Universal, transferable and targeted adversarial attacks
This addresses the vulnerability of deep neural networks to adversarial examples, providing a more challenging and comprehensive attack scenario for security research, though it is incremental in combining existing attack types.
The paper tackles the problem of creating adversarial attacks that are universal, transferable, and targeted, and demonstrates a method that successfully generates such attacks to fool classification networks into misclassifying inputs into a specific class with strong transferability.
Deep Neural Networks have been found vulnerable re-cently. A kind of well-designed inputs, which called adver-sarial examples, can lead the networks to make incorrectpredictions. Depending on the different scenarios, goalsand capabilities, the difficulties of the attacks are different.For example, a targeted attack is more difficult than a non-targeted attack, a universal attack is more difficult than anon-universal attack, a transferable attack is more difficultthan a nontransferable one. The question is: Is there existan attack that can meet all these requirements? In this pa-per, we answer this question by producing a kind of attacksunder these conditions. We learn a universal mapping tomap the sources to the adversarial examples. These exam-ples can fool classification networks to classify all of theminto one targeted class, and also have strong transferability.Our code is released at: xxxxx.