Greedy Attack and Gumbel Attack: Generating Adversarial Examples for Discrete Data

被引:0
|
作者
Yang, Puyudi [1 ]
Chen, Jianbo [2 ]
Hsieh, Cho-Jui [3 ]
Wang, Jane-Ling [1 ]
Jordan, Michael, I [2 ,4 ]
机构
[1] Univ Calif Davis, Dept Stat, Davis, CA 95616 USA
[2] Univ Calif Berkeley, Dept Stat, Berkeley, CA 94720 USA
[3] Univ Calif Los Angelos, Dept Comp Sci, Los Angeles, CA 90095 USA
[4] Univ Calif Berkeley, Div Comp Sci, Berkeley, CA 94720 USA
来源
JOURNAL OF MACHINE LEARNING RESEARCH | 2020年 / 21卷
关键词
Adversarial Attack;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We present a probabilistic framework for studying adversarial attacks on discrete data. Based on this framework, we derive a perturbation-based method, Greedy Attack, and a scalable learning-based method, Gumbel Attack, that illustrate various tradeoffs in the design of attacks. We demonstrate the effectiveness of these methods using both quantitative metrics and human evaluation on various state-of-the-art models for text classification, including a word-based CNN, a character-based CNN and an LSTM. As an example of our results, we show that the accuracy of character-based convolutional networks drops to the level of random selection by modifying only five characters through Greedy Attack.
引用
收藏
页数:36
相关论文
共 50 条
  • [31] Low frequency sparse adversarial attack
    Liu, Jiyuan
    Lu, Bingyi
    Xiong, Mingkang
    Zhang, Tao
    Xiong, Huilin
    COMPUTERS & SECURITY, 2023, 132
  • [32] Hyperspectral Image Classification With Adversarial Attack
    Shi, Cheng
    Dang, Yenan
    Fang, Li
    Lv, Zhiyong
    Zhao, Minghua
    IEEE GEOSCIENCE AND REMOTE SENSING LETTERS, 2022, 19
  • [33] Adversarial attack to fool object detector
    Khattar, Sahil
    Krishna, C. Rama
    JOURNAL OF DISCRETE MATHEMATICAL SCIENCES & CRYPTOGRAPHY, 2020, 23 (02): : 547 - 562
  • [34] Modeling Attack Resistant PUFs Based on Adversarial Attack Against Machine Learning
    Wang, Sying-Jyan
    Chen, Yu-Sheng
    Li, Katherine Shu-Min
    IEEE JOURNAL ON EMERGING AND SELECTED TOPICS IN CIRCUITS AND SYSTEMS, 2021, 11 (02) : 306 - 318
  • [35] Similarity attack: An adversarial attack game for image classification based on deep learning
    Tian, Xuejun
    Tian, Xinyuan
    Pan, Bingqin
    JOURNAL OF COMPUTATIONAL METHODS IN SCIENCES AND ENGINEERING, 2023, 23 (03) : 1467 - 1478
  • [36] Generating adversarial examples with collaborative generative models
    Xu, Lei
    Zhai, Junhai
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2024, 23 (02) : 1077 - 1091
  • [37] Generating adversarial examples with collaborative generative models
    Lei Xu
    Junhai Zhai
    International Journal of Information Security, 2024, 23 : 1077 - 1091
  • [38] Generating Transferable Adversarial Examples for Speech Classification
    Kim, Hoki
    Park, Jinseong
    Lee, Jaewook
    PATTERN RECOGNITION, 2023, 137
  • [39] Generating adversarial examples with input significance indicator
    Qiu, Xiaofeng
    Zhou, Shuya
    NEUROCOMPUTING, 2020, 394 : 1 - 12
  • [40] On the vulnerability of data-driven structural health monitoring models to adversarial attack
    Champneys, Max David
    Green, Andre
    Morales, John
    Silva, Moises
    Mascarenas, David
    STRUCTURAL HEALTH MONITORING-AN INTERNATIONAL JOURNAL, 2021, 20 (04): : 1476 - 1493
12345