Autonomous vehicle navigation and healthcare diagnostics are among the many fields where the reliability and security of machine learning models for image data are critical. We conduct a comprehensive investigation into the susceptibility of Convolutional Neural Networks (CNNs), which are widely used for image data, to white-box adversarial attacks. We investigate the effects of various sophisticated attacks -- Fast Gradient Sign Method, Basic Iterative Method, Jacobian-based Saliency Map Attack, Carlini & Wagner, Projected Gradient Descent, and DeepFool -- on CNN performance metrics, (e.g., loss, accuracy), the differential efficacy of adversarial techniques in increasing error rates, the relationship between perceived image quality metrics (e.g., ERGAS, PSNR, SSIM, and SAM) and classification performance, and the comparative effectiveness of iterative versus single-step attacks. Using the MNIST, CIFAR-10, CIFAR-100, and Fashio_MNIST datasets, we explore the effect of different attacks on the CNNs performance metrics by varying the hyperparameters of CNNs. Our study provides insights into the robustness of CNNs against adversarial threats, pinpoints vulnerabilities, and underscores the urgent need for developing robust defense mechanisms to protect CNNs and ensuring their trustworthy deployment in real-world scenarios.

翻译：自动驾驶导航与医疗诊断等诸多领域对图像数据机器学习模型的可靠性与安全性具有极高要求。本文针对广泛应用于图像处理的卷积神经网络（CNNs）在白盒对抗攻击下的脆弱性展开系统性研究。我们探究了多种先进攻击方法——快速梯度符号法、基础迭代法、基于雅可比矩阵的显著图攻击、Carlini & Wagner攻击、投影梯度下降攻击以及DeepFool攻击——对CNN性能指标（如损失函数、准确率）的影响，包括：不同对抗技术在提升错误率方面的差异化效果；感知图像质量指标（如ERGAS、PSNR、SSIM和SAM）与分类性能的关联性；以及迭代攻击与单步攻击的对比效能。通过使用MNIST、CIFAR-10、CIFAR-100和Fashion_MNIST数据集，并调整CNN超参数，我们深入分析了各类攻击对CNN性能指标的作用机理。本研究揭示了CNN对抗对抗威胁的鲁棒性特征，精准定位了其脆弱环节，并强调开发强效防御机制以保护CNN、确保其在现实场景中可信部署的迫切必要性。