SIT: Stochastic Input Transformation to Defend Against Adversarial Attacks on Deep Neural Networks

0 avis

SIT: Stochastic Input Transformation to Defend Against Adversarial Attacks on Deep Neural Networks

Archive ouverte : Article de revue

Guesmi, Amira | Alouani, Ihsen | Baklouti, Mouna | Frikha, Tarek | Abid, Mohamed

International audience. Deep Neural Networks (DNNs) have been deployed in a wide range of applications, including safety-critical domains, owing to their proven efficiency in solving complex problems. However, these systems have been shown vulnerable to adversarial attacks: carefully crafted perturbations that threaten their integrity and trustworthiness. Several defenses have been recently proposed. However, most of these techniques are costly to deploy since they require retraining and specific fine-tuning procedures. While there are pre-processing defenses that do not require retraining, these were shown to be ineffective against adaptive white-box attacks. In this paper, we propose a model-agnostic defense against adversarial attacks using stochastic pre-processing. Based on a process of down-sampling/up-sampling, we transform the input to a new sample that is: (i) close enough to the initial input to be classified correctly, and (ii) different enough to ignore any potential adversarial noise within it. The proposed defense is generic, easy to deploy and does not require any specific training or fine tuning. We tested our technique comparatively to state-of-the-art defenses under grey-box and strong white-box scenarios. Experimental results show that our defense achieves robustness of up to 94% and 93% against PGD and Cand#x0026;W attacks, respectively, under strong white-box scenario. IEEE

Langue: Anglais

Date de publication: 2022-06

Source: ISSN: 2168-2356

Sujets

Consulter en ligne

Consulter le document

Suggestions

Du même auteur

Defensive approximation: securing CNNs using approximate computing

Archive ouverte: Communication dans un congrès

Guesmi, Amira | 2021-04-19

International audience. In the past few years, an increasing number of machine-learning and deep learning structures, such as Convolutional Neural Networks (CNNs), have been applied to solving a wide range of real-l...

Towards an Agile Design Methodology for Efficient, Reliable, and Secure ML ...

Archive ouverte: Communication dans un congrès

Dave, Shail | 2022-04-25

International audience. The real-world use cases of Machine Learning (ML) have exploded over the past few years. However, the current computing infrastructure is insufficient to support all real-world applications a...

ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints

Archive ouverte: Communication dans un congrès

Guesmi, Amira | 2022-07-18

International audience. Advances in deep-learning have enabled a wide range of promising applications. However, these systems are vulnerable to adversarial attacks; adversarially crafted pertur-bations to their inpu...

Du même sujet

EME-Net: A U-net-based Indoor EMF Exposure Map Reconstruction Method

Archive ouverte: Communication dans un congrès

Mallik, Mohammed | 2022-03-27

International audience. In wireless communication systems, in order to respond to the perception of risks related to electromagnetic field exposure and allocate radio resources, the estimation of the received power ...

Lower Voltage for Higher Security: Using Voltage Overscaling to Secure Deep...

Archive ouverte: Communication dans un congrès

Islam, Shohidul | 2021-11-01

International audience. Deep neural networks (DNNs) are shown to be vulnerable to adversarial attacks-- carefully crafted additive noise that undermines DNNs integrity. Previously proposed defenses against these att...

10. Incremental learning of convolutional neural networks in bioinformatics

Archive ouverte: Type de document indéfini

Mousser, Wafa | 2022

International audience. In recent years, convolutional neural networks (CNNs) have been widely used in various computer visual recognition tasks and then extensively applied for medical images, particularly for comp...

9. Incremental deep learning model for plant leaf diseases detection

Archive ouverte: Type de document indéfini

Ouadfel, Salima | 2022-09-30

International audience. In recent years, deep learning has revolutionized machine learning and has been used with great success in various engineering fields, such as transportation, agriculture, finance, and market...

Feeling multiple edges: the tactile perception of short ultrasonic square r...

Archive ouverte: Communication dans un congrès

Gueorguiev, David | 2017-06-06

International audience. This study investigates human perception of tactile feedback using ultrasonic lubrication, in situation where feedback is provided using short frictional cues of varying duration and sharpnes...

Numerical study of the reflected elastic waves using Rayleigh diffraction i...

Archive ouverte: Article de revue

Maghlaoui, Nadir | 2019-10-25

International audience. In this work, the transient ultrasonic waves radiated by a linear phased array transducer in a liquid then reflected at a liquid solid interface is studied. A model based on the Rayleigh inte...

Chargement des enrichissements...