Adversarial attacks via Sequential Quadratic Programming - Archive ouverte HAL Access content directly
Preprints, Working Papers, ... Year :

Adversarial attacks via Sequential Quadratic Programming

(1, 2) , (1, 3) , (1) , (4) , (2)
1
2
3
4

Abstract

Deep neural networks (DNN) achieve state-of-the-art performance in many machine learning tasks and in various types of applications. Their efficiency in solving complex problems has led to apply deep learning techniques in safety-critical tasks such as autonomous driving or medicine. However their sensitivity to adversarial attacks, rounding errors, or quantization processes raises concerns and has lead to high interest in finding new approaches to make them more robust. In this work we propose a novel approach for the construction of adversarial attacks which relies on a local Sequential Quadratic Programming (SQP) strategy. These attacks use second order information to achieve competitive performance compared with existing state-of-the-art approaches. We present numerical results that support our theoretical findings and illustrate the relevance of our approach on well-known datasets.
Fichier principal
Vignette du fichier
Adversarial_attacks_via_Sequential_Quadratic_Programming.pdf (2.05 Mo) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03752184 , version 1 (16-08-2022)

Identifiers

  • HAL Id : hal-03752184 , version 1

Cite

Théo Beuzeville, Alfredo Buttari, Serge Gratton, Theo Mary, Erkan Ulker. Adversarial attacks via Sequential Quadratic Programming. 2022. ⟨hal-03752184⟩
139 View
16 Download

Share

Gmail Facebook Twitter LinkedIn More