AI-GAN: Attack-Inspired Generation of Adversarial Examples
This addresses the vulnerability of DNNs to adversarial attacks, offering a scalable solution for security and robustness applications, though it is incremental in improving existing attack methods.
The paper tackles the problem of generating adversarial examples that are perceptually realistic and efficient for deep neural networks, proposing AI-GAN, which achieves high attack success rates and significantly reduces generation time on datasets like MNIST, CIFAR-10, and CIFAR-100.
Deep neural networks (DNNs) are vulnerable to adversarial examples, which are crafted by adding imperceptible perturbations to inputs. Recently different attacks and strategies have been proposed, but how to generate adversarial examples perceptually realistic and more efficiently remains unsolved. This paper proposes a novel framework called Attack-Inspired GAN (AI-GAN), where a generator, a discriminator, and an attacker are trained jointly. Once trained, it can generate adversarial perturbations efficiently given input images and target classes. Through extensive experiments on several popular datasets \eg MNIST and CIFAR-10, AI-GAN achieves high attack success rates and reduces generation time significantly in various settings. Moreover, for the first time, AI-GAN successfully scales to complicated datasets \eg CIFAR-100 with around $90\%$ success rates among all classes.