Generating Adversarial Attacks in the Latent Space

Shukla, Nitish; Banerjee, Sudipta

doi:10.1109/CVPRW59228.2023.00080

Generating Adversarial Attacks in the Latent Space

Nitish Shukla, Sudipta Banerjee

CVPRW 2023 pp. 730-739

doi:10.1109/CVPRW59228.2023.00080 /cvprw/2023/shukla2023cvprw-generating/

Abstract

Adversarial attacks in the input (pixel) space typically incorporate noise margins such as L1 or L∞-norm to produce imperceptibly perturbed data that can confound deep learning networks. Such noise margins confine the magnitude of permissible noise. In this work, we propose injecting adversarial perturbations in the latent (feature) space using a generative adversarial network, removing the need for margin-based priors. Experiments on MNIST, CIFAR10, Fashion-MNIST, CIFAR100 and Stanford Dogs datasets support the effectiveness of the proposed method in generating adversarial attacks in the latent space while ensuring a high degree of visual realism with respect to pixel-based adversarial attack methods.

PDF CVPRW Semantic Scholar

Cite

Text

Shukla and Banerjee. "Generating Adversarial Attacks in the Latent Space." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2023. doi:10.1109/CVPRW59228.2023.00080

Markdown

[Shukla and Banerjee. "Generating Adversarial Attacks in the Latent Space." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2023.](https://mlanthology.org/cvprw/2023/shukla2023cvprw-generating/) doi:10.1109/CVPRW59228.2023.00080

BibTeX

@inproceedings{shukla2023cvprw-generating,
  title     = {{Generating Adversarial Attacks in the Latent Space}},
  author    = {Shukla, Nitish and Banerjee, Sudipta},
  booktitle = {IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops},
  year      = {2023},
  pages     = {730-739},
  doi       = {10.1109/CVPRW59228.2023.00080},
  url       = {https://mlanthology.org/cvprw/2023/shukla2023cvprw-generating/}
}