We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.LG

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Machine Learning

Title: Extending Adversarial Attacks to Produce Adversarial Class Probability Distributions

Abstract: Despite the remarkable performance and generalization levels of deep learning models in a wide range of artificial intelligence tasks, it has been demonstrated that these models can be easily fooled by the addition of imperceptible yet malicious perturbations to natural inputs. These altered inputs are known in the literature as adversarial examples. In this paper, we propose a novel probabilistic framework to generalize and extend adversarial attacks in order to produce a desired probability distribution for the classes when we apply the attack method to a large number of inputs. This novel attack strategy provides the attacker with greater control over the target model, and increases the complexity of detecting that the model is being systematically attacked. We introduce four different strategies to efficiently generate such attacks, and illustrate our approach by extending multiple adversarial attack algorithms. We also experimentally validate our approach for the spoken command classification task, an exemplary machine learning problem in the audio domain. Our results demonstrate that we can closely approximate any probability distribution for the classes while maintaining a high fooling rate and by injecting imperceptible perturbations to the inputs.
Comments: 31 pages, 10 figures, 3 tables, 1 algorithms
Subjects: Machine Learning (cs.LG); Machine Learning (stat.ML)
Cite as: arXiv:2004.06383 [cs.LG]
  (or arXiv:2004.06383v2 [cs.LG] for this version)

Submission history

From: Jon Vadillo Jueguen [view email]
[v1] Tue, 14 Apr 2020 09:39:02 GMT (228kb,D)
[v2] Tue, 21 Sep 2021 23:25:22 GMT (324kb,D)

Link back to: arXiv, form interface, contact.