EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

RISOPA: Rapid Imperceptible Strong One-Pixel Attacks in Deep Neural Networks

Wonhong Nam, Kunha Kim, Hyunwoo Moon, Hyeongmin Noh, Jiyeon Park and Hyunyoung Kil ()
Additional contact information
Wonhong Nam: Department of Computer Science and Engineering, Konkuk University, Seoul 05029, Republic of Korea
Kunha Kim: Department of Computer Science and Engineering, Konkuk University, Seoul 05029, Republic of Korea
Hyunwoo Moon: Department of Computer Science and Engineering, Konkuk University, Seoul 05029, Republic of Korea
Hyeongmin Noh: Department of Computer Science and Engineering, Konkuk University, Seoul 05029, Republic of Korea
Jiyeon Park: Department of Computer Science and Engineering, Konkuk University, Seoul 05029, Republic of Korea
Hyunyoung Kil: Department of Software, Korea Aerospace University, Goyang 10540, Republic of Korea

Mathematics, 2024, vol. 12, issue 7, 1-17

Abstract: Recent research has revealed that subtle imperceptible perturbations can deceive well-trained neural network models, leading to inaccurate outcomes. These instances, known as adversarial examples, pose significant threats to the secure application of machine learning techniques in safety-critical systems. In this paper, we delve into the study of one-pixel attacks in deep neural networks, recently reported as a kind of adversarial examples. To identify such one-pixel attacks, most existing methodologies rely on the differential evolution method, which utilizes random selection from the current population to escape local optima. However, the differential evolution technique might waste search time and overlook good solutions if the number of iterations is insufficient. Hence, in this paper, we propose a gradient ascent with momentum approach to efficiently discover good solutions for the one-pixel attack problem. As our method takes a more direct route to the goal compared to existing methods relying on blind random walks, it can effectively identify one-pixel attacks. Our experiments conducted on popular CNNs demonstrate that, in comparison with existing methodologies, our technique can detect one-pixel attacks significantly faster.

Keywords: one-pixel attack; adversarial example; neural network; image recognition; CIFAR-10 (search for similar items in EconPapers)
JEL-codes: C (search for similar items in EconPapers)
Date: 2024
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/2227-7390/12/7/1083/pdf (application/pdf)
https://www.mdpi.com/2227-7390/12/7/1083/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jmathe:v:12:y:2024:i:7:p:1083-:d:1369774

Access Statistics for this article

Mathematics is currently edited by Ms. Emma He

More articles in Mathematics from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jmathe:v:12:y:2024:i:7:p:1083-:d:1369774