Constructing Unrestricted Adversarial Examples with Generative Models
FOS: Computer and information sciences
Computer Science - Machine Learning
Computer Science - Cryptography and Security
Computer Science - Artificial Intelligence
Computer Vision and Pattern Recognition (cs.CV)
Computer Science - Computer Vision and Pattern Recognition
Machine Learning (stat.ML)
02 engineering and technology
Machine Learning (cs.LG)
Artificial Intelligence (cs.AI)
Statistics - Machine Learning
0202 electrical engineering, electronic engineering, information engineering
Cryptography and Security (cs.CR)
DOI:
10.48550/arxiv.1805.07894
Publication Date:
2018-01-01
AUTHORS (4)
ABSTRACT
Adversarial examples are typically constructed by perturbing an existing data point within a small matrix norm, and current defense methods focused on guarding against this type of attack. In paper, we propose unrestricted adversarial examples, new threat model where the attackers not restricted to norm-bounded perturbations. Different from perturbation-based attacks, synthesize entirely scratch using conditional generative models. Specifically, first train Auxiliary Classifier Generative Network (AC-GAN) class-conditional distribution over samples. Then, conditioned desired class, search AC-GAN latent space find images that likely under misclassified target classifier. We demonstrate through human evaluation generated way legitimate belong class. Our empirical results MNIST, SVHN, CelebA datasets show can bypass strong training certified designed for traditional attacks.
SUPPLEMENTAL MATERIAL
Coming soon ....
REFERENCES ()
CITATIONS ()
EXTERNAL LINKS
PlumX Metrics
RECOMMENDATIONS
FAIR ASSESSMENT
Coming soon ....
JUPYTER LAB
Coming soon ....