Diagnosing Vulnerability of Variational Auto-Encoders to Adversarial Attacks

Anna Kuzina, Max Welling, Jakub M. Tomczak

In this work, we explore adversarial attacks on the Variational Autoencoders (VAE). We show how to modify data point to obtain a prescribed latent code (supervised attack) or just get a drastically different code (unsupervised attack). We examine the influence of model modifications ($\beta$-VAE, NVAE) on the robustness of VAEs and suggest metrics to quantify it.

Knowledge Graph

arrow_drop_up

Comments

Sign up or login to leave a comment