2023 Fiscal Year Final Research Report
Multimodal Optimization in Generating Adversarial Examples Using Evolutionary Algorithm
| Project/Area Number |
20K11977
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Review Section |
Basic Section 61040:Soft computing-related
|
|---|
| Research Institution | Nihon Fukushi University (2021-2023)
Hiroshima City University (2020) |
|---|
Principal Investigator |
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
高濱 徹行 広島市立大学, 情報科学研究科, 教授 (80197194)
|
|---|
| Project Period (FY) |
2020-04-01 – 2024-03-31
|
| Keywords | Adversarial Examples / 機械学習 / 進化計算 / Differential Evolution / 複数解探索 |
|---|
| Outline of Final Research Achievements |
Adversarial Examples (AE) are inputs intentionally designed by attackers to cause machine learning models to misidentify them. Developing countermeasures against AEs is an extremely important issue in the real-world applications of machine learning models. To construct robust defenses against AEs, it is necessary to thoroughly test the models against a variety of realistic adversarial attack scenarios. Consequently, the development of attack methods that can generate diverse AE patterns becomes crucial. This research focuses on the use of evolutionary computation to search for AEs and has developed an attack method capable of simultaneously searching for multiple AEs in a single search.
|
| Free Research Field |
進化計算
|
| Academic Significance and Societal Importance of the Research Achievements |
本課題では,差分進化(DE)を用いた攻撃であるOne pixel attackを基にした攻撃方法を開発した.開発した手法は,AE探索問題における目的関数の多峰性に注目し,目的関数に動的にペナルティを追加することにより,順番に異なるAEを探索することが可能である.この攻撃結果(発見された解の数や種類など)を解析することにより,機械学習モデルのAEに対する防御能力を多角的に評価できる.その結果,より堅牢な機械学習モデルの設計に繋がる重要な知見を得ることが期待される.
|
