classifier accuracy increasing as attack strength (epsilon) increases

Trusted-AI / adversarial-robustness-toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

https://adversarial-robustness-toolbox.readthedocs.io/en/latest/

MIT License

4.88k stars 1.17k forks source link

classifier accuracy increasing as attack strength (epsilon) increases #687

Closed joelma1 closed 4 years ago

joelma1 commented 4 years ago

I have been applying evasion adversarial attacks on medical datasets, and noticed that after attack strength (epsilon) of FGSM, PGD, BIM increases above a certain point, classifier accuracy starts increasing instead of decreasing.

Is there an underlying reason for this behavior?

Example plot:

beat-buesser commented 4 years ago

Hi @joelma1 Thank you very much for raising this issue and describing your observations.

Would you be able to provide more details about your experiments like model architecture, model training, dataset, framework (TensorFlow?), ART version, etc.?

Would you be able to share a script or notebook that runs your experiment for us to reproduce?