TY - JOUR
T1 - Toward Efficiently Evaluating the Robustness of Deep Neural Networks in IoT Systems
T2 - A GAN-based Method
AU - Bai, Tao
AU - Zhao, Jun
AU - Zhu, Jinlin
AU - Han, Shoudong
AU - Chen, Jiefeng
AU - Li, Bo
AU - Kot, Alex
N1 - Funding Information:
This work was supported in part by Singapore Ministry of Education Academic Research Fund under Grant Tier 1 RG128/18, Grant Tier 1 RG115/19, Grant Tier 1 RT07/19, Grant Tier 1 RT01/19, Grant Tier 1 RG24/20, and Grant Tier 2 MOE2019-T2-1-176; in part by NTU-WASP Joint Project; in part by Singapore NRF National Satellite of Excellence, Design Science and Technology for Secure Critical Infrastructure under Grant NSoE DeST-SCI2019-0012; in part by AI Singapore (AISG) 100 Experiments (100E) Programme; and in part by NTU Project for Large Vertical Take-Off & Landing (VTOL) Research Platform.
Publisher Copyright:
© 2021 IEEE.
PY - 2022/2/1
Y1 - 2022/2/1
N2 - Intelligent Internet of Things (IoT) systems based on deep neural networks (DNNs) have been widely deployed in the real world. However, DNNs are found to be vulnerable to adversarial examples, which raises people's concerns about intelligent IoT systems' reliability and security. Testing and evaluating the robustness of IoT systems become necessary and essential. Recently, various attacks and strategies have been proposed, but the efficiency problem remains unsolved properly. Existing methods are either computationally extensive or time consuming, which is not applicable in practice. In this article, we propose a novel framework, called attack-inspired generative adversarial networks (AI-GAN) to generate adversarial examples conditionally. Once trained, it can generate adversarial perturbations efficiently given input images and target classes. We apply AI-GAN on different data sets in white-box settings, black-box settings, and targeted models protected by state-of-the-art defenses. Through extensive experiments, AI-GAN achieves high attack success rates, outperforming existing methods, and reduces generation time significantly. Moreover, for the first time, AI-GAN successfully scales to complex data sets, e.g., CIFAR-100 and ImageNet, with about 90% success rates among all classes.
AB - Intelligent Internet of Things (IoT) systems based on deep neural networks (DNNs) have been widely deployed in the real world. However, DNNs are found to be vulnerable to adversarial examples, which raises people's concerns about intelligent IoT systems' reliability and security. Testing and evaluating the robustness of IoT systems become necessary and essential. Recently, various attacks and strategies have been proposed, but the efficiency problem remains unsolved properly. Existing methods are either computationally extensive or time consuming, which is not applicable in practice. In this article, we propose a novel framework, called attack-inspired generative adversarial networks (AI-GAN) to generate adversarial examples conditionally. Once trained, it can generate adversarial perturbations efficiently given input images and target classes. We apply AI-GAN on different data sets in white-box settings, black-box settings, and targeted models protected by state-of-the-art defenses. Through extensive experiments, AI-GAN achieves high attack success rates, outperforming existing methods, and reduces generation time significantly. Moreover, for the first time, AI-GAN successfully scales to complex data sets, e.g., CIFAR-100 and ImageNet, with about 90% success rates among all classes.
KW - Adversarial examples
KW - Deep learning
KW - GAN.
KW - Generative adversarial networks
KW - Generators
KW - Internet of Things
KW - Neural networks
KW - Optimization
KW - Perturbation methods
KW - Training
UR - http://www.scopus.com/inward/record.url?scp=85112442530&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85112442530&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2021.3091683
DO - 10.1109/JIOT.2021.3091683
M3 - Article
AN - SCOPUS:85112442530
SN - 2327-4662
VL - 9
SP - 1875
EP - 1884
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 3
ER -