Exploring Mechanisms for the Evolution of One-Pixel-Attacks on Deep Neural Networks

Abstract

Recent studies from Su et al., (2019, and Nguyen, et al., 2015) have shown that Deep Neural Networks may have a weakness when it classifies an image. They have shown that when perturbing a single pixel in an image of size 32x32, they were able to significantly change the output of the neural network. To generate an attack, Nguyen et al. used an Evolutionary Strategy called Differential Evolution (DE). Evolutionary Strategies are algorithms that mimic biological genetic evolution. By using DE, they were able to conclude that it was a viable method in the generation of these attacks. In their research, they mentioned that future work could be devoted to looking at additional Evolutionary Strategies to increase the likelihood of successful attacks. Therefore, in this research, we extended Nguyen et al.’s work by using DE algorithms proposed from Qin and Suganthan called Adaptive Differential Evolution (AdaptiveDE) in one-pixel-attacks. Using this alternative algorithm we can generate more successful perturbations to increase the one-pixel-attack success rate.