Conference proceeding
ADMM Attack: An Enhanced Adversarial Attack for Deep Neural Networks with Undetectable Distortions
24TH ASIA AND SOUTH PACIFIC DESIGN AUTOMATION CONFERENCE (ASP-DAC 2019), pp 499-505
01 Jan 2019
Featured in Collection : UN Sustainable Development Goals @ Drexel
Abstract
Many recent studies demonstrate that state-of-the-art Deep neural networks (DNNs) might be easily fooled by adversarial examples, generated by adding carefully crafted and visually imperceptible distortions onto original legal inputs through adversarial attacks. Adversarial examples can lead the DNN to misclassify them as any target labels. In the literature, various methods are proposed to minimize the different l(p) norms of the distortion. However, there lacks a versatile framework for all types of adversarial attacks. To achieve a better understanding for the security properties of DNNs, we propose a general framework for constructing adversarial examples by leveraging Alternating Direction Method of Multipliers (ADMM) to split the optimization approach for effective minimization of various l(p) norms of the distortion, including l(0), l(1), l(2), and l(infinity) norms. Thus, the proposed general framework unifies the methods of crafting l(0), l(1), l(2), and l(infinity) attacks. The experimental results demonstrate that the proposed ADMM attacks achieve both the high attack success rate and the minimal distortion for the misclassification compared with state-of-the-art attack methods.
Metrics
Details
- Title
- ADMM Attack: An Enhanced Adversarial Attack for Deep Neural Networks with Undetectable Distortions
- Creators
- Pu Zhao - Northeastern UniversityKaidi Xu - Northeastern UniversitySijia Liu - IBM Research – Thomas J. Watson Research CenterYanzhi Wang - Northeastern UniversityXue Lin - Northeastern University
- Publication Details
- 24TH ASIA AND SOUTH PACIFIC DESIGN AUTOMATION CONFERENCE (ASP-DAC 2019), pp 499-505
- Publisher
- Assoc Computing Machinery
- Number of pages
- 7
- Grant note
- U.S. Office of Naval Research; Office of Naval Research FA8750-18-2-0058 / Air Force Research Laboratory CCF-1733701; CNS-1704662; CNS-1739748 / National Science Foundation; National Science Foundation (NSF)
- Resource Type
- Conference proceeding
- Language
- English
- Academic Unit
- Computer Science (Computing)
- Web of Science ID
- WOS:000507459700089
- Scopus ID
- 2-s2.0-85061118037
- Other Identifier
- 991021871466004721
UN Sustainable Development Goals (SDGs)
This publication has contributed to the advancement of the following goals:
InCites Highlights
Data related to this publication, from InCites Benchmarking & Analytics tool:
- Web of Science research areas
- Computer Science, Theory & Methods
- Engineering, Electrical & Electronic