Published on Thu Dec 22 2016

Adversarial Examples Detection in Deep Networks with Convolutional Filter Statistics

Xin Li, Fuxin Li

Deep learning has greatly improved visual recognition in recent years. Many adversarial examples can negatively impact the performance of such an architecture. Instead of directly training a deep neural network to detect adversarials, a much simpler approach was proposed based on statistics on outputs from convolutional layers.

0
0
0
Abstract

Deep learning has greatly improved visual recognition in recent years. However, recent research has shown that there exist many adversarial examples that can negatively impact the performance of such an architecture. This paper focuses on detecting those adversarial examples by analyzing whether they come from the same distribution as the normal examples. Instead of directly training a deep neural network to detect adversarials, a much simpler approach was proposed based on statistics on outputs from convolutional layers. A cascade classifier was designed to efficiently detect adversarials. Furthermore, trained from one particular adversarial generating mechanism, the resulting classifier can successfully detect adversarials from a completely different mechanism as well. The resulting classifier is non-subdifferentiable, hence creates a difficulty for adversaries to attack by using the gradient of the classifier. After detecting adversarial examples, we show that many of them can be recovered by simply performing a small average filter on the image. Those findings should lead to more insights about the classification mechanisms in deep convolutional neural networks.

Sat Dec 08 2018
Machine Learning
Detecting Adversarial Examples in Convolutional Neural Networks
This paper focuses on the detection of adversarial examples in convolutional neural networks. We propose three methods for detecting possible adversarial example. We combine their best aspects to develop an even more robust approach.
0
0
0
Tue Feb 09 2021
Artificial Intelligence
Benford's law: what does it say on adversarial images?
Convolutional neural networks are fragile to small perturbations in input images. These networks are prone to malicious attacks that force a misclassification. Such slightly manipulated images aimed at deceiving the classifier are known as adversarial images.
0
0
0
Thu Nov 19 2015
Machine Learning
Robust Convolutional Neural Networks under Adversarial Noise
Recent studies have shown that Convolutional Neural Networks (CNNs) are vulnerable to a small perturbation of input called "adversarial examples" In this work, we propose a new feedforward CNN that improves robustness in the presence of adversarial noise.
0
0
0
Thu Mar 04 2021
Computer Vision
SpectralDefense: Detecting Adversarial Attacks on CNNs in the Fourier Domain
convolutional neural networks (CNNs) remain vulnerable against so-called adversarial attacks. Small, crafted perturbations in the input images can lead to false predictions. A possible defense is to detect adversarial examples.
0
0
0
Tue May 12 2020
Computer Vision
Effective and Robust Detection of Adversarial Examples via Benford-Fourier Coefficients
Adversarial examples have been well known as a serious threat to deep neural networks (DNNs) In this work, we study the detection of adversarial examples. We propose to construct discriminatory features via the shape factor for adversarial detection.
0
0
0
Mon Oct 19 2015
Neural Networks
Exploring the Space of Adversarial Images
Adversarial examples have raised questions regarding the robustness and security of deep neural networks. In this work we formalize the problem of adversarial images given a pretrained classifier. We show that, for the same task, a shallow classifier seems more robust than a deep
0
0
0