4.7 Article

MagicGAN: Multiagent Attacks Generate Interferential Category via GAN

KNOWLEDGE-BASED SYSTEMS (2022)

Get Full Text
Add to Collection

Journal

KNOWLEDGE-BASED SYSTEMS
Volume 258, Issue -, Pages -

Publisher

ELSEVIER
DOI: 10.1016/j.knosys.2022.110023

Keywords

Adversarial sample; Transferability; Multiagent attack; Generative adversarial network

Categories

Computer Science, Artificial Intelligence

Funding

  1. National Natural Science Foun-dation of China
  2. Sichuan Science and Technology Planning Project
  3. China Post-doctoral Science Foundation
  4. Fundamental Research Funds for the Central Universities
  5. [U19A2078]
  6. [61971296]
  7. [2022YFQ 0014]
  8. [2022YFH0021]
  9. [2022YFSY0047]
  10. [2021YFS0390]
  11. [2021TQ0223]
  12. [2022M712236]
  13. [2022SCU12081]

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

In this paper, a novel attack method called MagicGAN is proposed to enhance the transferability of adversarial samples and generate high-quality distributions close to adversarial data. The effectiveness and superiority of the proposed method are extensively validated across multiple datasets.
Deep neural networks are vulnerable to interference categories, which can deceive trained models with imperceptible adversarial perturbations. More crucially, the transferability of adversarial samples has been confirmed, specifically, an adversarial sample crafted against a source agent model can transfer to other target models, which results in the adversary posing a security threat to applications in black -box scenarios. However, the existing transfer-based attacks merely consider a single agent model to create the adversarial samples, leading to poor transferability. In this paper, we propose a novel attack method called Multiagent Attacks Generate Interferential Category via GAN (MagicGAN). Specifically, to avoid the adversarial samples overfitting a single source agent, we design a multiagent discriminator, which can fit the decision boundaries of the various target models to provide more diversified gradient information for the generation of adversarial perturbations. Therefore, the generalization of our method is effectively improved, that is, the adversarial transferability of the adversarial sample is enhanced. In addition, to avoid the pattern collapse of the GAN-based adversarial approach, we construct a novel latent data distance constraint to enhance the compatibility between the latent adversarial sample distances and the corresponding data adversarial sample distances. Therefore, MagicGAN can more effectively generate a distribution close to the adversarial data. Extensive experiments on CelebA, CIFAR-10, MNIST and ImageNet fully validate the effectiveness and superiority of our proposed method. (c) 2022 Elsevier B.V. All rights reserved.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.7
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.