Published on Sat Jan 06 2018

Adversarial Perturbation Intensity Achieving Chosen Intra-Technique Transferability Level for Logistic Regression

Martin Gubri

Machine Learning models have been shown to be vulnerable to adversarial examples. This is the manipulation of data by a attacker to defeat a defender's classifier at test time. To our knowledge, this is the first method that allows an attacker to directly choose the probability of attack success.

0
0
0
Abstract

Machine Learning models have been shown to be vulnerable to adversarial examples, ie. the manipulation of data by a attacker to defeat a defender's classifier at test time. We present a novel probabilistic definition of adversarial examples in perfect or limited knowledge setting using prior probability distributions on the defender's classifier. Using the asymptotic properties of the logistic regression, we derive a closed-form expression of the intensity of any adversarial perturbation, in order to achieve a given expected misclassification rate. This technique is relevant in a threat model of known model specifications and unknown training data. To our knowledge, this is the first method that allows an attacker to directly choose the probability of attack success. We evaluate our approach on two real-world datasets.

Thu Sep 20 2018
Machine Learning
Playing the Game of Universal Adversarial Perturbations
We study the problem of learning classifiers robust to universal adversarial perturbations. We propose a novel extension of a game-theoretic algorithm to the domain of training robust classifiers. We empirically show the robustness and versatility of our approach in two defence scenarios.
0
0
0
Wed Jul 18 2018
Machine Learning
Motivating the Rules of the Game for Adversarial Example Research
Machine learning systems can make errors on data that are surprisingly similar to examples the system handles correctly. This raises questions about out-of-sample generalization and whether bad actors might use such examples to abuse deployed systems.
1
0
0
Tue Oct 02 2018
Neural Networks
Adversarial Examples - A Complete Characterisation of the Phenomenon
Adversarial examples are inputs intentionally crafted to fool machine learning models. We provide a complete characterisation of the phenomenon of adversarial examples. We aim to cover all the important concerns in this field of study.
0
0
0
Wed Feb 03 2021
Machine Learning
Adversarially Robust Learning with Unknown Perturbation Sets
We study the problem of learning predictors that are robust to adversarial examples with respect to an unknown perturbation set. We obtain upper bounds on the sample complexity and number of required interactions. We examine different models for such interactions.
0
0
0
Wed Jan 02 2019
Machine Learning
Adversarial Robustness May Be at Odds With Simplicity
Robust classification may require more complex classifiers than standard classification. We show that this hypothesis is indeed possible, by giving several theoretical examples of classification tasks. Robust classification is possible, but only with more complex classifiers (exponentially more complex, in some examples)
0
0
0
Sun May 02 2021
Machine Learning
Who's Afraid of Adversarial Transferability?
0
0
0