Generating Adversarial Examples for White-Box Attacks Based on GAN

Abstract

Deep neural networks (DNNs) are susceptible to adversarial examples attack and generate error output. Traditional adversarial examples generation methods are generated from the perspective of optimization. Based on the Generative Adversarial Network (GAN) framework, this paper proposes a method of adding an attentional mechanism and an autoencoder extractor to generate adversarial samples (SEAdvGAN). Firstly, the self-attention mechanism is introduced into the GAN framework of sample generation, so that the generator can generate and extract more important picture information, so as to generate more real samples. What's more the discriminator can discriminate the input pictures more effectively. Secondly, based on the GAN model, the text adds an autoencoder to extract potential variable features to reduce the loss between potential variable features and the output of the generator, constrains the quality of generated adversarial examples, and improves the success rate of attack. Experiments were carried out on MNIST and CIFAR-10 data sets to prove the effectiveness of the proposed method.