Between Dec 19, 2024 and Jan 2, 2025, datasets can be submitted to DRUM but will not be processed until after the break. Staff will not be available to answer email during this period, and will not be able to provide DOIs until after Jan 2. If you are in need of a DOI during this period, consider Dryad or OpenICPSR. Submission responses to the UDC may also be delayed during this time.

Browsing by Author "Hnatek, Joseph"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Exploring Mechanisms for the Evolution of One-Pixel-Attacks on Deep Neural Networks
    (2021-05) Hnatek, Joseph
    Recent studies from Su et al., (2019, and Nguyen, et al., 2015) have shown that Deep Neural Networks may have a weakness when it classifies an image. They have shown that when perturbing a single pixel in an image of size 32x32, they were able to significantly change the output of the neural network. To generate an attack, Nguyen et al. used an Evolutionary Strategy called Differential Evolution (DE). Evolutionary Strategies are algorithms that mimic biological genetic evolution. By using DE, they were able to conclude that it was a viable method in the generation of these attacks. In their research, they mentioned that future work could be devoted to looking at additional Evolutionary Strategies to increase the likelihood of successful attacks. Therefore, in this research, we extended Nguyen et al.’s work by using DE algorithms proposed from Qin and Suganthan called Adaptive Differential Evolution (AdaptiveDE) in one-pixel-attacks. Using this alternative algorithm we can generate more successful perturbations to increase the one-pixel-attack success rate.
  • Thumbnail Image
    Item
    Generating Self-Adaptive One-Pixel Attacks Against MedMNIST and COVIDx CXR-2
    (2023-05) Hnatek, Joseph
    One-pixel attacks can exploit vulnerabilities in convolutional neural networks to cause targeted misclassifications. However, most attacks, like the one-pixel, do not use an adaptive approach. This research compares the effectiveness of generating one-pixel attacks with and without self-adaptation. Several datasets were attacked to compare the two methods, including CIFAR-10, MedMNIST datasets such as PathMNIST, OCTMNIST, PneumoniaMNIST, BreastMNIST, and BloodMNIST, as well as COVIDx CXR-2. This research shows that self-adaptive differential evolution did not generate better solutions against the MedMNIST and COVIDx CXR-2 datasets compared to the non-adaptive algorithm. However, we show that PathMNIST, OCTMNIST, BreastMNIST, and BloodMNIST are vulnerable to the one-pixel attacks we produce, while PneumoniaMNIST and COVIDx CXR-2 are not.