Saved in:
Bibliographic Details
Main Authors: Kim, Jungwoo, Lee, Jong-Seok
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2508.08920
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915758316978176
author Kim, Jungwoo
Lee, Jong-Seok
author_facet Kim, Jungwoo
Lee, Jong-Seok
contents Class-incremental continual learning addresses catastrophic forgetting by enabling classification models to preserve knowledge of previously learned classes while acquiring new ones. However, the vulnerability of the models against adversarial attacks during this process has not been investigated sufficiently. In this paper, we present the first exploration of vulnerability to stage-transferred attacks, i.e., an adversarial example generated using the model in an earlier stage is used to attack the model in a later stage. Our findings reveal that continual learning methods are highly susceptible to these attacks, raising a serious security issue. We explain this phenomenon through model similarity between stages and gradual robustness degradation. Additionally, we find that existing adversarial training-based defense methods are not sufficiently effective to stage-transferred attacks. Codes are available at https://github.com/mcml-official/CSAT.
format Preprint
id arxiv_https___arxiv_org_abs_2508_08920
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Exploring Cross-Stage Adversarial Transferability in Class-Incremental Continual Learning
Kim, Jungwoo
Lee, Jong-Seok
Machine Learning
Class-incremental continual learning addresses catastrophic forgetting by enabling classification models to preserve knowledge of previously learned classes while acquiring new ones. However, the vulnerability of the models against adversarial attacks during this process has not been investigated sufficiently. In this paper, we present the first exploration of vulnerability to stage-transferred attacks, i.e., an adversarial example generated using the model in an earlier stage is used to attack the model in a later stage. Our findings reveal that continual learning methods are highly susceptible to these attacks, raising a serious security issue. We explain this phenomenon through model similarity between stages and gradual robustness degradation. Additionally, we find that existing adversarial training-based defense methods are not sufficiently effective to stage-transferred attacks. Codes are available at https://github.com/mcml-official/CSAT.
title Exploring Cross-Stage Adversarial Transferability in Class-Incremental Continual Learning
topic Machine Learning
url https://arxiv.org/abs/2508.08920