article]

Raphael Labaca-Castro, Luis Muñoz-González, Feargus Pendlebury, Gabi Dreo Rodosek, Fabio Pierazzi, Lorenzo Cavallaro
2022 arXiv   pre-print
Universal Adversarial Perturbations (UAPs), which identify noisy patterns that generalize across the input space, allow the attacker to greatly scale up the generation of such examples.  ...  Machine learning classifiers are vulnerable to adversarial examples -- input-specific perturbations that manipulate models' output.  ...  Universal Adversarial Perturbations. Moosavi-Dezfooli et al.  ... 
arXiv:2102.06747v2 fatcat:2tlsyq3ojbdyviumrbvwzm7ipu

Universal Adversarial Perturbation for Text Classification [article]

Hang Gao, Tim Oates
2019 arXiv   pre-print
The surprising existence of universal "token-agnostic" adversarial perturbations may reveal important properties of a text classifier.  ...  Unlike images on which a single fixed-size adversarial perturbation can be found, text is of variable length, so we define the "universality" as "token-agnostic", where a single perturbation is applied  ...  Universal Adversarial Perturbation Universal adversarial perturbation was first studied for image-based deep models by (Moosavi-Dezfooli et al., 2017a) .  ... 
arXiv:1910.04618v1 fatcat:euuqh5iyx5beha66fspzya6ge4

Learning Universal Adversarial Perturbations with Generative Models [article]

Jamie Hayes, George Danezis
2018 arXiv   pre-print
It was recently shown that given a dataset and classifier, there exists so called universal adversarial perturbations, a single perturbation that causes a misclassification when applied to any input.  ...  We show that this technique improves on known universal adversarial attacks.  ...  These are referred to as universal adversarial perturbations (UAPs).  ... 
arXiv:1708.05207v3 fatcat:jpgnsafewzbynoqyw2rxyvcwse

Universal Adversarial Perturbations Against Semantic Image Segmentation [article]

Jan Hendrik Metzen, Mummadi Chaithanya Kumar, Thomas Brox, Volker Fischer
2017 arXiv   pre-print
While recent work has focused on image classification, this work proposes attacks against semantic image segmentation: we present an approach for generating (universal) adversarial perturbations that make  ...  While deep learning is remarkably successful on perceptual tasks, it was also shown to be vulnerable to adversarial perturbations of the input.  ...  (d) Network prediction on (c) (e) Universal adversarial perturbation (amplified by factor 4). (f) Static adversarial target. (g) Universal adversarial perturbation (same as (e)).  ... 
arXiv:1704.05712v3 fatcat:lw2y7ti4obbnxctijlvfahqhay

Playing the Game of Universal Adversarial Perturbations [article]

Julien Perolat and Mateusz Malinowski and Bilal Piot and Olivier Pietquin
2018 arXiv   pre-print
We study the problem of learning classifiers robust to universal adversarial perturbations.  ...  In this new formulation, both players simultaneously play the same game, where one player chooses a classifier that minimizes a classification loss whilst the other player creates an adversarial perturbation  ...  Figure 5 : 5 Results of our experiment on CIFAR100 for universal adversarial perturbation. Figure 6 : 6 Results of our experiment on ImageNet for universal adversarial perturbations.  ... 
arXiv:1809.07802v2 fatcat:cqifu6ugzncxrkg4nv5cjbbgaq
« Previous Showing results 1 — 15 out of 13,197 results