While deep convolutional neural networks (DCNNs) are used in sensitive applications such as autonomous vehicles and clinical diagnosis, sabotaging them by UPAs is a serious potential threat. This work raises an even higher state of the art by introducing the novel concept of evolutionary UPA (EUPA). The study compares different optimization approaches and demonstrates the effectiveness of a constrained single-objective EUPA in breaching the GoogleNet DCNN. The findings highlight the importance of considering visibility constraints and providing insights for improving attack rates, thereby contributing to the advancement of adversarial training and enhancing the security of deep learning models.

The potential for sabotaging deep convolutions neural networks classifiers by universal perturbation attack (UPA) has proved itself as an effective threat to fool deep learning models in sensitive applications such as autonomous vehicles, clinical diagnosis, face recognition, and so on. The prospective application of UPA is for adversarial training of deep convolutional networks against the attacks. Although evolutionary algorithms have already shown their tremendous ability in solving nonconvex complex problems, the literature has limited exploration of evolutionary techniques and strategies for UPA, thus, it needs to be explored on evolutionary algorithms to minimize the magnitude and number of perturbation pixels while maximizing the misclassification of maximum data samples. In this research. This work focuses on utilizing an integer coded genetic algorithm within an evolutionary framework to evolve the UPA. The evolutionary UPA has been structured, analyzed, and compared for two e...