23/08/2020

Two sides of the same coin: White-box and black-box attacks for transfer learning

Yinghua Zhang, Yangqiu Song, Jian Liang, Kun Bai, Qiang Yang

Keywords: adversarial attacks, neural networks, transfer learning

Abstract Paper Similar Papers

Abstract: Transfer learning has become a common practice for training deep learning models with limited labeled data in a target domain. On the other hand, deep models are vulnerable to adversarial attacks. Though transfer learning has been widely applied, its effect on model robustness is unclear. To figure out this problem, we conduct extensive empirical evaluations to show that fine-tuning effectively enhances model robustness under white-box FGSM attacks. We also propose a black-box attack method for transfer learning models which attacks the target model with the adversarial examples produced by its source model. To systematically measure the effect of both white-box and black-box attacks, we propose a new metric to evaluate how transferable are the adversarial examples produced by a source model to a target model. Empirical results show that the adversarial examples are more transferable when fine-tuning is used than they are when the two networks are trained independently.

The video of this talk cannot be embedded. You can watch it here:
https://dl.acm.org/doi/10.1145/3394486.3403349#sec-supp
(Link will open in new window)
 0
 0
 0
 0
  Share    
This is an embedded video. Talk and the respective paper are published at KDD 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment
no comments yet
code of conduct: tbd Characters remaining: 140

Similar Papers

 0
 0
 0
 0
 3:16 
 0
 0
 0
 0
 14:07 
 2
 1
 0
 0
 13:27 
 0
 0
 0
 0
 3:27 
 0
 0
 0
 0
 9:01 
 0
 0
 0
 1
 5:10 
 0
 0
 0
 0
 3:59 
 0
 0
 0
 0
 8:27 
 0
 0
 0
 0
 13:31 
 0
 0
 0
 0
 7:18 
 1
 1
 0
 1
 5:17 
 1
 0
 0
 1
 12:23 
 0
 0
 0
 0
 5:12 
 0
 0
 0
 0
 13:23 
 0
 0
 0
 0
 5:12 
 0
 0
 0
 0
 5:09 
 0
 0
 0
 0
 5:21 
 0
 0
 0
 0
 19:40 
 0
 0
 0
 0
 3:19 
 0
 0
 0
 0
 6:00 
 0
 0
 0
 0
 13:41 
 0
 0
 0
 0
 5:07 
 0
 0
 0
 0
 5:00 
 0
 0
 0
 0
 3:22 
 0
 0
 0
 0
 11:33 
 0
 0
 0
 0
 13:08 
 0
 0
 0
 0
 14:01 
 0
 0
 0
 0
 3:16 
 0
 0
 0
 0
 3:25 
 0
 0
 0
 0
 5:23 
 0
 0
 0
 0
 1:04 
 0
 0
 0
 0
 5:06 
 0
 0
 0
 0
 0:57 
 0
 0
 0
 0
 12:51 
 0
 0
 0
 0
 6:02 
 0
 0
 0
 0
 12:53 
 0
 0
 0
 0
 15:19 
 0
 0
 0
 0
 4:32 
 0
 0
 0
 0
 4:16 
 0
 0
 0
 0
 5:06