Augmented Lagrangian Adversarial Attacks

/in , , /by
Augmented Lagrangian Adversarial Attacks

Rony, Jérôme and Granger, Eric and Pedersoli, Marco and Ayed, Ismail Ben

arXiv preprint arXiv:2011.11857 2020

Abstract : Adversarial attack algorithms are dominated by penalty methods, which are slow in practice, or more efficient distance-customized methods, which are heavily tailored to the properties of the considered distance. We propose a white-box attack algorithm to generate minimally perturbed adversarial examples based on Augmented Lagrangian principles. We bring several non-trivial algorithmic modifications, which have a crucial effect on performance. Our attack enjoys the generality of penalty methods and the computational efficiency of distance-customized algorithms, and can be readily used for a wide set of distances. We compare our attack to state-of-the-art methods on three datasets and several models, and consistently obtain competitive performances with similar or lower computational complexity.

You might also like
Disambiguation of finite-state transducers
Classificação Automática de Gêneros Musicais Utilizando Métodos de Bagging e Boosting
Speckle reduction in medical ultrasound images using a new multiscale bivariate Bayesian MMSE-based method
A quantitative comparison between MOGAs and the RRT algorithm on classification systems optimization
Probabilistic diffeomorphic registration: representing uncertainty
A mutual-information scale-space for image feature detection and feature-based classification of volumetric brain images
Deconvolution of Ultrasonic Signals Using a Convolutional Neural Network
Transducer state prediction system for smart environment intelligent control