AdvEx is an interactive multi-level visualization system designed to help novice machine learning learners understand adversarial evasion attacks in image classification models. The system visualizes subtle, human-imperceptible perturbations used in attacks and allows users to explore their impact across different classifiers, attack methods, and individual images. By supporting multi-level visual exploration — both instance-level and dataset-level — AdvEx highlights how adversarial attacks affect models differently depending on the data, model architecture, and training methods.
Links
Paper: ACM Digital Library
Video figure: Watch on YouTube
Video demo: Watch on YouTube
CPI winner announcement: CPI Top 3 Winners
Recognition & Outreach
- Accepted by ACM Transactions on Interactive Intelligent System journal!
- Received 3rd place best poster award (300 CAD) at the 2024 Cybersecurity and Privacy Institute Annual Conference, University of Waterloo.
- Delivered an oral and poster presentation at the 2023 Math and Computing Research Discovery Days, University of Waterloo.
Core Features
- Interactive Visualization of Adversarial Evasion Attacks (e.g., FGSM, PGD, ZOO attacks).
- Real-time data analytics and model performance evaluation.
- Illustrates the logic and impact of adversarial attacks through dynamic and interactive visualizations.
Skills
- Python
- PyTorch
- scikit-learn
- Machine Learning
- Evasion Attacks
- D3.js
- JavaScript
Keywords
- HCI
- Information Visualization
- Adversarial Machine Learning
- FGSM
- PGD
- Model Robustness
Team Members
Yuzhe You, Jarvis Tse, Jian Zhao