Adversarial Reprogramming: Exploring A New Paradigm of Neural Network Vulnerabilities

Adversarial examples are inputs to machine learning models that an attacker has intentionally designed to cause the model to make a mistake. An adversarial attacker could target autonomous vehicles by using stickers or paint to create an adversarial stop sign that the vehicle would interpret as a'yield' or other sign. A confused car on a busy day is a potential catastrophe packed in a 2000 pound metal box. So far, the majority of adversarial attacks, the attacker designed few perturbations to produce an output specific to a given input. The attacks consisted of untargeted attacks that aim to degrade the performance of a model.