Glider from the game of Life, rising from the left

Unity

Archives

Blogroll

Topic: #image-classifiers

Defenses against Adversarial Examples Fail

2018-02-02⊺17:21:09-06:00

Several of the papers to be presented at this year's International Conference on Learning Representations propose strategies for blocking the construction of adversarial examples against machine-learning-based image-classification systems. The goal is to harden such systems enough to make them usable even in high-risk situations in which adversaries can select and control the inputs that the fully trained systems are expected to classify.

Once these post hoc defenses are incorporated into the systems, however, it is possible to devise more specialized attacks against them, resulting in new, even more robust adversarial examples:

“Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples”
Anish Athalye, Nicholas Carlini, and David Wagner, arXiv, February 1, 2018
https://arxiv.org/pdf/1802.00420.pdf

That's the full paper. If it's tl;dr, there's a summary here, with a cat picture that even well-defended classifiers consider to be guacamole.

“Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples”
Anish Athalye, Nicholas Carlini, and David Wagner, GitHub, February 2, 2018
https://github.com/anishathalye/obfuscated-gradients

#adversarial-examples #image-classifiers #machine-learning

Hashtag index

This work is licensed under a Creative Commons Attribution-ShareAlike License.

Atom feed

John David Stone (havgl@unity.homelinux.net)

created June 1, 2014 · last revised December 10, 2018