A Unified Approach to Interpreting and Boosting Adversarial Transferability

• URL: http://arxiv.org/abs/2010.04055v2
• Date: Fri, 1 Dec 2023 12:49:42 GMT
• Title: A Unified Approach to Interpreting and Boosting Adversarial Transferability
• Authors: Xin Wang, Jie Ren, Shuyun Lin, Xiangming Zhu, Yisen Wang, Quanshi Zhang
• Abstract summary: In this paper, we use the interaction inside adversarial perturbations to explain and boost the adversarial transferability. We prove and prove the negative correlation between the adversarial transferability and the interaction inside adversarial perturbations. We propose to penalize interactions during the attacking process, which significantly improves the adversarial transferability.
• Score: 42.33597623865435
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: In this paper, we use the interaction inside adversarial perturbations to explain and boost the adversarial transferability. We discover and prove the negative correlation between the adversarial transferability and the interaction inside adversarial perturbations. The negative correlation is further verified through different DNNs with various inputs. Moreover, this negative correlation can be regarded as a unified perspective to understand current transferability-boosting methods. To this end, we prove that some classic methods of enhancing the transferability essentially decease interactions inside adversarial perturbations. Based on this, we propose to directly penalize interactions during the attacking process, which significantly improves the adversarial transferability.

Related papers

• AntEval: Evaluation of Social Interaction Competencies in LLM-Driven Agents [65.16893197330589]
  Large Language Models (LLMs) have demonstrated their ability to replicate human behaviors across a wide range of scenarios. However, their capability in handling complex, multi-character social interactions has yet to be fully explored. We introduce the Multi-Agent Interaction Evaluation Framework (AntEval), encompassing a novel interaction framework and evaluation methods.
  arXiv  Detail & Related papers  (2024-01-12T11:18:00Z)
• Sim-to-Real Causal Transfer: A Metric Learning Approach to Causally-Aware Interaction Representations [62.48505112245388]
  We take an in-depth look at the causal awareness of modern representations of agent interactions. We show that recent representations are already partially resilient to perturbations of non-causal agents. We propose a metric learning approach that regularizes latent representations with causal annotations.
  arXiv  Detail & Related papers  (2023-12-07T18:57:03Z)
• Why Does Little Robustness Help? Understanding and Improving Adversarial Transferability from Surrogate Training [24.376314203167016]
  Adversarial examples (AEs) for DNNs have been shown to be transferable. In this paper, we take a further step towards understanding adversarial transferability.
  arXiv  Detail & Related papers  (2023-07-15T19:20:49Z)
• Proving Common Mechanisms Shared by Twelve Methods of Boosting Adversarial Transferability [39.82790215086004]
  This paper summarizes the common mechanism shared by twelve previous transferability-boosting methods in a unified view. We first discover and prove the negative correlation between the adversarial transferability and the attacking utility of interactions. More crucially, we consider the reduction of interactions as the essential reason for the enhancement of adversarial transferability.
  arXiv  Detail & Related papers  (2022-07-24T08:36:12Z)
• A Unified Game-Theoretic Interpretation of Adversarial Robustness [39.64586231421121]
  This paper provides a unified view to explain different adversarial attacks and defense methods. Our findings provide a potential method to unify adversarial perturbations and robustness, which can explain the existing defense methods in a principle way.
  arXiv  Detail & Related papers  (2021-11-05T14:57:49Z)
• Exploring Transferable and Robust Adversarial Perturbation Generation from the Perspective of Network Hierarchy [52.153866313879924]
  The transferability and robustness of adversarial examples are two practical yet important properties for black-box adversarial attacks. We propose a transferable and robust adversarial generation (TRAP) method. Our TRAP achieves impressive transferability and high robustness against certain interferences.
  arXiv  Detail & Related papers  (2021-08-16T11:52:41Z)
• Uncovering the Connections Between Adversarial Transferability and Knowledge Transferability [27.65302656389911]
  We analyze and demonstrate the connections between knowledge transferability and adversarial transferability. Our theoretical studies show that adversarial transferability indicates knowledge transferability and vice versa. We conduct extensive experiments for different scenarios on diverse datasets, showing a positive correlation between adversarial transferability and knowledge transferability.
  arXiv  Detail & Related papers  (2020-06-25T16:04:47Z)
• Interference and Generalization in Temporal Difference Learning [86.31598155056035]
  We study the link between generalization and interference in temporal-difference (TD) learning. We find that TD easily leads to low-interference, under-generalizing parameters, while the effect seems reversed in supervised learning.
  arXiv  Detail & Related papers  (2020-03-13T15:49:58Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.