(Sociedad Argentina de Informática (SADIO), 2023-10-20)
Pons, Claudia Fabiana; Pérez, Gabriela
Abstract. Convolutional neural networks are a technique that has demonstrated
great success in computer vision tasks, such as image classification
and object detection. Like any machine learning model, they have
limitations and vulnerabilities that must be carefully considered for safe
and effective use. One of the main limitations lies in their complexity
and the difficulty of interpreting their internal workings, which can be
exploited for malicious purposes. The goal of these attacks is to make
deliberate changes to the input data in order to deceive the model and
cause it to make incorrect decisions. These attacks are known as adversarial
attacks. This work focuses on the generation of adversarial images
using genetic algorithms for a convolutional neural network trained
on the MNIST dataset. Several strategies are employed, including targeted
and untargeted attacks, as well as the presentation of interpretable
and non-interpretable images that are unrecognizable to humans but are
misidentified and confidently classified by the network. The experiment
demonstrates the ability to generate adversarial images in a relatively
short time, highlighting the vulnerability of neural networks and the ease
with which they can be deceived. These results underscore the importance
of developing more secure and reliable artificial intelligence systems
capable of resisting such attacks.
.