ADef: An Iterative Algorithm to Construct Adversarial Deformations
Abstract
While deep neural networks have proven to be a powerful tool for many recognition and classification tasks, their stability properties are still not well understood. In the past, image classifiers have been shown to be vulnerable to so-called adversarial attacks, which are created by additively perturbing the correctly classified image. In this paper, we propose the ADef algorithm to construct a different kind of adversarial attack created by iteratively applying small deformations to the image, found through a gradient descent step. We demonstrate our results on MNIST with convolutional neural networks and on ImageNet with Inception-v3 and ResNet-101.
Cite
Text
Alaifari et al. "ADef: An Iterative Algorithm to Construct Adversarial Deformations." International Conference on Learning Representations, 2019.Markdown
[Alaifari et al. "ADef: An Iterative Algorithm to Construct Adversarial Deformations." International Conference on Learning Representations, 2019.](https://mlanthology.org/iclr/2019/alaifari2019iclr-adef/)BibTeX
@inproceedings{alaifari2019iclr-adef,
title = {{ADef: An Iterative Algorithm to Construct Adversarial Deformations}},
author = {Alaifari, Rima and Alberti, Giovanni S. and Gauksson, Tandri},
booktitle = {International Conference on Learning Representations},
year = {2019},
url = {https://mlanthology.org/iclr/2019/alaifari2019iclr-adef/}
}