3.1.1. Adversarial Example

Pengfei Xie; Shuhao Shi; Shuai Yang; Kai Qiao; Ningning Liang; Linyuan Wang; Jian Chen; Guoen Hu; Bin Yan

Improve Research Reproducibility A Bio-protocol resource

Home
Protocols

Concise Method

3.1.1. Adversarial Example

PX Pengfei Xie

SS Shuhao Shi

SY Shuai Yang

KQ Kai Qiao

NL Ningning Liang

LW Linyuan Wang

JC Jian Chen

GH Guoen Hu

BY Bin Yan

This method is extracted from research article: Front Neurorobot, Dec 2021

Improving the Transferability of Adversarial Examples With a Noise Data Enhancement Framework and Random Erasing

DOI: 10.3389/fnbot.2021.784053

Ask a question

Favorite

Suppose x is a clean sample, y^true is the corresponding real label. For a trained DNN F₁, it can correctly classify samples x as labels y^true. By adding a small perturbation δ to the original sample, the adversarial examples x + δ can make the DNN F₁ misclassified. The generation of the small perturbation is generally obtained by maximizing the loss function J(x, y^true, θ), where θ represents the network structure parameters, and the loss function generally selects the cross entropy loss function.

This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.

Do you have any questions about this protocol?

Post your question to gather feedback from the community. We will also invite the authors of this article to respond.

Post a Question

0 Q&A

Share your protocol with your peers.

Submit a Preprint Protocol