TY - GEN
T1 - Analysing the Adversarial Landscape of Binary Stochastic Networks
AU - Tan, Yi Xiang Marcus
AU - Elovici, Yuval
AU - Binder, Alexander
N1 - Publisher Copyright:
© 2021, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - We investigate the robustness of stochastic ANNs to adversarial attacks. We perform experiments on three known datasets. Our experiments reveal similar susceptibility of stochastic ANNs compared to conventional ANNs when confronted with simple iterative gradient-based attacks in the white-box settings. We observe, however, that in black-box settings, SANNs are more robust than conventional ANNs against boundary and surrogate attacks. Consequently, we propose improved attacks against stochastic ANNs. In the first step, we show that using stochastic networks as surrogates outperforms deterministic ones, when performing surrogate-based black-box attacks. In order to further boost adversarial success rates, we propose in a second step the novel Variance Mimicking (VM) surrogate training, and validate its improved performance.
AB - We investigate the robustness of stochastic ANNs to adversarial attacks. We perform experiments on three known datasets. Our experiments reveal similar susceptibility of stochastic ANNs compared to conventional ANNs when confronted with simple iterative gradient-based attacks in the white-box settings. We observe, however, that in black-box settings, SANNs are more robust than conventional ANNs against boundary and surrogate attacks. Consequently, we propose improved attacks against stochastic ANNs. In the first step, we show that using stochastic networks as surrogates outperforms deterministic ones, when performing surrogate-based black-box attacks. In order to further boost adversarial success rates, we propose in a second step the novel Variance Mimicking (VM) surrogate training, and validate its improved performance.
KW - Adversarial machine learning
KW - Binary neural network
KW - Black-box attack
KW - Stochastic neural network
UR - http://www.scopus.com/inward/record.url?scp=85104764481&partnerID=8YFLogxK
U2 - 10.1007/978-981-33-6385-4_14
DO - 10.1007/978-981-33-6385-4_14
M3 - Conference contribution
AN - SCOPUS:85104764481
SN - 9789813363847
T3 - Lecture Notes in Electrical Engineering
SP - 143
EP - 155
BT - Information Science and Applications - Proceedings of ICISA 2020
A2 - Kim, Hyuncheol
A2 - Kim, Kuinam J.
A2 - Park, Suhyun
PB - Springer Science and Business Media Deutschland GmbH
T2 - iCatse International Conference on Information Science and Applications, ICISA 2020
Y2 - 16 December 2020 through 18 December 2020
ER -