Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization
| Autor: | Floris, Giuseppe, Mura, Raffaele, Scionis, Luca, Piras, Giorgio, Pintor, Maura, Demontis, Ambra, Biggio, Battista |
|---|---|
| Rok vydání: | 2023 |
| Předmět: | |
| Druh dokumentu: | Working Paper |
| DOI: | 10.14428/esann/2023.ES2023-164 |
| Popis: | Evaluating the adversarial robustness of machine learning models using gradient-based attacks is challenging. In this work, we show that hyperparameter optimization can improve fast minimum-norm attacks by automating the selection of the loss function, the optimizer and the step-size scheduler, along with the corresponding hyperparameters. Our extensive evaluation involving several robust models demonstrates the improved efficacy of fast minimum-norm attacks when hyper-up with hyperparameter optimization. We release our open-source code at https://github.com/pralab/HO-FMN. Comment: Accepted at ESANN23 |
| Databáze: | arXiv |
| Externí odkaz: |
|