Any adversarial attack that sustains after resize attack

carlini / nn_robust_attacks

Robust evasion attacks against neural network to find adversarial examples

BSD 2-Clause "Simplified" License

789 stars 229 forks source link

Any adversarial attack that sustains after resize attack #38

Closed BalaMallikarjuna-G closed 3 years ago

BalaMallikarjuna-G commented 4 years ago

Hi Sir,

This is Bala. I have a query regarding adversarial attack.

Is there any adversarial attack that sustains/consists of added noise, after resize attack ? (adversarial image -> converting into High / low resolution image -> resize to original adverarial image size)

Thanks, Bala

carlini commented 3 years ago

If you use some form of EOT (Athalye et al. 2018) then it should be possible to make resize-robust adversarial examples.