Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization

Giuseppe Floris
Primo
;Raffaele Mura;Luca Scionis;Giorgio Piras
;Maura Pintor;Ambra Demontis
Penultimo
;Battista Biggio
Ultimo
2023-01-01

Abstract

Evaluating the adversarial robustness of machine-learning models using gradient-based attacks is challenging. In this work, we show that hyperparameter optimization can improve fast minimum-norm attacks by automating the selection of the loss function, the optimizer, and the step-size scheduler, along with the corresponding hyperparameters. Our extensive evaluation involving several robust models demonstrates the improved efficacy of fast minimum-norm attacks when hyped up with hyperparameter optimization. We release our open-source code at https://github.com/pralab/HO-FMN.
2023
Inglese
ESANN 2023 proceedings
978-2-87587-088-9
Ciaco - i6doc.com
127
132
6
31st European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning, ESANN 2023
Esperti anonimi
4-6 Ottobre, 2023
Bruges, Belgium
scientifica
Machine Learning; Adversarial Machine Learning; Optimization
no
4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno
Floris, Giuseppe; Mura, Raffaele; Scionis, Luca; Piras, Giorgio; Pintor, Maura; Demontis, Ambra; Biggio, Battista
273
7
4.1 Contributo in Atti di convegno
partially_open
info:eu-repo/semantics/conferencePaper
File in questo prodotto:
File Dimensione Formato  
ES2023-164 (1).pdf

Solo gestori archivio

Tipologia: versione editoriale
Dimensione 1.69 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.69 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
2310.08177.pdf

accesso aperto

Tipologia: versione pre-print
Dimensione 443.53 kB
Formato Adobe PDF
Visualizza/Apri
443.53 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Questionario e social

Condividi su:
Impostazioni cookie