YoVDO

HopSkipJumpAttack - A Query-Efficient Decision-Based Attack

Offered By: IEEE via YouTube

Tags

Adversarial Attacks Courses Cybersecurity Courses Machine Learning Courses Binary Search Courses Algorithm Design Courses

Course Description

Overview

Explore a comprehensive analysis of HopSkipJumpAttack, a query-efficient decision-based adversarial attack on trained models. Delve into the algorithm's development, theoretical foundations, and practical applications in generating adversarial examples using only output labels. Learn about the novel gradient direction estimation technique utilizing binary information at the decision boundary, and understand how it optimizes for both untargeted and targeted attacks using l_2 and l_∞ similarity metrics. Examine the theoretical analysis behind the proposed algorithms and gradient direction estimate. Discover how HopSkipJumpAttack outperforms state-of-the-art decision-based adversarial attacks in terms of model query efficiency and its effectiveness against widely-used defense mechanisms. Gain insights into various aspects of adversarial attacks, including motivations, notations, types, objectives, and existing work in the field.

Syllabus

Intro
Adversarial attack (Szegedy et. al. 2013)
Motivation
Motion picture content rating system
Notations
Types of adversarial attacks
Attack objectives
Existing work
Implicit representations of boundary (Part 1)
An Iterative Algorithm
Convergence
Black-box setting: Access to decisions alone
Boundary search requires labels alone
A decision-based gradient direction estimate
Intuition of proof
A visualization of our algorithm
Binary Search: Find boundary of dog & nondog
Gradient direction estimation
Appropriate size of random perturbation
An uneven distribution of signs
Variance reduction
Distance vs. # Queries
Visualization on ImageNet
Defense mechanisms under HopSkipJumpAttack


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Machine Learning and Artificial Intelligence Security Risk: Categorizing Attacks and Failure Modes
LinkedIn Learning
How Apple Scans Your Phone and How to Evade It - NeuralHash CSAM Detection Algorithm Explained
Yannic Kilcher via YouTube
Deep Learning New Frontiers
Alexander Amini via YouTube
Deep Learning New Frontiers
Alexander Amini via YouTube
MIT 6.S191 - Deep Learning Limitations and New Frontiers
Alexander Amini via YouTube