当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Partial Break of the Honeypots Defense to Catch Adversarial Attacks
arXiv - CS - Cryptography and Security Pub Date : 2020-09-23 , DOI: arxiv-2009.10975
Nicholas Carlini

A recent defense proposes to inject "honeypots" into neural networks in order to detect adversarial attacks. We break the baseline version of this defense by reducing the detection true positive rate to 0\% and the detection AUC to 0.02, maintaining the original distortion bounds. The authors of the original paper have amended the defense in their CCS'20 paper to mitigate this attacks. To aid further research, we release the complete 2.5 hour keystroke-by-keystroke screen recording of our attack process at https://nicholas.carlini.com/code/ccs_honeypot_break.

中文翻译:

部分中断蜜罐防御以捕获对抗性攻击

最近的一项防御建议将“蜜罐”注入神经网络,以检测对抗性攻击。我们通过将检测真阳性率降低到 0\% 和检测 AUC 降低到 0.02 来打破这种防御的基线版本,保持原始失真边界。原始论文的作者在他们的 CCS'20 论文中修改了防御以减轻这种攻击。为了帮助进一步研究,我们在 https://nicholas.carlini.com/code/ccs_honeypot_break 上发布了完整的 2.5 小时逐键击键屏幕记录我们的攻击过程。
更新日期:2020-09-24
down
wechat
bug