Summary of Malt Powers Up Adversarial Attacks, by Odelia Melamed et al.
MALT Powers Up Adversarial Attacks
by Odelia Melamed, Gilad Yehudai, Adi Shamir
First submitted to arxiv on: 2 Jul 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR); Neural and Evolutionary Computing (cs.NE); Machine Learning (stat.ML)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary A novel adversarial attack for multi-class classifiers is presented, which targets the most confident class in a way that’s not currently done. The new approach, called MALT (Mesoscopic Almost Linearity Targeting), outperforms the current state-of-the-art AutoAttack on standard benchmark datasets like CIFAR-100 and ImageNet, and works with various robust models. Notably, MALT is five times faster than AutoAttack while maintaining its effectiveness. Additionally, it can attack additional samples that were previously inaccessible. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary A team of researchers has developed a new way to trick machine learning models into making mistakes. Right now, these attacks usually target the class that the model thinks is most likely, but this new approach does something different. It’s called MALT and it helps attackers get around robust models on common datasets like pictures of animals or objects. This method works five times faster than the best current attack while still being able to trick the models into making mistakes. |
Keywords
* Artificial intelligence * Machine learning
