A comparative analysis of adversarial techniques on AI models
| dc.contributor.advisor | Xenakis, Christos | |
| dc.contributor.advisor | Ξενάκης, Χρήστος | |
| dc.contributor.author | Kollarou, Athanasia | |
| dc.contributor.author | Κολλάρου, Αθανασία | |
| dc.date.accessioned | 2025-02-07T12:25:18Z | |
| dc.date.available | 2025-02-07T12:25:18Z | |
| dc.date.issued | 2025-02 | |
| dc.identifier.uri | https://dione.lib.unipi.gr/xmlui/handle/unipi/17435 | |
| dc.format.extent | 99 | el |
| dc.language.iso | en | el |
| dc.publisher | Πανεπιστήμιο Πειραιώς | el |
| dc.rights | Αναφορά Δημιουργού - Παρόμοια Διανομή 3.0 Ελλάδα | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-sa/3.0/gr/ | * |
| dc.title | A comparative analysis of adversarial techniques on AI models | el |
| dc.type | Master Thesis | el |
| dc.contributor.department | Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτων | el |
| dc.description.abstractEN | The increasing adoption of Artificial Intelligence and Machine Learning in critical sectors underscores the need for robust systems resilient to adversarial threats. While deep learning architectures have revolutionized tasks like image recognition, their ability to maintain their functionality without being affected by adversarial techniques remains an open issue. This study aims to evaluate the impact of adversarial techniques, including Fast Gradient Sign Method, Projected Gradient Descent, DeepFool, and Carlini & Wagner, on five neural network models: Fully Connected Neural Network, LeNet, Simple CNN, MobileNetV2, and VGG11. Using the EvAIsion tool developed for this research, attacks were implemented and analysed using metrics such as accuracy, F1 score, and misclassification rate. The results showed varying levels of vulnerability across the tested models, with simpler models having slightly better performance than more complex ones in some cases. The findings suggest that the effectiveness of the adversarial techniques can vary depending on the model. This emphasises the importance of selecting the more appropriate attack techniques for the targeted architecture and also customising the different attack parameters to achieve the best results for each specific case | el |
| dc.contributor.master | Ασφάλεια Ψηφιακών Συστημάτων | el |
| dc.subject.keyword | Adversarial Machine Learning (AML) | el |
| dc.subject.keyword | Evasion attacks | el |
| dc.subject.keyword | Neural networks | el |
| dc.subject.keyword | Model robustness | el |
| dc.subject.keyword | Evaluation of AI model security | el |
| dc.date.defense | 2025-02-03 |
Αρχεία σε αυτό το τεκμήριο
Αυτό το τεκμήριο εμφανίζεται στις ακόλουθες συλλογές
-
Τμήμα Ψηφιακών Συστημάτων
Department of Digital Systems
Εκτός από όπου διευκρινίζεται διαφορετικά, το τεκμήριο διανέμεται με την ακόλουθη άδεια:
Αναφορά Δημιουργού - Παρόμοια Διανομή 3.0 Ελλάδα
Αναφορά Δημιουργού - Παρόμοια Διανομή 3.0 Ελλάδα