We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:


Current browse context:


Change to browse by:

References & Citations

DBLP - CS Bibliography


(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Machine Learning

Title: Game Theory for Adversarial Attacks and Defenses

Authors: Shorya Sharma
Abstract: Adversarial attacks can generate adversarial inputs by applying small but intentionally worst-case perturbations to samples from the dataset, which leads to even state-of-the-art deep neural networks outputting incorrect answers with high confidence. Hence, some adversarial defense techniques are developed to improve the security and robustness of the models and avoid them being attacked. Gradually, a game-like competition between attackers and defenders formed, in which both players would attempt to play their best strategies against each other while maximizing their own payoffs. To solve the game, each player would choose an optimal strategy against the opponent based on the prediction of the opponent's strategy choice. In this work, we are on the defensive side to apply game-theoretic approaches on defending against attacks. We use two randomization methods, random initialization and stochastic activation pruning, to create diversity of networks. Furthermore, we use one denoising technique, super resolution, to improve models' robustness by preprocessing images before attacks. Our experimental results indicate that those three methods can effectively improve the robustness of deep-learning neural networks.
Comments: With the agreement of my coauthors, I would like to withdraw the manuscript "Game Theory for Adversarial Attacks and Defenses". Some experimental procedures were not included in the manuscript, which makes a part of important claims not meaningful
Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR); Computer Science and Game Theory (cs.GT)
Cite as: arXiv:2110.06166 [cs.LG]
  (or arXiv:2110.06166v3 [cs.LG] for this version)

Submission history

From: Shorya Sharma Mr. [view email]
[v1] Fri, 8 Oct 2021 07:38:33 GMT (1173kb)
[v2] Wed, 13 Oct 2021 04:49:37 GMT (1451kb)
[v3] Wed, 12 Jan 2022 14:04:54 GMT (0kb,I)

Link back to: arXiv, form interface, contact.