Feedback-Control Based Adversarial Attacks on Recurrent Neural Networks

Shankar A. Deka, Dušan M. Stipanović, Claire J. Tomlin

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

Abstrakti

Crafting adversarial inputs for attacks on neural networks and robustification against such attacks have continued to be a topic of keen interest in the machine learning community. Yet, the vast majority of work in current literature is only empirical in nature. We present a novel viewpoint on adversarial attacks on recurrent neural networks (RNNs) through the lens of dynamical systems theory. In particular, we show how control theory-based analysis tools can be leveraged to compute these adversarial input disturbances, and obtain bounds on how they impact the neural network performance. The disturbances are computed dynamically at each time-step by taking advantage of the recurrent architecture of RNNs, thus making them more efficient compared to prior work, as well as amenable to ‘real-time’ attacks. Finally, the theoretical results are supported by some illustrative examples.
AlkuperäiskieliEnglanti
Otsikko2020 59th IEEE Conference on Decision and Control (CDC)
KustantajaIEEE
Sivut4677-4682
Sivumäärä6
ISBN (painettu)978-1-7281-7448-8
DOI - pysyväislinkit
TilaJulkaistu - 18 jouluk. 2020
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaIEEE Conference on Decision and Control - Virtual, Online, Jeju Island, Etelä-Korea
Kesto: 14 jouluk. 202018 jouluk. 2020
Konferenssinumero: 59

Conference

ConferenceIEEE Conference on Decision and Control
LyhennettäCDC
Maa/AlueEtelä-Korea
KaupunkiJeju Island
Ajanjakso14/12/202018/12/2020

Sormenjälki

Sukella tutkimusaiheisiin 'Feedback-Control Based Adversarial Attacks on Recurrent Neural Networks'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä