CAAD 2018: Powerful None-Access Black-Box Attack Based on Adversarial Transformation Network
Xiaoyi Dong, Weiming Zhang, Nenghai Yu
TL;DR
This paper introduces an improved Adversarial Transformation Network that effectively generates adversarial examples capable of fooling both white-box and black-box models, achieving top performance in CAAD 2018.
Contribution
It presents an enhanced ATN method that outperforms previous approaches in generating transferable adversarial examples for different model types.
Findings
Achieved second place in CAAD 2018 non-target attack task.
Demonstrated state-of-the-art success in fooling diverse models.
Improved transferability of adversarial examples.
Abstract
In this paper, we propose an improvement of Adversarial Transformation Networks(ATN) to generate adversarial examples, which can fool white-box models and black-box models with a state of the art performance and won the 2rd place in the non-target task in CAAD 2018.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Digital Media Forensic Detection · Anomaly Detection Techniques and Applications