A Mask-Based Adversarial Defense Scheme

Weizhen Xu

Chenyi Zhang

Fangzhen Zhao and Liangda Fang

Resumen

Adversarial attacks hamper the functionality and accuracy of deep neural networks (DNNs) by meddling with subtle perturbations to their inputs. In this work, we propose a new mask-based adversarial defense scheme (MAD) for DNNs to mitigate the negative effect from adversarial attacks. Our method preprocesses multiple copies of a potential adversarial image by applying random masking, before the outputs of the DNN on all the randomly masked images are combined. As a result, the combined final output becomes more tolerant to minor perturbations on the original input. Compared with existing adversarial defense techniques, our method does not need any additional denoising structure or any change to a DNN?s architectural design. We have tested this approach on a collection of DNN models for a variety of datasets, and the experimental results confirm that the proposed method can effectively improve the defense abilities of the DNNs against all of the tested adversarial attack methods. In certain scenarios, the DNN models trained with MAD can improve classification accuracy by as much as 90%" role="presentation">90%90% 90 % compared to the original models when given adversarial inputs.

Palabras claves

adversarial defense - adversarial attack - deep neural networks - random mask - robustness in machine learning

Acceso

P�GINAS

pp. 0 - 0

N�MERO

Volumen: 15 Parte: 12 (2022)

MATERIAS

INGENIER�A Y CONSTRUCCI�N CIVIL
TECNOLOG�A

REVISTAS SIMILARES

Applied Sciences
Algorithms
Information

DOI

https://doi.org/10.3390/a15120461

Art�culos similares

Improving the Adversarial Robustness of Neural ODE Image Classifiers by Tuning the Tolerance Parameter

Acceso

Fabio Carrara, Roberto Caldelli, Fabrizio Falchi and Giuseppe Amato

The adoption of deep learning-based solutions practically pervades all the diverse areas of our everyday life, showing improved performances with respect to other classical systems. Since many applications deal with sensible data and procedures, a strong... ver m�s

Revista: Information

An Adversarial Attack Method against Specified Objects Based on Instance Segmentation

Acceso

Dapeng Lang, Deyun Chen, Sizhao Li and Yongjun He

The deep model is widely used and has been demonstrated to have more hidden security risks. An adversarial attack can bypass the traditional means of defense. By modifying the input data, the attack on the deep model is realized, and it is imperceptible ... ver m�s

Revista: Information

A Study of Adversarial Attacks and Detection on Deep Learning-Based Plant Disease Identification

Acceso

Zhirui Luo, Qingqing Li and Jun Zheng

Transfer learning using pre-trained deep neural networks (DNNs) has been widely used for plant disease identification recently. However, pre-trained DNNs are susceptible to adversarial attacks which generate adversarial samples causing DNN models to make... ver m�s

Revista: Applied Sciences

Review of Artificial Intelligence Adversarial Attack and Defense Technologies

Acceso

Shilin Qiu, Qihe Liu, Shijie Zhou and Chunjiang Wu

In recent years, artificial intelligence technologies have been widely used in computer vision, natural language processing, automatic driving, and other fields. However, artificial intelligence systems are vulnerable to adversarial attacks, which limit ... ver m�s

Revista: Applied Sciences

Revistas destacadas

Acceso directo a los n�meros publicados en la revista Infrastructures

Infrastructures

Acceso directo a los n�meros publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los n�meros publicados en la revista BiT

Acceso directo a los n�meros publicados en la revista Revista de la Construcci�n

Revista de la Construcci�n

Ver todas las revistas