Academic Journal
Improving diversity and quality of adversarial examples in adversarial transformation network
| Title: | Improving diversity and quality of adversarial examples in adversarial transformation network |
|---|---|
| Authors: | Duc-Anh Nguyen, Kha Do Minh, Khoi Le, Le-Minh Nguyen, Phạm Ngọc Hưng |
| Source: | Soft Computing. 27:3689-3706 |
| Publisher Information: | Springer Science and Business Media LLC, 2022. |
| Publication Year: | 2022 |
| Subject Terms: | Artificial intelligence, Outlier Detection, Feature (linguistics), FOS: Political science, Norm (philosophy), Convolutional neural network, FOS: Law, Epistemology, MNIST database, 02 engineering and technology, Adversarial Robustness in Deep Learning Models, Adversarial system, Pattern recognition (psychology), Anomaly Detection in High-Dimensional Data, Machine Learning, 03 medical and health sciences, Engineering, Resampling Detection, 0302 clinical medicine, Artificial Intelligence, Machine learning, FOS: Electrical engineering, electronic engineering, information engineering, FOS: Mathematics, 0202 electrical engineering, electronic engineering, information engineering, Heuristics, Electrostatic Discharge Protection in Integrated Circuits, Electrical and Electronic Engineering, Political science, Mathematical optimization, Linguistics, Deep learning, Autoencoder, Computer science, FOS: Philosophy, ethics and religion, Algorithm, Philosophy, Operating system, Adversarial Examples, Computer Science, Physical Sciences, Quality (philosophy), FOS: Languages and literature, Computer Vision and Pattern Recognition, Pixel, Digital Image Forgery Detection and Identification, Sensor Pattern Noise, Law, Mathematics |
| Description: | This paper proposes a method to mitigate two major issues of Adversarial Transformation Networks (ATN) including the low diversity and the low quality of adversarial examples. In order to deal with the first issue, this research proposes a stacked convolutional autoencoder based on pattern to generalize ATN. This proposed autoencoder could support different patterns such as all-feature pattern , border feature pattern , and class model map pattern . In order to deal with the second issue, this paper presents an algorithm to improve the quality of adversarial examples in terms of L 0 -norm and L 2 -norm. This algorithm employs an adversarial feature ranking heuristics such as JSMA and COI to prioritize adversarial features. To demonstrate the advantages of the proposed method, comprehensive experiments have been conducted on the MNIST dataset and the CIFAR-10 dataset. For the first issue, the proposed autoencoder can generate diverse adversarial examples with the average success rate above 99%. For the second issue, the proposed algorithm could not only improve the quality of adversarial examples significantly but also maintain the average success rate. In terms of L 0 -norm, the proposed algorithm could decrease from hundreds of adversarial features to one adversarial feature. In terms of L 2 -norm, the proposed algorithm could reduce the average distance considerably. These results show that the proposed method is capable of generating high-quality and diverse adversarial examples in practice. |
| Document Type: | Article Other literature type |
| Language: | English |
| ISSN: | 1433-7479 1432-7643 |
| DOI: | 10.1007/s00500-022-07655-y |
| DOI: | 10.21203/rs.3.rs-868209/v1 |
| DOI: | 10.60692/pfh3z-s9512 |
| DOI: | 10.60692/kg905-fg543 |
| DOI: | 10.60692/czzad-y2b32 |
| DOI: | 10.60692/ggcpf-jxc97 |
| Rights: | Springer Nature TDM CC BY |
| Accession Number: | edsair.doi.dedup.....0ac018f8d33fd3b8d05848fa11dafff7 |
| Database: | OpenAIRE |
| ISSN: | 14337479 14327643 |
|---|---|
| DOI: | 10.1007/s00500-022-07655-y |