Universal Adversarial Perturbations: Efficiency on a small image dataset
This work is incremental, as it applies an existing adversarial attack method to a smaller-scale setup to analyze its performance.
The authors reproduced the universal adversarial perturbations method on a smaller neural network and dataset to study its efficiency, finding that the perturbations remained effective despite the reduced scale.
Although neural networks perform very well on the image classification task, they are still vulnerable to adversarial perturbations that can fool a neural network without visibly changing an input image. A paper has shown the existence of Universal Adversarial Perturbations which when added to any image will fool the neural network with a very high probability. In this paper we will try to reproduce the experience of the Universal Adversarial Perturbations paper, but on a smaller neural network architecture and training set, in order to be able to study the efficiency of the computed perturbation.