On the reversibility of adversarial attacks

06/01/2022
by   Chau Yi Li, et al.
2

Adversarial attacks modify images with perturbations that change the prediction of classifiers. These modified images, known as adversarial examples, expose the vulnerabilities of deep neural network classifiers. In this paper, we investigate the predictability of the mapping between the classes predicted for original images and for their corresponding adversarial examples. This predictability relates to the possibility of retrieving the original predictions and hence reversing the induced misclassification. We refer to this property as the reversibility of an adversarial attack, and quantify reversibility as the accuracy in retrieving the original class or the true class of an adversarial example. We present an approach that reverses the effect of an adversarial attack on a classifier using a prior set of classification results. We analyse the reversibility of state-of-the-art adversarial attacks on benchmark classifiers and discuss the factors that affect the reversibility.

READ FULL TEXT
research
11/28/2022

Imperceptible Adversarial Attack via Invertible Neural Networks

Adding perturbations via utilizing auxiliary gradient information or dis...
research
07/01/2020

Adversarial Example Games

The existence of adversarial examples capable of fooling trained neural ...
research
08/04/2023

Multi-attacks: Many images + the same adversarial attack → many target labels

We show that we can easily design a single adversarial perturbation P th...
research
06/17/2019

Adversarial attacks on Copyright Detection Systems

It is well-known that many machine learning models are susceptible to so...
research
05/29/2022

Superclass Adversarial Attack

Adversarial attacks have only focused on changing the predictions of the...
research
04/27/2020

Transferable Perturbations of Deep Feature Distributions

Almost all current adversarial attacks of CNN classifiers rely on inform...
research
10/04/2019

Adversarial Examples for Cost-Sensitive Classifiers

Motivated by safety-critical classification problems, we investigate adv...

Please sign up or login with your details

Forgot password? Click here to reset