Adversarial attack is a method used to deceive Machine Learning (ML) models, that offers a technique to test the robustness of the given model and it is vital to balance robustness with accuracy. Artificial Intelligence (AI) researchers are constantly trying to find a better balance, to develop new techniques and approaches to minimize loss of accuracy and increase robustness. To address these gaps, this paper proposes a hybrid adversarial attack strategy by utilizing the Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD) effectively to compute the perturbations which deceive deep neural networks, thus quantifying robustness without compromising its accuracy. Three distinct datasets—the CelebA, CIFAR-10, and MNIST datasets—were used in the extensive experiment, and six analyses were carried out to assess how well the suggested technique performed against attacks and defense mechanisms. The proposed model yielded confidence values of 99.99% for the MNIST dataset, 99.93% for the CelebA dataset, and 99.99% for the CIFAR-10 dataset. Defense study revealed that the proposed model outperformed previous models with a robust accuracy of 75.33% for the CelebA dataset, 55.4% for CIFAR-10, and 98.65% for the MNIST dataset. The results of the experiment demonstrate that the model proposed evaluates better than the other existing methods in computing the adversarial test and improvising towards the robustness of the system thereby minimizing accuracy loss.
Dhanaraj et al. (Tue,) studied this question.
Synapse has enriched 3 closely related papers on similar clinical questions. Consider them for comparative context: