Beating White-Box Defenses with Black-Box Attacks

被引:1
|
作者
Kumova, Vera [1 ]
Pilat, Martin [1 ]
机构
[1] Charles Univ Prague, Fac Math & Phys, Prague, Czech Republic
来源
2021 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN) | 2021年
关键词
Deep learning; evolutionary algorithms; adversarial; attacks;
D O I
10.1109/IJCNN52387.2021.9533772
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Deep learning has achieved great results in the last decade, however, it is sensitive to so called adversarial attacks small perturbations of the input that cause the network to classify incorrectly. In the last years a number of attacks and defenses against these attacks were described. Most of the defenses however focus on defending against gradient-based attacks. In this paper, we describe an evolutionary attack and show that the adversarial examples produced by the attack have different features than those from gradient-based attacks. We also show that these features mean that one of the state-of-the-art defenses fails to detect such attacks.
引用
收藏
页数:8
相关论文
共 50 条
  • [41] Modeling crude oil pyrolysis process using advanced white-box and black-box machine learning techniques
    Hadavimoghaddam, Fahimeh
    Rozhenko, Alexei
    Mohammadi, Mohammad-Reza
    Mostajeran Gortani, Masoud
    Pourafshary, Peyman
    Hemmati-Sarapardeh, Abdolhossein
    [J]. SCIENTIFIC REPORTS, 2023, 13 (01)
  • [42] Stateful Defenses for Machine Learning Models Are Not Yet Secure Against Black-box Attacks
    Feng, Ryan
    Hooda, Ashish
    Mangaokar, Neal
    Fawaz, Kassem
    Jha, Somesh
    Prakash, Atul
    [J]. PROCEEDINGS OF THE 2023 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, CCS 2023, 2023, : 786 - 800
  • [43] NOVEL ADVERSARIAL DEFENSE TECHNIQUES FOR WHITE-BOX ATTACKS
    Van Tuinen, Jason
    Ranganath, Aditya
    Konjevod, Goran
    Singhal, Mukesh
    Marcia, Roummel
    [J]. 2022 21ST IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS, ICMLA, 2022, : 617 - 622
  • [44] TURNING BLACK-BOX INTO WHITE FUNCTIONS
    Shan, Songqing
    Wang, G. Gary
    [J]. PROCEEDINGS OF THE ASME INTERNATIONAL DESIGN ENGINEERING TECHNICAL CONFERENCES AND COMPUTERS AND INFORMATION IN ENGINEERING CONFERENCE 2010, VOL 1, PTS A AND B, 2010, : 599 - 609
  • [45] Individualized Models for Glucose Prediction in Type 1 Diabetes: Comparing Black-Box Approaches to a Physiological White-Box One
    Cappon, Giacomo
    Prendin, Francesco
    Facchinetti, Andrea
    Sparacino, Giovanni
    Del Favero, Simone
    [J]. IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, 2023, 70 (11) : 3105 - 3115
  • [46] Black-Box Data Poisoning Attacks on Crowdsourcing
    Chen, Pengpeng
    Yang, Yongqiang
    Yang, Dingqi
    Sun, Hailong
    Chen, Zhijun
    Lin, Peng
    [J]. PROCEEDINGS OF THE THIRTY-SECOND INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, IJCAI 2023, 2023, : 2975 - 2983
  • [47] Toward Visual Distortion in Black-Box Attacks
    Li, Nannan
    Chen, Zhenzhong
    [J]. IEEE TRANSACTIONS ON IMAGE PROCESSING, 2021, 30 : 6156 - 6167
  • [48] Resiliency of SNN on Black-Box Adversarial Attacks
    Paudel, Bijay Raj
    Itani, Aashish
    Tragoudas, Spyros
    [J]. 20TH IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA 2021), 2021, : 799 - 806
  • [49] SoK: Pitfalls in Evaluating Black-Box Attacks
    Suya, Fnu
    Suri, Anshuman
    Zhang, Tingwei
    Hong, Jingtao
    Tian, Yuan
    Evans, David
    [J]. IEEE CONFERENCE ON SAFE AND TRUSTWORTHY MACHINE LEARNING, SATML 2024, 2024, : 387 - 407
  • [50] White-box benchmarking
    Hernández, E
    Hey, T
    [J]. EURO-PAR '98 PARALLEL PROCESSING, 1998, 1470 : 220 - 223
12345