UPSET and ANGRI : Breaking High Performance Image Classifiers
Sayantan Sarkar, Ankan Bansal, Upal Mahbub, Rama Chellappa
TL;DR
This paper introduces two novel attack methods, UPSET and ANGRI, for fooling high-performance image classifiers by generating universal and image-specific perturbations, demonstrating their effectiveness on MNIST and CIFAR10 datasets.
Contribution
The paper presents two new targeted attack algorithms, UPSET and ANGRI, that effectively fool image classifiers with universal and image-specific perturbations.
Findings
Both methods successfully fool classifiers on MNIST and CIFAR10.
Universal perturbations can target specific classes effectively.
Image-specific perturbations achieve high fooling rates.
Abstract
In this paper, targeted fooling of high performance image classifiers is achieved by developing two novel attack methods. The first method generates universal perturbations for target classes and the second generates image specific perturbations. Extensive experiments are conducted on MNIST and CIFAR10 datasets to provide insights about the proposed algorithms and show their effectiveness.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Advanced Neural Network Applications · Domain Adaptation and Few-Shot Learning