WEKO3
アイテム
Simple iterative method for generating targeted universal adversarial perturbations
http://hdl.handle.net/10228/00008089
http://hdl.handle.net/10228/0000808934ab410b-6119-4ec4-9681-08200d54af62
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
algorithms-13-00268-v2.pdf (3.7 MB)
|
|
| アイテムタイプ | 学術雑誌論文 = Journal Article(1) | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2021-03-22 | |||||||||||||
| 資源タイプ | ||||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||||
| 資源タイプ | journal article | |||||||||||||
| タイトル | ||||||||||||||
| タイトル | Simple iterative method for generating targeted universal adversarial perturbations | |||||||||||||
| 言語 | en | |||||||||||||
| 言語 | ||||||||||||||
| 言語 | eng | |||||||||||||
| 著者 |
Hirano, Hokuto
× Hirano, Hokuto× 竹本, 和広
WEKO
24877
|
|||||||||||||
| 抄録 | ||||||||||||||
| 内容記述タイプ | Abstract | |||||||||||||
| 内容記述 | Deep neural networks (DNNs) are vulnerable to adversarial attacks. In particular, a single perturbation known as the universal adversarial perturbation (UAP) can foil most classification tasks conducted by DNNs. Thus, different methods for generating UAPs are required to fully evaluate the vulnerability of DNNs. A realistic evaluation would be with cases that consider targeted attacks; wherein the generated UAP causes the DNN to classify an input into a specific class. However, the development of UAPs for targeted attacks has largely fallen behind that of UAPs for non-targeted attacks. Therefore, we propose a simple iterative method to generate UAPs for targeted attacks. Our method combines the simple iterative method for generating non-targeted UAPs and the fast gradient sign method for generating a targeted adversarial perturbation for an input. We applied the proposed method to state-of-the-art DNN models for image classification and proved the existence of almost imperceptible UAPs for targeted attacks; further, we demonstrated that such UAPs can be easily generated. | |||||||||||||
| 言語 | en | |||||||||||||
| 書誌情報 |
en : Algorithms 巻 13, 号 11, p. 268, 発行日 2020-10-22 |
|||||||||||||
| 出版社 | ||||||||||||||
| 出版者 | MDPI | |||||||||||||
| DOI | ||||||||||||||
| 関連タイプ | isIdenticalTo | |||||||||||||
| 識別子タイプ | DOI | |||||||||||||
| 関連識別子 | https://doi.org/10.3390/a13110268 | |||||||||||||
| 日本十進分類法 | ||||||||||||||
| 主題Scheme | NDC | |||||||||||||
| 主題 | 548 | |||||||||||||
| ISSN | ||||||||||||||
| 収録物識別子タイプ | EISSN | |||||||||||||
| 収録物識別子 | 1999-4893 | |||||||||||||
| 著作権関連情報 | ||||||||||||||
| 権利情報Resource | http://creativecommons.org/licenses/by/4.0/ | |||||||||||||
| 権利情報 | Copyright (c) 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | deep neural networks | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | adversarial attacks | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | image classification | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | security and privacy | |||||||||||||
| 出版タイプ | ||||||||||||||
| 出版タイプ | VoR | |||||||||||||
| 出版タイプResource | http://purl.org/coar/version/c_970fb48d4fbd8a85 | |||||||||||||
| 査読の有無 | ||||||||||||||
| 値 | yes | |||||||||||||
| 研究者情報 | ||||||||||||||
| URL | https://hyokadb02.jimu.kyutech.ac.jp/html/100000509_ja.html | |||||||||||||
| 論文ID(連携) | ||||||||||||||
| 値 | 10359737 | |||||||||||||
| 連携ID | ||||||||||||||
| 値 | 8617 | |||||||||||||
