Code-Bridged Classifier (CBC): A Low or Negative Overhead Defense for Making a CNN Classifier Robust Against Adversarial Attacks

Thumbnail Image

Files

2001.06099.pdf (1.43 MB)

Links to Files

https://arxiv.org/abs/2001.06099

Permanent Link

http://hdl.handle.net/11603/17487

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection

Author/Creator

Author/Creator ORCID

Date

2020-01-16

Type of Work

journal articles preprints
Text

Department

Program

Citation of Original Publication

Behnia, Farnaz; Mirzaeian, Ali; Sabokrou, Mohammad; Manoj, Saj; Mohsenin, Tinoosh; Khasawneh, Khaled N.; Zhao, Liang; Homayoun, Houman; Sasan, Avesta; Code-Bridged Classifier (CBC): A Low or Negative Overhead Defense for Making a CNN Classifier Robust Against Adversarial Attacks; Machine Learning (2020); https://arxiv.org/abs/2001.06099

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

Abstract

In this paper, we propose Code-Bridged Classifier (CBC), a framework for making a Convolutional Neural Network (CNNs) robust against adversarial attacks without increasing or even by decreasing the overall models' computational complexity. More specifically, we propose a stacked encoder-convolutional model, in which the input image is first encoded by the encoder module of a denoising auto-encoder, and then the resulting latent representation (without being decoded) is fed to a reduced complexity CNN for image classification. We illustrate that this network not only is more robust to adversarial examples but also has a significantly lower computational complexity when compared to the prior art defenses.