Journal Article10.1016/j.eswa.2022.118957
Collaborative Defense-GAN for protecting adversarial attacks on classification system
21
TL;DR: In this article , the authors proposed a defense framework based on DiscoGANs to discover the relation between attacker and defender characteristics, which can improve the robustness of deep learning models against adversarial attacks.
read more
Abstract: With rapid progress and significant successes in a wide domain of applications, deep learning has been extensively employed for solving complex problems. However, performance of deep learning has been vulnerable to well-designed samples, called adversarial samples. These samples are carefully designed to deceive the deep learning models without human perception. Therefore, vulnerability to adversarial attacks becomes one of the major concerns in life-critical applications of deep learning. In this paper, a novel approach to counter adversarial samples is proposed to strengthen the robustness of a deep learning model. The strategy is to filter the perturbation noise in adversarial samples prior to prediction. The proposed defense framework is based on DiscoGANs to discover the relation between attacker and defender characteristics. Attacker models are created to generate the adversarial samples from the training data, while the defender model is trained to reconstruct original samples from the adversarial samples. These two frameworks are trained to compete with each other in an alternating manner. The experimental results on different attack models are compared with popular defense mechanisms on three benchmark datasets. Our proposed method shows promising results and can improve the robustness on both white-box and black-box attacks including the computation time.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Comprehensive Review and Analysis of Deep Learning-Based Medical Image Adversarial Attack and Defense
Gladys W. Muoka,Ding Yi,Chiagoziem C. Ukwuoma,Albert Mutale,Chukwuebuka Joseph Ejiyi,Asha Khamis Mzee,Emmanuel S. A. Gyarteng,Ali Alqahtani,Mugahed A. Al-antari +8 more
TL;DR: The main problems with adversarial attack and defense in medical imaging include dataset and labeling, computational resources, robustness against target attacks, evaluation of transferability and adaptability, interpretability and explainability, real-time detection and response, and adversarial attacks in multi-modal fusion.
18
Black-box adversarial attacks against image quality assessment models
Yu Ran,Aoxiang Zhang,Mingjie Li,Weixuan Tang,Yuan‐Gen Wang +4 more
4
Evaluation of GAN-Based Model for Adversarial Training
TL;DR: In this article , a GAN model and its implementation is presented to defend against L∞ and L2 constraint gradient-based adversarial attacks, and the experimental results indicate that the optimal formulation of GAN adversarial training must utilize more gradient information from the target classifier.
Defending against adversarial examples using perceptual image hashing
19 Mar 2023
TL;DR: In this article , the authors proposed a method to protect neural networks against adversarial examples using perceptual image hashing, which combines hash sequences of input images with the parameters of a neural network in an image-hash processing network.
2
Adversarial Attacks and Defenses in Fault Detection and Diagnosis: A Comprehensive Benchmark on the Tennessee Eastman Process
Vitaliy Pozdnyakov,Aleksandr Kovalenko,Ilya Makarov,Mikhail Drobyshevskiy,K. Lukyanov +4 more
TL;DR: This study evaluates the vulnerability of neural networks to adversarial attacks in Fault Detection and Diagnosis using the Tennessee Eastman Process dataset, proposing a new defense strategy combining adversarial training and data quantization for robust industrial process management.
1
References
•Proceedings Article
Adam: A Method for Stochastic Optimization
Diederik P. Kingma,Jimmy Ba +1 more
- 01 Jan 2015
TL;DR: This work introduces Adam, an algorithm for first-order gradient-based optimization of stochastic objective functions, based on adaptive estimates of lower-order moments, and provides a regret bound on the convergence rate that is comparable to the best known results under the online convex optimization framework.
138.5K
U-Net: Convolutional Networks for Biomedical Image Segmentation
Olaf Ronneberger,Philipp Fischer,Thomas Brox +2 more
- 05 Oct 2015
TL;DR: Neber et al. as discussed by the authors proposed a network and training strategy that relies on the strong use of data augmentation to use the available annotated samples more efficiently, which can be trained end-to-end from very few images and outperforms the prior best method (a sliding-window convolutional network) on the ISBI challenge for segmentation of neuronal structures in electron microscopic stacks.
Gradient-based learning applied to document recognition
Yann LeCun,Léon Bottou,Léon Bottou,Yoshua Bengio,Yoshua Bengio,Yoshua Bengio,Patrick Haffner +6 more
- 01 Jan 1998
TL;DR: In this article, a graph transformer network (GTN) is proposed for handwritten character recognition, which can be used to synthesize a complex decision surface that can classify high-dimensional patterns, such as handwritten characters.
53.5K
Generative Adversarial Nets
Ian Goodfellow,Jean Pouget-Abadie,Mehdi Mirza,Bing Xu,David Warde-Farley,Sherjil Ozair,Aaron Courville,Yoshua Bengio +7 more
- 08 Dec 2014
TL;DR: A new framework for estimating generative models via an adversarial process, in which two models are simultaneously train: a generative model G that captures the data distribution and a discriminative model D that estimates the probability that a sample came from the training data rather than G.
Gradient-based learning applied to document recognition
Yann LeCun,Léon Bottou,Léon Bottou,Yoshua Bengio,Yoshua Bengio,Yoshua Bengio,Patrick Haffner,Patrick Haffner +7 more
- 01 Jan 2001
TL;DR: This paper reviews various methods applied to handwritten character recognition and compares them on a standard handwritten digit recognition task, and Convolutional neural networks are shown to outperform all other techniques.
32.7K