AdvEx is an interactive multi-level visualization designed to help novice machine learning learners understand adversarial evasion attacks in image classification models. The system visualizes subtle, human-imperceptible perturbations used in attacks and allows users to explore their impact across different classifiers, attack methods, and individual images. By supporting multi-level visual exploration — both instance-level and dataset-level — AdvEx highlights how adversarial attacks affect models differently depending on the data, model architecture, and training methods.
- Accepted by ACM Transactions on Interactive Intelligent System journal: Paper Link .
- Received 3rd place best poster award (300 CAD) at the 2024 Cybersecurity and Privacy Institute Annual Conference, University of Waterloo: CPI Announcement .
- Delivered an oral and poster presentation at the 2023 Math and Computing Research Discovery Days, University of Waterloo.
- Interactive Visualization of Adversarial Evasion Attacks (e.g., FGSM, PGD, ZOO attacks).
- Real-time data analytics and model performance evaluation.
- Illustrates the logic and impact of adversarial attacks through dynamic and interactive visualizations.
View on ACM Digital Library.
Short visual overview of the system.
Full walkthrough of the interaction design.
Recognized as a top 3 project at the CPI annual conference.
- Python
- PyTorch
- scikit-learn
- Machine Learning
- Evasion Attacks
- D3.js
- JavaScript
- HCI
- Information Visualization
- Adversarial Machine Learning
- FGSM
- PGD
- Model Robustness
Yuzhe You, Jarvis Tse, Jian Zhao