Catalogo dei prodotti della ricerca

Evaluating the adversarial robustness of machine-learning models using gradient-based attacks is challenging. In this work, we show that hyperparameter optimization can improve fast minimum-norm attacks by automating the selection of the loss function, the optimizer, and the step-size scheduler, along with the corresponding hyperparameters. Our extensive evaluation involving several robust models demonstrates the improved efficacy of fast minimum-norm attacks when hyped up with hyperparameter optimization. We release our open-source code at https://github.com/pralab/HO-FMN.

Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization / Floris, Giuseppe; Mura, Raffaele; Scionis, Luca; Piras, Giorgio; Pintor, Maura; Demontis, Ambra; Biggio, Battista. - (2023), pp. 127-132. (Intervento presentato al convegno European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning tenutosi a Bruges, Belgium) [10.14428/esann/2023.ES2023-164].

Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization

Luca Scionis;Giorgio Piras
;
2023

Abstract

Evaluating the adversarial robustness of machine-learning models using gradient-based attacks is challenging. In this work, we show that hyperparameter optimization can improve fast minimum-norm attacks by automating the selection of the loss function, the optimizer, and the step-size scheduler, along with the corresponding hyperparameters. Our extensive evaluation involving several robust models demonstrates the improved efficacy of fast minimum-norm attacks when hyped up with hyperparameter optimization. We release our open-source code at https://github.com/pralab/HO-FMN.
2023
European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning
Machine Learning; Adversarial Machine Learning; Optimization
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization / Floris, Giuseppe; Mura, Raffaele; Scionis, Luca; Piras, Giorgio; Pintor, Maura; Demontis, Ambra; Biggio, Battista. - (2023), pp. 127-132. (Intervento presentato al convegno European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning tenutosi a Bruges, Belgium) [10.14428/esann/2023.ES2023-164].
04b Atto di convegno in volume
File allegati a questo prodotto
File Dimensione Formato  
Floris_Improving-Fast_2023.pdf

solo gestori archivio

Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.69 MB
Formato Adobe PDF
  Contatta l'autore
1.69 MB Adobe PDF   Contatta l'autore
Floris_preprint_Improving-Fast_2023.pdf

accesso aperto

Note: https://www.esann.org/sites/default/files/proceedings/2023/ES2023-164.pdf
Tipologia: Documento in Pre-print (manoscritto inviato all'editore, precedente alla peer review)
Licenza: Creative commons
Dimensione 443.53 kB
Formato Adobe PDF
443.53 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1691338
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact