Analysing Adversarial Examples for Deep Learning

Jason Jung, Naveed Akhtar, Ghulam Mubashar Hassan

2021

Abstract

The aim of this work is to investigate adversarial examples and look for commonalities and disparities between different adversarial attacks and attacked classifier model behaviours. The research focuses on untargeted, gradient-based attacks. The experiment uses 16 attacks on 4 models and 1000 images. This resulted in 64,000 adversarial examples. The resulting classification predictions of the adversarial examples (adversarial labels) are analysed. It is found that light-weight neural network classifiers are more suspectable to attacks compared to the models with a larger or more complex architecture. It is also observed that similar adversarial attacks against a light-weight model often result in the same adversarial label. Moreover, the attacked models have more influence over the resulting adversarial label as compared to the adversarial attack algorithm itself. These finding are helpful in understanding the intriguing vulnerability of deep learning to adversarial examples.

Download


Paper Citation


in Harvard Style

Jung J., Akhtar N. and Hassan G. (2021). Analysing Adversarial Examples for Deep Learning. In Proceedings of the 16th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2021) - Volume 5: VISAPP; ISBN 978-989-758-488-6, SciTePress, pages 585-592. DOI: 10.5220/0010313705850592


in Bibtex Style

@conference{visapp21,
author={Jason Jung and Naveed Akhtar and Ghulam Mubashar Hassan},
title={Analysing Adversarial Examples for Deep Learning},
booktitle={Proceedings of the 16th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2021) - Volume 5: VISAPP},
year={2021},
pages={585-592},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010313705850592},
isbn={978-989-758-488-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 16th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2021) - Volume 5: VISAPP
TI - Analysing Adversarial Examples for Deep Learning
SN - 978-989-758-488-6
AU - Jung J.
AU - Akhtar N.
AU - Hassan G.
PY - 2021
SP - 585
EP - 592
DO - 10.5220/0010313705850592
PB - SciTePress