Symmetric adversarial poisoning against deep learning

被引:0
作者
Chan-Hon-Tong, Adrien [1 ]
机构
[1] Univ Paris Saclay, ONERA, Palaiseau, France
来源
2020 TENTH INTERNATIONAL CONFERENCE ON IMAGE PROCESSING THEORY, TOOLS AND APPLICATIONS (IPTA) | 2020年
关键词
data poisoning; adversarial examples; deep learning;
D O I
10.1109/ipta50016.2020.9286651
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Data poisoning is known as the goal of finding small modifications of training data which make them not suitable anymore for training a targeted model. Recently, an efficient symmetric poisoning attack targeting frozen deep features plus support vector machine has been found. However, new experiments presented in this paper shows that this attack is not symmetric anymore on unfrozen/real deep networks. Then, several extensions of this attack are considered on CIFAR10/CIFAR100 with both VGG and ResNet backbone leading to a symmetric attack. On VGG/CIFAR10 setting, this extended attack makes performances moving by -60%,+5% from native accuracy using perturbations invisible to human eyes. Code is available at github.com/achanhon/AdversarialModel.
引用
收藏
页数:5
相关论文
共 33 条
  • [1] Nguyen A, 2015, PROC CVPR IEEE, P427, DOI 10.1109/CVPR.2015.7298640
  • [2] An Algorithm for Generating Invisible Data Poisoning Using Adversarial Noise That Breaks Image Classification Deep Learning
    Chan-Hon-Tong, Adrien
    [J]. MACHINE LEARNING AND KNOWLEDGE EXTRACTION, 2019, 1 (01): : 192 - 204
  • [3] Cisse M, 2017, ADV NEUR IN, V30
  • [4] The Cityscapes Dataset for Semantic Urban Scene Understanding
    Cordts, Marius
    Omran, Mohamed
    Ramos, Sebastian
    Rehfeld, Timo
    Enzweiler, Markus
    Benenson, Rodrigo
    Franke, Uwe
    Roth, Stefan
    Schiele, Bernt
    [J]. 2016 IEEE CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2016, : 3213 - 3223
  • [5] Generative Adversarial Networks An overview
    Creswell, Antonia
    White, Tom
    Dumoulin, Vincent
    Arulkumaran, Kai
    Sengupta, Biswa
    Bharath, Anil A.
    [J]. IEEE SIGNAL PROCESSING MAGAZINE, 2018, 35 (01) : 53 - 65
  • [6] Deng J, 2009, PROC CVPR IEEE, P248, DOI 10.1109/CVPRW.2009.5206848
  • [7] The LogBarrier adversarial attack: making effective use of decision boundary information
    Finlay, Chris
    Pooladian, Aram-Alexandre
    Oberman, Adam
    [J]. 2019 IEEE/CVF INTERNATIONAL CONFERENCE ON COMPUTER VISION (ICCV 2019), 2019, : 4861 - 4869
  • [8] Goodfellow I.J., 2014, ADV NEUR IN, p1406.2661, DOI DOI 10.1145/3422622
  • [9] Deep Learning in Medical Imaging: Overview and Future Promise of an Exciting New Technique
    Greenspan, Hayit
    van Ginneken, Bram
    Summers, Ronald M.
    [J]. IEEE TRANSACTIONS ON MEDICAL IMAGING, 2016, 35 (05) : 1153 - 1159
  • [10] Adversarial Examples for Malware Detection
    Grosse, Kathrin
    Papernot, Nicolas
    Manoharan, Praveen
    Backes, Michael
    McDaniel, Patrick
    [J]. COMPUTER SECURITY - ESORICS 2017, PT II, 2017, 10493 : 62 - 79
1234