Adversarial attacks via Sequential Quadratic Programming - Algorithmes Parallèles et Optimisation Accéder directement au contenu
Pré-Publication, Document De Travail Année : 2022

Adversarial attacks via Sequential Quadratic Programming

Serge Gratton
Theo Mary
Erkan Ulker
  • Fonction : Auteur
  • PersonId : 1156311

Résumé

Deep neural networks (DNN) achieve state-of-the-art performance in many machine learning tasks and in various types of applications. Their efficiency in solving complex problems has led to apply deep learning techniques in safety-critical tasks such as autonomous driving or medicine. However their sensitivity to adversarial attacks, rounding errors, or quantization processes raises concerns and has lead to high interest in finding new approaches to make them more robust. In this work we propose a novel approach for the construction of adversarial attacks which relies on a local Sequential Quadratic Programming (SQP) strategy. These attacks use second order information to achieve competitive performance compared with existing state-of-the-art approaches. We present numerical results that support our theoretical findings and illustrate the relevance of our approach on well-known datasets.
Fichier principal
Vignette du fichier
Adversarial_attacks_via_Sequential_Quadratic_Programming.pdf (2.05 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03752184 , version 1 (16-08-2022)

Identifiants

  • HAL Id : hal-03752184 , version 1

Citer

Théo Beuzeville, Alfredo Buttari, Serge Gratton, Theo Mary, Erkan Ulker. Adversarial attacks via Sequential Quadratic Programming. 2022. ⟨hal-03752184⟩
302 Consultations
54 Téléchargements

Partager

Gmail Facebook X LinkedIn More