CSpace  > 中国科学院计算技术研究所期刊论文
Toward Understanding and Boosting Adversarial Transferability From a Distribution Perspective
Zhu, Yao1; Chen, Yuefeng2; Li, Xiaodan2; Chen, Kejiang3; He, Yuan2; Tian, Xiang1,4; Zheng, Bolun5; Chen, Yaowu1,6; Huang, Qingming7,8
2022
发表期刊IEEE TRANSACTIONS ON IMAGE PROCESSING
ISSN1057-7149
卷号31页码:6487-6501
摘要Transferable adversarial attacks against Deep neural networks (DNNs) have received broad attention in recent years. An adversarial example can be crafted by a surrogate model and then attack the unknown target model successfully, which brings a severe threat to DNNs. The exact underlying reasons for the transferability are still not completely understood. Previous work mostly explores the causes from the model perspective, e.g., decision boundary, model architecture, and model capacity. Here, we investigate the transferability from the data distribution perspective and hypothesize that pushing the image away from its original distribution can enhance the adversarial transferability. To be specific, moving the image out of its original distribution makes different models hardly classify the image correctly, which benefits the untargeted attack, and dragging the image into the target distribution misleads the models to classify the image as the target class, which benefits the targeted attack. Towards this end, we propose a novel method that crafts adversarial examples by manipulating the distribution of the image. We conduct comprehensive transferable attacks against multiple DNNs to demonstrate the effectiveness of the proposed method. Our method can significantly improve the transferability of the crafted attacks and achieves state-of-the-art performance in both untargeted and targeted scenarios, surpassing the previous best method by up to 40% in some cases. In summary, our work provides new insight into studying adversarial transferability and provides a strong counterpart for future research on adversarial defense.
关键词Data models Perturbation methods Iterative methods Training Distributed databases Predictive models Neural networks Adversarial transferability adversarial attack black-box attack
DOI10.1109/TIP.2022.3211736
收录类别SCI
语种英语
资助项目Fundamental Research Funds for the Central Universities ; Alibaba Group through Alibaba Research Intern Program ; Natural Science Foundation of China[62102386]
WOS研究方向Computer Science ; Engineering
WOS类目Computer Science, Artificial Intelligence ; Engineering, Electrical & Electronic
WOS记录号WOS:000871032400005
出版者IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
引用统计
被引频次:25[WOS]   [WOS记录]     [WOS相关记录]
文献类型期刊论文
条目标识符http://119.78.100.204/handle/2XEOYT63/19763
专题中国科学院计算技术研究所期刊论文
通讯作者Tian, Xiang; Zheng, Bolun
作者单位1.Zhejiang Univ, Coll Biomed Engn & Instrument Sci, Hangzhou 310027, Peoples R China
2.Secur Dept Alibaba Grp, Hangzhou 311121, Peoples R China
3.Univ Sci & Technol China, CAS Key Lab Electromagnet Space Informat, Hefei 230052, Peoples R China
4.Zhejiang Prov Key Lab Network Multimedia Technol, Hangzhou 310027, Peoples R China
5.Hangzhou Dianzi Univ, Sch Automat, Hangzhou 310018, Peoples R China
6.Zhejiang Univ, Embedded Syst Engn Res Ctr, Minist Educ China, Hangzhou 310027, Peoples R China
7.Univ Chinese Acad Sci, Sch Comp Sci & Technol, Beijing 101408, Peoples R China
8.Chinese Acad Sci, Key Lab Intelligent Informat Proc, Beijing 100045, Peoples R China
推荐引用方式
GB/T 7714
Zhu, Yao,Chen, Yuefeng,Li, Xiaodan,et al. Toward Understanding and Boosting Adversarial Transferability From a Distribution Perspective[J]. IEEE TRANSACTIONS ON IMAGE PROCESSING,2022,31:6487-6501.
APA Zhu, Yao.,Chen, Yuefeng.,Li, Xiaodan.,Chen, Kejiang.,He, Yuan.,...&Huang, Qingming.(2022).Toward Understanding and Boosting Adversarial Transferability From a Distribution Perspective.IEEE TRANSACTIONS ON IMAGE PROCESSING,31,6487-6501.
MLA Zhu, Yao,et al."Toward Understanding and Boosting Adversarial Transferability From a Distribution Perspective".IEEE TRANSACTIONS ON IMAGE PROCESSING 31(2022):6487-6501.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Zhu, Yao]的文章
[Chen, Yuefeng]的文章
[Li, Xiaodan]的文章
百度学术
百度学术中相似的文章
[Zhu, Yao]的文章
[Chen, Yuefeng]的文章
[Li, Xiaodan]的文章
必应学术
必应学术中相似的文章
[Zhu, Yao]的文章
[Chen, Yuefeng]的文章
[Li, Xiaodan]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。