Abstract

Deep neural networks (DNNs) have demonstrated remarkable performance in machine learning areas such as image recognition, speech recognition, intrusion detection, and pattern analysis. However, it has been revealed that DNNs have weaknesses in the face of adversarial examples, which are created by adding a little noise to an original sample to cause misclassification by the DNN. Such adversarial examples can lead to fatal accidents in applications such as autonomous vehicles and disease diagnostics. Thus, the generation of adversarial examples has attracted extensive research attention recently. An adversarial example is categorized as targeted or untargeted. In this paper, we focus on the untargeted adversarial example scenario because it has a faster learning time and less distortion compared with the targeted adversarial example. However, there is a pattern vulnerability with untargeted adversarial examples: Because of the similarity between the original class and certain specific classes, it may be possible for the defending system to determine the original class by analyzing the output classes of the untargeted adversarial examples. To overcome this problem, we propose a new method for generating untargeted adversarial examples, one that uses an arbitrary class in the generation process. Moreover, we show that our proposed scheme can be applied to steganography. Through experiments, we show that our proposed scheme can achieve a 100% attack success rate with minimum distortion (1.99 and 42.32 using the MNIST and CIFAR10 datasets, respectively) and without the pattern vulnerability. Using a steganography test, we show that our proposed scheme can be used to fool humans, as demonstrated by the probability of their detecting hidden classes being equal to that of random selection.

Highlights

  • Command and control (C2) systems are being transformed into unmanned artificial intelligence systems with the development of informational operating paradigms for unmanned aerial vehicles, scientific monitoring systems, and surveillance systems

  • Szegedy et al [2] introduced the concept of an adversarial example in image recognition: An image that is transformed slightly so it will be incorrectly classified by a deep neural networks (DNNs) even when the Symmetry 2018, 10, 738; doi:10.3390/sym10120738

  • We show that the proposed method can generate a random untargeted adversarial example that will be misclassified as a random class other than the original class by model

Read more

Summary

Introduction

Command and control (C2) systems are being transformed into unmanned artificial intelligence systems with the development of informational operating paradigms for unmanned aerial vehicles, scientific monitoring systems, and surveillance systems. Symmetry 2018, 10, 738 changes are too small to be recognized by humans Such adversarial examples are a serious threat to DNNs. For example, if an adversarial example is applied to a right-turn sign image so that it will be misclassified by a DNN as a U-turn sign image, an autonomous vehicle with a DNN may incorrectly classify the modified right-turn sign as a U-turn sign, whereas a human would correctly classify the modified sign as a right-turn sign. Several issues have been discussed by Barreno et al [7] regarding security in machine learning They classified machine learning attacks into causative attacks [8] and exploratory attacks [2]. Exploratory attacks, on the other hand, cause misclassification by the machine, but they do not affect the training process of the machine. As a well-known type of exploratory attack, the adversarial example [2] threatens the security of the neural network

Methods
Results
Discussion
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Fooling a Neural Network in Military Environments: Random Untargeted Adversarial Example
Hyun Kwon ... Hyunsoo Yoon
-
Hyun Kwon, et. al.Hyun Kwon ... Hyunsoo Yoon
01 Oct 2018
Priority Adversarial Example in Evasion Attack on Multiple Deep Neural Networks
Hyun Kwon ... Daeseon Choi
-
Hyun Kwon, et. al.Hyun Kwon ... Daeseon Choi
01 Feb 2019
Priority Evasion Attack: An Adversarial Example That Considers the Priority of Attack on Each Classifier
Hyun Kwon ... Changhyun Cho
IEICE Transactions on Information and Systems | VOL. E105.D
Hyun Kwon, et. al.Hyun Kwon ... Changhyun Cho
01 Nov 2022
Restricted Evasion Attack: Generation of Restricted-Area Adversarial Example
Hyun Kwon ... Hyunsoo Yoon
IEEE Access | VOL. 7
Hyun Kwon, et. al.Hyun Kwon ... Hyunsoo Yoon
01 Jan 2019
View more papers

More From: Symmetry

Paper Title
Journal
Date
Author
Comparative Analysis of Influenza Modeling Using Novel Fractional Operators with Real Data
Mohamed A Abdoon ... Abdulrahman B M Alzahrani
Symmetry | VOL. -
Mohamed A Abdoon, et. al.Mohamed A Abdoon ... Abdulrahman B M Alzahrani
30 Aug 2024
Quantum Truncated Differential and Boomerang Attack
Huiqin Xie ... Li Yang
Symmetry | VOL. -
Huiqin Xie, et. al.Huiqin Xie ... Li Yang
30 Aug 2024
Results for Nonlinear-Prešić Contractions in Relational Metric Spaces
Faizan Ahmad Khan ... Mohammed Zayed Alruwaytie
Symmetry | VOL. -
Faizan Ahmad Khan, et. al.Faizan Ahmad Khan ... Mohammed Zayed Alruwaytie
30 Aug 2024
A Novel Discrete Linear-Exponential Distribution for Modeling Physical and Medical Data
Khlood Al-Harbi ... Amany Alsuraihi
Symmetry | VOL. -
Khlood Al-Harbi, et. al.Khlood Al-Harbi ... Amany Alsuraihi
29 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.