Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. Athalye, A., Carlini, N., & Wagner, D. 35th International Conference on Machine Learning, ICML 2018, 1:436-448, 2018.
![Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper abstract bibtex
Paper abstract bibtex We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples. While defenses that causc obfuscated gradients appear to defeat iterative optimization- based attacks, wc find defenses relying on this effect can be circumvented. We describe characteristic behaviors of defenses exhibiting the effect, and for each of the three types Qf obfuscated gradients we discover, wc develop attack techniques to overcome it. In a case study, examining non- certified white-box-secure defenses at ICLR 2018. we find obfuscated gradients arc a common occurrence, with 7 of 9 defenses relying on obfuscated gradients. Our new attacks successfully circumvent 6 completely, and 1 partially, in the original threat model each paper considers.
@article{
title = {Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples},
type = {article},
year = {2018},
keywords = {Adversarial Examples,Deep Learning,Neural Networks,Robustness},
pages = {436-448},
volume = {1},
id = {41bcba3e-f4f2-38d4-a1a0-42299acba571},
created = {2022-01-05T09:23:16.616Z},
file_attached = {true},
profile_id = {ad172e55-c0e8-3aa4-8465-09fac4d5f5c8},
group_id = {1ff583c0-be37-34fa-9c04-73c69437d354},
last_modified = {2022-01-05T09:24:00.604Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {true},
hidden = {false},
folder_uuids = {62c10c84-630d-4fdf-af89-e343e67460c7},
private_publication = {false},
abstract = {We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples. While defenses that causc obfuscated gradients appear to defeat iterative optimization- based attacks, wc find defenses relying on this effect can be circumvented. We describe characteristic behaviors of defenses exhibiting the effect, and for each of the three types Qf obfuscated gradients we discover, wc develop attack techniques to overcome it. In a case study, examining non- certified white-box-secure defenses at ICLR 2018. we find obfuscated gradients arc a common occurrence, with 7 of 9 defenses relying on obfuscated gradients. Our new attacks successfully circumvent 6 completely, and 1 partially, in the original threat model each paper considers.},
bibtype = {article},
author = {Athalye, Anish and Carlini, Nicholas and Wagner, David},
journal = {35th International Conference on Machine Learning, ICML 2018}
}Downloads: 0
{"_id":"nco5thDumdMs3ioeT","bibbaseid":"athalye-carlini-wagner-obfuscatedgradientsgiveafalsesenseofsecuritycircumventingdefensestoadversarialexamples-2018","author_short":["Athalye, A.","Carlini, N.","Wagner, D."],"bibdata":{"title":"Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples","type":"article","year":"2018","keywords":"Adversarial Examples,Deep Learning,Neural Networks,Robustness","pages":"436-448","volume":"1","id":"41bcba3e-f4f2-38d4-a1a0-42299acba571","created":"2022-01-05T09:23:16.616Z","file_attached":"true","profile_id":"ad172e55-c0e8-3aa4-8465-09fac4d5f5c8","group_id":"1ff583c0-be37-34fa-9c04-73c69437d354","last_modified":"2022-01-05T09:24:00.604Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"folder_uuids":"62c10c84-630d-4fdf-af89-e343e67460c7","private_publication":false,"abstract":"We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples. While defenses that causc obfuscated gradients appear to defeat iterative optimization- based attacks, wc find defenses relying on this effect can be circumvented. We describe characteristic behaviors of defenses exhibiting the effect, and for each of the three types Qf obfuscated gradients we discover, wc develop attack techniques to overcome it. In a case study, examining non- certified white-box-secure defenses at ICLR 2018. we find obfuscated gradients arc a common occurrence, with 7 of 9 defenses relying on obfuscated gradients. Our new attacks successfully circumvent 6 completely, and 1 partially, in the original threat model each paper considers.","bibtype":"article","author":"Athalye, Anish and Carlini, Nicholas and Wagner, David","journal":"35th International Conference on Machine Learning, ICML 2018","bibtex":"@article{\n title = {Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples},\n type = {article},\n year = {2018},\n keywords = {Adversarial Examples,Deep Learning,Neural Networks,Robustness},\n pages = {436-448},\n volume = {1},\n id = {41bcba3e-f4f2-38d4-a1a0-42299acba571},\n created = {2022-01-05T09:23:16.616Z},\n file_attached = {true},\n profile_id = {ad172e55-c0e8-3aa4-8465-09fac4d5f5c8},\n group_id = {1ff583c0-be37-34fa-9c04-73c69437d354},\n last_modified = {2022-01-05T09:24:00.604Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n folder_uuids = {62c10c84-630d-4fdf-af89-e343e67460c7},\n private_publication = {false},\n abstract = {We identify obfuscated gradients, a kind of gradient masking, as a phenomenon that leads to a false sense of security in defenses against adversarial examples. While defenses that causc obfuscated gradients appear to defeat iterative optimization- based attacks, wc find defenses relying on this effect can be circumvented. We describe characteristic behaviors of defenses exhibiting the effect, and for each of the three types Qf obfuscated gradients we discover, wc develop attack techniques to overcome it. In a case study, examining non- certified white-box-secure defenses at ICLR 2018. we find obfuscated gradients arc a common occurrence, with 7 of 9 defenses relying on obfuscated gradients. Our new attacks successfully circumvent 6 completely, and 1 partially, in the original threat model each paper considers.},\n bibtype = {article},\n author = {Athalye, Anish and Carlini, Nicholas and Wagner, David},\n journal = {35th International Conference on Machine Learning, ICML 2018}\n}","author_short":["Athalye, A.","Carlini, N.","Wagner, D."],"urls":{"Paper":"https://bibbase.org/service/mendeley/bfbbf840-4c42-3914-a463-19024f50b30c/file/2a121586-d8ae-833d-1485-f12af7c0cd52/33944863406467.pdf.pdf"},"biburl":"https://bibbase.org/service/mendeley/bfbbf840-4c42-3914-a463-19024f50b30c","bibbaseid":"athalye-carlini-wagner-obfuscatedgradientsgiveafalsesenseofsecuritycircumventingdefensestoadversarialexamples-2018","role":"author","keyword":["Adversarial Examples","Deep Learning","Neural Networks","Robustness"],"metadata":{"authorlinks":{}}},"bibtype":"article","biburl":"https://bibbase.org/service/mendeley/bfbbf840-4c42-3914-a463-19024f50b30c","dataSources":["nxjWwW7fWbb5tfpKz"],"keywords":["adversarial examples","deep learning","neural networks","robustness"],"search_terms":["obfuscated","gradients","give","false","sense","security","circumventing","defenses","adversarial","examples","athalye","carlini","wagner"],"title":"Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples","year":2018}