Next Article in Journal
Vulnerability Analysis of Power Transmission Grids Subject to Cascading Failures
Next Article in Special Issue
Sequential Learning of Flame Objects Sorted by Size for Early Fire Detection in Surveillance Videos
Previous Article in Journal
A Bleeding Edge Web Application for Early Detection of Cyanobacterial Blooms
Previous Article in Special Issue
Domain Adaptive Channel Pruning
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack

1
Graduate School of Artificial Intelligence, Pohang University of Science and Technology, Pohang 37673, Republic of Korea
2
Department of Computer Science and Engineering, Pohang University of Science and Technology, Pohang 37673, Republic of Korea
*
Author to whom correspondence should be addressed.
Electronics 2024, 13(5), 940; https://doi.org/10.3390/electronics13050940
Submission received: 16 January 2024 / Revised: 18 February 2024 / Accepted: 29 February 2024 / Published: 29 February 2024
(This article belongs to the Special Issue AI Security and Safety)

Abstract

Semi-supervised learning (SSL) models, integrating labeled and unlabeled data, have gained prominence in vision-based tasks, yet their susceptibility to adversarial attacks remains underexplored. This paper unveils the vulnerability of SSL models to gray-box adversarial attacks—a scenario where the attacker has partial knowledge of the model. We introduce an efficient attack method, Gray-box Adversarial Attack on Semi-supervised learning (GAAS), which exploits the dependency of SSL models on publicly available labeled data. Our analysis demonstrates that even with limited knowledge, GAAS can significantly undermine the integrity of SSL models across various tasks, including image classification, object detection, and semantic segmentation, with minimal access to labeled data. Through extensive experiments, we exhibit the effectiveness of GAAS, comparing it to white-box attack scenarios and underscoring the critical need for robust defense mechanisms. Our findings highlight the potential risks of relying on public datasets for SSL model training and advocate for the integration of adversarial training and other defense strategies to safeguard against such vulnerabilities.
Keywords: adversarial attack; gray-box attack; semi-supervised learning; deep neural networks adversarial attack; gray-box attack; semi-supervised learning; deep neural networks

Share and Cite

MDPI and ACS Style

Jo, J.; Kim, J.; Suh, Y.-J. Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack. Electronics 2024, 13, 940. https://doi.org/10.3390/electronics13050940

AMA Style

Jo J, Kim J, Suh Y-J. Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack. Electronics. 2024; 13(5):940. https://doi.org/10.3390/electronics13050940

Chicago/Turabian Style

Jo, Junhyung, Joongsu Kim, and Young-Joo Suh. 2024. "Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack" Electronics 13, no. 5: 940. https://doi.org/10.3390/electronics13050940

APA Style

Jo, J., Kim, J., & Suh, Y.-J. (2024). Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack. Electronics, 13(5), 940. https://doi.org/10.3390/electronics13050940

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop