Abstract
Intrinsic susceptibility of deep learning to adversarial examples has led to a plethora of attack techniques with a common broad objective of fooling deep models. However, we find slight compositional differences between the algorithms achieving this objective. These differences leave traces that provide important clues for attacker profiling in real-life scenarios. Inspired by this, we introduce a novel problem of 'Reverse Engineering of aDversarial attacks' (RED). Given an adversarial example, the objective of RED is to identify the attack used to generate it. Under this perspective, we can systematically group existing attacks into different families, leading to the sub-problem of attack family identification. To enable RED analysis, we introduce a large 'Adversarial Identification Dataset' (AID), comprising over 180k adversarial samples generated with 13 popular attacks for image specific/agnostic white/black box setups. We use AID to devise a novel framework for the RED objective. The proposed framework is designed using a novel Transformer based Global-LOcal Feature(GLoF) module which helps in approximating the adversarial perturbation and identification of the attack. Using AID and our framework, we provide multiple interesting benchmark results for the RED problem.
Notes
If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu
Graduation Date
2022
Semester
Summer
Advisor
Rawat, Yogesh Singh
Degree
Master of Science (M.S.)
College
College of Engineering and Computer Science
Department
Computer Science
Degree Program
Computer Science
Identifier
CFE0009642; DP0027469
URL
https://purls.library.ucf.edu/go/DP0027469
Language
English
Release Date
February 2023
Length of Campus-only Access
None
Access Status
Masters Thesis (Open Access)
STARS Citation
Ambati, Rahul, "Reverse Engineering of Adversarial Samples by Leveraging Patterns left by the Attacker" (2022). Electronic Theses and Dissertations, 2020-2023. 1503.
https://stars.library.ucf.edu/etd2020/1503