| |||||||
ShanghaiTech University Knowledge Management System
| Cheating your apps: Black-box adversarial attacks on deep learning apps | |
| 2023 | |
| 发表期刊 | JOURNAL OF SOFTWARE: EVOLUTION AND PROCESS (IF:1.7[JCR-2023],2.1[5-Year]) |
| ISSN | 2047-7473 |
| EISSN | 2047-7481 |
| 卷号 | 36期号:4 |
| 发表状态 | 已发表 |
| DOI | 10.1002/smr.2528 |
| 摘要 | Deep learning is a powerful technique to boost application performance in various fields, including face recognition, image classification, natural language understanding, and recommendation system. With the rapid increase in the computing power of mobile devices, developers can embed deep learning models into their apps for building more competitive products with more accurate and faster responses. Although there are several works of adversarial attacks against deep learning models in apps, they all need information about the models' internals (i.e., structures and weights) or need to modify the models. In this paper, we propose an effective black-box approach by training substitute models to spoof the deep learning systems inside the apps. We evaluate our approach on 10 real-world deep-learning apps from Google Play to perform black-box adversarial attacks. Through the study, we find three factors that can affect the performance of attacks. Our approach can reach a relatively high attack success rate of 66.60% on average. Compared with other adversarial attacks on mobile deep learning models, in terms of the average attack success rates, our approach outperforms its counterparts by 27.63%. © 2023 John Wiley & Sons Ltd. |
| 关键词 | Android (operating system) Computing power Face recognition Learning systems Accurate response Android Application performance Black boxes Black-box attack Computing power Deep learning app Images classification Learning models Natural language understanding |
| 收录类别 | EI ; SCOPUS |
| 语种 | 英语 |
| 出版者 | John Wiley and Sons Ltd |
| EI入藏号 | 20230113338297 |
| EI主题词 | Deep learning |
| EI分类号 | 461.4 Ergonomics and Human Factors Engineering ; 722.2 Computer Peripheral Equipment ; 722.4 Digital Computers and Systems ; 723 Computer Software, Data Handling and Applications |
| 原始文献类型 | Article in Press |
| 引用统计 | 正在获取...
|
| 文献类型 | 期刊论文 |
| 条目标识符 | https://kms.shanghaitech.edu.cn/handle/2MSLDSTB/281946 |
| 专题 | 信息科学与技术学院 信息科学与技术学院_硕士生 |
| 通讯作者 | Tang, Yutian |
| 作者单位 | 1.Nanjing University of Science and Technology, Nanjing, China; 2.School of Information Science and Technology, ShanghaiTech University, Shanghai, China; 3.Department of Computing, The Hong Kong Polytechnic University, Hong Kong; 4.Department of Computer Science and Technology, Nanjing University, Nanjing, China; 5.Department of Computer Science and Technology, Xi'an Jiaotong University, Xi'an, China; 6.School of Computer Science and Engineering, Nanyang Technological University, Nanjing, Singapore |
| 第一作者单位 | 信息科学与技术学院 |
| 推荐引用方式 GB/T 7714 | Cao, Hongchen,Li, Shuai,Zhou, Yuming,et al. Cheating your apps: Black-box adversarial attacks on deep learning apps[J]. JOURNAL OF SOFTWARE: EVOLUTION AND PROCESS,2023,36(4). |
| APA | Cao, Hongchen,Li, Shuai,Zhou, Yuming,Fan, Ming,Zhao, Xuejiao,&Tang, Yutian.(2023).Cheating your apps: Black-box adversarial attacks on deep learning apps.JOURNAL OF SOFTWARE: EVOLUTION AND PROCESS,36(4). |
| MLA | Cao, Hongchen,et al."Cheating your apps: Black-box adversarial attacks on deep learning apps".JOURNAL OF SOFTWARE: EVOLUTION AND PROCESS 36.4(2023). |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
修改评论
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。