Timezone: »
Poster
Perturbing Across the Feature Hierarchy to Improve Standard and Strict Blackbox Attack Transferability
Nathan Inkawhich · Kevin J Liang · Binghui Wang · Matthew Inkawhich · Lawrence Carin · Yiran Chen
We consider the blackbox transfer-based targeted adversarial attack threat model in the realm of deep neural network (DNN) image classifiers. Rather than focusing on crossing decision boundaries at the output layer of the source model, our method perturbs representations throughout the extracted feature hierarchy to resemble other classes. We design a flexible attack framework that allows for multi-layer perturbations and demonstrates state-of-the-art targeted transfer performance between ImageNet DNNs. We also show the superiority of our feature space methods under a relaxation of the common assumption that the source and target models are trained on the same dataset and label space, in some instances achieving a $10\times$ increase in targeted success rate relative to other blackbox transfer methods. Finally, we analyze why the proposed methods outperform existing attack strategies and show an extension of the method in the case when limited queries to the blackbox model are allowed.
Author Information
Nathan Inkawhich (Duke University)
Kevin J Liang (Facebook)
Binghui Wang (Duke University)
Matthew Inkawhich (Duke University)
Lawrence Carin (Duke University)
Yiran Chen (Duke University)
More from the Same Authors
-
2021 Spotlight: Supercharging Imbalanced Data Learning With Energy-based Contrastive Representation Transfer »
Junya Chen · Zidi Xiu · Benjamin Goldstein · Ricardo Henao · Lawrence Carin · Chenyang Tao -
2022 : CAM-GAN: Continual Adaptation Modules for Generative Adversarial Networks »
Sakshi Varshney · Vinay Verma · Srijith PK · Piyush Rai · Lawrence Carin -
2022 : Fine-grain Inference on Out-of-Distribution Data with Hierarchical Classification »
Randolph Linderman · Jingyang Zhang · Nathan Inkawhich · Hai Li · Yiran Chen -
2022 Poster: Why do We Need Large Batchsizes in Contrastive Learning? A Gradient-Bias Perspective »
Changyou Chen · Jianyi Zhang · Yi Xu · Liqun Chen · Jiali Duan · Yiran Chen · Son Tran · Belinda Zeng · Trishul Chilimbi -
2021 Poster: Supercharging Imbalanced Data Learning With Energy-based Contrastive Representation Transfer »
Junya Chen · Zidi Xiu · Benjamin Goldstein · Ricardo Henao · Lawrence Carin · Chenyang Tao -
2021 Poster: CAM-GAN: Continual Adaptation Modules for Generative Adversarial Networks »
Sakshi Varshney · Vinay Kumar Verma · P. K. Srijith · Lawrence Carin · Piyush Rai -
2021 Poster: FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective »
Jingwei Sun · Ang Li · Louis DiValentin · Amin Hassanzadeh · Yiran Chen · Hai Li -
2020 Poster: GAN Memory with No Forgetting »
Yulai Cong · Miaoyun Zhao · Jianqiao Li · Sijia Wang · Lawrence Carin -
2020 Poster: DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles »
Huanrui Yang · Jingyang Zhang · Hongliang Dong · Nathan Inkawhich · Andrew Gardner · Andrew Touchet · Wesley Wilkes · Heath Berry · Hai Li -
2020 Poster: Reconsidering Generative Objectives For Counterfactual Reasoning »
Danni Lu · Chenyang Tao · Junya Chen · Fan Li · Feng Guo · Lawrence Carin -
2020 Poster: AutoSync: Learning to Synchronize for Data-Parallel Distributed Deep Learning »
Hao Zhang · Yuan Li · Zhijie Deng · Xiaodan Liang · Lawrence Carin · Eric Xing -
2020 Oral: DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles »
Huanrui Yang · Jingyang Zhang · Hongliang Dong · Nathan Inkawhich · Andrew Gardner · Andrew Touchet · Wesley Wilkes · Heath Berry · Hai Li -
2020 Poster: Calibrating CNNs for Lifelong Learning »
Pravendra Singh · Vinay Kumar Verma · Pratik Mazumder · Lawrence Carin · Piyush Rai -
2019 Poster: Improving Textual Network Learning with Variational Homophilic Embeddings »
Wenlin Wang · Chenyang Tao · Zhe Gan · Guoyin Wang · Liqun Chen · Xinyuan Zhang · Ruiyi Zhang · Qian Yang · Ricardo Henao · Lawrence Carin -
2019 Poster: Ouroboros: On Accelerating Training of Transformer-Based Language Models »
Qian Yang · Zhouyuan Huo · Wenlin Wang · Lawrence Carin -
2019 Poster: Scalable Gromov-Wasserstein Learning for Graph Partitioning and Matching »
Hongteng Xu · Dixin Luo · Lawrence Carin -
2019 Poster: Kernel-Based Approaches for Sequence Modeling: Connections to Neural Methods »
Kevin J Liang · Guoyin Wang · Yitong Li · Ricardo Henao · Lawrence Carin -
2019 Poster: Certified Adversarial Robustness with Additive Noise »
Bai Li · Changyou Chen · Wenlin Wang · Lawrence Carin -
2019 Poster: On Fenchel Mini-Max Learning »
Chenyang Tao · Liqun Chen · Shuyang Dai · Junya Chen · Ke Bai · Dong Wang · Jianfeng Feng · Wenlian Lu · Georgiy Bobashev · Lawrence Carin -
2018 : Lunch & Posters »
Haytham Fayek · German Parisi · Brian Xu · Pramod Kaushik Mudrakarta · Sophie Cerf · Sarah Wassermann · Davit Soselia · Rahaf Aljundi · Mohamed Elhoseiny · Frantzeska Lavda · Kevin J Liang · Arslan Chaudhry · Sanmit Narvekar · Vincenzo Lomonaco · Wesley Chung · Michael Chang · Ying Zhao · Zsolt Kira · Pouya Bashivan · Banafsheh Rafiee · Oleksiy Ostapenko · Andrew Jones · Christos Kaplanis · Sinan Kalkan · Dan Teng · Xu He · Vincent Liu · Somjit Nath · Sungsoo Ahn · Ting Chen · Shenyang Huang · Yash Chandak · Nathan Sprague · Martin Schrimpf · Tony Kendall · Jonathan Richard Schwarz · Michael Li · Yunshu Du · Yen-Chang Hsu · Samira Abnar · Bo Wang -
2018 Poster: Generalized Inverse Optimization through Online Learning »
Chaosheng Dong · Yiran Chen · Bo Zeng -
2018 Poster: Adversarial Text Generation via Feature-Mover's Distance »
Liqun Chen · Shuyang Dai · Chenyang Tao · Haichao Zhang · Zhe Gan · Dinghan Shen · Yizhe Zhang · Guoyin Wang · Dinghan Shen · Lawrence Carin -
2018 Poster: Distilled Wasserstein Learning for Word Embedding and Topic Modeling »
Hongteng Xu · Wenlin Wang · Wei Liu · Lawrence Carin -
2018 Poster: Diffusion Maps for Textual Network Embedding »
Xinyuan Zhang · Yitong Li · Dinghan Shen · Lawrence Carin -
2018 Spotlight: Diffusion Maps for Textual Network Embedding »
Xinyuan Zhang · Yitong Li · Dinghan Shen · Lawrence Carin -
2017 Spotlight: Targeting EEG/LFP Synchrony with Neural Nets »
Yitong Li · michael Murias · samantha Major · geraldine Dawson · Kafui Dzirasa · Lawrence Carin · David Carlson -
2017 Poster: TernGrad: Ternary Gradients to Reduce Communication in Distributed Deep Learning »
Wei Wen · Cong Xu · Feng Yan · Chunpeng Wu · Yandan Wang · Yiran Chen · Hai Li -
2017 Poster: Targeting EEG/LFP Synchrony with Neural Nets »
Yitong Li · michael Murias · samantha Major · geraldine Dawson · Kafui Dzirasa · Lawrence Carin · David Carlson -
2017 Poster: Triangle Generative Adversarial Networks »
Zhe Gan · Liqun Chen · Weiyao Wang · Yuchen Pu · Yizhe Zhang · Hao Liu · Chunyuan Li · Lawrence Carin -
2017 Poster: ALICE: Towards Understanding Adversarial Learning for Joint Distribution Matching »
Chunyuan Li · Hao Liu · Changyou Chen · Yuchen Pu · Liqun Chen · Ricardo Henao · Lawrence Carin -
2017 Oral: TernGrad: Ternary Gradients to Reduce Communication in Distributed Deep Learning »
Wei Wen · Cong Xu · Feng Yan · Chunpeng Wu · Yandan Wang · Yiran Chen · Hai Li -
2017 Poster: An inner-loop free solution to inverse problems using deep neural networks »
Kai Fan · Qi Wei · Lawrence Carin · Katherine Heller -
2017 Poster: VAE Learning via Stein Variational Gradient Descent »
Yuchen Pu · Zhe Gan · Ricardo Henao · Chunyuan Li · Shaobo Han · Lawrence Carin -
2017 Poster: Deconvolutional Paragraph Representation Learning »
Yizhe Zhang · Dinghan Shen · Guoyin Wang · Zhe Gan · Ricardo Henao · Lawrence Carin -
2017 Poster: Adversarial Symmetric Variational Autoencoder »
Yuchen Pu · Weiyao Wang · Ricardo Henao · Liqun Chen · Zhe Gan · Chunyuan Li · Lawrence Carin -
2017 Poster: A Probabilistic Framework for Nonlinearities in Stochastic Neural Networks »
Qinliang Su · xuejun Liao · Lawrence Carin -
2017 Poster: Scalable Model Selection for Belief Networks »
Zhao Song · Yusuke Muraoka · Ryohei Fujimaki · Lawrence Carin -
2017 Poster: Cross-Spectral Factor Analysis »
Neil Gallagher · Kyle Ulrich · Austin Talbot · Kafui Dzirasa · Lawrence Carin · David Carlson -
2016 Poster: Towards Unifying Hamiltonian Monte Carlo and Slice Sampling »
Yizhe Zhang · Xiangyu Wang · Changyou Chen · Ricardo Henao · Kai Fan · Lawrence Carin -
2016 Poster: Variational Autoencoder for Deep Learning of Images, Labels and Captions »
Yunchen Pu · Zhe Gan · Ricardo Henao · Xin Yuan · Chunyuan Li · Andrew Stevens · Lawrence Carin -
2016 Poster: Linear Feature Encoding for Reinforcement Learning »
Zhao Song · Ronald Parr · Xuejun Liao · Lawrence Carin -
2016 Poster: Stochastic Gradient MCMC with Stale Gradients »
Changyou Chen · Nan Ding · Chunyuan Li · Yizhe Zhang · Lawrence Carin -
2015 Poster: GP Kernels for Cross-Spectrum Analysis »
Kyle R Ulrich · David Carlson · Kafui Dzirasa · Lawrence Carin -
2015 Poster: Deep Poisson Factor Modeling »
Ricardo Henao · Zhe Gan · James Lu · Lawrence Carin -
2015 Poster: Preconditioned Spectral Descent for Deep Learning »
David Carlson · Edo Collins · Ya-Ping Hsieh · Lawrence Carin · Volkan Cevher -
2015 Poster: Large-Scale Bayesian Multi-Label Learning via Topic-Based Label Embeddings »
Piyush Rai · Changwei Hu · Ricardo Henao · Lawrence Carin -
2015 Spotlight: Large-Scale Bayesian Multi-Label Learning via Topic-Based Label Embeddings »
Piyush Rai · Changwei Hu · Ricardo Henao · Lawrence Carin -
2015 Poster: On the Convergence of Stochastic Gradient MCMC Algorithms with High-Order Integrators »
Changyou Chen · Nan Ding · Lawrence Carin -
2015 Poster: Deep Temporal Sigmoid Belief Networks for Sequence Modeling »
Zhe Gan · Chunyuan Li · Ricardo Henao · David Carlson · Lawrence Carin -
2014 Poster: Analysis of Brain States from Multi-Region LFP Time-Series »
Kyle R Ulrich · David Carlson · Wenzhao Lian · Jana S Borg · Kafui Dzirasa · Lawrence Carin -
2014 Poster: Bayesian Nonlinear Support Vector Machines and Discriminative Factor Modeling »
Ricardo Henao · Xin Yuan · Lawrence Carin -
2014 Poster: Compressive Sensing of Signals from a GMM with Sparse Precision Matrices »
Jianbo Yang · Xuejun Liao · Minhua Chen · Lawrence Carin -
2014 Poster: On the relations of LFPs & Neural Spike Trains »
David Carlson · Jana Schaich Borg · Kafui Dzirasa · Lawrence Carin -
2014 Poster: Dynamic Rank Factor Model for Text Streams »
Shaobo Han · Lin Du · Esther Salazar · Lawrence Carin -
2013 Poster: Dynamic Clustering via Asymptotics of the Dependent Dirichlet Process Mixture »
Trevor Campbell · Miao Liu · Brian Kulis · Jonathan How · Lawrence Carin -
2013 Poster: Designed Measurements for Vector Count Data »
Liming Wang · David Carlson · Miguel Rodrigues · David Wilcox · Robert Calderbank · Lawrence Carin -
2013 Poster: Integrated Non-Factorized Variational Inference »
Shaobo Han · Xuejun Liao · Lawrence Carin -
2013 Poster: Real-Time Inference for a Gamma Process Model of Neural Spiking »
David Carlson · Vinayak Rao · Joshua T Vogelstein · Lawrence Carin -
2012 Workshop: Bayesian Nonparametric Models For Reliable Planning And Decision-Making Under Uncertainty »
Jonathan How · Lawrence Carin · John Fisher III · Michael Jordan · Alborz Geramifard -
2012 Poster: Joint Modeling of a Matrix with Associated Text via Latent Binary Features »
XianXing Zhang · Lawrence Carin -
2012 Poster: Augment-and-Conquer Negative Binomial Processes »
Mingyuan Zhou · Lawrence Carin -
2012 Spotlight: Augment-and-Conquer Negative Binomial Processes »
Mingyuan Zhou · Lawrence Carin -
2011 Poster: On the Analysis of Multi-Channel Neural Spike Data »
Bo Chen · David Carlson · Lawrence Carin -
2011 Poster: The Kernel Beta Process »
Lu Ren · Yingjian Wang · David B Dunson · Lawrence Carin -
2011 Spotlight: The Kernel Beta Process »
Lu Ren · Yingjian Wang · David B Dunson · Lawrence Carin -
2011 Poster: Hierarchical Topic Modeling for Analysis of Time-Evolving Personal Choices »
XianXing Zhang · David B Dunson · Lawrence Carin -
2010 Poster: Joint Analysis of Time-Evolving Binary Matrices and Associated Documents »
Eric X Wang · Dehong Liu · Jorge G Silva · David B Dunson · Lawrence Carin -
2009 Poster: A Bayesian Model for Simultaneous Image Clustering, Annotation and Object Segmentation »
Lan Du · Lu Ren · David B Dunson · Lawrence Carin -
2009 Poster: Non-Parametric Bayesian Dictionary Learning for Sparse Image Representations »
Mingyuan Zhou · Haojun Chen · John Paisley · Lu Ren · Guillermo Sapiro · Lawrence Carin -
2009 Poster: Learning to Explore and Exploit in POMDPs »
Chenghui Cai · Xuejun Liao · Lawrence Carin -
2008 Workshop: Cost Sensitive Learning »
Balaji R Krishnapuram · Shipeng Yu · Oksana Yakhnenko · R. Bharat Rao · Lawrence Carin -
2007 Poster: Semi-Supervised Multitask Learning »
Qiuhua Liu · Xuejun Liao · Lawrence Carin -
2007 Spotlight: Semi-Supervised Multitask Learning »
Qiuhua Liu · Xuejun Liao · Lawrence Carin