Number of the records: 1
Vulnerability of classifiers to evolutionary generated adversarial examples
- 1.
SYSNO ASEP 0485639 Document Type J - Journal Article R&D Document Type Journal Article Subsidiary J Článek ve WOS Title Vulnerability of classifiers to evolutionary generated adversarial examples Author(s) Vidnerová, Petra (UIVT-O) RID, SAI, ORCID
Neruda, Roman (UIVT-O) SAI, RID, ORCIDSource Title Neural Networks. - : Elsevier - ISSN 0893-6080
Roč. 127, July (2020), s. 168-181Number of pages 14 s. Language eng - English Country GB - United Kingdom Keywords supervised learning ; neural networks ; kernel methods ; genetic algorithms ; adversarial examples Subject RIV IN - Informatics, Computer Science OECD category Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8) R&D Projects GA18-23827S GA ČR - Czech Science Foundation (CSF) Method of publishing Limited access Institutional support UIVT-O - RVO:67985807 UT WOS 000536453100016 EID SCOPUS 85083895880 DOI 10.1016/j.neunet.2020.04.015 Annotation This paper deals with the vulnerability of machine learning models to adversarial examples and its implication for robustness and generalization properties. We propose an evolutionary algorithm that can generate adversarial examples for any machine learning model in the black-box attack scenario. This way, we can find adversarial examples without access to model’s parameters, only by querying the model at hand. We have tested a range of machine learning models including deep and shallow neural networks. Our experiments have shown that the vulnerability to adversarial examples is not only the problem of deep networks, but it spreads through various machine learning architectures. Rather, it depends on the type of computational units. Local units, such as Gaussian kernels, are less vulnerable to adversarial examples. Workplace Institute of Computer Science Contact Tereza Šírová, sirova@cs.cas.cz, Tel.: 266 053 800 Year of Publishing 2021 Electronic address http://dx.doi.org/10.1016/j.neunet.2020.04.015
Number of the records: 1