OOD ATTACK: GENERATING OVERCONFIDENT OUT-OF-DISTRIBUTION EXAMPLES TO FOOL DEEP NEURAL CLASSIFIERS
Keke Tang, Xujian Cai, Weilong Peng, Shudong Li, Wenping Wang
-
SPS
IEEE Members: $11.00
Non-members: $15.00
Deep neural networks (DNNs) are dominating various computer vision solutions. However, DNN classifiers suffer from the out-of-distribution (OOD) overconfidence issue, i.e., making overconfident predictions on OOD samples. In this paper, we consider a new OOD attack task, i.e., generating OOD examples that fool DNN classifiers to trap into this issue. Specifically, we first generate seed examples by sampling from common OOD distributions, and then lift the prediction to be overconfident. Extensive experiments with different seeds and confidence-lifting solutions under white- and black-box settings validate the feasibility of OOD attack. Besides, we demonstrate its usefulness in evaluating OOD detection and alleviating the OOD overconfidence issue.