Adversarial attacks in deep learning

Rouying Weng

doi:10.54254/2755-2721/5/20230606

Research Article

Open access

Published on 31 May 2023

Download pdf

Weng,R. (2023). Adversarial attacks in deep learning. Applied and Computational Engineering,5,404-409.

Export citation

Adversarial attacks in deep learning

Rouying Weng *^,1,

¹ Faculty of science, The university of Melbourne, Melbourne, 3000, Australia

* Author to whom correspondence should be addressed.

https://doi.org/10.54254/2755-2721/5/20230606

Abstract

Accompanying the advancement of deep learning models, which are now used in many different areas such as Nature Language Processing (NLP), Computer Vision (CV), and so on, the computationally exceedingly powerful deep ability of deep learning has outstanding performance in handling various tasks, have become a hot topic of concern. At present, research illustrates that if the input samples are interfered with using the adversarial sample technique, it can make most mainstream neural network models make wrong judgment results. Therefore, it becomes an important issue how to compensate for the shortcomings of existing neural network techniques in terms of security and robustness. This paper first introduces the development of adversarial attack techniques and then describes the theoretical foundations, algorithms, and applications. Then this paper designs an experiment to verify whether ResNet18 can be attacked under adversarial attacks and then subsequently discusses the open problems and challenges deep learning faces.

Keywords

machine learning, deep learning, adversarial attack, adversarial attack, Whitebox attack.

View pdf

References

[1]. Arnab, A., Dehghani, M., Heigold, G., Sun, C., Lučić, M., & Schmid, C. (2021). Vivit: A video vision transformer. In Proceedings of the IEEE/CVF International Conference on Computer Vision (pp. 6836-6846).

[2]. Liu, Z., Lin, Y., Cao, Y., Hu, H., Wei, Y., Zhang, Z., ... & Guo, B. (2021). Swin transformer: Hierarchical vision transformer using shifted windows. In Proceedings of the IEEE/CVF International Conference on Computer Vision (pp. 10012-10022).

[3]. Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., ... & Polosukhin, I. (2017). Attention is all you need. Advances in neural information processing systems, 30.

[4]. Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., & Fergus, R. (2013). Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199.

[5]. Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572.

[6]. Papernot, N., McDaniel, P., & Goodfellow, I. (2016). Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277.

[7]. Chen, J., Wu, Y., Xu, X., Chen, Y., Zheng, H., & Xuan, Q. (2018). Fast gradient attack on network embedding. arXiv preprint arXiv:1809.02797.

[8]. He, K., Zhang, X., Ren, S., & Sun, J. (2016). Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 770-778).

[9]. Tai, Y., Yang, J., & Liu, X. (2017). Image super-resolution via deep recursive residual network. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 3147-3155).

[10]. Li, J., Fang, F., Mei, K., & Zhang, G. (2018). Multi-scale residual network for image super-resolution. In Proceedings of the European conference on computer vision (ECCV) (pp. 517-532).

Cite this article

Weng,R. (2023). Adversarial attacks in deep learning. Applied and Computational Engineering,5,404-409.

Data availability

The datasets used and/or analyzed during the current study will be available from the authors upon reasonable request.

Disclaimer/Publisher's Note

The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of EWA Publishing and/or the editor(s). EWA Publishing and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

About volume

Volume title: Proceedings of the 3rd International Conference on Signal Processing and Machine Learning

Conference website: http://www.confspml.org

ISBN：978-1-915371-57-7(Print) / 978-1-915371-58-4(Online)

Conference date: 25 February 2023

Editor：Omer Burak Istanbullu

Series: Applied and Computational Engineering

Volume number: Vol.5

ISSN：2755-2721(Print) / 2755-273X(Online)

© 2024 by the author(s). Licensee EWA Publishing, Oxford, UK. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license. Authors who publish this series agree to the following terms:
1. Authors retain copyright and grant the series right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this series.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the series's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this series.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See Open access policy for details).