Towards Universal Adversarial Examples and Defenses

Adnan Siraj Rakin, Ye Wang, Shuchin Aeron, Toshiaki Koike-Akino, Pierre Moulin, Kieran Parsons

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Adversarial examples have recently exposed the severe vulnerability of neural network models. However, most of the existing attacks require some form of target model information (i.e., weights/model inquiry/architecture) to improve the efficacy of the attack. We leverage the information-theoretic connections between robust learning and generalized rate-distortion theory to formulate a universal adversarial example (UAE) generation algorithm. Our algorithm trains an offline adversarial generator to minimize the mutual information between the label and perturbed data. At the inference phase, our UAE method can efficiently generate effective adversarial examples without high computation cost. These adversarial examples in turn allow for developing universal defenses through adversarial training. Our experiments demonstrate promising gains in improving the training efficiency of conventional adversarial training.

Original languageEnglish (US)
Title of host publication2021 IEEE Information Theory Workshop, ITW 2021 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665403122
DOIs
StatePublished - 2021
Event2021 IEEE Information Theory Workshop, ITW 2021 - Virtual, Online, Japan
Duration: Oct 17 2021Oct 21 2021

Publication series

Name2021 IEEE Information Theory Workshop, ITW 2021 - Proceedings

Conference

Conference2021 IEEE Information Theory Workshop, ITW 2021
Country/TerritoryJapan
CityVirtual, Online
Period10/17/2110/21/21

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Networks and Communications
  • Information Systems
  • Software

Fingerprint

Dive into the research topics of 'Towards Universal Adversarial Examples and Defenses'. Together they form a unique fingerprint.

Cite this