Robust Multi-task Adversarial Attacks Using Min-max Optimization

Jiacheng Guo; Lei Li; Haochen Yang; Baocheng Geng; Hongkai Yu; Minghai Qin; Tianyun Zhang

doi:10.1109/ICASSP49660.2025.10888541

Robust Multi-task Adversarial Attacks Using Min-max Optimization

Jiacheng Guo
, Lei Li
, Haochen Yang
, Baocheng Geng
, Hongkai Yu
, Minghai Qin
, Tianyun Zhang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Deep neural networks have achieved exceptional performance across a wide range of applications but remain susceptible to adversarial attacks. While most prior research has focused on single-task scenarios, increasing attention is being directed toward adversarial attacks targeting multiple tasks simultaneously. However, existing methods often fail to balance attack performance across tasks in a multi-task model. These approaches typically aim to maximize the model's overall loss, neglecting task-specific attack difficulties, which results in imbalanced attack performance among tasks. To address this challenge, we propose a novel multi-task adversarial attack method that ensures robust and balanced attack performance across multiple tasks. Our approach dynamically updates task-specific weighting factors through a min-max optimization during the attack, optimizing the worst-case attack performance across all tasks. Experimental results demonstrate that our method significantly enhances the worst-case attack performance across diverse datasets and attack strategies compared to existing approaches. By dynamically adjusting the attack intensity on the least vulnerable tasks, the min-max optimization significantly improves overall attack effectiveness as well as the worst-case performance by balancing the task weights.

Original language	English
Title of host publication	ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings
Editors	Bhaskar D Rao, Isabel Trancoso, Gaurav Sharma, Neelesh B. Mehta
Place of Publication	usa
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350368741
DOIs	https://doi.org/10.1109/ICASSP49660.2025.10888541
State	Published - Jan 1 2025
Event	2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Hyderabad, India Duration: Apr 6 2025 → Apr 11 2025

Conference

Conference	2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025
Country/Territory	India
City	Hyderabad
Period	04/6/25 → 04/11/25

Keywords

adversarial attacks
deep learning
multi-task learning

Access to Document

10.1109/ICASSP49660.2025.10888541

Cite this

Guo, J., Li, L., Yang, H., Geng, B., Yu, H., Qin, M., & Zhang, T. (2025). Robust Multi-task Adversarial Attacks Using Min-max Optimization. In B. D. Rao, I. Trancoso, G. Sharma, & N. B. Mehta (Eds.), ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICASSP49660.2025.10888541

@inproceedings{1921c1b0c57e4f9c8cf2a853337a5445,

title = "Robust Multi-task Adversarial Attacks Using Min-max Optimization",

abstract = "Deep neural networks have achieved exceptional performance across a wide range of applications but remain susceptible to adversarial attacks. While most prior research has focused on single-task scenarios, increasing attention is being directed toward adversarial attacks targeting multiple tasks simultaneously. However, existing methods often fail to balance attack performance across tasks in a multi-task model. These approaches typically aim to maximize the model's overall loss, neglecting task-specific attack difficulties, which results in imbalanced attack performance among tasks. To address this challenge, we propose a novel multi-task adversarial attack method that ensures robust and balanced attack performance across multiple tasks. Our approach dynamically updates task-specific weighting factors through a min-max optimization during the attack, optimizing the worst-case attack performance across all tasks. Experimental results demonstrate that our method significantly enhances the worst-case attack performance across diverse datasets and attack strategies compared to existing approaches. By dynamically adjusting the attack intensity on the least vulnerable tasks, the min-max optimization significantly improves overall attack effectiveness as well as the worst-case performance by balancing the task weights.",

keywords = "adversarial attacks, deep learning, multi-task learning",

author = "Jiacheng Guo and Lei Li and Haochen Yang and Baocheng Geng and Hongkai Yu and Minghai Qin and Tianyun Zhang",

year = "2025",

month = jan,

day = "1",

doi = "10.1109/ICASSP49660.2025.10888541",

language = "English",

editor = "Rao, \{Bhaskar D\} and Isabel Trancoso and Gaurav Sharma and Mehta, \{Neelesh B.\}",

booktitle = "ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 ; Conference date: 06-04-2025 Through 11-04-2025",

}

Guo, J, Li, L, Yang, H, Geng, B, Yu, H, Qin, M & Zhang, T 2025, Robust Multi-task Adversarial Attacks Using Min-max Optimization. in BD Rao, I Trancoso, G Sharma & NB Mehta (eds), ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings. Institute of Electrical and Electronics Engineers Inc., usa, 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025, Hyderabad, India, 04/6/25. https://doi.org/10.1109/ICASSP49660.2025.10888541

Robust Multi-task Adversarial Attacks Using Min-max Optimization. / Guo, Jiacheng; Li, Lei; Yang, Haochen et al.
ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings. ed. / Bhaskar D Rao; Isabel Trancoso; Gaurav Sharma; Neelesh B. Mehta. usa: Institute of Electrical and Electronics Engineers Inc., 2025.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Robust Multi-task Adversarial Attacks Using Min-max Optimization

AU - Guo, Jiacheng

AU - Li, Lei

AU - Yang, Haochen

AU - Geng, Baocheng

AU - Yu, Hongkai

AU - Qin, Minghai

AU - Zhang, Tianyun

PY - 2025/1/1

Y1 - 2025/1/1

N2 - Deep neural networks have achieved exceptional performance across a wide range of applications but remain susceptible to adversarial attacks. While most prior research has focused on single-task scenarios, increasing attention is being directed toward adversarial attacks targeting multiple tasks simultaneously. However, existing methods often fail to balance attack performance across tasks in a multi-task model. These approaches typically aim to maximize the model's overall loss, neglecting task-specific attack difficulties, which results in imbalanced attack performance among tasks. To address this challenge, we propose a novel multi-task adversarial attack method that ensures robust and balanced attack performance across multiple tasks. Our approach dynamically updates task-specific weighting factors through a min-max optimization during the attack, optimizing the worst-case attack performance across all tasks. Experimental results demonstrate that our method significantly enhances the worst-case attack performance across diverse datasets and attack strategies compared to existing approaches. By dynamically adjusting the attack intensity on the least vulnerable tasks, the min-max optimization significantly improves overall attack effectiveness as well as the worst-case performance by balancing the task weights.

AB - Deep neural networks have achieved exceptional performance across a wide range of applications but remain susceptible to adversarial attacks. While most prior research has focused on single-task scenarios, increasing attention is being directed toward adversarial attacks targeting multiple tasks simultaneously. However, existing methods often fail to balance attack performance across tasks in a multi-task model. These approaches typically aim to maximize the model's overall loss, neglecting task-specific attack difficulties, which results in imbalanced attack performance among tasks. To address this challenge, we propose a novel multi-task adversarial attack method that ensures robust and balanced attack performance across multiple tasks. Our approach dynamically updates task-specific weighting factors through a min-max optimization during the attack, optimizing the worst-case attack performance across all tasks. Experimental results demonstrate that our method significantly enhances the worst-case attack performance across diverse datasets and attack strategies compared to existing approaches. By dynamically adjusting the attack intensity on the least vulnerable tasks, the min-max optimization significantly improves overall attack effectiveness as well as the worst-case performance by balancing the task weights.

KW - adversarial attacks

KW - deep learning

KW - multi-task learning

UR - https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=105003890662&origin=inward

UR - https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=105003890662&origin=inward

U2 - 10.1109/ICASSP49660.2025.10888541

DO - 10.1109/ICASSP49660.2025.10888541

M3 - Conference contribution

BT - ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings

A2 - Rao, Bhaskar D

A2 - Trancoso, Isabel

A2 - Sharma, Gaurav

A2 - Mehta, Neelesh B.

PB - Institute of Electrical and Electronics Engineers Inc.

CY - usa

T2 - 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025

Y2 - 6 April 2025 through 11 April 2025

ER -

Robust Multi-task Adversarial Attacks Using Min-max Optimization

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this