You need an account to view media

Sign in to view media

Don't have an account? Please contact us to request an account.

IJCNN Special Sessions
Deep and Generative Adversarial Learning

Few Features Attack to Fool Machine Learning Models through Mask-based GAN

Feng Chen

Date & Time

Mon, July 20, 2020

5:45 pm – 7:45 pm




GAN (Generative Adversarial Networks) is a machine-learning-based generative approach, which can create artificial contents such as images, languages and speeches. Recent studies have shown that GAN can also be applied to generate adversarial attack examples to fool the machine-learning models. In comparison with the non-learning adversarial attack examples approaches, the GAN-based adversarial attack example approach can generate the adversarial samples quickly when facing a new sample after training, but meanwhile needs to perturb the attack samples in great quantities. To address this issue, we propose a new approach, named Few-Features-Attack-GAN (FFA-GAN). FFA-GAN has a significant time-consuming advantage than the non-learning adversarial attack samples approaches as it is based on the GAN architecture, and also has a better non- zero-features performance than the GAN-based adversarial sample attack approaches because of the introduction of the mask mechanism in the generator of GAN to confine the perturbations. Experiments are made respectively on the structured data sets KDD-Cup 1999 and CIC-IDS 2017, in which the dimensions of the data are relatively low, and also on the unstructured data sets MNIST and CIFAR-10 in which the data have the relatively high dimensions. The results of the experiments demonstrate the effectiveness and the robustness of our proposed approach.


Feng Chen

Institute of Automation, Chinese Academy of Sciences
Sign in to join the conversationDon't have an account? Please contact us to request an account.
Sign in to view documentsDon't have an account? Please contact us to request an account.

Session Chair

Ariel Ruiz-Garcia

Coventry University