ManiGen: A Manifold Aided Black-Box Generator of Adversarial Examples

Guanxiong Liu, Issa Khalil, Abdallah Khreishah, Abdulelah Algosaibi, Adel Aldalbahi, Mohammed Al-Naeem, Abdulaziz Alhumam, Muhammad Anan

Type: Article

Publication Date: 2020-01-01

Citations: 5

DOI: https://doi.org/10.1109/access.2020.3029270

View Publication

Download PDF

Abstract

From recent research work, it has been shown that neural network (NN) classifiers are vulnerable to adversarial examples which contain special perturbations that are ignored by human eyes while can mislead NN classifiers.In this paper, we propose a practical black-box adversarial example generator, dubbed ManiGen.ManiGen does not require any knowledge of the inner state of the target classifier.It generates adversarial examples by searching along the manifold, which is a concise representation of input data.Through extensive set of experiments on different datasets, we show that (1) adversarial examples generated by ManiGen can mislead standalone classifiers by being as successful as the state-of-the-art whitebox generator, Carlini, and (2) adversarial examples generated by ManiGen can more effectively attack classifiers with state-of-the-art defenses.

Locations

IEEE Access - View - PDF
arXiv (Cornell University) - View - PDF
DOAJ (DOAJ: Directory of Open Access Journals) - View

Similar Works

Action	Title	Year	Authors
+	ManiGen: A Manifold Aided Black-box Generator of Adversarial Examples	2020	Guanxiong Liu Issa Khalil Abdallah Khreishah Abdulelah Algosaibi Adel Aldalbahi Mohammed Alaneem Abdulaziz Alhumam Mohammed Anan
+	OMG-ATTACK: Self-Supervised On-Manifold Generation of Transferable Evasion Attacks	2023	Ofir Tal Adi Haviv Amit H. Bermano
+	Black-box Adversarial Example Generation with Normalizing Flows.	2020	Hadi M. Dolatabadi Sarah M. Erfani Christopher Leckie
+	Black-box Adversarial Example Generation with Normalizing Flows	2020	Hadi M. Dolatabadi Sarah M. Erfani Christopher Leckie
+	Generating Adversarial Examples with Adversarial Networks	2018	Chaowei Xiao Bo Li Jun-Yan Zhu Warren He Mingyan Liu Dawn Song
+	Generating Adversarial Examples with Adversarial Networks	2018	Chaowei Xiao Bo Li Jun-Yan Zhu Warren He Mingyan Liu Dawn Song
+	Gray-box Adversarial Training	2018	B S Vivek Konda Reddy Mopuri R. Venkatesh Babu
+	Detecting Adversarial Examples through Nonlinear Dimensionality Reduction	2019	Francesco Crecchi Davide Bacciu Battista Biggio
+	Gray-box Adversarial Training	2018	B. S. Vivek Konda Reddy Mopuri R. Venkatesh Babu
+	Adversarial Examples - A Complete Characterisation of the Phenomenon	2018	Alexandru Constantin Serban Erik Poll
+	CAAD 2018: Generating Transferable Adversarial Examples	2018	Yash Sharma Tiendung Le Moustafa Alzantot
+	Adaptive Generation of Unrestricted Adversarial Inputs	2019	Isaac Dunn Hadrien Pouget Tom Melham Daniel Kroening
+ PDF Chat	Enhancing Adversarial Example Transferability With an Intermediate Level Attack	2019	Qian Huang Isay Katsman Zeqi Gu Horace He Serge Belongie Ser-Nam Lim
+	Understanding Adversarial Robustness Against On-manifold Adversarial Examples	2022	Jiancong Xiao Liusha Yang Yanbo Fan Jue Wang Zhi‐Quan Luo
+	MagNet: a Two-Pronged Defense against Adversarial Examples	2017	Dongyu Meng Hao Chen
+	Intermediate Level Adversarial Attack for Enhanced Transferability	2018	Qian Huang Zeqi Gu Isay Katsman Horace He Pian Pawakapan Zhiqiu Lin Serge Belongie Ser-Nam Lim
+	Defending Against Adversarial Attacks by Leveraging an Entire GAN	2018	Gokula Krishnan Santhanam Paulina Grnarova
+	Defending Against Adversarial Attacks by Leveraging an Entire GAN	2018	Gokula Krishnan Santhanam Paulina Grnarova
+	Investigating Human-Identifiable Features Hidden in Adversarial Perturbations	2023	Dennis Y. Menn Tzu-hsun Feng Sriram Vishwanath Hung-yi Lee
+	Searching for the Essence of Adversarial Perturbations	2022	Dennis Y. Menn Tzu-hsun Feng Hung-yi Lee

Works That Cite This (2)

Action	Title	Year	Authors
+ PDF Chat	An Adaptive Black-Box Defense Against Trojan Attacks (TrojDef)	2022	Guanxiong Liu Abdallah Khreishah Fatima Sharadgah Issa Khalil
+ PDF Chat	OMG-Attack: Self-Supervised On-Manifold Generation of Transferable Evasion Attacks	2023	Ofir Tal Adi Haviv Amit H. Bermano

Works Cited by This (15)

Action	Title	Year	Authors
+	Very Deep Convolutional Networks for Large-Scale Image Recognition	2014	Karen Simonyan Andrew Zisserman
+	Explaining and Harnessing Adversarial Examples	2014	Ian Goodfellow Jonathon Shlens Christian Szegedy
+	Striving for Simplicity: The All Convolutional Net	2014	Jost Tobias Springenberg Alexey Dosovitskiy Thomas Brox Martin Riedmiller
+	Sample Complexity of Testing the Manifold Hypothesis	2010	Hariharan Narayanan Sanjoy K. Mitter
+ PDF Chat	Practical Black-Box Attacks against Machine Learning	2017	Nicolas Papernot Patrick McDaniel Ian Goodfellow Somesh Jha Z. Berkay Celik Ananthram Swami
+ PDF Chat	GanDef: A GAN Based Adversarial Training Defense for Neural Network Classifier	2019	Guanxiong Liu Issa Khalil Abdallah Khreishah
+	Very Deep Convolutional Networks for Large-Scale Image Recognition	2014	Karen Simonyan Andrew Zisserman
+	Adversarial Machine Learning at Scale	2016	Alexey Kurakin Ian Goodfellow Samy Bengio
+ PDF Chat	Towards Evaluating the Robustness of Neural Networks	2017	Nicholas Carlini David Wagner
+	Adam: A Method for Stochastic Optimization	2014	Diederik P. Kingma Jimmy Ba