Abstract

Deep neural network (DNN) brings the rapid development of pattern recognition algorithms. However, a large number of experiments show that there are some vulnerabilities in DNNs. Though many adversarial samples generating algorithms has been proposed, most of them based on some known information of attacked model. We proposed a new fast black-box adversarial attack algorithm purely based on data samples. First, we find the key difference between different classes based on principle component analysis and calculate the difference vector. During attacking, we just drive a sample to the target class (for target adversarial) or the nearest other class (for misclassification adversarial). The minimum modification to create an target adversarial sample is obtained by bi-section line search along the difference vector from current class to target class. For misclassification adversarial attack, the minimum modification among all other classes is given. Experimental results show that the proposed algorithm generating comparable adversarial samples much fast then classical attack algorithms.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
DNNGuard: An Elastic Heterogeneous DNN Accelerator Architecture against Adversarial Attacks
Xingbin Wang ... Dan Meng
-
Xingbin Wang, et. al.Xingbin Wang ... Dan Meng
09 Mar 2020
Adversarial Attacks on Time Series.
Fazle Karim ... Somshubra Majumdar
IEEE Transactions on Pattern Analysis and Machine Intelligence | VOL. 43
Fazle Karim, et. al.Fazle Karim ... Somshubra Majumdar
13 Apr 2020
An effective deep learning adversarial defense method based on spatial structural constraints in embedding space
Junzhong Miao ... Zhigang Zhou
Pattern Recognition Letters | VOL. 178
Junzhong Miao, et. al.Junzhong Miao ... Zhigang Zhou
11 Jan 2024
A Study of Adversarial Attacks and Detection on Deep Learning-Based Plant Disease Identification
Zhirui Luo ... Jun Zheng
Applied Sciences | VOL. 11
Zhirui Luo, et. al.Zhirui Luo ... Jun Zheng
20 Feb 2021
View more papers

More From: Neural Processing Letters

Paper Title
Journal
Date
Author
Label-Based Disentanglement Measure among Hidden Units of Deep Learning
Chenguang Zhang ... Dawei Song
Neural Processing Letters | VOL. 56
Chenguang Zhang, et. al.Chenguang Zhang ... Dawei Song
04 Dec 2024
MAFD: Multiple Adversarial Features Detector for Enhanced Detection of Text-Based Adversarial Examples
Kaiwen Jin ... Zhen Yu
Neural Processing Letters | VOL. 56
Kaiwen Jin, et. al.Kaiwen Jin ... Zhen Yu
03 Dec 2024
Hebbian Learning with Kernel-Based Embedding of Input Data
Thiago A Ushikoshi ... Antonio P Braga
Neural Processing Letters | VOL. 56
Thiago A Ushikoshi, et. al.Thiago A Ushikoshi ... Antonio P Braga
01 Dec 2024
Mechanism Isomorphism Identification Based on Decision Tree Algorithm and Hybrid Particle Swarm Optimization Algorithm
Luchuan Yu ... Hongbin Wang
Neural Processing Letters | VOL. 56
Luchuan Yu, et. al.Luchuan Yu ... Hongbin Wang
30 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.