Greedy Attack and Gumbel Attack: Generating Adversarial Examples for Discrete Data

被引:0
|
作者
Yang, Puyudi [1 ]
Chen, Jianbo [2 ]
Hsieh, Cho-Jui [3 ]
Wang, Jane-Ling [1 ]
Jordan, Michael, I [2 ,4 ]
机构
[1] Univ Calif Davis, Dept Stat, Davis, CA 95616 USA
[2] Univ Calif Berkeley, Dept Stat, Berkeley, CA 94720 USA
[3] Univ Calif Los Angelos, Dept Comp Sci, Los Angeles, CA 90095 USA
[4] Univ Calif Berkeley, Div Comp Sci, Berkeley, CA 94720 USA
来源
JOURNAL OF MACHINE LEARNING RESEARCH | 2020年 / 21卷
关键词
Adversarial Attack;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We present a probabilistic framework for studying adversarial attacks on discrete data. Based on this framework, we derive a perturbation-based method, Greedy Attack, and a scalable learning-based method, Gumbel Attack, that illustrate various tradeoffs in the design of attacks. We demonstrate the effectiveness of these methods using both quantitative metrics and human evaluation on various state-of-the-art models for text classification, including a word-based CNN, a character-based CNN and an LSTM. As an example of our results, we show that the accuracy of character-based convolutional networks drops to the level of random selection by modifying only five characters through Greedy Attack.
引用
收藏
页数:36
相关论文
共 50 条
  • [41] Universalization of Any Adversarial Attack using Very Few Test Examples
    Kamath, Sandesh
    Deshpande, Amit
    Subrahmanyam, K., V
    Balasubramanian, Vineeth N.
    PROCEEDINGS OF THE 5TH JOINT INTERNATIONAL CONFERENCE ON DATA SCIENCE & MANAGEMENT OF DATA, CODS COMAD 2022, 2022, : 72 - 80
  • [42] Evolutionary Multilabel Adversarial Examples: An Effective Black-Box Attack
    Kong L.
    Luo W.
    Zhang H.
    Liu Y.
    Shi Y.
    IEEE Transactions on Artificial Intelligence, 2023, 4 (03): : 562 - 572
  • [43] Attack Selectivity of Adversarial Examples in Remote Sensing Image Scene Classification
    Chen, Li
    Li, Haifeng
    Zhu, Guowei
    Li, Qi
    Zhu, Jiawei
    Huang, Haozhe
    Peng, Jian
    Zhao, Lin
    IEEE ACCESS, 2020, 8 : 137477 - 137489
  • [44] AI-GAN: ATTACK-INSPIRED GENERATION OF ADVERSARIAL EXAMPLES
    Bai, Tao
    Zhao, Jun
    Zhu, Jinlin
    Han, Shoudong
    Chen, Jiefeng
    Li, Bo
    Kot, Alex
    2021 IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING (ICIP), 2021, : 2543 - 2547
  • [45] Generating Adversarial Examples with Adversarial Networks
    Xiao, Chaowei
    Li, Bo
    Zhu, Jun-Yan
    He, Warren
    Liu, Mingyan
    Song, Dawn
    PROCEEDINGS OF THE TWENTY-SEVENTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2018, : 3905 - 3911
  • [46] Generating Out of Distribution Adversarial Attack Using Latent Space Poisoning
    Upadhyay, Ujjwal
    Mukherjee, Prerana
    IEEE SIGNAL PROCESSING LETTERS, 2021, 28 : 523 - 527
  • [47] Optical Adversarial Attack
    Gnanasambandam, Abhiram
    Sherman, Alex M.
    Chan, Stanley H.
    2021 IEEE/CVF INTERNATIONAL CONFERENCE ON COMPUTER VISION WORKSHOPS (ICCVW 2021), 2021, : 92 - 101
  • [48] Distributionally Adversarial Attack
    Zheng, Tianhang
    Chen, Changyou
    Ren, Kui
    THIRTY-THIRD AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE / THIRTY-FIRST INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE / NINTH AAAI SYMPOSIUM ON EDUCATIONAL ADVANCES IN ARTIFICIAL INTELLIGENCE, 2019, : 2253 - 2260
  • [49] Detection by Attack: Detecting Adversarial Samples by Undercover Attack
    Zhou, Qifei
    Zhang, Rong
    Wu, Bo
    Li, Weiping
    Mo, Tong
    COMPUTER SECURITY - ESORICS 2020, PT II, 2020, 12309 : 146 - 164
  • [50] AdvCodeMix: Adversarial Attack on Code-Mixed Data
    Das, Sourya Dipta
    Basak, Ayan
    Mandal, Soumil
    Das, Dipankar
    PROCEEDINGS OF THE 5TH JOINT INTERNATIONAL CONFERENCE ON DATA SCIENCE & MANAGEMENT OF DATA, CODS COMAD 2022, 2022, : 125 - 129
12345