IMPROVING ADVERSARIAL TRANSFERABILITY VIA FEATURE TRANSLATION

被引:0
|
作者
Kim, Yoonji [1 ]
Cho, Seungju [1 ]
Byun, Junyoung [1 ]
Kwon, Myung-Joon [1 ]
Kim, Changick [1 ]
机构
[1] Korea Adv Inst Sci & Technol, Sch Elect Engn, Daejeon, South Korea
来源
2023 IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING, ICIP | 2023年
关键词
Adversarial examples; adversarial attack; transferability; deep neural network;
D O I
10.1109/ICIP49359.2023.10222646
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Deep Neural Networks (DNNs) are vulnerable to adversarial examples, which are crafted to cause the model to make wrong predictions. In real-world scenario, since adversary cannot access to target models, black-box attack has attracted great attention. Among them, many studies have been conducted on transfer-based attacks because they can effectively attack unknown target model. However, transfer-based attacks often fail to fool other models which have slightly different activation maps because adversarial examples tend to overfit to the source model. To alleviate this problem, we introduce Feature Translation Attack (FTA), which applies translation on intermediate features during optimization process. Specifically, FTA generates a new adversarial example whose feature is similar to the ensemble of translated features from the existing adversarial example. We achieved better performance than state-of-the-art methods in extensive experiments.
引用
收藏
页码:3359 / 3363
页数:5
相关论文
共 50 条
  • [21] Improving Transferability of Adversarial Examples with Input Diversity
    Xie, Cihang
    Zhang, Zhishuai
    Zhou, Yuyin
    Bai, Song
    Wang, Jianyu
    Ren, Zhou
    Yuille, Alan
    2019 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR 2019), 2019, : 2725 - 2734
  • [22] Improving the transferability of adversarial examples with path tuning
    Li, Tianyu
    Li, Xiaoyu
    Ke, Wuping
    Tian, Xuwei
    Zheng, Desheng
    Lu, Chao
    APPLIED INTELLIGENCE, 2024, 54 (23) : 12194 - 12214
  • [23] Improving adversarial transferability through hybrid augmentation
    Zhu, Peican
    Fan, Zepeng
    Guo, Sensen
    Tang, Keke
    Li, Xingyu
    COMPUTERS & SECURITY, 2024, 139
  • [24] Boosting adversarial transferability in vision-language models via multimodal feature heterogeneity
    Chen, Long
    Chen, Yuling
    Ouyang, Zhi
    Dou, Hui
    Zhang, Yangwen
    Sang, Haiwei
    SCIENTIFIC REPORTS, 2025, 15 (01):
  • [25] Improving the transferability of adversarial samples with channel switching
    Ling, Jie
    Chen, Xiaohuan
    Luo, Yu
    APPLIED INTELLIGENCE, 2023, 53 (24) : 30580 - 30592
  • [26] Improving the transferability of adversarial samples with channel switching
    Jie Ling
    Xiaohuan Chen
    Yu Luo
    Applied Intelligence, 2023, 53 : 30580 - 30592
  • [27] Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization
    Nowroozi, Ehsan
    Mohammadi, Mohammadreza
    Golmohammadi, Pargol
    Mekdad, Yassine
    Conti, Mauro
    Uluagac, Selcuk
    IEEE TRANSACTIONS ON SERVICES COMPUTING, 2024, 17 (01) : 18 - 29
  • [28] Improving the Transferability of Adversarial Examples with Diverse Gradients
    Cao, Yangjie
    Wang, Haobo
    Zhu, Chenxi
    Zhuang, Yan
    Li, Jie
    Chen, Xianfu
    2023 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS, IJCNN, 2023,
  • [29] Improving transferable adversarial attack via feature-momentum
    He, Xianglong
    Li, Yuezun
    Qu, Haipeng
    Dong, Junyu
    COMPUTERS & SECURITY, 2023, 128
  • [30] Promoting Adversarial Transferability via Dual-Sampling Variance Aggregation and Feature Heterogeneity Attacks
    Huang, Yang
    Chen, Yuling
    Wang, Xuewei
    Yang, Jing
    Wang, Qi
    ELECTRONICS, 2023, 12 (03)
12345