| Title | Beating White-Box Defenses with Black-Box Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Kumová, Věra, Pilát, Martin |
| Conference Name | 2021 International Joint Conference on Neural Networks (IJCNN) |
| Keywords | adversarial attacks, composability, Deep Learning, Evolutionary algorithms, feature extraction, Metrics, Neural networks, Perturbation methods, pubcrawl, Resiliency, White Box Security |
| Abstract | Deep learning has achieved great results in the last decade, however, it is sensitive to so called adversarial attacks - small perturbations of the input that cause the network to classify incorrectly. In the last years a number of attacks and defenses against these attacks were described. Most of the defenses however focus on defending against gradient-based attacks. In this paper, we describe an evolutionary attack and show that the adversarial examples produced by the attack have different features than those from gradient-based attacks. We also show that these features mean that one of the state-of-the-art defenses fails to detect such attacks. |
| DOI | 10.1109/IJCNN52387.2021.9533772 |
| Citation Key | kumova_beating_2021 |
Beating White-Box Defenses with Black-Box Attacks