GCSA: A New Adversarial Example-Generating Scheme Toward Black-Box Adversarial Attacks
文献类型:期刊论文
| 作者 | Fan, Xinxin2; Li, Mengfan2; Zhou, Jia3; Jing, Quanliang2; Lin, Chi1; Lu, Yunfeng4; Bi, Jingping2 |
| 刊名 | IEEE TRANSACTIONS ON CONSUMER ELECTRONICS
 |
| 出版日期 | 2024-02-01 |
| 卷号 | 70期号:1页码:2038-2048 |
| 关键词 | Closed box Perturbation methods Predictive models Indexes Training Glass box Optimization Deep learning adversarial examples black-box adversarial attack transferability |
| ISSN号 | 0098-3063 |
| DOI | 10.1109/TCE.2024.3358179 |
| 英文摘要 | This paper focuses on the transferability problem of adversarial examples towards black-box attack scenarios wherein model information such as the neural network structure is unavailable. To tackle this predicament, we propose a new adversarial example-generating scheme through bridging a data-modal conversion regime to spawn transferable adversarial examples without referring to the substitute model. Three contributions are mainly involved: i) we figure out an integrated framework to produce transferable adversarial examples through resorting to three components, i.e., image-to-graph conversion, perturbation on converted graph and graph-to-image inversion; ii) upon the conversion from image to graph, we pinpoint critical graph characteristics to implement perturbation using gradient-oriented and optimization-oriented adversarial attacks, then, invert the perturbation on graph into the pixel disturbance correspondingly; iii) multi-facet experiments verify the reasonability and effectiveness with the comparison to three baseline methods. Our work has two novelties: first, without referring to the substitute model, our proposed scheme does not need to acquire any information about the victim model in advance; second, we explore the possibility that inferring the adversarial features of image data through drawing support from network/graph science. In addition, we present three key issues worth deeper discussion, along with these open issues, our work deserves more studies in future. |
| 资助项目 | National Natural Science Foundation of China |
| WOS研究方向 | Engineering ; Telecommunications |
| 语种 | 英语 |
| WOS记录号 | WOS:001244821700068 |
| 出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/39912]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Fan, Xinxin |
| 作者单位 | 1.Dalian Univ Technol, Sch Software Technol, Dalian 116024, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing 100190, Peoples R China 3.Bank Commun, Shanghai 200120, Peoples R China 4.Beihang Univ, Sch Reliabil & Syst, Beijing 100191, Peoples R China |
| 推荐引用方式 GB/T 7714 | Fan, Xinxin,Li, Mengfan,Zhou, Jia,et al. GCSA: A New Adversarial Example-Generating Scheme Toward Black-Box Adversarial Attacks[J]. IEEE TRANSACTIONS ON CONSUMER ELECTRONICS,2024,70(1):2038-2048. |
| APA | Fan, Xinxin.,Li, Mengfan.,Zhou, Jia.,Jing, Quanliang.,Lin, Chi.,...&Bi, Jingping.(2024).GCSA: A New Adversarial Example-Generating Scheme Toward Black-Box Adversarial Attacks.IEEE TRANSACTIONS ON CONSUMER ELECTRONICS,70(1),2038-2048. |
| MLA | Fan, Xinxin,et al."GCSA: A New Adversarial Example-Generating Scheme Toward Black-Box Adversarial Attacks".IEEE TRANSACTIONS ON CONSUMER ELECTRONICS 70.1(2024):2038-2048. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。