带有 CleverHans 的随机森林黑盒 [英] Random Forest Black Box with CleverHans

问题描述

我是这个东西的新手，并试图用黑盒 FGSM(来自聪明的汉斯)攻击随机森林

I am new to this stuff and trying to attack Random Forest with Black Box FGSM (from clever hans)

但我不确定如何实现它.他们有一个 Mnist 数据的黑盒示例 但我没有了解我应该把我的随机森林放在哪里以及我应该在哪里攻击.任何帮助将不胜感激.

But I'm not sure how to implement it. They've a blackbox example for Mnist data but I dont understand where should I put my random forest and where should I attack. Any help would be appreciated.

推荐答案

在当前教程中，黑盒模型是使用 TensorFlow 实现的神经网络，其预测(标签)用于训练替代模型(a黑盒模型的副本).然后使用替代模型来制作转移到黑盒模型的对抗性示例.

In the current tutorial, the black-box model is a neural network implemented with TensorFlow and its predictions (the labels) are used to train a substitute model (a copy of the black-box model). The substitute model is then used to craft adversarial examples that transfer to the black-box model.

在您的情况下，您必须替换

In your case, you would have to replace bbox_val in

bbox_val = batch_eval(sess, [x], [bbox_preds], [x_sub_prev],
                        args=eval_params)[0]

通过你的随机森林对替代训练数据的 numpy 数组的预测 x_sub_prev.

by the predictions of your random forest on the numpy array of substitute training data x_sub_prev.

您可以在以下论文中找到有关本教程中实施的攻击的更多信息:https://arxiv.org/abs/1602.02697

You can find more information about the attack implemented in this tutorial in the following paper: https://arxiv.org/abs/1602.02697

这篇关于带有 CleverHans 的随机森林黑盒的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！