Beating White-Box Defenses with Black-Box Attacks

被引：1

作者：

Kumova, Vera ^{[1
]}

Pilat, Martin ^{[1
]}

机构：

[1] Charles Univ Prague, Fac Math & Phys, Prague, Czech Republic

来源：

2021 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN) | 2021年

关键词：

Deep learning; evolutionary algorithms; adversarial; attacks;

D O I：

10.1109/IJCNN52387.2021.9533772

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Deep learning has achieved great results in the last decade, however, it is sensitive to so called adversarial attacks small perturbations of the input that cause the network to classify incorrectly. In the last years a number of attacks and defenses against these attacks were described. Most of the defenses however focus on defending against gradient-based attacks. In this paper, we describe an evolutionary attack and show that the adversarial examples produced by the attack have different features than those from gradient-based attacks. We also show that these features mean that one of the state-of-the-art defenses fails to detect such attacks.

引用

页数：8

共 50 条

[1] White-box and Black-box Adversarial Attacks to Obstacle Avoidance in Mobile Robots
Rano, Inaki
Christensen, Anders Lyhne
[J]. 2023 EUROPEAN CONFERENCE ON MOBILE ROBOTS, ECMR, 2023, : 64 - 69
[2] Two Sides of the Same Coin: White-box and Black-box Attacks for Transfer Learning
Zhang, Yinghua
Song, Yangqiu
Liang, Jian
Bai, Kun
Yang, Qiang
[J]. KDD '20: PROCEEDINGS OF THE 26TH ACM SIGKDD INTERNATIONAL CONFERENCE ON KNOWLEDGE DISCOVERY & DATA MINING, 2020, : 2989 - 2997
[3] Comparing White-box and Black-box Test Prioritization
Henard, Christopher
Papadakis, Mike
Harman, Mark
Jia, Yue
Le Traon, Yves
[J]. 2016 IEEE/ACM 38TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2016, : 523 - 534
[4] Safety Assessment: From Black-Box to White-Box
Kurzidem, Iwo
Misik, Adam
Schleiss, Philipp
Burton, Simon
[J]. 2022 IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW 2022), 2022, : 295 - 300
[5] Black-Box Attacks on Graph Neural Networks via White-Box Methods With Performance Guarantees
Yang, Jielong
Ding, Rui
Chen, Jianyu
Zhong, Xionghu
Zhao, Huarong
Xie, Linbo
[J]. IEEE INTERNET OF THINGS JOURNAL, 2024, 11 (10): : 18193 - 18204
[6] Accelerate Black-Box Attack with White-Box Prior Knowledge
Cai, Jinghui
Wang, Boyang
Wang, Xiangfeng
Jin, Bo
[J]. INTELLIGENCE SCIENCE AND BIG DATA ENGINEERING: BIG DATA AND MACHINE LEARNING, PT II, 2019, 11936 : 394 - 405
[7] Transferring Black-Box Decision Making to a White-Box Model
Zlahtic, Bojan
Zavrsnik, Jernej
Vosner, Helena Blazun
Kokol, Peter
[J]. ELECTRONICS, 2024, 13 (10)
[8] Encrypted-Input Program Obfuscation: Simultaneous Security Against White-Box and Black-Box Attacks
Di Crescenzo, Giovanni
Bahler, Lisa
McIntosh, Allen
[J]. 2020 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2020,
[9] On Membership of Black-box or White-box of Artificial Neural Network Models
Wu, Z. F.
Li, Jin
Cai, M. Y.
Zhang, W. J.
Lin, Y.
[J]. PROCEEDINGS OF THE 2016 IEEE 11TH CONFERENCE ON INDUSTRIAL ELECTRONICS AND APPLICATIONS (ICIEA), 2016, : 1400 - 1404
[10] Persistent Fault Injection Attack From White-box to Black-box
Mesbah, Abdelhak
Mezghiche, Mohamed
Lanet, Jean-louis
[J]. 2017 5TH INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING - BOUMERDES (ICEE-B), 2017,

← 1 2 3 4 5 →