首页    期刊浏览 2024年12月13日 星期五
登录注册

文章基本信息

  • 标题:Smooth adversarial examples
  • 本地全文:下载
  • 作者:Hanwei Zhang ; Yannis Avrithis ; Teddy Furon
  • 期刊名称:EURASIP Journal on Information Security
  • 印刷版ISSN:1687-4161
  • 电子版ISSN:1687-417X
  • 出版年度:2020
  • 卷号:2020
  • 期号:1
  • 页码:1-12
  • DOI:10.1186/s13635-020-00112-z
  • 出版社:Hindawi Publishing Corporation
  • 摘要:This paper investigates the visual quality of the adversarial examples. Recent papers propose to smooth the perturbations to get rid of high frequency artifacts. In this work, smoothing has a different meaning as it perceptually shapes the perturbation according to the visual content of the image to be attacked. The perturbation becomes locally smooth on the flat areas of the input image, but it may be noisy on its textured areas and sharp across its edges.This operation relies on Laplacian smoothing, well-known in graph signal processing, which we integrate in the attack pipeline. We benchmark several attacks with and without smoothing under a white box scenario and evaluate their transferability. Despite the additional constraint of smoothness, our attack has the same probability of success at lower distortion.
  • 关键词:Adversarial example ; Image classification ; Deep neural network
国家哲学社会科学文献中心版权所有