Publication | Open Access
DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks
5.2K
Citations
15
References
2016
Year
Unknown Venue
Convolutional Neural NetworkEngineeringMachine LearningSuch PerturbationsEvasion TechniqueVerificationAi SafetyData SciencePattern RecognitionSparse Neural NetworkAdversarial Machine LearningDeepfool AlgorithmMachine VisionAccurate MethodFeature LearningMachine Learning ModelAdversarial PerturbationsComputer ScienceDeep LearningComputer VisionDeep Neural NetworksAttack Model
State‑of‑the‑art deep neural networks achieve impressive image‑classification performance yet are unstable to small perturbations, and no effective methods exist to accurately assess their robustness on large‑scale datasets. This work proposes the DeepFool algorithm to efficiently compute perturbations that fool deep networks and thereby quantify classifier robustness. DeepFool iteratively finds the minimal adversarial perturbation that changes the network’s decision, enabling rapid robustness evaluation. Experiments demonstrate that DeepFool outperforms recent methods for computing adversarial perturbations and improves classifier robustness.
State-of-the-art deep neural networks have achieved impressive results on many image classification tasks. However, these same architectures have been shown to be unstable to small, well sought, perturbations of the images. Despite the importance of this phenomenon, no effective methods have been proposed to accurately compute the robustness of state-of-the-art deep classifiers to such perturbations on large-scale datasets. In this paper, we fill this gap and propose the DeepFool algorithm to efficiently compute perturbations that fool deep networks, and thus reliably quantify the robustness of these classifiers. Extensive experimental results show that our approach outperforms recent methods in the task of computing adversarial perturbations and making classifiers more robust.
| Year | Citations | |
|---|---|---|
Page 1
Page 1