MUTEN: Mutant-Based Ensembles for Boosting Gradient-Based Adversarial Attack

Mutation testing (MT) for deep learning (DL) has gained huge attention in the past few years. However, how MT can really help DL is still unclear. In this paper, we introduce one promising direction for the usage of mutants. Specifically, since mutants can be seen as one kind of ensemble model and e...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	IEEE/ACM International Conference on Automated Software Engineering : [proceedings] s. 1708 - 1712
Hlavní autoři:	Hu, Qiang, Guo, Yuejun, Cordy, Maxime, Papadakis, Mike, Traon, Yves Le
Médium:	Konferenční příspěvek
Jazyk:	angličtina
Vydáno:	IEEE 11.09.2023
Témata:	Boosting Deep learning Smoothing methods Software engineering Testing Transform coding
ISSN:	2643-1572
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Abstract	Mutation testing (MT) for deep learning (DL) has gained huge attention in the past few years. However, how MT can really help DL is still unclear. In this paper, we introduce one promising direction for the usage of mutants. Specifically, since mutants can be seen as one kind of ensemble model and ensemble model can be used to boost the adversarial attack, we propose MUTEN, which applies the attack on mutants to improve the success rate of well-known attacks against gradient-masking models. Experimental results on MNIST, SVHN, and CIFAR-10 show that MUTEN can increase the success rate of four attacks by up to 45%. Furthermore, experiments on four defense approaches, bit-depth reduction, JPEG compression, Defensive distillation, and Label smoothing, demonstrate that MUTEN can break the defense models effectively by enhancing the attacks with the success rate of up to 96%.
AbstractList	Mutation testing (MT) for deep learning (DL) has gained huge attention in the past few years. However, how MT can really help DL is still unclear. In this paper, we introduce one promising direction for the usage of mutants. Specifically, since mutants can be seen as one kind of ensemble model and ensemble model can be used to boost the adversarial attack, we propose MUTEN, which applies the attack on mutants to improve the success rate of well-known attacks against gradient-masking models. Experimental results on MNIST, SVHN, and CIFAR-10 show that MUTEN can increase the success rate of four attacks by up to 45%. Furthermore, experiments on four defense approaches, bit-depth reduction, JPEG compression, Defensive distillation, and Label smoothing, demonstrate that MUTEN can break the defense models effectively by enhancing the attacks with the success rate of up to 96%.
Author	Traon, Yves Le Guo, Yuejun Cordy, Maxime Papadakis, Mike Hu, Qiang
Author_xml	– sequence: 1 givenname: Qiang surname: Hu fullname: Hu, Qiang organization: University of Luxembourg,Luxembourg – sequence: 2 givenname: Yuejun surname: Guo fullname: Guo, Yuejun organization: Luxembourg Institute of Science and Technology,Luxembourg – sequence: 3 givenname: Maxime surname: Cordy fullname: Cordy, Maxime organization: University of Luxembourg,Luxembourg – sequence: 4 givenname: Mike surname: Papadakis fullname: Papadakis, Mike organization: University of Luxembourg,Luxembourg – sequence: 5 givenname: Yves Le surname: Traon fullname: Traon, Yves Le organization: University of Luxembourg,Luxembourg
BookMark	eNo9j81Kw0AURkdRsK19Al3MCyRO7vwk4y4tsQqpLmzX5WZyI9E2kZlR6NurKK4-DhwOfFN2NowDMXaViTTLhL0pnyttAGwKAmQqhFBwwuY2t4XUQoK1Rp2yCRglk0zncMGmIbwKob8hn7B6vd1Uj7d8_RFxiMkCA7W8GgIdmj0F3o2eL8YxxH544SuPbU__Vtl-kg_oe9zzMkZ0b5fsvMN9oPnfztj2rtos75P6afWwLOsEoVAxMY02DoxwLWGGRKCUNq2yoDXJ3GhtXdMVjpwD54pGo7LO2s50rcw7K42csevfbk9Eu3ffH9Afd5mAn8-5_ALyOU-6
CODEN	IEEPAD
ContentType	Conference Proceeding
DBID	6IE 6IL CBEJK RIE RIL
DOI	10.1109/ASE56229.2023.00042
DatabaseName	IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISBN	9798350329964
EISSN	2643-1572
EndPage	1712
ExternalDocumentID	10298357
Genre	orig-research
GroupedDBID	6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL
ID	FETCH-LOGICAL-a284t-6b56c260cdea1aee24456d49255e376559cbf8cecc2cc8b5a49c99f6fd37f9363
IEDL.DBID	RIE
ISICitedReferencesCount	2
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001103357200139&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
IngestDate	Wed Aug 27 02:32:41 EDT 2025
IsPeerReviewed	false
IsScholarly	true
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-a284t-6b56c260cdea1aee24456d49255e376559cbf8cecc2cc8b5a49c99f6fd37f9363
PageCount	5
ParticipantIDs	ieee_primary_10298357
PublicationCentury	2000
PublicationDate	2023-Sept.-11
PublicationDateYYYYMMDD	2023-09-11
PublicationDate_xml	– month: 09 year: 2023 text: 2023-Sept.-11 day: 11
PublicationDecade	2020
PublicationTitle	IEEE/ACM International Conference on Automated Software Engineering : [proceedings]
PublicationTitleAbbrev	ASE
PublicationYear	2023
Publisher	IEEE
Publisher_xml	– name: IEEE
SSID	ssj0051577 ssib057256115
Score	2.2652326
Snippet	Mutation testing (MT) for deep learning (DL) has gained huge attention in the past few years. However, how MT can really help DL is still unclear. In this...
SourceID	ieee
SourceType	Publisher
StartPage	1708
SubjectTerms	Boosting Deep learning Smoothing methods Software engineering Testing Transform coding
Title	MUTEN: Mutant-Based Ensembles for Boosting Gradient-Based Adversarial Attack
URI	https://ieeexplore.ieee.org/document/10298357
WOSCitedRecordID	wos001103357200139&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELWgYmAqH0V8ywNroHYSu2ZrUQpDW1WiRd0qx75ICEhQk_L7ObtJEQMDW-RksHx23l3y3jtCbgyIEG90AytZFES6awNlYixVhEm5jrFA8ATZl5GcTHqLhZrWYnWvhQEATz6DW3fp_-XbwqzdpzI84VxhxiB3ya6UYiPWajZPLBG8GdvmvojTUtY2Q6yr7vrPCUI9d9oUHnqPTv6roYrHk2H7nzM5IJ0fZR6dbjHnkOxAfkTaTWsGWp_UYzIaz2fJ5J6O165LcDBArLI0yUv4SN-hpJip0kFRlI7zTB9XnvbVPOVbNJfabUzarypt3jpkPkxmD09B3Tgh0Ig2VSDSWBgsVIwFzTQAQngsrLMhjAFfKFhEmDTrGYweN6aXxjpSRqlMZDaUmQpFeEJaeZHDKaHMcKXDCIR1zm8IZEoZaSINnIHOIDojHbc6y8-NN8ayWZjzP8YvyL4LgGNcMHZJWtVqDVdkz3xVr-Xq2kf0GyH5oEw
linkProvider	IEEE
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELWgIMFUPor4xgNrIHa-arYWpRSRRpVoUbfKcS4SAhLUpPx-zm5SxMDAFjkZLJ-dd5e8946QawW-gzdsKw2Ya7nSTi2hPCxVfJVw6WGBYAiyL1EQx93ZTIxrsbrRwgCAIZ_Bjb40__LTQi31pzI84VxgxhBski3Pdbm9kms128cLEL4ZW2e_iNRBUBsNMVvc9p5DBHuu1SncMS6d_FdLFYMog_Y_57JHOj_aPDpeo84-2YD8gLSb5gy0PquHJBpNJ2F8R0dL3SfY6iNapTTMS_hI3qGkmKvSflGUmvVMHxaG-NU8ZZo0l1JvTdqrKqneOmQ6CCf3Q6tunWBJxJvK8hPPV1iqqBQkkwAI4p6faiNCD_CVgmWESrKuwvhxpbqJJ12hhMj8LHWCTDi-c0RaeZHDMaFMcSEdF_xUe78hlAmhAuVK4AxkBu4J6ejVmX-u3DHmzcKc_jF-RXaGk1E0jx7jpzOyq4Oh-ReMnZNWtVjCBdlWX9Vrubg00f0Gqa2jkw
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%3A+%5Bproceedings%5D&rft.atitle=MUTEN%3A+Mutant-Based+Ensembles+for+Boosting+Gradient-Based+Adversarial+Attack&rft.au=Hu%2C+Qiang&rft.au=Guo%2C+Yuejun&rft.au=Cordy%2C+Maxime&rft.au=Papadakis%2C+Mike&rft.date=2023-09-11&rft.pub=IEEE&rft.eissn=2643-1572&rft.spage=1708&rft.epage=1712&rft_id=info:doi/10.1109%2FASE56229.2023.00042&rft.externalDocID=10298357