Transferable Sparse Adversarial Attack

05/31/2021
by   Ziwen He, et al.
0

Deep neural networks have shown their vulnerability to adversarial attacks. In this paper, we focus on sparse adversarial attack based on the ℓ_0 norm constraint, which can succeed by only modifying a few pixels of an image. Despite a high attack success rate, prior sparse attack methods achieve a low transferability under the black-box protocol due to overfitting the target model. Therefore, we introduce a generator architecture to alleviate the overfitting issue and thus efficiently craft transferable sparse adversarial examples. Specifically, the generator decouples the sparse perturbation into amplitude and position components. We carefully design a random quantization operator to optimize these two components jointly in an end-to-end way. The experiment shows that our method has improved the transferability by a large margin under a similar sparsity setting compared with state-of-the-art methods. Moreover, our method achieves superior inference speed, 700× faster than other optimization-based methods. The code is available at https://github.com/shaguopohuaizhe/TSAA.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/26/2020

Sparse Adversarial Attack to Object Detection

Adversarial examples have gained tons of attention in recent years. Many...
research
06/10/2021

Sparse and Imperceptible Adversarial Attack via a Homotopy Algorithm

Sparse adversarial attacks can fool deep neural networks (DNNs) by only ...
research
04/05/2023

How to choose your best allies for a transferable attack?

The transferability of adversarial examples is a key issue in the securi...
research
10/12/2022

Boosting the Transferability of Adversarial Attacks with Reverse Adversarial Perturbation

Deep neural networks (DNNs) have been shown to be vulnerable to adversar...
research
03/17/2022

Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input

The transferability of adversarial examples allows the deception on blac...
research
05/26/2022

Transferable Adversarial Attack based on Integrated Gradients

The vulnerability of deep neural networks to adversarial examples has dr...
research
10/26/2020

GreedyFool: Distortion-Aware Sparse Adversarial Attack

Modern deep neural networks(DNNs) are vulnerable to adversarial samples....

Please sign up or login with your details

Forgot password? Click here to reset