UPSET and ANGRI : Breaking High Performance Image Classifiers
This addresses the vulnerability of image classifiers to adversarial attacks, which is a security concern for AI systems, but it is incremental as it builds on existing attack methods.
The paper tackled the problem of targeted fooling of high-performance image classifiers by developing two novel attack methods, UPSET and ANGRI, which achieved effective results as demonstrated through extensive experiments on MNIST and CIFAR10 datasets.
In this paper, targeted fooling of high performance image classifiers is achieved by developing two novel attack methods. The first method generates universal perturbations for target classes and the second generates image specific perturbations. Extensive experiments are conducted on MNIST and CIFAR10 datasets to provide insights about the proposed algorithms and show their effectiveness.