Adversarial Parameter Attack on Deep Neural Networks

March 20, 2022 ยท Declared Dead ยท ๐Ÿ› International Conference on Machine Learning

๐Ÿ‘ป CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Lijia Yu, Yihan Wang, Xiao-Shan Gao arXiv ID 2203.10502 Category cs.LG: Machine Learning Cross-listed cs.CR Citations 9 Venue International Conference on Machine Learning Last Checked 4 months ago
Abstract
In this paper, a new parameter perturbation attack on DNNs, called adversarial parameter attack, is proposed, in which small perturbations to the parameters of the DNN are made such that the accuracy of the attacked DNN does not decrease much, but its robustness becomes much lower. The adversarial parameter attack is stronger than previous parameter perturbation attacks in that the attack is more difficult to be recognized by users and the attacked DNN gives a wrong label for any modified sample input with high probability. The existence of adversarial parameters is proved. For a DNN $F_ฮ˜$ with the parameter set $ฮ˜$ satisfying certain conditions, it is shown that if the depth of the DNN is sufficiently large, then there exists an adversarial parameter set $ฮ˜_a$ for $ฮ˜$ such that the accuracy of $F_{ฮ˜_a}$ is equal to that of $F_ฮ˜$, but the robustness measure of $F_{ฮ˜_a}$ is smaller than any given bound. An effective training algorithm is given to compute adversarial parameters and numerical experiments are used to demonstrate that the algorithms are effective to produce high quality adversarial parameters.
Community shame:
Not yet rated
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

๐Ÿ“œ Similar Papers

In the same crypt โ€” Machine Learning

Died the same way โ€” ๐Ÿ‘ป Ghosted