Evaluating the adversarial robustness of classification algorithms in machine learning is a crucial domain.However,current methods lack measurable and interpretable metrics.To address this issue,this paper introduces ...Evaluating the adversarial robustness of classification algorithms in machine learning is a crucial domain.However,current methods lack measurable and interpretable metrics.To address this issue,this paper introduces a visual evaluation index named confidence centroid skewing quadrilateral,which is based on a classification confidence-based confusion matrix,offering a quantitative and visual comparison of the adversarial robustness among different classification algorithms,and enhances intuitiveness and interpretability of attack impacts.We first conduct a validity test and sensitive analysis of the method.Then,prove its effectiveness through the experiments of five classification algorithms including artificial neural network(ANN),logistic regression(LR),support vector machine(SVM),convolutional neural network(CNN)and transformer against three adversarial attacks such as fast gradient sign method(FGSM),DeepFool,and projected gradient descent(PGD)attack.展开更多
文摘Evaluating the adversarial robustness of classification algorithms in machine learning is a crucial domain.However,current methods lack measurable and interpretable metrics.To address this issue,this paper introduces a visual evaluation index named confidence centroid skewing quadrilateral,which is based on a classification confidence-based confusion matrix,offering a quantitative and visual comparison of the adversarial robustness among different classification algorithms,and enhances intuitiveness and interpretability of attack impacts.We first conduct a validity test and sensitive analysis of the method.Then,prove its effectiveness through the experiments of five classification algorithms including artificial neural network(ANN),logistic regression(LR),support vector machine(SVM),convolutional neural network(CNN)and transformer against three adversarial attacks such as fast gradient sign method(FGSM),DeepFool,and projected gradient descent(PGD)attack.
