Evolution Strategies can be used to create adversarial examples to fool image classifiers in a black-box setting and three variants are compared in a recently published paper. Compared to a white-box setting where the adversary has full access to the neural network and knows its architecture and parameters, a black-box setting is more realistic. The two population-less variants (1+1)-ES and Natural Evolution Strategies and the population-based variant CMA-ES are tested on the three neural network architectures VGG-16, Inception-v3 and ResNet-50 which were trained on ImageNet. It turned out that CMA-ES dominates the other variants. It achieves higher success rates and requires less queries to compute the adversarial examples. The authors of the paper assume that this is due to the use of a population which might result in a better exploration of the fitness landscape.

--

--

Dev-Sec-ML — https://twitter.com/_etzold — Creator of Security Flashcards https://security-flashcards.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Week 3# Identification of Artists and Movements from Paintings with Machine Learning

https://www.pyimagesearch.com/2014/01/22/clever-girl-a-guide-to-utilizing-color-histograms-for-computer-vision-and-image-search-engines/

Comparison of TensorFlow and Random Forest Model with Python

Photo Geolocation with Neural Networks: How to and How not to

ResNet for Image Classification.

5 Reasons to Use Machine Learning in Your Company

Initial Balance With Machine Learning: Random Forest-Part 2

How to create a Machine Learning based Help Desk system with AWS

Introduction to Decision Tree Algorithm

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Daniel Etzold

Daniel Etzold

Dev-Sec-ML — https://twitter.com/_etzold — Creator of Security Flashcards https://security-flashcards.com

More from Medium

Review of Deep Learning Architectures for Image Classification Problem (Part 1)

Use CUDA 11.0 for RAPIDS 21.12 with TensorFlow 2.4 in Ubuntu 18.04

Classifying breeds deep learning approach

How to set up a Google Compute Engine using Ubuntu 20.04