Abstract
The adversarial attack literature contains numerous algorithms for crafting perturbations which manipulate neural network predictions. Many of these adversarial attacks optimize inputs with the same constraints and have similar downstream impact on the models they attack. In this work, we first show how to reconstruct an adversarial perturbation, namely the difference between an adversarial example and the original natural image, from an adversarial example. Then, we classify reconstructed adversarial perturbations based on the algorithm that generated them. This pipeline, REDRL, can detect the attack algorithm used to generate a sample from only the sample itself. The ability to determine which algorithm generated an example implies that different attack algorithms actually produce unique signatures in their adversarial examples. © 2024 IEEE.
| Original language | English |
|---|---|
| Title of host publication | 2024 IEEE International Conference on Acoustics, Speech, and Signal Processing - Proceedings |
| Publisher | IEEE |
| Pages | 7050-7054 |
| Number of pages | 5 |
| ISBN (Electronic) | 9798350344851 |
| ISBN (Print) | 9798350344868 |
| DOIs | |
| Publication status | Published - 2024 |
| Externally published | Yes |
| Event | 49th IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP 2024) - COEX, Seoul, Korea, Republic of Duration: 14 Apr 2024 → 19 Apr 2024 https://2024.ieeeicassp.org/ |
Publication series
| Name | ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings |
|---|---|
| ISSN (Print) | 1520-6149 |
| ISSN (Electronic) | 2379-190X |
Conference
| Conference | 49th IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP 2024) |
|---|---|
| Country/Territory | Korea, Republic of |
| City | Seoul |
| Period | 14/04/24 → 19/04/24 |
| Internet address |
Research Keywords
- Adversarial Attacks
- Adversarial Examples
- Security