IAM

15thSEPTEMBER2019

READING

Yan Zhou, Murat Kantarcioglu, Bowei Xi. Breaking Transferability of Adversarial Samples with Randomness. CoRR abs/1805.04613 (2018).

Zhou et al. study transferability of adversarial examples against ensembles of randomly perturbed networks. Specifically, they consider randomly perturbing the weights using Gaussian additive noise. Using an ensemble of these perturbed networks, the authors show that transferability of adversarial examples decreases significantly. However, the authors do not consider adapting their attack to this defense scenario.

Also find this summary on ShortScience.org.

What is your opinion on the summarized work? Or do you know related work that is of interest? Let me know your thoughts in the comments below: