Really natural adversarial examples-Reference-Cited by-同舟云学术

Really natural adversarial examples

Published:2021-10-05 Issue: Volume: Page:
ISSN:1868-8071
Container-title:International Journal of Machine Learning and Cybernetics
language:en
Short-container-title:Int. J. Mach. Learn. & Cyber.

Author:

Pedraza Anibal^ORCID,Deniz Oscar^ORCID,Bueno Gloria

Abstract

AbstractThe phenomenon of Adversarial Examples has become one of the most intriguing topics associated to deep learning. The so-called adversarial attacks have the ability to fool deep neural networks with inappreciable perturbations. While the effect is striking, it has been suggested that such carefully selected injected noise does not necessarily appear in real-world scenarios. In contrast to this, some authors have looked for ways to generate adversarial noise in physical scenarios (traffic signs, shirts, etc.), thus showing that attackers can indeed fool the networks. In this paper we go beyond that and show that adversarial examples also appear in the real-world without any attacker or maliciously selected noise involved. We show this by using images from tasks related to microscopy and also general object recognition with the well-known ImageNet dataset. A comparison between these natural and the artificially generated adversarial examples is performed using distance metrics and image quality metrics. We also show that the natural adversarial examples are in fact at a higher distance from the originals that in the case of artificially generated adversarial examples.

Funder

Ministerio de Economía y Competitividad

Ministerio de Ciencia, Innovación y Universidades

Universidad de Castilla la Mancha

Publisher

Springer Science and Business Media LLC

Subject

Artificial Intelligence,Computer Vision and Pattern Recognition,Software

Link

https://link.springer.com/content/pdf/10.1007/s13042-021-01435-0.pdf

Reference38 articles.

1. Szegedy C Zaremba, W Sutskever, I Bruna, J Erhan, D Goodfellow, I Fergus R (2013) Intriguing properties of neural networks. arXiv preprint. arXiv:1312.6199

2. Serban AC, Poll E, Visser J (2018) Adversarial examples-a complete characterisation of the phenomenon. arXiv preprint. arXiv:1810.01185

3. Goodfellow IJ, Shlens J, Szegedy C (2014) Explaining and harnessing adversarial examples. arXiv preprint. arXiv:1412.6572

4. Gilmer J, Adams RP, Goodfellow I, Andersen D, Dahl GE (2018) Motivating the rules of the game for adversarial example research. arXiv preprint. arXiv:1807.06732

5. Lu J, Sibai H, Fabry E, Forsyth D (2017) No need to worry about adversarial examples in object detection in autonomous vehicles. arXiv preprint. arXiv:1707.03501

Cited by 7 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Explainable SE-MobileNet for Pneumonia detection integrated with robustness assessment using adversarial examples;Smart Health;2024-09

2. Adversarial attack method based on enhanced spatial momentum;International Journal of Machine Learning and Cybernetics;2024-07-22

3. Robustness Benchmarking of Convolutional and Transformer Architectures for Image Classification;2024

4. Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks;2022 IEEE International Conference on Big Data (Big Data);2022-12-17

5. Misleading attention and classification: An adversarial attack to fool object detection models in the real world;Computers & Security;2022-11