Augmented Lagrangian Adversarial Attacks

/in , , /by
Augmented Lagrangian Adversarial Attacks

Jérôme Rony, Eric Granger, Marco Pedersoli, Ismail Ben Ayed

ICCV 2021: Int’l Conf. on Computer Vision 2021/10/11

Abstract : Adversarial attack algorithms are dominated by penalty methods, which are slow in practice, or more efficient distance-customized methods, which are heavily tailored to the properties of the considered distance. We propose a white-box attack algorithm to generate minimally perturbed adversarial examples based on Augmented Lagrangian principles. We bring several algorithmic modifications, which have a crucial effect on performance. Our attack enjoys the generality of penalty methods and the computational efficiency of distance-customized algorithms, and can be readily used for a wide set of distances. We compare our attack to state-of-the-art methods on three datasets and several models, and consistently obtain competitive performances with similar or lower computational complexity.

You might also like
Source-free domain adaptation for image segmentation
A survey of pruning methods for efficient person re-identification across domains
A statistical overlap prior for variational image segmentation
Speaker adaptation using the I-vector technique for bottleneck features
A comprehensive survey of neighborhood-based recommendation methods
On the characterization of the Oracle for dynamic classifier selection
Aprendizagem de Máquina
Design of fuzzy terminal iterative learning control based on internal model control