Most of the adversarial attack methods suffer from large perceptual distortions such as visible artifacts, when the attack strength is relatively high. These perceptual distortions contain a certain portion which contributes less to the attack success rate. This portion of distortions, which is induced by unnecessary modifications and lack of proper perceptual distortion constraint, is the target of the proposed framework. In this paper, we propose a perceptual distortion reduction framework to tackle this problem from two perspectives. Firstly, we propose a perceptual distortion constraint and add it into the objective function to jointly optimize the perceptual distortions and attack success rate. Secondly, we propose an adaptive penalty factor $\lambda$ to balance the discrepancies between different samples. Since SGD and Momentum-SGD cannot optimize our complex non-convex problem, we exploit Adam in optimization. Extensive experiments have verified the superiority of our proposed framework.
翻译:大部分对抗性攻击方法都存在严重的观念扭曲,例如当攻击强度相对较高时,明显的手工艺品等。这些观念扭曲包含一定比例,对攻击成功率的贡献较小。这部分扭曲是拟议框架的目标,其原因是不必要的修改和缺乏适当的观念扭曲限制。在本文件中,我们从两个角度提出了一个概念扭曲减少框架,以解决这一问题。首先,我们提出概念扭曲限制,并将它加入到目标功能中,即共同优化概念扭曲和攻击成功率。第二,我们提出一个适应性惩罚因数 $\ lambda$,以平衡不同样品之间的差异。由于SGD和Momentum-SGD无法优化我们复杂的非骨架问题,我们利用亚当进行优化。广泛的实验证实了我们拟议框架的优势。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员