Adversarial Examples, Neural Network, Convolutional Neural Networks, Deep Learning
Abstract
Recently, with the attention of researchers on the adversarial attack technology, the robustness of neural networks has become an urgent problem. An adversarial attack is a way to mislead the deep-learning neural networks and make several changes to the sample, which lets the model provide the wrong output with a high confidence level. Using these methods to attack some specific deep learning models achieves remarkable results, but the robustness of different neural network models has not yet been clarified. This paper studies the migration of adversarial examples, aiming to conclude whether the adversarial examples from specific models are also practical when applied to other models. Through this process, the fragility of neural networks when operating with adversarial attacks is universal and can be analyzed. The primary dataset is from the cifar-10 dataset, including ten classes of natural item images with RGB channels. The deep learning models are LeNet, ResNet18, and VGG16, which use the fast gradient sign method (FGSM). The attacked models generate incorrect samples, utilized in the other two models to demonstrate effective test performance. The result indicates that the attack on a specific neural network model cannot disturb other models.
