Generating Adversarial Examples With Conditional Generative Adversarial Net
This work addresses the challenge of creating effective and robust adversarial attacks for machine learning security, representing an incremental improvement over existing methods.
The paper tackles the problem of generating adversarial examples to fool deep neural networks by proposing two novel generative models based on conditional GANs, which reduce generating cost and improve robustness, achieving about one-fifth the running time compared to common methods like Fast Gradient Sign Method.
Recently, deep neural networks have significant progress and successful application in various fields, but they are found vulnerable to attack instances, e.g., adversarial examples. State-of-art attack methods can generate attack images by adding small perturbation to the source image. These attack images can fool the classifier but have little impact to human. Therefore, such attack instances are difficult to generate by searching the feature space. How to design an effective and robust generating method has become a spotlight. Inspired by adversarial examples, we propose two novel generative models to produce adaptive attack instances directly, in which conditional generative adversarial network is adopted and distinctive strategy is designed for training. Compared with the common method, such as Fast Gradient Sign Method, our models can reduce the generating cost and improve robustness and has about one fifth running time for producing attack instance.