Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE

Wenzhao Xiang; Chang Liu; Shibao Zheng

Improving Visual Quality of Unrestricted Adversarial Examples with Wavelet-VAE

Wenzhao Xiang, Chang Liu, Shibao Zheng

Published: 21 Jun 2021, Last Modified: 05 May 2023ICML 2021 Workshop AML PosterReaders: Everyone

Keywords: Unrestricted adversarial attacks, Wavelet transform, VAE

TL;DR: We propose an unrestricted adversarial attack algorithm based on wavelet-VAE network to obtain high quality adversarial examples.

Abstract: Traditional adversarial examples are typically generated by adding perturbation noise to the input image within a small matrix norm. In practice, unrestricted adversarial attack has raised great concern and presented a new threat to the AI safety. In this paper, we propose a wavelet-VAE structure to reconstruct an input image and generate adversarial examples by modifying the latent code. Different from perturbation-based attack, the modifications of the proposed method are not limited but imperceptible to human eyes. Experiments show that our method can generate high quality adversarial examples on ImageNet dataset.

2 Replies

Loading