CentraleSupélec (3, rue Joliot Curie,
Plateau de Moulon,
91192 GIF-SUR-YVETTE Cedex - France)
Abstract : Adversarial examples are a hot topic due to their abilities to fool a classifier's prediction. There are two strategies to create such examples, one uses the attacked classifier's gradients, while the other only requires access to the clas-sifier's prediction. This is particularly appealing when the classifier is not full known (black box model). In this paper, we present a new method which is able to generate natural adversarial examples from the true data following the second paradigm. Based on Generative Adversarial Networks (GANs) [5], it reweights the true data empirical distribution to encourage the classifier to generate ad-versarial examples. We provide a proof of concept of our method by generating adversarial hyperspectral signatures on a remote sensing dataset.
https://hal.archives-ouvertes.fr/hal-02447625
Contributor : Jean-Christophe Burnel
<>
Submitted on : Saturday, January 25, 2020 - 12:02:38 PM
Last modification on : Wednesday, January 29, 2020 - 1:22:05 AM
Jean-Christophe Burnel, Kilian Fatras, Nicolas Courty. Generating Natural Adversarial Hyperspectral examples with a modified Wasserstein GAN. C&ESAR, Nov 2019, Rennes, France. ⟨hal-02447625⟩
