On the Adversarial Transferability of ConvMixer Models
This addresses the vulnerability of ConvMixer models to adversarial examples, which is an incremental finding in the field of machine learning security.
The paper investigated adversarial transferability between models, including ConvMixer, and found that ConvMixer is weak to such attacks, with results evaluated using the AutoAttack benchmark.
Deep neural networks (DNNs) are well known to be vulnerable to adversarial examples (AEs). In addition, AEs have adversarial transferability, which means AEs generated for a source model can fool another black-box model (target model) with a non-trivial probability. In this paper, we investigate the property of adversarial transferability between models including ConvMixer, which is an isotropic network, for the first time. To objectively verify the property of transferability, the robustness of models is evaluated by using a benchmark attack method called AutoAttack. In an image classification experiment, ConvMixer is confirmed to be weak to adversarial transferability.