Proceedings of the Annual Meeting of the Cognitive Science Society

Neural networks are vulnerable to adversarial attacks. These attacks can be untargeted, causing the model to make anyerror, or targeted, causing the model to make a specific error. Adversarial Reprogramming introduces a type of attackthat reprograms the network to perform an entirely new task from its original function. Additional inputs in a pre-trainednetwork can repurpose the network to a different task. Previous work has shown adversarial reprogramming possible insimilar domains, such as an image classification task in ImageNet being repurposed for CIFAR-10. A natural questionis whether such reprogramming is feasible across any task for neural networks a positive answer would have significantimpact both on wider applicability of ANNs, but also require rethinking their security. We attempt for the first timereprogramming across domains, repurposing a text classifier to an image classifier, using a recurrent neural network aprototypical example of a Turing universal network.