A Theoretically Grounded Extension of Universal Attacks from the Attacker's Viewpoint - INRIA - Institut National de Recherche en Informatique et en Automatique
Communication Dans Un Congrès Année : 2024

A Theoretically Grounded Extension of Universal Attacks from the Attacker's Viewpoint

Résumé

We extend universal attacks by jointly learning a set of perturbations to choose from to maximize the chance of attacking deep neural network models. Specifically, we embrace the attacker's perspective and introduce a theoretical bound quantifying how much the universal perturbations are able to fool a given model on unseen examples. An extension to assert the transferability of universal attacks is also provided. To learn such perturbations, we devise an algorithmic solution with convergence guarantees under Lipschitz continuity assumptions. Moreover, we demonstrate how it can improve the performance of state-of-the-art gradient-based universal perturbation. As evidenced by our experiments, these novel universal perturbations result in more interpretable, diverse, and transferable attacks.

Domaines

Apprentissage [cs.LG]
Fichier principal
Vignette du fichier
ECML_2024___Semi_Universal_Perturbations-1.pdf (822.84 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)
licence
Paternité

Jordan Patracone  : Connectez-vous pour contacter le contributeur

https://hal.science/hal-03615461

Soumis le : vendredi 7 juin 2024-11:21:41

Dernière modification le : mardi 5 novembre 2024-09:12:03

Télécharger pour visualiser

Dates et versions

hal-03615461 , version 1 (21-03-2022)
hal-03615461 , version 2 (07-06-2023)
hal-03615461 , version 3 (07-06-2024)

Licence

Paternité

Identifiants

Citer

Jordan Patracone, Paul Viallard, Emilie Morvant, Gilles Gasso, Amaury Habrard, et al.. A Theoretically Grounded Extension of Universal Attacks from the Attacker's Viewpoint. ECML PKDD 2024 - European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases, Sep 2024, Vilnius, Lithuania. pp.1-27, ⟨10.1007/978-3-031-70359-1_17⟩. ⟨hal-03615461v3⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

UNIV-ST-ETIENNE IOGS UNIV-RENNES1 CNRS INRIA INSA-RENNES INSA-ROUEN IRISA CENTRALESUPELEC COMUE-NORMANDIE INRIA2 UR1-MATH-STIC UR1-UFR-ISTIC UNIV-RENNES INSA-GROUPE UDL UR1-MATH-NUM LABORATOIRE-HUBERT-CURIEN
1072 Consultations
281 Téléchargements

Altmetric

Partager

More