Adaptive Neighbourhoods for the Discovery of Adversarial Examples
This work addresses the vulnerability of deep neural networks to adversarial attacks, offering an incremental improvement to existing methods for discovering adversarial examples.
The paper tackles the problem of finding adversarial examples for deep neural networks by adapting the size of search regions based on problem complexity and data density, which improves existing fixed-region approaches and may enhance adversarial training methods.
Deep Neural Networks (DNNs) have often supplied state-of-the-art results in pattern recognition tasks. Despite their advances, however, the existence of adversarial examples have caught the attention of the community. Many existing works have proposed methods for searching for adversarial examples within fixed-sized regions around training points. Our work complements and improves these existing approaches by adapting the size of these regions based on the problem complexity and data sampling density. This makes such approaches more appropriate for other types of data and may further improve adversarial training methods by increasing the region sizes without creating incorrect labels.