Comparative analysis of ResNet18 and ResNet50 neural network resilience to adversarial attacks on training sets
Abstract
Comparative analysis of ResNet18 and ResNet50 neural network resilience to adversarial attacks on training sets
Incoming article date: 19.01.2025This article is devoted to a comparative analysis of the resilience of ResNet18 and ResNet50 neural networks to adversarial attacks on training sets. The issue of the importance of ensuring the safety of learning sets is considered, taking into account the growing scope of artificial intelligence applications. The process of conducting an adversarial attack is described using the example of an animal recognition task. The results of two experiments are analyzed. The purpose of the first experiment was to identify the dependence of the number of epochs required for the successful execution of an adversarial attack on the training set on the neural network version of the ResNet architecture using the example of ResNet18 and ResNet50. The purpose of the second experiment was to get an answer to the question: how successful are attacks on one neural network using modified images of the second neural network. An analysis of the experimental results showed that ResNet50 is more resistant to competitive attacks, but further improvement is still necessary.
Keywords: artificial intelligence, computer vision, Reset, ResNet18, ResNet50, adversarial attacks, learning set, learning set security, neural networks, comparative analysis