Generating adversarial examples without specifying a target model

Adversarial examples are regarded as a security threat to deep learning models, and there are many ways to generate them. However, most existing methods require the query authority of the target during their work. In a more practical situation, the attacker will be easily detected because of too man...

Descripción completa

Detalles Bibliográficos
Autores principales: Yang, Gaoming, Li, Mingwei, Fang, Xianjing, Zhang, Ji, Liang, Xingzhu
Formato: Online Artículo Texto
Lenguaje:English
Publicado: PeerJ Inc. 2021
Materias:
Artificial Intelligence
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8459786/
https://www.ncbi.nlm.nih.gov/pubmed/34616888
http://dx.doi.org/10.7717/peerj-cs.702
Descripción
Sumario:Adversarial examples are regarded as a security threat to deep learning models, and there are many ways to generate them. However, most existing methods require the query authority of the target during their work. In a more practical situation, the attacker will be easily detected because of too many queries, and this problem is especially obvious under the black-box setting. To solve the problem, we propose the Attack Without a Target Model (AWTM). Our algorithm does not specify any target model in generating adversarial examples, so it does not need to query the target. Experimental results show that it achieved a maximum attack success rate of 81.78% in the MNIST data set and 87.99% in the CIFAR-10 data set. In addition, it has a low time cost because it is a GAN-based method.

Ejemplares similares