Conference Proceedings

Adequacy of the Gradient-Descent Method for Classifier Evasion Attacks

Y Han, B Rubinstein

The Workshops of the Thirty-First AAAI Conference on Artificial Intelligence | The AAAI Press | Published : 2018


Despite the widespread use of machine learning in adversarial settings such as computer security, recent studies have demonstrated vulnerabilities to evasion attacks—carefully crafted adversarial samples that closely resemble legitimate instances, but cause misclassification. In this paper, we examine the adequacy of the leading approach to generating adversarial samples—the gradient-descent approach. In particular (1) we perform extensive experiments on three datasets, MNIST, USPS and Spambase, in order to analyse the effectiveness of the gradient-descent method against non-linear support vector machines, and conclude that carefully reduced kernel smoothness can significantly increase robus..

View full abstract