Abstract
With the widespread application of deep learning, the vulnerability of neural networks has attracted considerable attention, raising reliability and security concerns. Therefore, research on the robustness of neural networks has become increasingly critical. In this paper, we propose a novel sample-analysis based robustness evaluation method that overcomes the drawbacks of existing techniques, such as solving difficulty, single strategy, and loose radius. Our algorithm comprises two parts: robustness evaluation and adversarial attacks. Specifically, we introduce formal definitions of multiple sample types and a general solution to the problem of adversarial samples. We formulate a disturbance model-based description of adversarial samples in the adversarial attack algorithm and utilize saliency map to solve them. Our experimental results demonstrate that our adversarial attack algorithm not only achieves a high attack success rate in a relatively small disturbance range but also generates multiple adversarial examples for each clean example. Our algorithm can evaluate the robustness of complex datasets and models, overcome the lack of a single strategy in solving adversarial examples, and provide a more accurate radius of robustness.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
