Engineering Commons^™

Generating Adversarial Attacks For Sparse Neural Networks, Jack H. Chen, Walt Woods

Undergraduate Research & Mentoring Program

Neural networks provide state-of-the-art accuracy for image classification tasks. However traditional networks are highly susceptible to imperceivable perturbations to their inputs known as adversarial attacks that drastically change the resulting output. The magnitude of these perturbations can be measured as Mean Squared Error (MSE). We use genetic algorithms to produce black-box adversarial attacks and examine MSE on state-of-the-art networks. This method generates an attack that converts 90% confidence on a correct class to 50% confidence of a targeted, incorrect class after 2000 epochs. We will generate and examine attacks and their MSE against several sparse neural networks. We theorize that …