Geometry-Inspired Top-k Adversarial Perturbations

06/28/2020
by   Nurislam Tursynbek, et al.
11

State-of-the-art deep learning models are untrustworthy due to their vulnerability to adversarial examples. Intriguingly, besides simple adversarial perturbations, there exist Universal Adversarial Perturbations (UAPs), which are input-agnostic perturbations that lead to misclassification of majority inputs. The main target of existing adversarial examples (including UAPs) is to change primarily the correct Top-1 predicted class by the incorrect one, which does not guarantee changing the Top-k prediction. However, in many real-world scenarios, dealing with digital data, Top-k predictions are more important. We propose an effective geometry-inspired method of computing Top-k adversarial examples for any k. We evaluate its effectiveness and efficiency by comparing it with other adversarial example crafting techniques. Based on this method, we propose Top-k Universal Adversarial Perturbations, image-agnostic tiny perturbations that cause true class to be absent among the Top-k pre-diction. We experimentally show that our approach outperforms baseline methods and even improves existing techniques of generating UAPs.

READ FULL TEXT

page 2

page 5

page 7

page 12

page 13

research
04/19/2017

Universal Adversarial Perturbations Against Semantic Image Segmentation

While deep learning is remarkably successful on perceptual tasks, it was...
research
05/30/2022

Searching for the Essence of Adversarial Perturbations

Neural networks have achieved the state-of-the-art performance in variou...
research
10/08/2019

SmoothFool: An Efficient Framework for Computing Smooth Adversarial Perturbations

Deep neural networks are susceptible to adversarial manipulations in the...
research
04/10/2020

Luring of Adversarial Perturbations

The growing interest for adversarial examples, i.e. maliciously modified...
research
07/13/2020

Understanding Adversarial Examples from the Mutual Influence of Images and Perturbations

A wide variety of works have explored the reason for the existence of ad...
research
04/01/2019

Regional Homogeneity: Towards Learning Transferable Universal Adversarial Perturbations Against Defenses

This paper focuses on learning transferable adversarial examples specifi...
research
01/09/2018

Adversarial Spheres

State of the art computer vision models have been shown to be vulnerable...

Please sign up or login with your details

Forgot password? Click here to reset