https://scholars.lib.ntu.edu.tw/handle/123456789/631208
標題: | TAGA: A Transfer-based Black-box Adversarial Attack with Genetic Algorithms | 作者: | Huang, Liang Jung TIAN-LI YU |
關鍵字: | Adversarial Attacks | Deep Learning | Genetic Algorithms | Neural Networks | 公開日期: | 8-七月-2022 | 來源出版物: | GECCO 2022 - Proceedings of the 2022 Genetic and Evolutionary Computation Conference | 摘要: | Deep learning has been widely adopted in many real-world applications, especially in image classification. However, researches have shown that minor distortions imperceptible to humans may mislead classifiers. One way to improve the robustness is using adversarial attacks to obtain adversarial examples and re-training the classifier with those images. However, the connections between attacks and application scenarios are rarely discussed. This paper proposes a novel black-box adversarial attack that is specifically designed for real-world application scenarios: The transfer-based black-box adversarial attack with genetic algorithms (TAGA). TAGA adopts a genetic algorithm to generate the adversarial examples and reduces the ensuing query costs with a surrogate model based on the transferability of adversarial attacks. Empirical results show that perturbing embeddings in the latent space helps the attack algorithm quickly obtain adversarial examples and that the surrogate fitness function reduces the number of function evaluations. Compared with several state-of-the-art attacks, TAGA improves the classifiers more under the application scenario in terms of the summation of natural and defense accuracy. |
URI: | https://scholars.lib.ntu.edu.tw/handle/123456789/631208 | ISBN: | 9781450392372 | DOI: | 10.1145/3512290.3528699 |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。