(A) study on universal and transferable properties of adversarial perturbations적대적 교란의 보편성 및 전이성에 대한 연구
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.advisor | Kweon, In So | - |
| dc.contributor.advisor | 권인소 | - |
| dc.contributor.author | Zhang, Chaoning | - |
| dc.date.accessioned | 2022-04-21T19:33:41Z | - |
| dc.date.available | 2022-04-21T19:33:41Z | - |
| dc.date.issued | 2021 | - |
| dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=962483&flag=dissertation | en_US |
| dc.identifier.uri | http://hdl.handle.net/10203/295607 | - |
| dc.description | 학위논문(박사) - 한국과학기술원 : 전기및전자공학부, 2021.8,[ix, 106 p. :] | - |
| dc.description.abstract | Deep Neural networks (DNNs) are widely known to be vulnerable to adversarial examples, i.e. images perturbed by imperceptible perturbations. This work studies adversarial perturbations mainly with a focus on their two intriguing universal and transferable properties. Regarding the universal property, this work makes the following contributions: (a) proposing a simple yet effective algorithm for crafting data-free targeted UAP with the proxy dataset based on a new perspective that UAPs have independent features while images behave like noise | - |
| dc.description.abstract | (b) investigating strictly data-free UAP as well as applying UAP to solve the challenging practical no-box attack | - |
| dc.description.abstract | (c) extending the concept of universal perturbation to data hiding for achieving universal deep hiding (UDH) by demonstrating its success in steganography, watermarking, and light field messaging | - |
| dc.description.abstract | (d) providing a unified Fourier perspective towards understanding UAP and UDH, revealing that their success can be, at least partly, attributed to DNNs being sensitive to high-frequency input content. Regarding the transferable property, our work makes the following contributions: (e) demonstrating that transferability is not at odds with attack strength and proposing a simple loss function that achieves state-of-the-art attack strength and/or transferability | - |
| dc.description.abstract | (f) identifying that the widely used momentum iterative method improves the transferability at the cost of higher visibility, as well as proposing a novel momentum-free iterative method | - |
| dc.description.abstract | (g) identifying over-fitting as the core issue for hindering transferability and proposing simple yet effective techniques to alleviate the over-fitting issue | - |
| dc.description.abstract | (h) identifying surrogate model robustness as a major factor that influences the transferability and demonstrating that early stop and adversarial training yield better surrogate models for transferable attacks. Overall, this dissertation attempts to provide a new understanding of adversarial robustness by revisiting their universal and transferable properties. Exploiting these two properties, this work focuses on simple yet effective techniques for more practical adversarial attacks. | - |
| dc.language | eng | - |
| dc.publisher | 한국과학기술원 | - |
| dc.subject | Adversarial perturbations▼aUniversal property▼aTransferable property▼aData hiding | - |
| dc.subject | 적대적 교란▼a보편성▼a전이성▼a데이터 숨기기 | - |
| dc.title | (A) study on universal and transferable properties of adversarial perturbations | - |
| dc.title.alternative | 적대적 교란의 보편성 및 전이성에 대한 연구 | - |
| dc.type | Thesis(Ph.D) | - |
| dc.identifier.CNRN | 325007 | - |
| dc.description.department | 한국과학기술원 :전기및전자공학부, | - |
- Appears in Collection
- EE-Theses_Ph.D.(박사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.