| Presentation | 2023-03-02 Novel Adversarial Attacks Based on Embedding Geometry of Data Manifolds Masahiro Morita, Hajime Tasaki, Jinhui Chao, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | It has been shown recently that adversarial examples inducing misclassification by deep neural networks exist in the orthogonal complementary spaces of the tangent spaces of the data manifold. In this paper, we propose novel adversarial attacks based on the embedding geometry of the data manifold. The proposed attacks generate adversarial examples by adding imperceptible perturbations in the directions of the orthogonal complementary space of the tangent spaces of the data manifold along which the weight vectors have prominent components. Moreover, we also consider targeted attacks by the output inversion in the hidden layer neurons toward the target class. Evaluations of these proposed attacks are also reported. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Deep learning / Adversarial example / Manifold hypothesis / Data manifold |
| Paper # | PRMU2022-84,IBISML2022-91 |
| Date of Issue | 2023-02-23 (PRMU, IBISML) |
| Conference Information | |
| Committee | PRMU / IBISML / IPSJ-CVIM |
|---|---|
| Conference Date | 2023/3/2(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Future University Hakodate |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Seiichi Uchida(Kyushu Univ.) / Masashi Sugiyama(Univ. of Tokyo) |
| Vice Chair | Takuya Funatomi(NAIST) / Mitsuru Anpai(Denso IT Lab.) / Toshihiro Kamishima(AIST) / Koji Tsuda(Univ. of Tokyo) |
| Secretary | Takuya Funatomi(CyberAgent) / Mitsuru Anpai(Univ. of Tokyo) / Toshihiro Kamishima(NTT) / Koji Tsuda(Hokkaido Univ.) |
| Assistant | Nakamasa Inoue(Tokyo Inst. of Tech.) / Yasutomo Kawanishi(Riken) / Yoshinobu Kawahara(Osaka Univ.) / Taiji Suzuki(Tokyo Inst. of Tech.) |
| Paper Information | |
| Registration To | Technical Committee on Pattern Recognition and Media Understanding / Technical Committee on Information-Based Induction Sciences and Machine Learning / Special Interest Group on Computer Vision and Image Media |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Novel Adversarial Attacks Based on Embedding Geometry of Data Manifolds |
| Sub Title (in English) | |
| Keyword(1) | Deep learning |
| Keyword(2) | Adversarial example |
| Keyword(3) | Manifold hypothesis |
| Keyword(4) | Data manifold |
| 1st Author's Name | Masahiro Morita |
| 1st Author's Affiliation | Chuo University(Chuo Univ.) |
| 2nd Author's Name | Hajime Tasaki |
| 2nd Author's Affiliation | Chuo University(Chuo Univ.) |
| 3rd Author's Name | Jinhui Chao |
| 3rd Author's Affiliation | Chuo University(Chuo Univ.) |
| Date | 2023-03-02 |
| Paper # | PRMU2022-84,IBISML2022-91 |
| Volume (vol) | vol.122 |
| Number (no) | PRMU-404,IBISML-405 |
| Page | pp.pp.140-145(PRMU), pp.140-145(IBISML), |
| #Pages | 6 |
| Date of Issue | 2023-02-23 (PRMU, IBISML) |