论文标题
Ai-GAN:攻击启发的对抗性例子
AI-GAN: Attack-Inspired Generation of Adversarial Examples
论文作者
论文摘要
深度神经网络(DNNS)容易受到对抗性示例的影响,这些例子是通过在输入中添加不可察觉的扰动来制作的。最近提出了不同的攻击和策略,但是如何产生对抗性实例在感知上现实且更有效地无法解决。本文提出了一个名为“攻击风格的甘”(Ai-GAN)的新型框架,其中发电机,歧视者和攻击者是共同训练的。经过训练后,它可以有效地给定输入图像和目标类产生对抗性扰动。通过在几个流行的数据集中进行广泛的实验,例如MNIST和CIFAR-10,AI-GAN在各种环境中实现了很高的攻击成功率,并大大减少了发电时间。此外,Ai-Gan首次成功地扩展到复杂的数据集\ EG CIFAR-100,所有班级的成功率约为90美元。
Deep neural networks (DNNs) are vulnerable to adversarial examples, which are crafted by adding imperceptible perturbations to inputs. Recently different attacks and strategies have been proposed, but how to generate adversarial examples perceptually realistic and more efficiently remains unsolved. This paper proposes a novel framework called Attack-Inspired GAN (AI-GAN), where a generator, a discriminator, and an attacker are trained jointly. Once trained, it can generate adversarial perturbations efficiently given input images and target classes. Through extensive experiments on several popular datasets \eg MNIST and CIFAR-10, AI-GAN achieves high attack success rates and reduces generation time significantly in various settings. Moreover, for the first time, AI-GAN successfully scales to complicated datasets \eg CIFAR-100 with around $90\%$ success rates among all classes.
