5 research outputs found
Unveiling Vulnerabilities in Interpretable Deep Learning Systems with Query-Efficient Black-box Attacks
Deep learning has been rapidly employed in many applications revolutionizing
many industries, but it is known to be vulnerable to adversarial attacks. Such
attacks pose a serious threat to deep learning-based systems compromising their
integrity, reliability, and trust. Interpretable Deep Learning Systems (IDLSes)
are designed to make the system more transparent and explainable, but they are
also shown to be susceptible to attacks. In this work, we propose a novel
microbial genetic algorithm-based black-box attack against IDLSes that requires
no prior knowledge of the target model and its interpretation model. The
proposed attack is a query-efficient approach that combines transfer-based and
score-based methods, making it a powerful tool to unveil IDLS vulnerabilities.
Our experiments of the attack show high attack success rates using adversarial
examples with attribution maps that are highly similar to those of benign
samples which makes it difficult to detect even by human analysts. Our results
highlight the need for improved IDLS security to ensure their practical
reliability.Comment: arXiv admin note: text overlap with arXiv:2307.0649
To determine the role and importance of marketing research in the development of tourist routes
The article examines the role and importance of marketing research in the development of tourist routes in our country
Technologies for the Development of Artistic Aesthetic Thinking of Students Through Art Works
Improving the content of education throught the effective use of modern information technology, especially throught the organithation of classes with the use of national works of art with a rich history created by the Uzbek people, and to describle their image in practical lessons It is effective to teach and educate future teachers more deeply the history of our national art, to teach students Uzbek national art in a spiritually harmonious way, with a high level of knowledge of national art.If the ways are scientificall substantiated and applied in practice, a lot of work will be solved in the development of innovative technologies for the formation of artistic and aesthetic thinking of students of generl secondary education
Three-dimensional Visualization of Tourist Facilities as an Element to Provide Information to Tourist Firms
If we look at the features of modern tourism, virtual reality models such as spherical panoramas, 3D, etc. play an important role in providing information to the tourism industry. Such technologies allow tourism companies to attract potential customers and go on a virtual journey
Microbial Genetic Algorithm-based Black-box Attack against Interpretable Deep Learning Systems
Deep learning models are susceptible to adversarial samples in white and
black-box environments. Although previous studies have shown high attack
success rates, coupling DNN models with interpretation models could offer a
sense of security when a human expert is involved, who can identify whether a
given sample is benign or malicious. However, in white-box environments,
interpretable deep learning systems (IDLSes) have been shown to be vulnerable
to malicious manipulations. In black-box settings, as access to the components
of IDLSes is limited, it becomes more challenging for the adversary to fool the
system. In this work, we propose a Query-efficient Score-based black-box attack
against IDLSes, QuScore, which requires no knowledge of the target model and
its coupled interpretation model. QuScore is based on transfer-based and
score-based methods by employing an effective microbial genetic algorithm. Our
method is designed to reduce the number of queries necessary to carry out
successful attacks, resulting in a more efficient process. By continuously
refining the adversarial samples created based on feedback scores from the
IDLS, our approach effectively navigates the search space to identify
perturbations that can fool the system. We evaluate the attack's effectiveness
on four CNN models (Inception, ResNet, VGG, DenseNet) and two interpretation
models (CAM, Grad), using both ImageNet and CIFAR datasets. Our results show
that the proposed approach is query-efficient with a high attack success rate
that can reach between 95% and 100% and transferability with an average success
rate of 69% in the ImageNet and CIFAR datasets. Our attack method generates
adversarial examples with attribution maps that resemble benign samples. We
have also demonstrated that our attack is resilient against various
preprocessing defense techniques and can easily be transferred to different DNN
models