Method for Improving Quality of Adversarial Examples

Duc-Anh Nguyen; Kha Do Minh; Duc-Anh Pham; Pham Hung

doi:10.5220/0010814400003116

Method for Improving Quality of Adversarial Examples

Duc-Anh Nguyen, Kha Do Minh, Duc-Anh Pham, Pham Hung

2022

Abstract

To evaluate the robustness of DNNs, most of the adversarial methods such as FGSM, box-constrained L-BFGS, and ATN generate adversarial examples with small Lp-norm. However, these adversarial examples might contain many redundant perturbations. Removing these perturbations increases the quality of adversarial examples. Therefore, this paper proposes a method to improve the quality of adversarial examples by recognizing and then removing such perturbations. The proposed method includes two phases namely the autoencoder training phase and the improvement phase. In the autoencoder training phase, the proposed method trains an autoencoder that learns how to recognize redundant perturbations. In the second phase, the proposed method uses the trained autoencoder in combination with the greedy improvement step to produce more high-quality adversarial examples. The experiments on MNIST and CIFAR-10 have shown that the proposed method could improve the quality of adversarial examples significantly. In terms of L0-norm, the distance decreases by about 82%-95%. In terms of L2-norm, the distance drops by around 56%-81%. Additionally, the proposed method has a low computational cost. This shows the potential ability of the proposed method in practice.

Download

Paper Citation

in Harvard Style

Nguyen D., Do Minh K., Pham D. and Hung P. (2022). Method for Improving Quality of Adversarial Examples. In Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART, ISBN 978-989-758-547-0, pages 214-225. DOI: 10.5220/0010814400003116

in Bibtex Style

@conference{icaart22,
author={Duc-Anh Nguyen and Kha Do Minh and Duc-Anh Pham and Pham Hung},
title={Method for Improving Quality of Adversarial Examples},
booktitle={Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,},
year={2022},
pages={214-225},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010814400003116},
isbn={978-989-758-547-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,
TI - Method for Improving Quality of Adversarial Examples
SN - 978-989-758-547-0
AU - Nguyen D.
AU - Do Minh K.
AU - Pham D.
AU - Hung P.
PY - 2022
SP - 214
EP - 225
DO - 10.5220/0010814400003116