Associative Discussion Among Generating Adversarial Samples Using Evolutionary Algorithm and Samples Generated Using GAN

Aruna Pavate; Rajesh Bansode; Parvathaneni Naga Srinivasu; Jana Shafi; Jaeyoung Choi; Muhammad Fazal Ijaz

doi:10.1109/ACCESS.2023.3343754

IEEE Access (Jan 2023)

Associative Discussion Among Generating Adversarial Samples Using Evolutionary Algorithm and Samples Generated Using GAN

Aruna Pavate,
Rajesh Bansode,
Parvathaneni Naga Srinivasu,
Jana Shafi,
Jaeyoung Choi,
Muhammad Fazal Ijaz

Affiliations

Aruna Pavate: ORCiD; School of CSIT, Symbiosis Skills and Professional University, Pune, India
Rajesh Bansode: Department of Information Technology, Thakur College of Engineering, Mumbai, India
Parvathaneni Naga Srinivasu: ORCiD; Department of Teleinformatics Engineering, Federal University of Ceará, Fortaleza, Brazil
Jana Shafi: ORCiD; Department of Computer Science, College of Arts and Science, Prince Sattam bin Abdulaziz University, Wadi Ad-Dawasir, Saudi Arabia
Jaeyoung Choi: ORCiD; School of Computing, Gachon University, Seongnam-si, Republic of Korea
Muhammad Fazal Ijaz: ORCiD; School of IT and Engineering, Melbourne Institute of Technology, Melbourne, VIC, Australia

DOI: https://doi.org/10.1109/ACCESS.2023.3343754
Journal volume & issue: Vol. 11
pp. 143757 – 143770

Abstract

Read online

The remarkable accomplishments of deep neural networks (DNN) have led to their widespread adoption in various contexts, including safety-critical applications. Many strategies have been implemented to generate adversarial samples using DNN, raising the question of the security of the model. Adding slight magnitude noise to the input samples during training or testing can misguide DNN to produce different results than the actual one. DNNs are sensitive to indiscernible adversarial samples but readily identifiable by them. Currently, gradient-based approaches are used to generate adversarial samples. Gradient-based methods require internal details of the model, such as several parameters, model type, Etc. Usually, these details are practically unavailable, and calculating the gradient for non-differential models is impossible. In this work, we propose a novel DESapsDE framework based on evolutionary algorithms to generate adversarial samples from the probability of labels. We also incorporated the discussion with the various Generative Adversarial Networks (GANs) models, such as ACGAN, DCGAN, and SAGAN. It has been observed that GANs differ from adversarial sample generation methods and can be applied as defense mechanisms. The proposed method reduced model confidence to 13.09% for the ResNet50 model, 30.34% for the WideResNet model, and 23.1% for the DenseNet model, with an FID score of 16.45. The proposed model varies from the GAN model. It applies to attack-on-network models as a preventive major to make the model robust.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords