English

Are adversarial examples inevitable?

Machine Learning 2020-02-05 v3 Computer Vision and Pattern Recognition Machine Learning
Authors: Ali Shafahi , W. Ronny Huang , Christoph Studer , Soheil Feizi , Tom Goldstein
View on arXiv PDF

Abstract

A wide range of defenses have been proposed to harden neural networks against adversarial attacks. However, a pattern has emerged in which the majority of adversarial defenses are quickly broken by new attacks. Given the lack of success at generating robust defenses, we are led to ask a fundamental question: Are adversarial attacks inevitable? This paper analyzes adversarial examples from a theoretical perspective, and identifies fundamental bounds on the susceptibility of a classifier to adversarial attacks. We show that, for certain classes of problems, adversarial examples are inescapable. Using experiments, we explore the implications of theoretical guarantees for real-world problems and discuss how factors such as dimensionality and image complexity limit a classifier's robustness against adversarial examples.

Keywords

adversarial examples adversarial training adversarial robustness

Cite

@article{arxiv.1809.02104,
  title  = {Are adversarial examples inevitable?},
  author = {Ali Shafahi and W. Ronny Huang and Christoph Studer and Soheil Feizi and Tom Goldstein},
  journal= {arXiv preprint arXiv:1809.02104},
  year   = {2020}
}

Related papers

View all related →
Machine Learning · Computer Science
Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods
Nicholas Carlini, David Wagner
2017-11-02
Machine Learning · Statistics
Towards Deep Learning Models Resistant to Adversarial Attacks
Aleksander Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras +1
2019-09-06
Machine Learning · Computer Science
Recent Advances in Understanding Adversarial Robustness of Deep Neural Networks
Tao Bai, Jinqi Luo, Jun Zhao
2020-11-04
Machine Learning · Computer Science
Verifying the Causes of Adversarial Examples
Honglin Li, Yifei Fan, Frieder Ganz, Anthony Yezzi +1
2020-10-20
Machine Learning · Statistics
Understanding and Quantifying Adversarial Examples Existence in Linear Classification
Xupeng Shi, A. Adam Ding
2019-10-29
Machine Learning · Computer Science
Adversarial Examples: Attacks and Defenses for Deep Learning
Xiaoyong Yuan, Pan He, Qile Zhu, Xiaolin Li
2018-07-10
Machine Learning · Computer Science
Theoretical Foundations of Adversarially Robust Learning
Omar Montasser
2023-06-14
Machine Learning · Computer Science
Adversarial Examples Might be Avoidable: The Role of Data Concentration in Adversarial Robustness
Ambar Pal, Jeremias Sulam, René Vidal
2024-05-28
Computer Vision and Pattern Recognition · Computer Science
Adversarial Examples on Object Recognition: A Comprehensive Survey
Alex Serban, Erik Poll, Joost Visser
2020-09-04
Cryptography and Security · Computer Science
A survey on practical adversarial examples for malware classifiers
Daniel Park, Bülent Yener
2020-11-12
Machine Learning · Statistics
Adversarial examples from computational constraints
Sébastien Bubeck, Eric Price, Ilya Razenshteyn
2018-05-28
Machine Learning · Computer Science
A Theoretical Framework for Robustness of (Deep) Classifiers against Adversarial Examples
Beilun Wang, Ji Gao, Yanjun Qi
2017-09-28
Machine Learning · Statistics
Intriguing Properties of Adversarial Examples
Ekin D. Cubuk, Barret Zoph, Samuel S. Schoenholz, Quoc V. Le
2017-11-09
Machine Learning · Computer Science
When and How to Fool Explainable Models (and Humans) with Adversarial Examples
Jon Vadillo, Roberto Santana, Jose A. Lozano
2025-02-18
Computer Vision and Pattern Recognition · Computer Science
Adversarial Examples - A Complete Characterisation of the Phenomenon
Alexandru Constantin Serban, Erik Poll, Joost Visser
2019-02-19
Machine Learning · Computer Science
Algebraic Adversarial Attacks on Integrated Gradients
Lachlan Simpson, Federico Costanza, Kyle Millar, Adriel Cheng +2
2025-02-28
Machine Learning · Computer Science
A Boundary Tilting Persepective on the Phenomenon of Adversarial Examples
Thomas Tanay, Lewis Griffin
2016-08-30
Machine Learning · Computer Science
Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them
Florian Tramèr
2022-06-17
Machine Learning · Computer Science
When Should You Defend Your Classifier -- A Game-theoretical Analysis of Countermeasures against Adversarial Examples
Maximilian Samsinger, Florian Merkle, Pascal Schöttle, Tomas Pevny
2021-09-28
Machine Learning · Computer Science
Predicting Adversarial Examples with High Confidence
Angus Galloway, Graham W. Taylor, Medhat Moussa
2018-02-14
Machine Learning · Statistics
Adversarial Examples Are Not Bugs, They Are Features
Andrew Ilyas, Shibani Santurkar, Dimitris Tsipras, Logan Engstrom +2
2019-08-13
Machine Learning · Computer Science
Adversarial Examples from Cryptographic Pseudo-Random Generators
Sébastien Bubeck, Yin Tat Lee, Eric Price, Ilya Razenshteyn
2018-11-16
Machine Learning · Computer Science
Adversarial Examples in Modern Machine Learning: A Review
Rey Reza Wiyatno, Anqi Xu, Ousmane Dia, Archy de Berker
2019-11-19
Machine Learning · Computer Science
Towards Imperceptible and Robust Adversarial Example Attacks against Neural Networks
Bo Luo, Yannan Liu, Lingxiao Wei, Qiang Xu
2018-01-16
Machine Learning · Computer Science
Effectiveness of Adversarial Examples and Defenses for Malware Classification
Robert Podschwadt, Hassan Takabi
2019-09-12