Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Convolutional Networks

Deep Convolutional Networks (DCNs) have been shown to be vulnerable to adversarial examples---perturbed inputs specifically designed to produce intentional errors in the learning algorithms at test time. Existing input-agnostic adversarial perturbations exhibit interesting visual patterns that are currently unexplained. In this paper, we introduce a structured approach for generating Universal Adversarial Perturbations (UAPs) with procedural noise functions. Our approach unveils the systemic vulnerability of popular DCN models like Inception v3 and YOLO v3, with single noise patterns able to fool a model on up to 90% of the dataset. Procedural noise allows us to generate a distribution of UAPs with high universal evasion rates using only a few parameters. Additionally, we propose Bayesian optimization to efficiently learn procedural noise parameters to construct inexpensive untargeted black-box attacks. We demonstrate that it can achieve an average of less than 10 queries per successful attack, a 100-fold improvement on existing methods. We further motivate the use of input-agnostic defences to increase the stability of models to adversarial perturbations. The universality of our attacks suggests that DCN models may be sensitive to aggregations of low-level class-agnostic features. These findings give insight on the nature of some universal adversarial perturbations and how they could be generated in other applications.Comment: 16 pages, 10 figures. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19

A Survey of Monte Carlo Tree Search Methods

Monte Carlo tree search (MCTS) is a recently proposed search method that combines the precision of tree search with the generality of random sampling. It has received considerable interest due to its spectacular success in the difficult problem of computer Go, but has also proved beneficial in a range of other domains. This paper is a survey of the literature to date, intended to provide a snapshot of the state of the art after the first five years of MCTS research. We outline the core algorithm's derivation, impart some structure on the many variations and enhancements that have been proposed, and summarize the results from the key game and nongame domains to which MCTS methods have been applied. A number of open research questions indicate that the field is ripe for future work

Adversarialism in Italy: Using the concept of legal culture to understand resistance to legal modifications and its consequences

Based on the author’s empirical study on Italian prosecutors, this article uses legal culture to analyze the reasons why prosecutors are resisting certain legal modifications. In so doing, this paper tries to offer a fresh perspective over (comparative) global issues, such as: the meaning of inquisitorial and adversarial in modern criminal justice systems, the impact of legal transplants and legal translations and the centrality of prosecutors’ powers in contemporary criminal justice systems. In particular, the analysis of legal culture in a comparative perspective can stretch our imagination about what is the true extent of prosecutors’ powers, and how these can be related and balanced against the defendant’s rights

Arguing for Principles in Different Legal Cultures

In all legal systems lawyers and judges appeal to general principles. These principles supposed to be taken from the very grounds of Justice. Accordingly they are presented as setting forth such an argument that it should defeat the opponent’s. In this paper I will be interested in the principle of legal certainty and in how it is is understood in Anglo-Saxon and a Continental legal cultures

Narrative, Truth, and Trial

This Article critically evaluates the relationship between constructing narratives and achieving factual accuracy at trials. The story model of adjudication— according to which jurors process testimony by organizing it into competing narratives—has gained wide acceptance in the descriptive work of social scientists and currency in the courtroom, but it has received little close attention from legal theorists. The Article begins with a discussion of the meaning of narrative and its function at trial. It argues that the story model is incomplete, and that “legal truth” emerges from a hybrid of narrative and other means of inquiry. As a result, trials contain opportunities to promote more systematic consideration of evidence. Second, the Article asserts that, to the extent the story model is descriptively correct with respect to the structure of juror decision making, it also gives rise to normative concerns about the tension between characteristic features of narrative and the truth-seeking aspirations of trial. Viewing trials through the lens of narrative theory brings sources of bias and error into focus and suggests reasons to increase the influence of analytic processes. The Article then appraises improvements in trial mechanics—from prosecutorial discovery obligations through appellate review of evidentiary errors—that might account for the influence of stories. For example, a fuller understanding of narrative exposes the false assumption within limiting instructions that any piece of evidence exists in isolation. And to better inform how adjudicators respond to stories in the courtroom, the Article argues for modifying instructions in terms of their candor, explanatory content, and timing